[Ovirt-devel] [PATCH 4/6] hardware_pool: search by path
lutter at redhat.com
Wed Aug 27 21:03:20 UTC 2008
On Wed, 2008-08-27 at 15:03 -0400, Perry N. Myers wrote:
> David Lutterkort wrote:
> > On Tue, 2008-08-26 at 10:11 -0400, Scott Seago wrote:
> >> I'm assuming the path-based pool lookup is just an alternate method of
> >> getting this from your API, as the id-based ones will all still work. I
> >> just realized that full path-based lookup will only work for users that
> >> have read permissions on the whole hierarchy. A user with lower-level
> >> permissions only (i.e. only read permissions for pools under
> >> '/default/engineering/qa' and write permissions for subpools below that)
> >> won't even see the top level pool.
> > I think that permissioning scheme is fundamentally flawed; at the very
> > least, any user that has permission on some pool should at least be
> > allowed to know about the existence of pools above "their" pools - they
> > may not be able to view any info about them, but at the very least, they
> > should know that they are there.
> Not necessarily. Consider the cloud computing model... The admins might
> know about the fact that there are hardware pools, but should a user of a
> VM even know that there is such a thing as a hardware pool? To them the
> hardware pools should be completely hidden in the UI, including the tree view.
Those are two separate things: whether the UI should show those pools or
not is separate from whether they are allowed to know that they exist.
If the UI does not show the HW pools, what does a user see if they have
permissions on two completely separate VM pools ? Do they appear as
separate root pools to them ? What if both pools are called 'mypool' ?
How would a user in that world tell an admin that they need to do
something in the user's VmPool ? Does the admin need to manually keep
track of where the 'mypool' VmPool is for user X and for user Y (which
might be completely different)
How should user X address their VmPool through the API ? If they can't
use an absolute path to the pool, do they need to divine the internal ID
of the pool ?
Smart pools might be able to help, but we really need a unique
user-visible name for each pool; whether and when the UI will show that
name is a completely separate issue.
More information about the ovirt-devel