Enhancement Request

Description

When new group is created this ACLs is applied by default:

 1084     @580     -H---------------     *     -m--    #0
 1085     @580     --N----D---------     *     u---    #0

And there is no way for override this behavior, even if you do this with one.group.allocate method through XML-RPC API.

Use case

I use groups for manage quotas first and foremost, so I have a lot of groups. But even more groups I have ACL rules, because when new group is created, two new ACLs was added.

For example: I don’t need Datastore and Network permisions by default that creates by default when group is created. I want to set access for selected datastores manually, by chmod permisions of resource. But for now, I need remove all default acl’s after group is created.

Interface Changes

I think there is can be some option in oned.conf file for disable or override default ACLs Another way add third optional parameter (type: boolean) to one.group.allocate method for disable new ACLs when group creating. In second case we also need additional key in CLI chekbox in Sunstone, when group is creating

Progress Status

• Branch created
• Code committed to development branch
• Testing - QA
• Documentation
• Release notes - resolved issues, compatibility, known issues
• Code committed to upstream release/hotfix branches
• Documentation committed to upstream release/hotfix branches