Created attachment 566317 [details] Profile global user Description of problem: Below are the list of buttons to be removed for user with "Profile global user' role Button to be removed for Profile Global user: 1.Edit Catalog (monitor-->catalog--> default--> edit) button should be removed 2.Delete button from user section (of 'Non-admin" users) should be removed 3.Instead of showing a blank screen for (Cloud,comp. outline,"settings') ,its better to display "No sufficient privileges to view" etc 4.Delete button from (catalog, Application blueprint) should be removed 5.Delete button from hardware should be removed Additional info: Attached a Document with all the screen shot for above points(Profile global user.odt) [root@intel-d3c69-01 ~]# rpm -qa | grep aeolus aeolus-conductor-0.8.0-36.el6.noarch aeolus-conductor-daemons-0.8.0-36.el6.noarch rubygem-aeolus-image-0.3.0-10.el6.noarch rubygem-aeolus-cli-0.3.0-10.el6.noarch aeolus-all-0.8.0-36.el6.noarch aeolus-conductor-doc-0.8.0-36.el6.noarch aeolus-configure-2.5.0-15.el6.noarch
ii) Buttons to be removed for "Profile Administrator" role 1.Edit Catalog (monitor-->catalog--> default--> edit) button should be removed 2.Delete button from user section (of 'Non-admin" users) should be removed 3.Delete button from (catalog, Application blueprint) should be removed 4.Instead of showing a blank screen for (Cloud,comp. outline,"settings') ,its better to display "No sufficient privileges to view" etc please refer the same screen shot document to know the buttons.
iii) Buttons to be removed for "Cluster Administrator" and "Application blueprint global user" 1.Edit Catalog (monitor-->catalog--> default--> edit) button should be removed 2.Delete button from user section (of 'Non-admin" users) should be removed 3.Delete button from (catalog, Application blueprint) should be removed 4.Instead of showing a blank screen for (Cloud,comp. outline,"settings') ,its better to display "No sufficient privileges to view" etc 5.Delete button from hardware should be removed Also observed this bug https://bugzilla.redhat.com/show_bug.cgi?id=795666 please refer the same screen shot document to know the buttons.
iv) Buttons to be removed for "Application blueprint administrator" 1.Edit Catalog (monitor-->catalog--> default--> edit) button should be removed 2.Delete button from user section (of 'Non-admin" users) should be removed 3.Instead of showing a blank screen for (Cloud,comp. outline,"settings') ,its better to display "No sufficient privileges to view" etc 4.Delete button from catalog should be removed 5.Delete button from hardware should be removed Below bugs are also observed for this user https://bugzilla.redhat.com/show_bug.cgi?id=795666 https://bugzilla.redhat.com/show_bug.cgi?id=798166 please refer the same screen shot document to know the buttons.
v)Buttons to be removed for "Provider Creator" 1.Edit Catalog (monitor-->catalog--> default--> edit) button should be removed 2.Delete button from user section (of 'Non-admin" users) should be removed 3.Instead of showing a blank screen for (Cloud,comp. outline,"settings') ,its better to display "No sufficient privileges to view" etc 4.Delete button from (catalog, Application blueprint) should be removed 5.Delete button from hardware should be removed 6.After revoking Provider creator role “+Create new cloud resource provider” link exists,but when clicked on it “No prvilieges to add” ,so should remove/disable this button(Create provider.png) ****Note******: Sorry Forgot to mention this point on the first comment: All these button should be disabled or removed from the UI as User is getting "You have insufficient privileges to perform the selected action" when clicking on these button.
Created attachment 566324 [details] create provider
OK first of all we don't hide things based on "role assignment" -- we hide things based on a user not having specific rights to that action. If you could re-state the problem like this: "user <...> is logged in with exactly these roles assigned <...> Currently, the following actions/links/text/etc are displayed which should be hidden: 1... 2... That way we can determine what's being shown correctly and what's not. I'd rather deal with the exceptions now (i.e. what's broken), since I believe in the majority of cases we're hiding stuff properly. Ideally this would be done with the fix for bug 788148 applied, since that fixes some known role problems around Clouds and Zones. Note that you should do this
moving to 1.1
Cloud Engine/conductor 2.0 is not currently planned; this code is no longer maintained.