Bug 818554 - "Global Cluster Administrator" unable to edit/add Mapping to cluster
"Global Cluster Administrator" unable to edit/add Mapping to cluster
Status: CLOSED WONTFIX
Product: CloudForms Cloud Engine
Classification: Red Hat
Component: aeolus-conductor (Show other bugs)
1.0.0
Unspecified Unspecified
high Severity medium
: rc
: ---
Assigned To: Angus Thomas
Rehana
: Triaged
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2012-05-03 06:48 EDT by Rehana
Modified: 2013-01-24 16:59 EST (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2013-01-24 16:59:54 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Rehana 2012-05-03 06:48:11 EDT
Description of problem:


Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.Create a new user with role "Global Cluster admin",(along with the default role 'global profile user' role)
2.login as Global cluster admin
3.go to content -->cloud resource cluster
4.Add cluster 
5. Try adding mapping to cluster
  
Actual results:
Observed that cluster admin is unable to add/edit mapping to the cluster

Expected results:
As per the role doc "https://www.aeolusproject.org/redmine/projects/aeolus/wiki/Roles_list" 
" Global Realm Administrator should be allowed to modify front end realms"

Additional info:
rpm -qa | grep aeolus
aeolus-conductor-0.8.13-1.el6_2.noarch
aeolus-configure-2.5.3-1.el6.noarch
rubygem-aeolus-image-0.3.0-12.el6.noarch
rubygem-aeolus-cli-0.3.1-1.el6.noarch
aeolus-all-0.8.13-1.el6_2.noarch
aeolus-conductor-doc-0.8.13-1.el6_2.noarch
aeolus-conductor-daemons-0.8.13-1.el6_2.noarch
Comment 1 Rehana 2012-05-03 07:37:22 EDT
I understand the "Provider" account accessibility is required to do add/edit the mapping to cluster.

But it will be good to tell the user with what pre-requisite they need to have to use each role.

please let me know your thoughts on this?
Comment 2 Scott Seago 2012-05-03 09:54:41 EDT
You need to be able to access the Provider (not the provider account) to map to a given provider. Basically in order to map a realm/cluster to a provider (or provider realm) you need "cluster edit/admin" and access to the provider in question (since it's possible that some providers might have more restricted access). Global Provider User would give the user access to map all providers (so the user would need 'Global Cluster Administrator' and 'Global Provider User'), or you could grant the user individual access to the relevant providers.

I think this may be a duplicate bz, but I don't remember the original one was exactly.

Note You need to log in before you can comment on or make changes to this bug.