search

OpenNebula / one

The open source Cloud & Edge Computing Platform bringing real freedom to your Enterprise Cloud 🚀
http://opennebula.io
Apache License 2.0
1.19k stars 472 forks source link

Unable to remove quotas, usage quotas for unusable resources #6573

Open OpenNebulaSupport opened 2 months ago

OpenNebulaSupport commented 2 months ago

Description If we configure a usage quota for a particular resource for a user or group, and then that user/group is restricted from using the resource, the quota is kept and can not be removed. This can result in confusing scenarios like groups having usage quotas for datastores that they can not use.

The user should be able to remove a quota to avoid confusing scenarios. Further, usage quotas should be present only when the user/group has at least use access to the resource. Resource usage permissions modification (chmod) should affect user/group quotas, hiding or removing them (TBD).

To Reproduce Use case 1: setting a usage quota for an non-usable resource Create a user/group (e.g. "new"). Create a resource (image, datastore, etc.) in a different group (e.g. "old"). Restrict the usage of the resource to its group ("old") Create a usage quota for the "new" group, definining the usage limits for the resource

Expected behavior: OpenNebula checks the accessibility of the resource for that particular user/group and rejects the creation of the new quota.

Use case 2: removing use permissions and quota is kept Create a user/group (e.g. "new"). Create a resource (image, datastore, etc.) in a different group (e.g. "old"). Allow the usage of the resource to all groups (Others, Use permission) Create a usage quota for the "new" group, definining the usage limits for the resource Restrict the usage of the resource to its group ("old")

Expected behavior: OpenNebula should hide/remove the quota on the "new" group.

Use case 3: removing a quota Create a new quota for a particular group and resource (e.g. using onegroup quota 1) Remove that quota using onegroup quota 1 The quota is not removed

Expected behavior: OpenNebula should remove the quota

Details

Progress Status

OpenNebulaSupport commented 2 months ago

Also, unable to remove quotas using onedb update-body <element> --id <ID>.