Feature #2297
closed
Ability for admins to lock certain templates, hostgroups, and disk layouts from editing
Description
I'm setting up a server for use by multiple organizations.
I'd like to provide them with access to some base working kickstarts, snippets, pxe templates, disk layouts, and hostgroups to get them started.
At the same time I am expecting at least some people will want to create, edit, and delete templates, but I fully expect that if I give full access someone is going to break one of the ones shared to all.
So my options seem to be either revoking at least edit/delete which makes create less appealing as well or making 13 copies of each (13 orgs times 8 templates/layouts off the top of my head) template, disk layout, and hostgroup we use for each org, so they will only harm their own org if they break something.
Neither seems like a very good approach.
Updated by Ohad Levy about 11 years ago
I would assume is relevant to parameters? (class vars, smart vars etc)
Updated by Anonymous about 11 years ago
It might be helpful to be able to lock them as well, but I don't think I'm as immediately concerned about them. Sam mentioned the idea of an acl system as well, which would be great. But I would settle for being able to lock certain ones down.
Updated by Stephen Benjamin almost 10 years ago
- Related to Tracker #6631: Provisioning Template Improvements added
Updated by Stephen Benjamin almost 10 years ago
- Related to Feature #1646: Add feature to clone provisioning templates added
Updated by Stephen Benjamin almost 10 years ago
- Related to Feature #3103: Read only provisioning/config templates for plugins added
Updated by Marek Hulán about 7 years ago
- Description updated (diff)
- Status changed from New to Resolved
I think one can achieve all of that already with granular permission system and in case of partition tables and provisioning templates, one could even use the locking mechanism. Please let me know if I misunderstood the request, I'd reopen the issue.