[gold-users] Permissions and Charging Rates
Brian O'Connor
oconnorb at unimelb.edu.au
Fri May 7 00:40:08 MDT 2010
Hi
please forgive these beginner questions.
I need help understanding permissions and charging rates and how these apply to
resources.
lets use a "Bar" paradigm.
I accustomed to regarding permissions as being related to a patron, like me, a resource,
like beer, and then allowed actions on that resource, like drinking it. There are also
action qualifiers like how much beer and when I can drink it.
using the Bar paradigm, within Gold the patrons are users, and resources are Objects right?
gold> Object Query
Name Association Parent Child Description
--------------------- ----------- ----------- ------------ --------------------------------------------------
Object False Object
Attribute False Attribute
Action False Action
Transaction False Transaction Log
System False System
User False User
Role False Role
RoleAction True Role Action Role Action Association
RoleUser True Role User Role User Association
Password False Password
ANY False Any Object
NONE False No Object
Organization False Virtual Organization
Project False Project
Machine False Machine
ProjectUser True Project User Membership mapping Users to Projects
ProjectMachine True Project Machine Membership mapping Machines to Projects
Account False Account
AccountProject True Account Project Project Access control List
AccountUser True Account User User Access control List
AccountMachine True Account Machine Machine Access control List
AccountOrganization True Account Organization Forwarding Account Information
Allocation False Allocation
Reservation False Reservation
ReservationAllocation True Reservation Allocation Reservation Allocation Association
Quotation False Quotation
ChargeRate False Charge Rates
QuotationChargeRate True Quotation ChargeRate Charge Rate guaranteed by the associated Quotation
Job False Job
AccountAccount True Account Account Account Deposit Linkage
but where are the actions defined?
I can create a role and a role action, but these are just strings, where do I relate actual gold
functionality to a resource
gold> Role Create Name=Fred
Name Description
---- -----------
Fred
Successfully created 1 Role
gold> RoleAction Create Role=Fred Object=Job Name=Sparkle
Role Object Name Instance
---- ------ ------- --------
Fred Job Sparkle ANY
Successfully created 1 RoleAction
gold> RoleAction Query
Role Object Name Instance
------------ -------------- ------- --------
SystemAdmin ANY ANY ANY
Anonymous ANY Query ANY
Anonymous Password ANY SELF
Anonymous Account Balance ANY
ProjectAdmin Project ANY ADMIN
UserServices Job Refund ANY
UserServices User ANY ANY
UserServices Machine ANY ANY
UserServices Project ANY ANY
UserServices ProjectUser ANY ANY
UserServices ProjectMachine ANY ANY
Scheduler Job Charge ANY
Scheduler Job Quote ANY
Scheduler Job Reserve ANY
Scheduler Reservation Delete ANY
OVERRIDE Account Balance ANY
UserServices Job Quote ANY
Fred Job Sparkle ANY
gold>
So how do I find out what a particular action is..i.e the Refund action?
..an how do I apply some sort of actual Gold functionality to the "Sparkle" action?
What I am trying to do is set things up so that a user can ask for a quote in his
own project/account but not others, but default user that are created by the gui or
user.autocreate are not authorised to get a quote.
The other thing I'd like to do is set up two machines with different charging rates(cpu/mem etc).
How can I associate a group of Charges with a machine so that gquote -m machine2 picks it up.
I seem to have to use gquote -X Machine=machine2
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.supercluster.org/pipermail/gold-users/attachments/20100507/0bd0ac6f/attachment.html
More information about the gold-users
mailing list