foreman_maintain 0.5.5 → 0.5.6
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: d771ecfd4783e176608d1a0263299997e9dcf3f60c141b20be197d61a726085c
|
4
|
+
data.tar.gz: b90a67972a8b670b25ab8eab34aac663239244f170e2bd31a7a617e576cd41c0
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 0b215ba50227dab2f5d95db8046d078212ccf7cb5fe6dc450a77488472c293bad4b70b3384b477b095cde78d4428e1033af8fd3f2f13d42588e5867834e58903
|
7
|
+
data.tar.gz: ffea4e522836f6e28a32f2c6ad33a1ca0c3449561eed1104d11c5308e79dd695706cdc2cf41ea34d80201bbf591fca65a73d5b83aa32abfe8366b932c90eaef3
|
@@ -0,0 +1,33 @@
|
|
1
|
+
module Checks
|
2
|
+
module Foreman
|
3
|
+
class CheckDuplicatePermissions < ForemanMaintain::Check
|
4
|
+
metadata do
|
5
|
+
label :duplicate_permissions
|
6
|
+
for_feature :foreman_database
|
7
|
+
description 'Check for duplicate permissions from database'
|
8
|
+
tags :pre_upgrade
|
9
|
+
end
|
10
|
+
|
11
|
+
def run
|
12
|
+
duplicate_permissions = find_duplicate_permissions
|
13
|
+
assert(
|
14
|
+
duplicate_permissions.empty?,
|
15
|
+
'Duplicate permissions in your database',
|
16
|
+
:next_steps => [
|
17
|
+
Procedures::Foreman::RemoveDuplicatePermissions.new
|
18
|
+
]
|
19
|
+
)
|
20
|
+
end
|
21
|
+
|
22
|
+
def find_duplicate_permissions
|
23
|
+
feature(:foreman_database).query(self.class.query_to_get_duplicate_permission)
|
24
|
+
end
|
25
|
+
|
26
|
+
def self.query_to_get_duplicate_permission
|
27
|
+
<<-SQL
|
28
|
+
SELECT id,name FROM permissions p WHERE (SELECT count(name) FROM permissions pr WHERE p.name =pr.name) > 1
|
29
|
+
SQL
|
30
|
+
end
|
31
|
+
end
|
32
|
+
end
|
33
|
+
end
|
@@ -0,0 +1,70 @@
|
|
1
|
+
module Procedures::Foreman
|
2
|
+
class RemoveDuplicatePermissions < ForemanMaintain::Procedure
|
3
|
+
metadata do
|
4
|
+
for_feature :foreman_database
|
5
|
+
description 'Remove duplicate permissions from database'
|
6
|
+
end
|
7
|
+
|
8
|
+
def run
|
9
|
+
duplicate_permissions = feature(:foreman_database).query(
|
10
|
+
Checks::Foreman::CheckDuplicatePermissions.query_to_get_duplicate_permission
|
11
|
+
).group_by { |permission| permission['name'] }
|
12
|
+
unassigned_permissions = []
|
13
|
+
duplicate_permissions.each_value do |permissions|
|
14
|
+
permission_ids = permissions.map { |i| i['id'] }
|
15
|
+
filterings = check_permissions_assign_to_filter(permission_ids)
|
16
|
+
assigned_permissions = filterings.keys
|
17
|
+
unassigned_permissions << permission_ids - assigned_permissions
|
18
|
+
fix_permissions(assigned_permissions) if assigned_permissions.length > 1
|
19
|
+
end
|
20
|
+
delete_permission(unassigned_permissions.flatten) unless unassigned_permissions.empty?
|
21
|
+
end
|
22
|
+
|
23
|
+
private
|
24
|
+
|
25
|
+
def check_permissions_assign_to_filter(permission_ids)
|
26
|
+
sql = <<-SQL
|
27
|
+
SELECT id, filter_id, permission_id FROM filterings WHERE permission_id IN (#{permission_ids.join(',')})
|
28
|
+
SQL
|
29
|
+
feature(:foreman_database).query(sql).group_by { |filtering| filtering['permission_id'] }
|
30
|
+
end
|
31
|
+
|
32
|
+
def fix_permissions(assigned_permissions)
|
33
|
+
persist_permission = assigned_permissions.shift
|
34
|
+
filter_ids = filters_for_permission(persist_permission)
|
35
|
+
update_filtering(assigned_permissions, persist_permission, filter_ids)
|
36
|
+
delete_filtering(assigned_permissions)
|
37
|
+
delete_permission(assigned_permissions)
|
38
|
+
end
|
39
|
+
|
40
|
+
def filters_for_permission(permission)
|
41
|
+
feature(:foreman_database).query(
|
42
|
+
"SELECT filter_id FROM filterings WHERE permission_id = #{permission.to_i}"
|
43
|
+
).map { |filter| filter['filter_id'] }
|
44
|
+
end
|
45
|
+
|
46
|
+
def update_filtering(old_ids, new_id, filter_ids)
|
47
|
+
sql = <<-SQL
|
48
|
+
WITH rows AS (
|
49
|
+
UPDATE filterings SET permission_id = '#{new_id}' WHERE permission_id IN (#{old_ids.join(',')}) AND filter_id NOT IN (#{filter_ids.join(',')})
|
50
|
+
RETURNING id
|
51
|
+
)
|
52
|
+
SELECT id
|
53
|
+
FROM rows
|
54
|
+
SQL
|
55
|
+
feature(:foreman_database).query(sql)
|
56
|
+
end
|
57
|
+
|
58
|
+
def delete_filtering(permission_ids)
|
59
|
+
feature(:foreman_database).psql(
|
60
|
+
"DELETE FROM filterings where permission_id IN (#{permission_ids.join(',')})"
|
61
|
+
)
|
62
|
+
end
|
63
|
+
|
64
|
+
def delete_permission(permission_ids)
|
65
|
+
feature(:foreman_database).psql(
|
66
|
+
"DELETE FROM permissions where id IN (#{permission_ids.join(',')})"
|
67
|
+
)
|
68
|
+
end
|
69
|
+
end
|
70
|
+
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: foreman_maintain
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.5.
|
4
|
+
version: 0.5.6
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Ivan Nečas
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2020-
|
11
|
+
date: 2020-10-01 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: clamp
|
@@ -128,6 +128,7 @@ files:
|
|
128
128
|
- definitions/checks/disk/available_space.rb
|
129
129
|
- definitions/checks/disk/performance.rb
|
130
130
|
- definitions/checks/foreman/check_corrupted_roles.rb
|
131
|
+
- definitions/checks/foreman/check_duplicate_permission.rb
|
131
132
|
- definitions/checks/foreman/check_duplicate_roles.rb
|
132
133
|
- definitions/checks/foreman/db_up.rb
|
133
134
|
- definitions/checks/foreman/facts_names.rb
|
@@ -212,6 +213,7 @@ files:
|
|
212
213
|
- definitions/procedures/foreman/apipie_cache.rb
|
213
214
|
- definitions/procedures/foreman/fix_corrupted_roles.rb
|
214
215
|
- definitions/procedures/foreman/remove_duplicate_obsolete_roles.rb
|
216
|
+
- definitions/procedures/foreman/remove_duplicate_permissions.rb
|
215
217
|
- definitions/procedures/foreman_docker/remove_foreman_docker.rb
|
216
218
|
- definitions/procedures/foreman_openscap/invalid_report_associations.rb
|
217
219
|
- definitions/procedures/foreman_proxy/features.rb
|