[libvirt] [PATCH] docs: fix acl permission docs
We have been grouping network-port and nwfilter-binding permissions under virNetworkPtr and virNWFilterPtr respectively. Add the two missing classes that were matched because they contain a substring of others. Signed-off-by: Ján Tomko <jtomko@redhat.com> --- docs/genaclperms.pl | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/docs/genaclperms.pl b/docs/genaclperms.pl index d878321a90..34c526021c 100755 --- a/docs/genaclperms.pl +++ b/docs/genaclperms.pl @@ -22,7 +22,8 @@ use warnings; my @objects = ( "CONNECT", "DOMAIN", "INTERFACE", - "NETWORK","NODE_DEVICE", "NWFILTER", + "NETWORK_PORT", "NETWORK", "NODE_DEVICE", + "NWFILTER_BINDING", "NWFILTER", "SECRET", "STORAGE_POOL", "STORAGE_VOL", ); -- 2.20.1
On Thu, Jun 27, 2019 at 05:44:34PM +0200, Ján Tomko wrote:
We have been grouping network-port and nwfilter-binding permissions under virNetworkPtr and virNWFilterPtr respectively.
Add the two missing classes that were matched because they contain a substring of others.
Signed-off-by: Ján Tomko <jtomko@redhat.com> --- docs/genaclperms.pl | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)
After this patch we no longer say that a network has a port-create permisison, but show 'create' as a permission of the network port: $ diff -u docs/aclperms.htmlinc.before docs/aclperms.htmlinc --- docs/aclperms.htmlinc.before 2019-07-01 15:51:04.588081150 +0200 +++ docs/aclperms.htmlinc 2019-07-01 15:51:26.317082311 +0200 @@ -257,26 +257,6 @@ <td>Access network</td> </tr> <tr> - <td><a name="perm_network_port_create">port-create</a></td> - <td>Create network port</td> - </tr> - <tr> - <td><a name="perm_network_port_delete">port-delete</a></td> - <td>Delete network port</td> - </tr> - <tr> - <td><a name="perm_network_port_getattr">port-getattr</a></td> - <td>Access network port</td> - </tr> - <tr> - <td><a name="perm_network_port_read">port-read</a></td> - <td>Read network port</td> - </tr> - <tr> - <td><a name="perm_network_port_write">port-write</a></td> - <td>Read network port</td> - </tr> - <tr> <td><a name="perm_network_read">read</a></td> <td>Read network</td> </tr> @@ -302,6 +282,37 @@ </tr> </tbody> </table> +<h3><a name="object_network_port">virNetworkPortPtr</a></h3> +<table class="acl"> + <thead> + <tr> + <th>Permission</th> + <th>Description</th> + </tr> + </thead> + <tbody> + <tr> + <td><a name="perm_network_port_create">create</a></td> + <td>Create network port</td> + </tr> + <tr> + <td><a name="perm_network_port_delete">delete</a></td> + <td>Delete network port</td> + </tr> + <tr> + <td><a name="perm_network_port_getattr">getattr</a></td> + <td>Access network port</td> + </tr> + <tr> + <td><a name="perm_network_port_read">read</a></td> + <td>Read network port</td> + </tr> + <tr> + <td><a name="perm_network_port_write">write</a></td> + <td>Read network port</td> + </tr> + </tbody> +</table> <h3><a name="object_node_device">virNodeDevicePtr</a></h3> <table class="acl"> <thead> @@ -347,22 +358,6 @@ </thead> <tbody> <tr> - <td><a name="perm_nwfilter_binding_create">binding-create</a></td> - <td>Create network filter binding</td> - </tr> - <tr> - <td><a name="perm_nwfilter_binding_delete">binding-delete</a></td> - <td>Delete network filter binding</td> - </tr> - <tr> - <td><a name="perm_nwfilter_binding_getattr">binding-getattr</a></td> - <td>Access network filter</td> - </tr> - <tr> - <td><a name="perm_nwfilter_binding_read">binding-read</a></td> - <td>Read network filter binding</td> - </tr> - <tr> <td><a name="perm_nwfilter_delete">delete</a></td> <td>Delete network filter</td> </tr> @@ -384,6 +379,33 @@ </tr> </tbody> </table> +<h3><a name="object_nwfilter_binding">virNWFilterBindingPtr</a></h3> +<table class="acl"> + <thead> + <tr> + <th>Permission</th> + <th>Description</th> + </tr> + </thead> + <tbody> + <tr> + <td><a name="perm_nwfilter_binding_create">create</a></td> + <td>Create network filter binding</td> + </tr> + <tr> + <td><a name="perm_nwfilter_binding_delete">delete</a></td> + <td>Delete network filter binding</td> + </tr> + <tr> + <td><a name="perm_nwfilter_binding_getattr">getattr</a></td> + <td>Access network filter</td> + </tr> + <tr> + <td><a name="perm_nwfilter_binding_read">read</a></td> + <td>Read network filter binding</td> + </tr> + </tbody> +</table> <h3><a name="object_secret">virSecretPtr</a></h3> <table class="acl"> <thead> Jano
On Mon, 2019-07-01 at 15:53 +0200, Ján Tomko wrote:
On Thu, Jun 27, 2019 at 05:44:34PM +0200, Ján Tomko wrote:
We have been grouping network-port and nwfilter-binding permissions under virNetworkPtr and virNWFilterPtr respectively.
Add the two missing classes that were matched because they contain a substring of others.
Signed-off-by: Ján Tomko <jtomko@redhat.com> --- docs/genaclperms.pl | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)
After this patch we no longer say that a network has a port-create permisison, but show 'create' as a permission of the network port:
Thanks for explaining the consequences of this change! Reviewed-by: Andrea Bolognani <abologna@redhat.com> -- Andrea Bolognani / Red Hat / Virtualization
participants (2)
-
Andrea Bolognani -
Ján Tomko