Bug 818554 - "Global Cluster Administrator" unable to edit/add Mapping to cluster
Summary: "Global Cluster Administrator" unable to edit/add Mapping to cluster
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: CloudForms Cloud Engine
Classification: Retired
Component: aeolus-conductor
Version: 1.0.0
Hardware: Unspecified
OS: Unspecified
high
medium
Target Milestone: rc
Assignee: Angus Thomas
QA Contact: Rehana
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2012-05-03 10:48 UTC by Rehana
Modified: 2013-01-24 21:59 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2013-01-24 21:59:54 UTC
Embargoed:


Attachments (Terms of Use)

Description Rehana 2012-05-03 10:48:11 UTC
Description of problem:


Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.Create a new user with role "Global Cluster admin",(along with the default role 'global profile user' role)
2.login as Global cluster admin
3.go to content -->cloud resource cluster
4.Add cluster 
5. Try adding mapping to cluster
  
Actual results:
Observed that cluster admin is unable to add/edit mapping to the cluster

Expected results:
As per the role doc "https://www.aeolusproject.org/redmine/projects/aeolus/wiki/Roles_list" 
" Global Realm Administrator should be allowed to modify front end realms"

Additional info:
rpm -qa | grep aeolus
aeolus-conductor-0.8.13-1.el6_2.noarch
aeolus-configure-2.5.3-1.el6.noarch
rubygem-aeolus-image-0.3.0-12.el6.noarch
rubygem-aeolus-cli-0.3.1-1.el6.noarch
aeolus-all-0.8.13-1.el6_2.noarch
aeolus-conductor-doc-0.8.13-1.el6_2.noarch
aeolus-conductor-daemons-0.8.13-1.el6_2.noarch

Comment 1 Rehana 2012-05-03 11:37:22 UTC
I understand the "Provider" account accessibility is required to do add/edit the mapping to cluster.

But it will be good to tell the user with what pre-requisite they need to have to use each role.

please let me know your thoughts on this?

Comment 2 Scott Seago 2012-05-03 13:54:41 UTC
You need to be able to access the Provider (not the provider account) to map to a given provider. Basically in order to map a realm/cluster to a provider (or provider realm) you need "cluster edit/admin" and access to the provider in question (since it's possible that some providers might have more restricted access). Global Provider User would give the user access to map all providers (so the user would need 'Global Cluster Administrator' and 'Global Provider User'), or you could grant the user individual access to the relevant providers.

I think this may be a duplicate bz, but I don't remember the original one was exactly.


Note You need to log in before you can comment on or make changes to this bug.