I didn't have access to the VM with my CS DB on it for a while, but I do now and checked the DB structure. I see the user table has a reference to the account table, so that's what I was expecting and hoped to see.
On Fri, Nov 14, 2014 at 11:48 AM, Mike Tutkowski < mike.tutkow...@solidfire.com> wrote: > I haven't looked at the DB tables for this, but presumably there is a user > table like we have an account table and you can figure out what account a > given user is in? That would be OK then. I just wasn't sure if we only > allowed you to go from account to user, but not user to account in the DB. > > On Fri, Nov 14, 2014 at 11:39 AM, Mike Tutkowski < > mike.tutkow...@solidfire.com> wrote: > >> Can a username like "mike" be re-used in multiple accounts? >> >> For example: >> >> Acct1\mike >> Acct2\mike >> >> If so, the name "mike" would be insufficient to determine ownership of >> the resource in some situations (unless it was fully qualified with its >> account). >> >> On Fri, Nov 14, 2014 at 11:35 AM, Rohit Yadav <rohit.ya...@shapeblue.com> >> wrote: >> >>> Hi Min, >>> >>> Good to know. What do you propose we do moving forward. Do a refactoring >>> run to fix it or leave it as it is and perhaps add user_id columns to few >>> resources that are more useful for sysadmins such as vm_instance table. >>> >>> > On 14-Nov-2014, at 11:49 pm, Min Chen <min.c...@citrix.com> wrote: >>> > >>> > Rohit, >>> > >>> > I think that the historic reason for this is that CloudStack is only >>> > doing IAM access permission check on account level, user is only login >>> > authentication purpose. That is why we will see that all our CloudStack >>> > resource owner field is an account, since that is the only information >>> > used for controlling whether you have some permissions to the resource. >>> > Thanks >>> > -min >>> > >>> > On 11/14/14 12:53 AM, "Rohit Yadav" <rohit.ya...@shapeblue.com> wrote: >>> > >>> >> Hi, >>> >> >>> >> All CloudStack DB entities (VM, storage, network etc.) have an owner >>> >> field which is mostly the account. An account can have multiple users >>> so >>> >> just by looking at the resource (say VM) it¹s not possible to make out >>> >> which user in the account (owner or account_id field in the db row of >>> the >>> >> entity) created it. CloudStack users may want to know this information >>> >> for at least entities such as VMs and Volumes. >>> >> >>> >> Historically, why is the account owner of an entity and not a user? If >>> >> user were the owner, we could easily get the account Id using the >>> user Id. >>> >> >>> >> One solution to fix this problem is to refactor and replace Account >>> >> (interface) usage with UserAccount (interface) usage, fix the DAO and >>> >> resource layer, and add columns in the schema. This gets us all the >>> >> information we need to determine domainId, AccountId and Id (the user >>> >> ID). Should we do it for all entities or just keep status quo (use >>> >> account as owners), or just fix it on-demand basis for specific >>> entities >>> >> such as for user VMs [1]. >>> >> >>> >> [1] https://issues.apache.org/jira/browse/CLOUDSTACK-7908 >>> >> >>> >> Regards, >>> >> Rohit Yadav >>> >> Software Architect, ShapeBlue >>> >> M. +91 88 262 30892 | rohit.ya...@shapeblue.com >>> >> Blog: bhaisaab.org | Twitter: @_bhaisaab >>> >> >>> >> >>> >> >>> >> Find out more about ShapeBlue and our range of CloudStack related >>> services >>> >> >>> >> IaaS Cloud Design & >>> >> Build<http://shapeblue.com/iaas-cloud-design-and-build//> >>> >> CSForge rapid IaaS deployment framework< >>> http://shapeblue.com/csforge/> >>> >> CloudStack Consulting<http://shapeblue.com/cloudstack-consultancy/> >>> >> CloudStack Software >>> >> Engineering<http://shapeblue.com/cloudstack-software-engineering/> >>> >> CloudStack Infrastructure >>> >> Support<http://shapeblue.com/cloudstack-infrastructure-support/> >>> >> CloudStack Bootcamp Training >>> >> Courses<http://shapeblue.com/cloudstack-training/> >>> >> >>> >> This email and any attachments to it may be confidential and are >>> intended >>> >> solely for the use of the individual to whom it is addressed. Any >>> views >>> >> or opinions expressed are solely those of the author and do not >>> >> necessarily represent those of Shape Blue Ltd or related companies. If >>> >> you are not the intended recipient of this email, you must neither >>> take >>> >> any action based upon its contents, nor copy or show it to anyone. >>> Please >>> >> contact the sender if you believe you have received this email in >>> error. >>> >> Shape Blue Ltd is a company incorporated in England & Wales. ShapeBlue >>> >> Services India LLP is a company incorporated in India and is operated >>> >> under license from Shape Blue Ltd. Shape Blue Brasil Consultoria Ltda >>> is >>> >> a company incorporated in Brasil and is operated under license from >>> Shape >>> >> Blue Ltd. ShapeBlue SA Pty Ltd is a company registered by The >>> Republic of >>> >> South Africa and is traded under license from Shape Blue Ltd. >>> ShapeBlue >>> >> is a registered trademark. >>> > >>> >>> Regards, >>> Rohit Yadav >>> Software Architect, ShapeBlue >>> M. +91 88 262 30892 | rohit.ya...@shapeblue.com >>> Blog: bhaisaab.org | Twitter: @_bhaisaab >>> >>> >>> >>> Find out more about ShapeBlue and our range of CloudStack related >>> services >>> >>> IaaS Cloud Design & Build< >>> http://shapeblue.com/iaas-cloud-design-and-build//> >>> CSForge – rapid IaaS deployment framework<http://shapeblue.com/csforge/> >>> CloudStack Consulting<http://shapeblue.com/cloudstack-consultancy/> >>> CloudStack Software Engineering< >>> http://shapeblue.com/cloudstack-software-engineering/> >>> CloudStack Infrastructure Support< >>> http://shapeblue.com/cloudstack-infrastructure-support/> >>> CloudStack Bootcamp Training Courses< >>> http://shapeblue.com/cloudstack-training/> >>> >>> This email and any attachments to it may be confidential and are >>> intended solely for the use of the individual to whom it is addressed. Any >>> views or opinions expressed are solely those of the author and do not >>> necessarily represent those of Shape Blue Ltd or related companies. If you >>> are not the intended recipient of this email, you must neither take any >>> action based upon its contents, nor copy or show it to anyone. Please >>> contact the sender if you believe you have received this email in error. >>> Shape Blue Ltd is a company incorporated in England & Wales. ShapeBlue >>> Services India LLP is a company incorporated in India and is operated under >>> license from Shape Blue Ltd. Shape Blue Brasil Consultoria Ltda is a >>> company incorporated in Brasil and is operated under license from Shape >>> Blue Ltd. ShapeBlue SA Pty Ltd is a company registered by The Republic of >>> South Africa and is traded under license from Shape Blue Ltd. ShapeBlue is >>> a registered trademark. >>> >> >> >> >> -- >> *Mike Tutkowski* >> *Senior CloudStack Developer, SolidFire Inc.* >> e: mike.tutkow...@solidfire.com >> o: 303.746.7302 >> Advancing the way the world uses the cloud >> <http://solidfire.com/solution/overview/?video=play>*™* >> > > > > -- > *Mike Tutkowski* > *Senior CloudStack Developer, SolidFire Inc.* > e: mike.tutkow...@solidfire.com > o: 303.746.7302 > Advancing the way the world uses the cloud > <http://solidfire.com/solution/overview/?video=play>*™* > -- *Mike Tutkowski* *Senior CloudStack Developer, SolidFire Inc.* e: mike.tutkow...@solidfire.com o: 303.746.7302 Advancing the way the world uses the cloud <http://solidfire.com/solution/overview/?video=play>*™*
