Description of problem: A user with UserVMManager role on a VM and StorageAdmin role on source SD can move it's disk to an SD without permissions. Version-Release number of selected component (if applicable): ovirt-engine-4.2.0-0.0.master.20171012160334.git6fb4578.el7.centos.noarch How reproducible: 100% Steps to Reproduce: 1. Create VM from blank template and grant UserVMManager permissions to 'user1' 2. Grant StorageAdmin permission on source SD to 'user1' 3. With 'user1', move disk from source SD to destination SD without permissions Actual results: 'user1' is able to move disk Expected results: 'user1' should not be able to move disk to an SD without permissions
This bug report has Keywords: Regression or TestBlocker. Since no regressions or test blockers are allowed between releases, it is also being identified as a blocker for this release. Please resolve ASAP.
Verified that after following steps in the description, the user 'test1' with UserVMManager permission to a VM and StorageAdmin permission to source SD cannot move disk to another SD. Message 'Error while executing action: User is not authorized to perform this action.' is displayed. Software Version:4.2.2.1-0.1.el7
Also verified for Software Version:4.2.2.2-0.1.el7.
This bugzilla is included in oVirt 4.2.2 release, published on March 28th 2018. Since the problem described in this bug report should be resolved in oVirt 4.2.2 release, it has been closed with a resolution of CURRENT RELEASE. If the solution does not work for you, please open a new bug report.