Jorge Luiz Correa created CLOUDSTACK-10465:
----------------------------------------------
Summary: Restricting instance deletion to the creator.
Key: CLOUDSTACK-10465
URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10465
Project: CloudStack
Issue Type: New Feature
Security Level: Public (Anyone can view this level - this is the default.)
Reporter: Jorge Luiz Correa
It will be important if we can restrict deletion of an instance to the creator
only.
For example, in a Project with some users. If user A creates an instance, only
user A can delete it. This will avoid one user to delete instances from another
by mistake.
The main scope of this feature is "Project", where more than one user can
delete instances. "Project Admin" should always delete any instance to keep the
administration role. But, there should be a role (maybe normal user) under this
restriction.
The changes can be made in destroyVirtualMachine() API. API can identify in
what Project the instance is, so check if only.owner.delete is true and limit
the API actions.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
