API listRouters is permitted to domain admin since the implementation of dynamic roles.
the file engine/schema/src/main/resources/META-INF/db/create-default-role-api-mappings.sql has the following sql
INSERT INTO `cloud`.`role_permissions` (`uuid`, `role_id`, `rule`, `permission`, `sort_order`) values (UUID(), 3, 'listRouters', 'ALLOW', 194) ON DUPLICATE KEY UPDATE rule=rule;
There are few issues on UI
(1) domain admin can list virtual routers of isolated networks , but get a 404 error when view the details of routers.
(2) the api response of listrouters does not have information of guest nic
(3) domain admin cannot list virtual routers of shared networks (scope is Domain or Account).
First of all, do we need to add this role permission by default ?
ISSUE TYPE
COMPONENT NAME
CLOUDSTACK VERSION
CONFIGURATION
OS / ENVIRONMENT
SUMMARY
STEPS TO REPRODUCE
EXPECTED RESULTS
ACTUAL RESULTS
API
listRoutersis permitted to domain admin since the implementation of dynamic roles.the file
engine/schema/src/main/resources/META-INF/db/create-default-role-api-mappings.sqlhas the following sqlThere are few issues on UI
(1) domain admin can list virtual routers of isolated networks , but get a 404 error when view the details of routers.
(2) the api response of listrouters does not have information of guest nic
(3) domain admin cannot list virtual routers of shared networks (scope is Domain or Account).
First of all, do we need to add this role permission by default ?
ISSUE TYPE
COMPONENT NAME
CLOUDSTACK VERSION
CONFIGURATION
OS / ENVIRONMENT
SUMMARY
STEPS TO REPRODUCE
EXPECTED RESULTS
ACTUAL RESULTS