Bug 839569

Summary: [RHVM-ENGINE] Engine should not return all host details for non-admin users
Product: Red Hat Enterprise Virtualization Manager Reporter: Michael Pasternak <mpastern>
Component: ovirt-engineAssignee: Oved Ourfali <oourfali>
Status: CLOSED CURRENTRELEASE QA Contact: Ondra Machacek <omachace>
Severity: high Docs Contact:
Priority: urgent    
Version: 3.1.0CC: acathrow, bazulay, dyasny, iheim, lpeer, oourfali, oramraz, Rhev-m-bugs, sgrinber, yeylon, ykaul, yzaslavs
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard: infra
Fixed In Version: si12 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: Infra RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Michael Pasternak 2012-07-12 10:34:09 UTC 
Description of problem:

Engine should not return all host details for non-admin users

Expected results:

only 'display ip details' with the ip/port should be returned in host object,
also VdcQueryType.GetVdsCertificateSubjectByVdsId query should be permitted
for non-admin users or alternatively BE should expose host_subject via 
host property.
Comment 1 Itamar Heim 2012-07-12 21:48:51 UTC 
not sure if the correct approach is to keep GetVdsCertificateSubjectByVdsId as a user query, or wrap it with a user query of GetVdsCertificateSubjectByVmId
Comment 3 Michael Pasternak 2012-07-15 08:36:21 UTC 
at the end, users should not be able to GET /hosts resources at all,
but VM resource should expose display_addr/port/host_subject for console
Comment 4 Michael Pasternak 2012-07-15 13:44:52 UTC 
*** Bug 839227 has been marked as a duplicate of this bug. ***
Comment 5 Oved Ourfali 2012-07-24 12:17:55 UTC 
Posted a patch for that:
http://gerrit.ovirt.org/#/c/6542

Information on the contents of this patch (also answering Yaniv's question):
1. Block users from getting Host information via REST API (both host
resource, and relevant host data in the VM resource).
2. Add GetManagementInterfaceAddressByVmIdQuery, removing
GetManagementInterfaceAddressByVdsIdQuery (as it isn't used anywhere).
3. Add GetVdsCertificateSubjectByVmIdQuery which uses the existing
GetVdsCertificateSubjectByVdsIdQuery (as this query is also used in other scenarios).
4. Update VncConsoleModel and SpiceConsoleModel to work with the new
queries.

So, need to test that when using User level API:
1. The user can't access /api/hosts (error 403, forbidden)
2. The user can't access a specific host (/api/host/<some guid>).
3. When getting all VMs (/api/vms), or a specific one (/api/vms/<some guid>) the user doesn't see any host information.
4. When getting all VMs (/api/vms), or a specific one (/api/vms/<some guid>) the user neither sees any placement policy information, nor can change it! i.e, only administrators are allowed to change the placement policy.
Comment 6 Oved Ourfali 2012-07-25 10:41:05 UTC 
Commit: 1ca8d9e215bbf94138dac4ff1aa6055321fb438d

http://gerrit.ovirt.org/gitweb?p=ovirt-engine.git;a=commit;h=1ca8d9e215bbf94138dac4ff1aa6055321fb438d