opennebula 4.4.0 → 4.5.80.beta

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 09e222c2bb3ea60a689a0f4ed69e605fcad33e1e
-  data.tar.gz: 9fe4b808385a42362c2d5f6e8addb7569e137c63
+  metadata.gz: 5feec17aea93ff26ef9c4ca5d190709ba5b12c3b
+  data.tar.gz: 218fa42198d3b3165ec54bd43fa20028402c8b7f
 SHA512:
-  metadata.gz: 5d9e19973ce12493f1c39c4ee5417830c53caa6046ea55ddd734c6f3258a720e5daefc6a668588ccd75136af337ebfd3d30bb8e08528130b729f7abeffba5f14
-  data.tar.gz: 7883ce2562e2bdde4fc20fdd33eca2c51a3c5e17fcdc279c0ba6d7e3259bdcd38ade29ed73c331a98a8e6ba576469d9bf7b1e8fc3c3c007d4d87503b7eb7a418
+  metadata.gz: 4ed7c74a0a4e33a5f23075db69be3d5d8c947f24b1257389ffd8f388fd4463c78f80bdb9dd9d921668a3b02a3647ae8074103b74a6f35553617dbfeffdc3f05a
+  data.tar.gz: 11736f325b3b49d35916d0a000a2519de8ea1b925720897914890bd0d9b8d35812bf7634d35b1e6333017106585e00f5ad59526fbb48fafeb4b7ee0e101c03f8

data/NOTICE

@@ -1,6 +1,6 @@
 OpenNebula Open Source Project
 --------------------------------------------------------------------------------
-Copyright 2002-2013, OpenNebula Project (OpenNebula.org), C12G Labs
+Copyright 2002-2014, OpenNebula Project (OpenNebula.org), C12G Labs
 --------------------------------------------------------------------------------
 
 You can find  more information about the project, release notes and

data/lib/opennebula.rb

@@ -1,5 +1,5 @@
 # -------------------------------------------------------------------------- #
-# Copyright 2002-2013, OpenNebula Project (OpenNebula.org), C12G Labs        #
+# Copyright 2002-2014, OpenNebula Project (OpenNebula.org), C12G Labs        #
 #                                                                            #
 # Licensed under the Apache License, Version 2.0 (the "License"); you may    #
 # not use this file except in compliance with the License. You may obtain    #
@@ -49,10 +49,12 @@ require 'opennebula/cluster'
 require 'opennebula/cluster_pool'
 require 'opennebula/document'
 require 'opennebula/document_pool'
+require 'opennebula/zone'
+require 'opennebula/zone_pool'
 require 'opennebula/system'
 
 module OpenNebula
 
     # OpenNebula version
-    VERSION = '4.4.0'
+    VERSION = '4.5.80'
 end

data/lib/opennebula/acl.rb

@@ -1,5 +1,5 @@
 # -------------------------------------------------------------------------- #
-# Copyright 2002-2013, OpenNebula Project (OpenNebula.org), C12G Labs        #
+# Copyright 2002-2014, OpenNebula Project (OpenNebula.org), C12G Labs        #
 #                                                                            #
 # Licensed under the Apache License, Version 2.0 (the "License"); you may    #
 # not use this file except in compliance with the License. You may obtain    #
@@ -56,7 +56,8 @@ module OpenNebula
             "GROUP"         => 0x40000000000,
             "DATASTORE"     => 0x100000000000,
             "CLUSTER"       => 0x200000000000,
-            "DOCUMENT"      => 0x400000000000
+            "DOCUMENT"      => 0x400000000000,
+            "ZONE"          => 0x800000000000
         }
 
         RIGHTS =
@@ -99,14 +100,24 @@ module OpenNebula
         #   A string containing a hex number, e.g. 0x2100000001
         # @param rights [String]
         #   A string containing a hex number, e.g. 0x10
+        # @param zone [String]
+        #   A string containing a hex number, e.g. 0x100000001
         #
         # @return [nil, OpenNebula::Error] nil in case of success, Error
         #   otherwise
-        def allocate(user, resource, rights)
-            return super( AclPool::ACL_POOL_METHODS[:addrule],
-                          user,
-                          resource,
-                          rights )
+        def allocate(user, resource, rights, zone=nil)
+            if !zone.nil?
+                return super( AclPool::ACL_POOL_METHODS[:addrule],
+                            user,
+                            resource,
+                            rights,
+                            zone )
+            else
+                return super( AclPool::ACL_POOL_METHODS[:addrule],
+                            user,
+                            resource,
+                            rights)
+            end
         end
 
         # Deletes the Acl rule
@@ -138,7 +149,7 @@ module OpenNebula
 
             rule_str = rule_str.split(" ")
 
-            if rule_str.length != 3
+            if rule_str.length != 3 && rule_str.length != 4
                 return OpenNebula::Error.new(
                     "String needs three components: User, Resource, Rights")
             end
@@ -147,6 +158,10 @@ module OpenNebula
             ret << parse_resources(rule_str[1])
             ret << parse_rights(rule_str[2])
 
+            if rule_str.length > 3
+                ret << parse_zone(rule_str[3])
+            end
+
             errors=ret.map do |arg|
                 if OpenNebula.is_error?(arg)
                     arg.message
@@ -230,6 +245,19 @@ private
             end
         end
 
+        # Converts a string in the form [#<id>, *] to a hex. number
+        #
+        # @param zone [String] Zone component string
+        #
+        # @return [String] A string containing a hex number
+        def self.parse_zone(zone)
+           begin
+               return calculate_ids(zone).to_i.to_s(16)
+           rescue Exception  => e
+               return OpenNebula::Error.new(e.message)
+           end
+        end
+
         # Calculates the numeric value for a String containing an individual
         # (#<id>), group (@<id>) or all (*) ID component
         #

data/lib/opennebula/acl_pool.rb

@@ -1,5 +1,5 @@
 # -------------------------------------------------------------------------- #
-# Copyright 2002-2013, OpenNebula Project (OpenNebula.org), C12G Labs        #
+# Copyright 2002-2014, OpenNebula Project (OpenNebula.org), C12G Labs        #
 #                                                                            #
 # Licensed under the Apache License, Version 2.0 (the "License"); you may    #
 # not use this file except in compliance with the License. You may obtain    #

data/lib/opennebula/client.rb

@@ -1,5 +1,5 @@
 # -------------------------------------------------------------------------- #
-# Copyright 2002-2013, OpenNebula Project (OpenNebula.org), C12G Labs        #
+# Copyright 2002-2014, OpenNebula Project (OpenNebula.org), C12G Labs        #
 #                                                                            #
 # Licensed under the Apache License, Version 2.0 (the "License"); you may    #
 # not use this file except in compliance with the License. You may obtain    #
@@ -15,9 +15,34 @@
 #--------------------------------------------------------------------------- #
 
 require 'xmlrpc/client'
+require 'bigdecimal'
+require 'stringio'
+
 
 module OpenNebula
-    if OpenNebula::NOKOGIRI
+    attr_accessor   :pool_page_size
+
+    if OpenNebula::OX
+        class OxStreamParser < XMLRPC::XMLParser::AbstractStreamParser
+            def initialize
+                @parser_class = OxParser
+            end
+
+            class OxParser < Ox::Sax
+                include XMLRPC::XMLParser::StreamParserMixin
+
+                alias :text :character
+                alias :end_element :endElement
+                alias :start_element :startElement
+
+                def parse(str)
+                    Ox.sax_parse(self, StringIO.new(str),
+                        :symbolize => false,
+                        :convert_special => true)
+                end
+            end
+        end
+    elsif OpenNebula::NOKOGIRI
         class NokogiriStreamParser < XMLRPC::XMLParser::AbstractStreamParser
             def initialize
                 @parser_class = NokogiriParser
@@ -39,10 +64,24 @@ module OpenNebula
         end
     end
 
+    DEFAULT_POOL_PAGE_SIZE = 2000
+
+    if size=ENV['ONE_POOL_PAGE_SIZE']
+        if size.strip.match(/^\d+$/) && size.to_i >= 2
+            @pool_page_size = size.to_i
+        else
+            @pool_page_size = nil
+        end
+    else
+        @pool_page_size = DEFAULT_POOL_PAGE_SIZE
+    end
+
+
     # The client class, represents the connection with the core and handles the
     # xml-rpc calls.
     class Client
         attr_accessor :one_auth
+        attr_reader   :one_endpoint
 
         begin
             require 'xmlparser'
@@ -62,6 +101,8 @@ module OpenNebula
         # @param [Hash] options
         # @option params [Integer] :timeout connection timeout in seconds,
         #   defaults to 30
+        # @option params [String] :http_proxy HTTP proxy string used for
+        #  connecting to the endpoint; defaults to no proxy
         #
         # @return [OpenNebula::Client]
         def initialize(secret=nil, endpoint=nil, options={})
@@ -82,6 +123,8 @@ module OpenNebula
                 @one_endpoint = endpoint
             elsif ENV["ONE_XMLRPC"]
                 @one_endpoint = ENV["ONE_XMLRPC"]
+            elsif File.exists?(ENV['HOME']+"/.one/one_endpoint")
+                @one_endpoint = File.read(ENV['HOME']+"/.one/one_endpoint")
             else
                 @one_endpoint = "http://localhost:2633/RPC2"
             end
@@ -89,9 +132,14 @@ module OpenNebula
             timeout=nil
             timeout=options[:timeout] if options[:timeout]
 
-            @server = XMLRPC::Client.new2(@one_endpoint, nil, timeout)
+            http_proxy=nil
+            http_proxy=options[:http_proxy] if options[:http_proxy]
+
+            @server = XMLRPC::Client.new2(@one_endpoint, http_proxy, timeout)
 
-            if OpenNebula::NOKOGIRI
+            if defined?(OxStreamParser)
+                @server.set_parser(OxStreamParser.new)
+            elsif OpenNebula::NOKOGIRI
                 @server.set_parser(NokogiriStreamParser.new)
             elsif XMLPARSER
                 @server.set_parser(XMLRPC::XMLParser::XMLStreamParser.new)

data/lib/opennebula/cluster.rb

@@ -1,5 +1,5 @@
 # -------------------------------------------------------------------------- #
-# Copyright 2002-2013, OpenNebula Project (OpenNebula.org), C12G Labs        #
+# Copyright 2002-2014, OpenNebula Project (OpenNebula.org), C12G Labs        #
 #                                                                            #
 # Licensed under the Apache License, Version 2.0 (the "License"); you may    #
 # not use this file except in compliance with the License. You may obtain    #

data/lib/opennebula/cluster_pool.rb

@@ -1,5 +1,5 @@
 # -------------------------------------------------------------------------- #
-# Copyright 2002-2013, OpenNebula Project (OpenNebula.org), C12G Labs        #
+# Copyright 2002-2014, OpenNebula Project (OpenNebula.org), C12G Labs        #
 #                                                                            #
 # Licensed under the Apache License, Version 2.0 (the "License"); you may    #
 # not use this file except in compliance with the License. You may obtain    #

data/lib/opennebula/datastore.rb

@@ -1,5 +1,5 @@
 # -------------------------------------------------------------------------- #
-# Copyright 2002-2013, OpenNebula Project (OpenNebula.org), C12G Labs        #
+# Copyright 2002-2014, OpenNebula Project (OpenNebula.org), C12G Labs        #
 #                                                                            #
 # Licensed under the Apache License, Version 2.0 (the "License"); you may    #
 # not use this file except in compliance with the License. You may obtain    #

data/lib/opennebula/datastore_pool.rb

@@ -1,5 +1,5 @@
 # -------------------------------------------------------------------------- #
-# Copyright 2002-2013, OpenNebula Project (OpenNebula.org), C12G Labs        #
+# Copyright 2002-2014, OpenNebula Project (OpenNebula.org), C12G Labs        #
 #                                                                            #
 # Licensed under the Apache License, Version 2.0 (the "License"); you may    #
 # not use this file except in compliance with the License. You may obtain    #

data/lib/opennebula/document.rb

@@ -1,5 +1,5 @@
 # -------------------------------------------------------------------------- #
-# Copyright 2002-2013, OpenNebula Project (OpenNebula.org), C12G Labs        #
+# Copyright 2002-2014, OpenNebula Project (OpenNebula.org), C12G Labs        #
 #                                                                            #
 # Licensed under the Apache License, Version 2.0 (the "License"); you may    #
 # not use this file except in compliance with the License. You may obtain    #

data/lib/opennebula/document_json.rb

@@ -1,5 +1,5 @@
 # -------------------------------------------------------------------------- #
-# Copyright 2002-2013, OpenNebula Project (OpenNebula.org), C12G Labs        #
+# Copyright 2002-2014, OpenNebula Project (OpenNebula.org), C12G Labs        #
 #                                                                            #
 # Licensed under the Apache License, Version 2.0 (the "License"); you may    #
 # not use this file except in compliance with the License. You may obtain    #

data/lib/opennebula/document_pool.rb

@@ -1,5 +1,5 @@
 # -------------------------------------------------------------------------- #
-# Copyright 2002-2013, OpenNebula Project (OpenNebula.org), C12G Labs        #
+# Copyright 2002-2014, OpenNebula Project (OpenNebula.org), C12G Labs        #
 #                                                                            #
 # Licensed under the Apache License, Version 2.0 (the "License"); you may    #
 # not use this file except in compliance with the License. You may obtain    #

data/lib/opennebula/document_pool_json.rb

@@ -1,5 +1,5 @@
 # -------------------------------------------------------------------------- #
-# Copyright 2002-2013, OpenNebula Project (OpenNebula.org), C12G Labs        #
+# Copyright 2002-2014, OpenNebula Project (OpenNebula.org), C12G Labs        #
 #                                                                            #
 # Licensed under the Apache License, Version 2.0 (the "License"); you may    #
 # not use this file except in compliance with the License. You may obtain    #

data/lib/opennebula/error.rb

@@ -1,5 +1,5 @@
 # -------------------------------------------------------------------------- #
-# Copyright 2002-2013, OpenNebula Project (OpenNebula.org), C12G Labs        #
+# Copyright 2002-2014, OpenNebula Project (OpenNebula.org), C12G Labs        #
 #                                                                            #
 # Licensed under the Apache License, Version 2.0 (the "License"); you may    #
 # not use this file except in compliance with the License. You may obtain    #

data/lib/opennebula/group.rb

@@ -1,5 +1,5 @@
 # -------------------------------------------------------------------------- #
-# Copyright 2002-2013, OpenNebula Project (OpenNebula.org), C12G Labs        #
+# Copyright 2002-2014, OpenNebula Project (OpenNebula.org), C12G Labs        #
 #                                                                            #
 # Licensed under the Apache License, Version 2.0 (the "License"); you may    #
 # not use this file except in compliance with the License. You may obtain    #
@@ -24,21 +24,25 @@ module OpenNebula
         #######################################################################
 
         GROUP_METHODS = {
-            :info     => "group.info",
-            :allocate => "group.allocate",
-            :delete   => "group.delete",
-            :quota    => "group.quota"
+            :info           => "group.info",
+            :allocate       => "group.allocate",
+            :update         => "group.update",
+            :delete         => "group.delete",
+            :quota          => "group.quota",
+            :add_provider   => "group.addprovider",
+            :del_provider   => "group.delprovider"
         }
 
         # Flag for requesting connected user's group info
         SELF = -1
 
-        #Default location for group ACL's
-        if ENV['ONE_LOCATION']
-            GROUP_DEFAULT = ENV['ONE_LOCATION'] + "/etc/group.default"
-        else
-            GROUP_DEFAULT = "/etc/one/group.default"
-        end
+        # Default resource ACL's for group users (create)
+        GROUP_DEFAULT_ACLS = "VM+IMAGE+NET+TEMPLATE+DOCUMENT"
+        ALL_CLUSTERS_IN_ZONE = 10
+
+        # The default view for group and group admins, must be defined in
+        # sunstone_views.yaml
+        GROUP_ADMIN_SUNSTONE_VIEWS = "vdcadmin"
 
         # Creates a Group description with just its identifier
         # this method should be used to create plain Group objects.
@@ -62,53 +66,82 @@ module OpenNebula
             super(xml,client)
         end
 
+
         #######################################################################
-        # Group utils
+        # XML-RPC Methods for the Group Object
         #######################################################################
 
-        # Creates ACLs for the group. The ACL rules are described in a file
-        def create_acls(filename = GROUP_DEFAULT)
-            if !File.readable?(filename)
-                return -1, "Cannot read deafult ACL file for group"
-            end
+        # Retrieves the information of the given Group.
+        def info()
+            super(GROUP_METHODS[:info], 'GROUP')
+        end
 
-            msg = String.new
+        alias_method :info!, :info
 
-            File.open(filename).each_line{ |l|
-                next if l.match(/^#/)
+        # Creates a group based in a group definition hash
+        #   group_hash[:name]
+        #   group_hash[:admin_group]
+        #   group_hash[:user][:name]
+        #   group_hash[:user][:password]
+        #   group_hash[:resource_providers]
+        #   group_hash[:resource_providers][:zone_id]
+        #   group_hash[:resource_providers][:cluster_id]
+        #
+        def create(group_hash)
+            # Check arguments
+            return -1, "Group name not defined" if !group_hash[:name]
 
-                rule  = "@#{@pe_id} #{l}"
-                parse = OpenNebula::Acl.parse_rule(rule)
+            if group_hash[:user]
+                if group_hash[:user][:name] and !group_hash[:admin_group]
+                    return -1, "Admin user defined but not admin group"
+                end
 
-                if OpenNebula.is_error?(parse)
-                    return -1, "Error parsing rule #{rule}: #{parse.message}"
+                if group_hash[:user][:name] and !group_hash[:user][:password]
+                    return -1, "Admin user password not defined"
                 end
+            end
 
-                xml = OpenNebula::Acl.build_xml
-                acl = OpenNebula::Acl.new(xml, @client)
+            # Allocate group
+            rc = self.allocate(group_hash[:name])
 
-                rc = acl.allocate(*parse)
+            if OpenNebula.is_error?(rc)
+                return -1, "Error allocating group: #{rc.message}"
+            end
 
-                if OpenNebula.is_error?(rc)
-                    return -1, "Error creating rule #{rule}: #{rc.message}"
+            # Handle resource providers
+            group_hash[:resource_providers].each { |rp|
+                next if rp[:zone_id].nil? && rp[:cluster_id].nil?
+
+                if rp[:cluster_id].class == String && rp[:cluster_id] == "ALL"
+                    add_provider(rp[:zone_id],ALL_CLUSTERS_IN_ZONE)
                 else
-                    msg << "ACL_ID: #{acl.id}\n"
+                    add_provider(rp[:zone_id],rp[:cluster_id])
                 end
-            }
+            } if !group_hash[:resource_providers].nil?
 
-            return 0, msg
-        end
+            # Set group ACLs to create resources
+            rc, msg = create_default_acls(group_hash[:resources])
 
-        #######################################################################
-        # XML-RPC Methods for the Group Object
-        #######################################################################
+            if OpenNebula.is_error?(rc)
+                self.delete
+                return -1, "Error creating group ACL's: #{rc.message}"
+            end
 
-        # Retrieves the information of the given Group.
-        def info()
-            super(GROUP_METHODS[:info], 'GROUP')
-        end
+            # Create associated admin group if needed
+            rc = create_group_admin(group_hash)
 
-        alias_method :info!, :info
+            if OpenNebula.is_error?(rc)
+                self.delete
+                return -1, "Error creating admin group: #{rc.message}"
+            end
+
+            # Add default Sunstone views for the group
+            if group_hash[:views]
+                self.update("SUNSTONE_VIEWS=\"#{group_hash[:views].join(",")}\"\n")
+            end
+
+            return 0, ""
+        end
 
         # Allocates a new Group in OpenNebula
         #
@@ -117,14 +150,26 @@ module OpenNebula
             super(GROUP_METHODS[:allocate], groupname)
         end
 
+        # Replaces the template contents
+        #
+        # @param new_template [String] New template contents
+        # @param append [true, false] True to append new attributes instead of
+        #   replace the whole template
+        #
+        # @return [nil, OpenNebula::Error] nil in case of success, Error
+        #   otherwise
+        def update(new_template=nil, append=false)
+            super(GROUP_METHODS[:update], new_template, append ? 1 : 0)
+        end
+
         # Deletes the Group
         def delete()
             super(GROUP_METHODS[:delete])
         end
 
         # Sets the group quota limits
-        # @param quota [String] a template (XML or txt) with the new quota limits 
-        # 
+        # @param quota [String] a template (XML or txt) with the new quota limits
+        #
         # @return [nil, OpenNebula::Error] nil in case of success, Error
         #   otherwise
         def set_quota(quota)
@@ -136,6 +181,26 @@ module OpenNebula
             return rc
         end
 
+        # Adds a resource provider to this group
+        # @param zone_id [Integer] Zone ID
+        # @param cluster_id [Integer] Cluster ID
+        #
+        # @return [nil, OpenNebula::Error] nil in case of success, Error
+        #   otherwise
+        def add_provider(zone_id, cluster_id)
+            return call(GROUP_METHODS[:add_provider], @pe_id, zone_id.to_i, cluster_id.to_i)
+        end
+
+        # Deletes a resource provider from this group
+        # @param zone_id [Integer] Zone ID
+        # @param cluster_id [Integer] Cluster ID
+        #
+        # @return [nil, OpenNebula::Error] nil in case of success, Error
+        #   otherwise
+        def del_provider(zone_id, cluster_id)
+            return call(GROUP_METHODS[:del_provider], @pe_id, zone_id.to_i, cluster_id.to_i)
+        end
+
         # ---------------------------------------------------------------------
         # Helpers to get information
         # ---------------------------------------------------------------------
@@ -159,5 +224,124 @@ module OpenNebula
 
             return array
         end
+
+        private
+        #######################################################################
+        #######################################################################
+        # Creates an acl array of acl strings. Returns true or error and
+        # a qrray with the new acl ids
+        def create_group_acls(acls)
+            acls_ids = Array.new
+
+            acls.each{|rule|
+
+                acl = OpenNebula::Acl.new(OpenNebula::Acl.build_xml,@client)
+
+                rule_ast = "#{rule} *" #Add all zone id's
+
+                parsed_acl = OpenNebula::Acl.parse_rule(rule_ast)
+
+                return parsed_acl, [] if OpenNebula.is_error?(parsed_acl)
+
+                rc  = acl.allocate(*parsed_acl)
+
+                return rc, "" if OpenNebula.is_error?(rc)
+
+                acls_ids << acl.id
+            }
+
+            return true, acls_ids
+        end
+
+        def create_default_acls(resources=nil)
+            resources = GROUP_DEFAULT_ACLS if !resources
+
+            acls = Array.new
+            acls << "@#{self.id} #{resources}/* CREATE"
+
+            create_group_acls(acls)
+        end
+
+        # Creates a group admin and user based on the group definition hash
+        # @param gdef [Hash] keys are ruby sumbols
+        #     gdef[:admin_group] the group name
+        #     gdef[:user][:name] of admin user for the admin group
+        #     gdef[:user][:password] of admin user
+        #     gdef[:user][:auth_driver] of the admin user
+        #     gdef[:admin_resources]
+        #     gdef[:resources]
+        #
+        #
+        # @return [nil, OpenNebula::Error] nil in case of success, Error
+        def create_group_admin(gdef)
+
+            return nil if gdef[:admin_group].nil?
+
+            # Create the admin group
+            gadmin = Group.new(Group.build_xml, @client)
+            rc     = gadmin.allocate(gdef[:admin_group])
+
+            return rc if OpenNebula.is_error?(rc)
+
+            # Create group admin user
+            uadmin  = gdef[:user][:name] if gdef[:user]
+            upasswd = gdef[:user][:password] if gdef[:user]
+            udriver = gdef[:user][:auth_driver] if gdef[:user]
+
+            if !uadmin.nil? && !upasswd.nil?
+
+                user = OpenNebula::User.new(OpenNebula::User.build_xml,
+                                    @client)
+
+                if udriver
+                    rc = user.allocate(uadmin, upasswd, udriver)
+                else
+                    rc = user.allocate(uadmin, upasswd)
+                end
+
+                if OpenNebula.is_error?(rc)
+                    gadmin.delete
+                    return rc
+                end
+
+                # Set admin user groups to admin group and self
+                rc = user.chgrp(self.id)
+                rc = user.addgroup(gadmin.id) if !OpenNebula.is_error?(rc)
+
+                if OpenNebula.is_error?(rc)
+                    user.delete
+                    gadmin.delete
+                    return rc
+                end
+            end
+
+            #Create admin group acls
+            acls = Array.new
+
+            acls_str = gdef[:admin_resources] || gdef[:resources] || GROUP_DEFAULT_ACLS
+
+            manage_users = gdef[:admin_manage_users] || "YES"
+
+            if manage_users.upcase == "YES"
+                acls << "@#{gadmin.id} USER/* CREATE"
+                acls << "@#{gadmin.id} USER/@#{self.id} USE+MANAGE+ADMIN"
+            end
+
+            acls << "@#{gadmin.id} #{acls_str}/@#{self.id} CREATE+USE+MANAGE"
+
+            rc, tmp = create_group_acls(acls)
+
+            if OpenNebula.is_error?(rc)
+                user.delete
+                gadmin.delete
+                return rc
+            end
+
+            #Set Sunstone Views for the group
+            gadmin.update("SUNSTONE_VIEWS=#{GROUP_ADMIN_SUNSTONE_VIEWS}\n")
+
+            return nil
+        end
     end
 end
+