Bug 854296
Summary: | vm.start() doesn't work for users with 'vm_basic_operations' permissions | ||||||
---|---|---|---|---|---|---|---|
Product: | Red Hat Enterprise Virtualization Manager | Reporter: | Ondra Machacek <omachace> | ||||
Component: | ovirt-engine-restapi | Assignee: | Oved Ourfali <oourfali> | ||||
Status: | CLOSED CURRENTRELEASE | QA Contact: | Ondra Machacek <omachace> | ||||
Severity: | high | Docs Contact: | |||||
Priority: | unspecified | ||||||
Version: | unspecified | CC: | clasohm, dyasny, ecohen, iheim, lpeer, mkenneth, mpastern, oourfali, oramraz, Rhev-m-bugs, yeylon, ykaul | ||||
Target Milestone: | --- | ||||||
Target Release: | --- | ||||||
Hardware: | Unspecified | ||||||
OS: | Unspecified | ||||||
Whiteboard: | virt | ||||||
Fixed In Version: | si18 | Doc Type: | Bug Fix | ||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2012-12-04 20:02:41 UTC | Type: | Bug | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Attachments: |
|
Description
Ondra Machacek
2012-09-04 15:06:56 UTC
Do you have the engine logs? (just making sure it is indeed an MLA issue, and not a problem somewhere in the API). Thank you. I tried to reproduce this issue, and both Start and Stop work for me. What were the exact permissions you gave the user? Were the permissions granted via the SDK/CLI? Can you give the exact steps to reproduce? Created attachment 609938 [details]
engine log
Just making sure - did you see my second comment? I wasn't able to reproduce it, so more details will be helpful in finding the problem. I saw in the log that the failed query was GetVmByVmId, but you should be able to see the VM if the have the correct permissions on it. Steps: In webadmin as admin do: 1) Create VM with name 'a'. 2) In permissions tab add permission to user 'someuser' and assing it 'UserRole' role Then run this code: API = ovirtsdk.api.API( url='https://10.34.63.30:443/api', insecure=True, username='someuser', password='123456', filter=True) vm = API.vms.get('a') vm.start() # Fails with error specified in decription ----------------------------------------------------- vm.stop() worsk fine In userportal everything works fine(start, stop). Also this works: $curl -k -X POST -H "Content-type: application/xml" -H "Accept: application/xml" -H "Filter: True" -d "<action/>" -u portaluser2.eng.brq.redhat.com:123456 https://10.34.63.30/api/vms/vm-id/start (In reply to comment #5) > Steps: > > In webadmin as admin do: > 1) Create VM with name 'a'. > 2) In permissions tab add permission to user 'someuser' and assing it > 'UserRole' role > > > Then run this code: > API = ovirtsdk.api.API( > url='https://10.34.63.30:443/api', > insecure=True, username='someuser', it cannot be related to sdk, make sure you used in sdk same user you are using in gui/api/curl btw, what version of sdk you are using?, on sdk < 3.1.0.8 you had to specify filter=true in methods as well. (In reply to comment #7) > btw, what version of sdk you are using?, on sdk < 3.1.0.8 you had to > specify filter=true in methods as well. There is an issue there. The "filter" header isn't passed to the start VM operation. Will post a fix soon. lack of rsdl descriptor Posted patch to gerrit: http://gerrit.ovirt.org/7769 Commit: 292c58575c7ea6b6cd5c8fcff6d583b29a16b0eb http://gerrit.ovirt.org/gitweb?p=ovirt-engine.git;a=commit;h=292c58575c7ea6b6cd5c8fcff6d583b29a16b0eb |