cloudstack-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Nitin Mehta (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CLOUDSTACK-3364) [UI] normal users are not allowed to edit their own iso
Date Wed, 09 Oct 2013 00:29:42 GMT

    [ https://issues.apache.org/jira/browse/CLOUDSTACK-3364?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13789871#comment-13789871
] 

Nitin Mehta commented on CLOUDSTACK-3364:
-----------------------------------------

Answers inline.

From: Jessica Wang <Jessica.Wang@citrix.com<mailto:Jessica.Wang@citrix.com>>
Date: Tuesday 8 October 2013 5:10 PM
To: "<dev@cloudstack.apache.org<mailto:dev@cloudstack.apache.org>>" <dev@cloudstack.apache.org<mailto:dev@cloudstack.apache.org>>
Cc: Alena Prokharchyk <Alena.Prokharchyk@citrix.com<mailto:Alena.Prokharchyk@citrix.com>>,
Nitin Mehta <nitin.mehta@citrix.com<mailto:nitin.mehta@citrix.com>>, Shweta Agarwal
<Shweta.Agarwal@citrix.com<mailto:Shweta.Agarwal@citrix.com>>
Subject: questions about registerIso API and updateIsoPermissions API

Hi,

I have questions about registerIso API and updateIsoPermissions API.

(1) A normal user is allowed to specify isextractable property when registering an ISO (through
registerIso API),
but NOT allowed to update isextractable property when updating an ISO (through updateIsoPermissions
API).
Is this by design or it's just an API bug?

Nitin>> This is a grey area. This was done for templates (Isos just inherited it) because
derived templates may or may not belong to the same user and we want to follow the principle
of least privilege.
At the moment, I think that for Isos we should allow to edit it so would call it an API bug.

(2) A normal user is NOT allowed to specify isfeatured property when registering an ISO (through
registerIso API),
but allowed to update isfeatured property when updating an ISO (through updateIsoPermissions
API)?
Is this by design or it's just an API bug?

Nitin>> Register Iso does provide an option to mark an ISO featured. I see that in the
latest master.


> [UI] normal users are not allowed to edit their own iso
> -------------------------------------------------------
>
>                 Key: CLOUDSTACK-3364
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-3364
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the default.) 
>          Components: UI
>    Affects Versions: 4.2.0
>            Reporter: shweta agarwal
>            Assignee: Jessica Wang
>             Fix For: 4.2.1
>
>
> Repro steps:
> 1.Create a domain
> 2.create a account under that domain
> 3.create a ISO as a account under the non root domain
> 4.Edit the ISO
> BUg :
> gets message: 
> Only ROOT admins are allowed to modify this attribute.
> API:
> http://10.147.38.141:8080/client/api?command=updateIsoPermissions&response=json&sessionkey=8rczMjm4sfljFOEi6dL2xT631sc%3D&id=2b8c87a0-4325-418d-80af-ce6f691edcd7&zoneid=bfdf7ac5-16c3-491e-aabd-f7ad696612b8&ispublic=false&isfeatured=false&isextractable=false&_=1372941865923
> response:
> { "updateisopermissionsresponse" : {"uuidList":[],"errorcode":431,"cserrorcode":4350,"errortext":"Only
ROOT admins are allowed to modify this attribute."} }
> This may be because in case of edit ISO we show  extractable and featured field as editable
to normal user , which normal user is not allowed to do  and api passes these as parameters
> In case of template these fields are shown as non editable hence API passed does not
contain isfeatured and isextractable fields



--
This message was sent by Atlassian JIRA
(v6.1#6144)

Mime
View raw message