Bug 1369024
Summary: | [API] Can't attach disk to VM with UserVMManager role | ||
---|---|---|---|
Product: | [oVirt] ovirt-engine | Reporter: | Gonza <grafuls> |
Component: | RestAPI | Assignee: | Tal Nisan <tnisan> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | Raz Tamir <ratamir> |
Severity: | high | Docs Contact: | |
Priority: | high | ||
Version: | 4.0.2.7 | CC: | acanan, bugs, grafuls, juan.hernandez, tnisan |
Target Milestone: | ovirt-4.0.4 | Flags: | amureini:
ovirt-4.0.z?
rule-engine: planning_ack? rule-engine: devel_ack+ rule-engine: testing_ack+ |
Target Release: | 4.0.4 | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2016-09-26 12:37:29 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | Storage | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Gonza
2016-08-22 10:56:14 UTC
What version of the SDK are you using? The "Version" field says 4.0.0a, but in the description you mention "ovirt-engine-sdk-python-3.6.8.0-1" which is version 3, not 4. Are you sending filter=True ? When I try to do this I get the following error message: 2016-08-22 18:01:28,664 INFO [org.ovirt.engine.core.bll.storage.disk.AddDiskCommand] (default task-10) [7f7a51b0] No permission found for user '6626f723-d2cd-4b74-a4c3-e01982ca66b5' or one of the groups he is member of, when running action 'AddDisk', Required permissions are: Action type: 'USER' Action group: 'CREATE_DISK' Object type: 'System' Object ID: 'aaa00000-0000-0000-0000-123456789aaa'. I'd say that in version 4 of the engine the creating a virtual machine disk requires the "CREATE_DISK" permissions on the system object, and the "UserVmManager" role doesn't include such permission. In addition, if I try to create the disk specifying the name of the storage domain, I get the following: 2016-08-22 18:13:27,476 INFO [org.ovirt.engine.core.bll.aaa.CreateUserSessionCommand] (default task-14) [471220c3] Running command: CreateUserSessionCommand internal: false. 2016-08-22 18:13:27,585 ERROR [org.ovirt.engine.core.bll.storage.domain.GetAllStorageDomainsQuery] (default task-10) [] Query execution failed due to insufficient permissions. 2016-08-22 18:13:27,586 ERROR [org.ovirt.engine.api.restapi.resource.AbstractBackendResource] (default task-10) [] Operation Failed: query execution failed due to insufficient permissions. That happens because in order to find the identifier of the storage domain the API uses the GetAllStorageDomainsQuery, and the user doesn't have permissions to execute that. None of these are specific to the SDK, or can be solved in the SDK, so I'm moving the bug to the engine. (In reply to Juan Hernández from comment #1) > What version of the SDK are you using? The "Version" field says 4.0.0a, but > in the description you mention "ovirt-engine-sdk-python-3.6.8.0-1" which is > version 3, not 4. Yes, that is the correct version -> "ovirt-engine-sdk-python-3.6.8.0-1". Verified on ovirt-engine-4.0.4-0.1.el7ev.noarch and with ovirt-engine-sdk-python-3.6.8.0-1.el7ev.noarch, python-ovirt-engine-sdk4-4.0.0-1.el7ev.x86_64
api = API(url=host, username=user, password=password, insecure=True)
>>> disks = api.disks.list()
>>> disk_obj = [d for d in disks if d.get_alias() == 'test_disk'][0]
>>> vms = api.vms.list()
>>> vm_obj = vms[-1]
>>> vm_obj.disks.add(disk_obj)
<ovirtsdk.infrastructure.brokers.VMDisk object at 0x7f9321353750>
Disk was successfully attached to VM
|