[one-users] Member of oneadmin group unable to see user/groups

Daniel Molina dmolina at opennebula.org
Wed Nov 27 07:26:34 PST 2013 

On 27 November 2013 16:19, Stefan Kooman <stefan at bit.nl> wrote:

> Quoting Daniel Molina (dmolina at opennebula.org):
> > Hi Stefan,
> >
> >
> > On 27 November 2013 14:03, Stefan Kooman <stefan at bit.nl> wrote:
> >
> > > Hi,
> > >
> > > I made a priviliged user (member of oneadmin group) but this user is
> > > unable to see users / groups / ACLs or any other resource that needs
> > > more than default priviliges in sunstone. Testing this on 4.3.90. Can
> > > someone re-produce this behaviour?
> > >
> >
> > Could you check this user is using the admin view, you can change the
> view
> > from the settings dialog clicking in the top right corner of sunstone.
> >
> > If you didn't change the configuration in
> ''/etc/one/sunstone-views.yaml'',
> > users in the oneadmin group should be able to use any view:
> >
> > groups:
> >     oneadmin:
> >         - admin
> >         - vdcadmin
> >         - user
> >         - cloud
> >
> > Cheers
> If have pinpointed the issue and found a "workaround". It doesn't need
> to be a "privileged" user. Any new user that has appropriate permissions
> is _unable_ to see any resources. If, however, the user updates it's
> config (settings -> update config) he _is_ able to see al the resources
> all of the sudden. The difference between "before" and "after" this
> change is the following:
>
> The user has the following extra attributes:
>
> DEFAULT_VIEW
> LANG
> TABLE_ORDER
> VNC_WSS
>
> What kind of magic happens when a user applies "update config"?
>

After updating the config this variable is populated based on the select
option:
    session[:default_view] = user['TEMPLATE/DEFAULT_VIEW']

Otherwise the default_view is generated form the username and group:
    session[:default_view] = $views_config.available_views(session[:user],
session[:user_gname]).first

And the available views will return the first view if there is any defined
for the user or group or the default one from
''/etc/one/sunstone-views.yaml'':
    def available_views(user_name, group_name)
        available_views = @views_config['users'][user_name] if
@views_config['users']
        available_views ||= @views_config['groups'][group_name] if
@views_config['groups']
        available_views ||= @views_config['default']

        return available_views
    end

Therefore, "update config" should not be required using the the default
config files

In this guide, it's explained how to change the views for each user/groups
http://opennebula.org/documentation:rel4.4:suns_views#configuring_access_to_the_views




>
> Gr. Stefan
>
>
>
>
> --
> | BIT BV  http://www.bit.nl/        Kamer van Koophandel 09090351
> | GPG: 0xD14839C6                   +31 318 648 688 / info at bit.nl
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.10 (GNU/Linux)
>
> iF4EAREIAAYFAlKWDWQACgkQTyGgYdFIOcZXHQEAwqwZVMm5d2YZtAKwYjJ+ezfs
> dXJjUS6IInmH4UGNC14A/0Hp0CPOHHR3MH/xY84Vjh0p0hvZXsdeuXZvXAmPBLye
> =gzne
> -----END PGP SIGNATURE-----
>
>


-- 
--
Daniel Molina
Project Engineer
OpenNebula - Flexible Enterprise Cloud Made Simple
www.OpenNebula.org | dmolina at opennebula.org | @OpenNebula
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opennebula.org/pipermail/users-opennebula.org/attachments/20131127/b19bc047/attachment-0002.htm>

More information about the Users mailing list