[gold-users] Permissions and Charging Rates

Brian O'Connor oconnorb at unimelb.edu.au
Fri May 7 00:40:08 MDT 2010


Hi
   please forgive these beginner questions.

I need help understanding permissions and charging rates and how these apply to
resources.

lets use a "Bar" paradigm.

I accustomed to regarding permissions as being related to a patron, like me, a resource,
like beer, and then allowed actions on that resource, like drinking it. There are also
action qualifiers like how much beer and when I can drink it.

using the Bar paradigm, within Gold the patrons are users, and resources are Objects right?

gold> Object Query
Name                  Association Parent      Child        Description
--------------------- ----------- ----------- ------------ --------------------------------------------------
Object                False                                Object
Attribute             False                                Attribute
Action                False                                Action
Transaction           False                                Transaction Log
System                False                                System
User                  False                                User
Role                  False                                Role
RoleAction            True        Role        Action       Role Action Association
RoleUser              True        Role        User         Role User Association
Password              False                                Password
ANY                   False                                Any Object
NONE                  False                                No Object
Organization          False                                Virtual Organization
Project               False                                Project
Machine               False                                Machine
ProjectUser           True        Project     User         Membership mapping Users to Projects
ProjectMachine        True        Project     Machine      Membership mapping Machines to Projects
Account               False                                Account
AccountProject        True        Account     Project      Project Access control List
AccountUser           True        Account     User         User Access control List
AccountMachine        True        Account     Machine      Machine Access control List
AccountOrganization   True        Account     Organization Forwarding Account Information
Allocation            False                                Allocation
Reservation           False                                Reservation
ReservationAllocation True        Reservation Allocation   Reservation Allocation Association
Quotation             False                                Quotation
ChargeRate            False                                Charge Rates
QuotationChargeRate   True        Quotation   ChargeRate   Charge Rate guaranteed by the associated Quotation
Job                   False                                Job
AccountAccount        True        Account     Account      Account Deposit Linkage


but where are the actions defined?

I can create a role and a role action, but these are just strings, where do I relate actual gold
functionality to a resource

gold> Role Create Name=Fred
Name Description
---- -----------
Fred
Successfully created 1 Role
gold> RoleAction Create Role=Fred Object=Job Name=Sparkle
Role Object Name    Instance
---- ------ ------- --------
Fred Job    Sparkle ANY
Successfully created 1 RoleAction
gold> RoleAction Query
Role         Object         Name    Instance
------------ -------------- ------- --------
SystemAdmin  ANY            ANY     ANY
Anonymous    ANY            Query   ANY
Anonymous    Password       ANY     SELF
Anonymous    Account        Balance ANY
ProjectAdmin Project        ANY     ADMIN
UserServices Job            Refund  ANY
UserServices User           ANY     ANY
UserServices Machine        ANY     ANY
UserServices Project        ANY     ANY
UserServices ProjectUser    ANY     ANY
UserServices ProjectMachine ANY     ANY
Scheduler    Job            Charge  ANY
Scheduler    Job            Quote   ANY
Scheduler    Job            Reserve ANY
Scheduler    Reservation    Delete  ANY
OVERRIDE     Account        Balance ANY
UserServices Job            Quote   ANY
Fred         Job            Sparkle ANY
gold>


So how do I find out what a particular action is..i.e the Refund action?
..an how do I apply some sort of actual Gold functionality to the "Sparkle" action?

What I am trying to do is set things up so that a user can ask for a quote in his
own project/account but not others, but default user that are created by the gui or
user.autocreate are not authorised to get a quote.

The other thing I'd like to do is set up two machines with different charging rates(cpu/mem etc).
How can I associate a group of Charges with a machine so that gquote -m machine2 picks it up.
I seem to have to use gquote -X Machine=machine2

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.supercluster.org/pipermail/gold-users/attachments/20100507/0bd0ac6f/attachment.html 


More information about the gold-users mailing list