Hide Forgot
Description of problem: A regular user could not create namespace,but "oc create namespace" has no any prompt that the command is administrative command.When a regular user uses this command,the user gets "User "wsunview" cannot create namespaces at the cluster scope" Version-Release number of selected component (if applicable): oc v3.2.0.3 kubernetes v1.2.0-origin-41-g91d3e75 How reproducible: Always Steps to Reproduce: 1.Use a regular user to run `oc create namespace wsun-test ` 2.oc create namespace -h 3. Actual results: 1.$ oc create namespace wsun-test Error from server: User "wsunview" cannot create namespaces at the cluster scope 2.No any prompt this command is for cluster admin Expected results: The command should be moved to "oc adm" Additional info: $ oc adm -h Administrative Commands Commands for managing a cluster are exposed here. Many administrative actions involve interaction with the command-line client as well.
`oc create` is meant to be used as a CLI way of creating any kind of resource, without any previous knowledge of user permissions. Think of it as a more user-friendly, a "flags+arguments" way of creating what you could otherwise create from a json or yaml file in 'oc create -f'. So it's ok to any resource kind there, and throw permission errors when the given user doesn't have access to it.