[racktables-users] Re: Permissions Assistance

• From: Denis Ovsienko <pilot@xxxxxxxxxx>
• To: racktables-users@xxxxxxxxxxxxx
• Date: Wed, 30 Sep 2009 16:42:06 +0400

On Mon, 28 Sep 2009 16:01:02 -0500 Don Greer wrote:

[...]

> 1.    While I can allow users to get into $page_ipv4space and
> $page_ipv4, I cannot allow them into $page_ipaddress because the
> ownership of a network does not propagate to individual addresses.
> Allowing access to ANY $page_ipaddress page will allow them to manually
> change the "ip=" value and edit other customer's addresses (Not a Good
> Thing (tm)).
> 2.    There is no method by which to force the filters on individual
> pages (or pull-downs) such that users ONLY see their Objects, racks,
> etc. associated with a specific tag.  This IS handled in a round-about
> way on $page_rackspace, where racks owned by people other than the user
> are blacked out, but as we grow the datacenter, that too will become a
> bit of a needle-in-the-haystack problem.  Utilizing the page filters in
> a forceful way (e.g. administratively turning on a filter for "Cust1
> Assets" on pages being access by "Cust1 Users") would work much better
> and present a cleaner interface for the end user.  Ideally this would
> also be applied to the pull-downs for Objects, interfaces, etc.
> 3.    There's no way (I think) to force a tag on objects created by a
> user or allow inheritance of permissions in some way.  For instance, I'd
> like to force any Object created by "Cust1 Users" to have the tag "Cust1
> Assets" forced on.  This would allow the user to create his objects for
> the equipment he is wanting installed in his cabinet prior to shipping,
> alleviating my staff from having to do all this manually.  The customer
> can then ship the equipment to us and we already know where it goes, how
> it's cabled, etc.
> 
>  
> 
>   There are several other things that have cropped up, but these are the
> major issues that are going to prevent me from fully implementing this
> package in this environment.

Well, I don't have a prompt solution for all of this. These are all good
points, which I have already spent time on trying to design. It wasn't
really critical for my environment, so I was able to postpone. Let's
see, if I can design it better with your feedback. Which one item would
you like to address first?

-- 
    Denis Ovsienko

• Follow-Ups:
  • [racktables-users] Re: Permissions Assistance
    • From: Don Greer

• References:
  • [racktables-users] Permissions Assistance
    • From: Don Greer

Other related posts:

• » [racktables-users] Permissions Assistance- Don Greer
• » [racktables-users] Re: Permissions Assistance- Jeroen Benda
• » [racktables-users] Re: Permissions Assistance - Denis Ovsienko
• » [racktables-users] Re: Permissions Assistance- Don Greer

1. Home
2. racktables-users
3. Archive
4. 09-2009

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---