rhtyd edited a comment on issue #475: URL: https://github.com/apache/cloudstack-primate/issues/475#issuecomment-652147779
@PaulAngus we also show the information in most screens (detail views if not list/table view) in legacy UI, ultimately the API response contains account and domain information for resources that a user is allowed to call/see. Example screenshots from legacy UI, templates have the account/domain information for an account of role type User:  Example screenshots from legacy UI, projects have the account/domain information for an account of role type User who was invited to be part of the project:  Domain admin would be able to see resources in the domain created/owned by other accounts, so I reviewed the list of resources mentioned in this ticket for the "User" role accounts; Most items in the following list will have the "User" account's own resources and do not usually possess a leakage of account and domain information to other "User" accounts: Kubernetes Instance Groups SSH Key Pairs Affinity Groups Volumes Snapshots VM Snapshots Backups Guest Networks (I checked shared networks say created by an Admin account will only leak domain but not account name) VPC Security Groups Public IP addresses VPN Customer Gateway Only the following resources are generally shared with other accounts/projects which may show the account/domain information: Templates ISOs Projects In summary, this is not a UI blocker: - the API response is returning the information and so does the legacy UI show the same information in detail view (if not list view) - some enterprise users may argue on backward compatibility and want the behaviour continued and may they want their accounts to know which account/domain was responsible for creating and sharing a community/shared template/iso and project - while public clouds may not have this issue if they don't allow creating/sharing of public templates/isos I'll lower the severity to Major, if you disagree start a discussion thread on dev@ @PaulAngus ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
