It should be possible to add and remove assignments of roles to users on MAC Address pools via REST-API.
There are two reasons for this RFE: 1. If a ClusterAdmin or a DataCenterAdmin is responsible to manage a given Cluster or Datacenter, she has no permission to use any MAC Address Pool, and is for this reason not able to create a new Cluster. Bug 1808320 will give permission at least to the Default MAC Address Pool. 2. This way the management of permissions of MAC Address Pools would be consistent to the management of permissions of other entities.
Verified on: ovirt-engine-4.4.3.8-0.1.el8ev.noarch Steps: 1. # curl -s -k -u admin@internal:<psswd> https://<fqdn>/ovirt-engine/api/macpools/58ca604b-017d-0374-0220-00000000014e/permissions <?xml version="1.0" encoding="UTF-8" standalone="yes"?> <permissions> <permission href="/ovirt-engine/api/groups/eee00000-0000-0000-0000-123456789eee/permissions/58ca604b-017d-0374-0220-00000000014e" id="58ca604b-017d-0374-0220-00000000014e"> <group href="/ovirt-engine/api/groups/eee00000-0000-0000-0000-123456789eee" id="eee00000-0000-0000-0000-123456789eee"/> <role href="/ovirt-engine/api/roles/def00014-0000-0000-0000-def000000014" id="def00014-0000-0000-0000-def000000014"/> ... </permissions> 2. # cat add.xml <permission> <role> <name>SuperUser</name> </role> <user id="a452d394-02df-44fb-b9dd-689a714fc3c3"/> </permission> 3. # curl -s -k -H "Content-type: application/xml" -u admin@internal:<psswd> https://<fqdn>/ovirt-engine/api/macpools/58ca604b-017d-0374-0220-00000000014e/permissions -d @add.xml Results: permissions endpoint present on macpool api, superuser permission successfully added on macpool for user a452d394-02df-44fb-b9dd-689a714fc3c3
This bugzilla is included in oVirt 4.4.3 release, published on November 10th 2020. Since the problem described in this bug report should be resolved in oVirt 4.4.3 release, it has been closed with a resolution of CURRENT RELEASE. If the solution does not work for you, please open a new bug report.