Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 845279

Summary: user portal [MLA/Quota]: quota is not functional for users without domain/DC permissions
Product: Red Hat Enterprise Virtualization Manager Reporter: Dafna Ron <dron>
Component: ovirt-engineAssignee: Oved Ourfali <oourfali>
Status: CLOSED WONTFIX QA Contact: Dafna Ron <dron>
Severity: urgent Docs Contact:
Priority: high    
Version: 3.1.0CC: dfediuck, dyasny, iheim, jwulf, lpeer, mkenneth, Rhev-m-bugs, yeylon, ykaul
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard: sla
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2012-08-13 08:57:34 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: SLA RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Dafna Ron 2012-08-02 14:33:29 UTC 
Description of problem:

users with UserRole whom are added to a quota as consumers are unable to create disks for their vm's and defiantly cannot create a vm.
we have to give the users UserVmManager on domain or DC to be able to create a vm/disk to their own vm and since the permissions are inherited we are giving these permissions to all other vm's under the domain/DC. 

even if I give UserVmManager to the specific vm only I cannot see any of the domains and so I cannot create a disk for the vm. 

as a result - the quota is not functional for users without domain/DC permissions. 

Version-Release number of selected component (if applicable):

si12

How reproducible:

100%

Steps to Reproduce:
1. add a quota on a domain
2. create a user + vm + quota and add user to the vm permissions as UserRole/UserVmManager and to the consumer list under the quota
3. log in to the user portal and try to create a disk for the vm
  
Actual results:

we cannot create a disk for the vm even if we are under the consumer list. 
user can only create a disk/vm if they are given permissions on the domain or DC (and in which case they can see all vm's under that object)

Expected results:

user added to the consumer list should be able to create a disk from the quota. 

Additional info:
Comment 1 Oved Ourfali 2012-08-13 08:57:34 UTC 
Closing, as currently, when working with quota, you still need to set the permissions.
The quota will only limit the usage of the DC resources.

So, in your case, the user needs to be VmCreator on the DC (which will alow him to create both VMs on all clusters, and disks on all storage domains).