Work with tenant non-Admin resources as provider user

[lelvisl]

When you work with tenant non-Admin resources as provider user, on every request you should add X-VMWARE-VCLOUD-TENANT-CONTEXT header with tenant id. (as i understood).

That was a root problem of #373.

And i see some wrong hot-fixes in code.
Example -

go-vcloud-director/govcd/vdc.go

Line 673 in cb04bc1

if vdc.client.IsSysAdmin {

QueryResultAdminVMRecordType and QueryResultVMRecordType - different types,
https://code.vmware.com/apis/722/vmware-cloud-director/doc/doc/types/QueryResultAdminVMRecordType.html
https://code.vmware.com/apis/722/vmware-cloud-director/doc/doc/types/QueryResultVMRecordType.html

but both are implemented as QueryResultVMRecordType -

go-vcloud-director/types/v56/types.go

Line 2134 in cb04bc1

AdminVMRecord []*QueryResultVMRecordType `xml:"AdminVMRecord"` // A record representing a Admin VM result.

Im my code i needed to re-implement some functions with adding one line

	queryReq.Header.Add(types.HeaderTenantContext, orgID)

And providing orgID when i work as provider user

May be you already know about this situation and have some thoughts?

[lelvisl]

As i understood, you tried to fix something same in #376

[dataclouder]

We have only recently started working with tenant context. Until recently the XML-based API did not require any special treatment in this regard. Our first inclusion of tenant context was with vApp and Catalog access control. There, we added tenant context only for those specific calls. Moving to JSON-based Open API calls, we realized that many more calls need the tenant context. We again did specific adjustments for VDC retrieval functions.
In the roles management, currently in draft, we are trying to fix this problem at a more general level.
You should see an improvement in tenant calls management in the near future.

[lelvisl]

May be i can help? In my code i'm working with tenant context every time. (Also i already have functions for work with nat and firewall rules on NSX-T). Do you have some public roadmap or plan?

[lelvisl]

As example: all funcs, that works Admin objects should have tenantID as parameter.
But it will be breaking change. (reason to start v3 branch, like #362)

[dataclouder]

Thanks for your help offer. However what we are implementing is the result of a lengthy internal discussion and we could not possibly change it before release time, which is approaching rapidly.
Roles management is a huge feature that depends heavily on tenant context. We will go for it in its current shape, and eventually improve it over time.

[lelvisl]

Any news? Now this library can't work correctly with tenant resources as provider admin. May be we can discuss some solutions, that can be applied right now?
As example, in this situations

go-vcloud-director/govcd/vdc.go

Line 673 in cb04bc1

if vdc.client.IsSysAdmin {

add header with tenant id?

queryReq.Header.Add(types.HeaderTenantContext, orgID)

Or you some problems with this solutions?