Description of problem:
oVirt 4.2.2 adds the option for ISOs to be uploaded through the
web interface. There does not appear, however, to be a way to
grant a user permission that will allow end-users to upload ISOs
to one or more specific Data Domains through the web interface.
Granting the 'DiskCreator' role on a Data Domain to user does not
allow ISO uploads, although it allows disk uploads. Granting
the 'DiskCreator' System permission *does* work but that is
insufficiently granular because it allows the end-user to perform
those operations on *all* Data Domains.
Version-Release number of selected component (if applicable):
Grant a user 'SuperUser' and 'DiskCreator' roles on a specific Data Domain,
Attempt to upload an ISO to that Data Domain as that user.
Steps to Reproduce:
1. Log onto Administration Panel, then go to Storage -> Domain and choose a Data Domain.
2. Under the 'Permissions' sub-menu for that Data Domain add the 'SuperUser' and 'DiskCreator' Roles for a user that does not already have Administrator-level
3. Log onto the Administration Panel as that user, navigate to the chosen Data
Domain, go to to 'Disks' sub-menu and attempt to upload an ISO
A dialog appears:
Error while executing action: User is not authorized to perform this action."
The web interface shows the transfer/upload in progress and the ISO upload attempt succeeds, whereupon the ISO is available for use (booting VMs).
A corresponding entry appears in /var/log/ovirt-engine/engine.log
on the oVirt management server when an attempt at uploading an ISO
is made by the user:
(default task-40) [<TASK ID>] No permission found for user '<USER ID>' or one of the groups he is member of, when running action 'TransferImageStatus',
Required permissions are: Action type: 'USER' Action group:
'CREATE_DISK' Object type: 'System' Object ID: '<OBJECT ID>'.
This bug has not been marked as blocker for oVirt 4.3.0.
Since we are releasing it tomorrow, January 29th, this bug has been re-targeted to 4.3.1.
This bugzilla is included in oVirt 4.4.0 release, published on May 20th 2020.
Since the problem described in this bug report should be
resolved in oVirt 4.4.0 release, it has been closed with a resolution of CURRENT RELEASE.
If the solution does not work for you, please open a new bug report.