Bug 1263758 - Enable non-admin users to list icons over REST
Enable non-admin users to list icons over REST
Status: CLOSED CURRENTRELEASE
Product: ovirt-engine
Classification: oVirt
Component: BLL.Virt (Show other bugs)
3.6.0
Unspecified Unspecified
medium Severity medium (vote)
: ovirt-3.6.0-ga
: 3.6.0
Assigned To: jniederm
Ondra Machacek
virt
: FutureFeature
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2015-09-16 11:31 EDT by jniederm
Modified: 2016-02-10 14:23 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2015-11-27 02:56:52 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: Virt
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
ofrenkel: ovirt‑3.6.0?
rule-engine: planning_ack?
ofrenkel: devel_ack+
rule-engine: testing_ack+


Attachments (Terms of Use)


External Trackers
Tracker ID Priority Status Summary Last Updated
oVirt gerrit 46245 master MERGED core: Permission based icon filtering: database part Never
oVirt gerrit 46246 master NEW core: Permission based icon filtering: backend part Never
oVirt gerrit 46474 ovirt-engine-3.6 MERGED core: Permission based icon filtering: database part Never
oVirt gerrit 46475 ovirt-engine-3.6 MERGED core: Permission based icon filtering: backend part Never

  None (edit)
Description jniederm 2015-09-16 11:31:27 EDT
Description of problem:
Enable non-admin users to call GET /api/icons

Steps to Reproduce:
1. Start engine with some non-admin user (aaa-jdbc can be the way)
2. Get list of icons over rest using non-admin user and header 'Filter: true' GET /api/icons

Actual results:
Request will fail because the underlying query in admin only (VdcQueryAuthType#Admin).

Expected results:
List of icons that are either predefined or associated with some entity the user has permissions to  (vm or template).
Comment 1 Ondra Machacek 2015-11-13 03:35:40 EST
$ curl -k -X GET -H "Accept: application/xml" -H "Content-Type: application/xml" -H "Filter: True" -v -u $USER $URL/icons/


<icons>
    <icon href="/ovirt-engine/api/icons/771965d4-eaa2-4063-9e5f-c43a1adc25cc" id="771965d4-eaa2-4063-9e5f-c43a1adc25cc">
        <media_type>image/png</media_type>
        <data>...</data>
    </icon>
    ...
</icons
Comment 2 Sandro Bonazzola 2015-11-27 02:56:52 EST
Since oVirt 3.6.0 has been released, moving from verified to closed current release.

Note You need to log in before you can comment on or make changes to this bug.