foreman_maintain 0.5.5 → 0.5.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: d771ecfd4783e176608d1a0263299997e9dcf3f60c141b20be197d61a726085c
|
|
4
|
+
data.tar.gz: b90a67972a8b670b25ab8eab34aac663239244f170e2bd31a7a617e576cd41c0
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 0b215ba50227dab2f5d95db8046d078212ccf7cb5fe6dc450a77488472c293bad4b70b3384b477b095cde78d4428e1033af8fd3f2f13d42588e5867834e58903
|
|
7
|
+
data.tar.gz: ffea4e522836f6e28a32f2c6ad33a1ca0c3449561eed1104d11c5308e79dd695706cdc2cf41ea34d80201bbf591fca65a73d5b83aa32abfe8366b932c90eaef3
|
|
@@ -0,0 +1,33 @@
|
|
|
1
|
+
module Checks
|
|
2
|
+
module Foreman
|
|
3
|
+
class CheckDuplicatePermissions < ForemanMaintain::Check
|
|
4
|
+
metadata do
|
|
5
|
+
label :duplicate_permissions
|
|
6
|
+
for_feature :foreman_database
|
|
7
|
+
description 'Check for duplicate permissions from database'
|
|
8
|
+
tags :pre_upgrade
|
|
9
|
+
end
|
|
10
|
+
|
|
11
|
+
def run
|
|
12
|
+
duplicate_permissions = find_duplicate_permissions
|
|
13
|
+
assert(
|
|
14
|
+
duplicate_permissions.empty?,
|
|
15
|
+
'Duplicate permissions in your database',
|
|
16
|
+
:next_steps => [
|
|
17
|
+
Procedures::Foreman::RemoveDuplicatePermissions.new
|
|
18
|
+
]
|
|
19
|
+
)
|
|
20
|
+
end
|
|
21
|
+
|
|
22
|
+
def find_duplicate_permissions
|
|
23
|
+
feature(:foreman_database).query(self.class.query_to_get_duplicate_permission)
|
|
24
|
+
end
|
|
25
|
+
|
|
26
|
+
def self.query_to_get_duplicate_permission
|
|
27
|
+
<<-SQL
|
|
28
|
+
SELECT id,name FROM permissions p WHERE (SELECT count(name) FROM permissions pr WHERE p.name =pr.name) > 1
|
|
29
|
+
SQL
|
|
30
|
+
end
|
|
31
|
+
end
|
|
32
|
+
end
|
|
33
|
+
end
|
|
@@ -0,0 +1,70 @@
|
|
|
1
|
+
module Procedures::Foreman
|
|
2
|
+
class RemoveDuplicatePermissions < ForemanMaintain::Procedure
|
|
3
|
+
metadata do
|
|
4
|
+
for_feature :foreman_database
|
|
5
|
+
description 'Remove duplicate permissions from database'
|
|
6
|
+
end
|
|
7
|
+
|
|
8
|
+
def run
|
|
9
|
+
duplicate_permissions = feature(:foreman_database).query(
|
|
10
|
+
Checks::Foreman::CheckDuplicatePermissions.query_to_get_duplicate_permission
|
|
11
|
+
).group_by { |permission| permission['name'] }
|
|
12
|
+
unassigned_permissions = []
|
|
13
|
+
duplicate_permissions.each_value do |permissions|
|
|
14
|
+
permission_ids = permissions.map { |i| i['id'] }
|
|
15
|
+
filterings = check_permissions_assign_to_filter(permission_ids)
|
|
16
|
+
assigned_permissions = filterings.keys
|
|
17
|
+
unassigned_permissions << permission_ids - assigned_permissions
|
|
18
|
+
fix_permissions(assigned_permissions) if assigned_permissions.length > 1
|
|
19
|
+
end
|
|
20
|
+
delete_permission(unassigned_permissions.flatten) unless unassigned_permissions.empty?
|
|
21
|
+
end
|
|
22
|
+
|
|
23
|
+
private
|
|
24
|
+
|
|
25
|
+
def check_permissions_assign_to_filter(permission_ids)
|
|
26
|
+
sql = <<-SQL
|
|
27
|
+
SELECT id, filter_id, permission_id FROM filterings WHERE permission_id IN (#{permission_ids.join(',')})
|
|
28
|
+
SQL
|
|
29
|
+
feature(:foreman_database).query(sql).group_by { |filtering| filtering['permission_id'] }
|
|
30
|
+
end
|
|
31
|
+
|
|
32
|
+
def fix_permissions(assigned_permissions)
|
|
33
|
+
persist_permission = assigned_permissions.shift
|
|
34
|
+
filter_ids = filters_for_permission(persist_permission)
|
|
35
|
+
update_filtering(assigned_permissions, persist_permission, filter_ids)
|
|
36
|
+
delete_filtering(assigned_permissions)
|
|
37
|
+
delete_permission(assigned_permissions)
|
|
38
|
+
end
|
|
39
|
+
|
|
40
|
+
def filters_for_permission(permission)
|
|
41
|
+
feature(:foreman_database).query(
|
|
42
|
+
"SELECT filter_id FROM filterings WHERE permission_id = #{permission.to_i}"
|
|
43
|
+
).map { |filter| filter['filter_id'] }
|
|
44
|
+
end
|
|
45
|
+
|
|
46
|
+
def update_filtering(old_ids, new_id, filter_ids)
|
|
47
|
+
sql = <<-SQL
|
|
48
|
+
WITH rows AS (
|
|
49
|
+
UPDATE filterings SET permission_id = '#{new_id}' WHERE permission_id IN (#{old_ids.join(',')}) AND filter_id NOT IN (#{filter_ids.join(',')})
|
|
50
|
+
RETURNING id
|
|
51
|
+
)
|
|
52
|
+
SELECT id
|
|
53
|
+
FROM rows
|
|
54
|
+
SQL
|
|
55
|
+
feature(:foreman_database).query(sql)
|
|
56
|
+
end
|
|
57
|
+
|
|
58
|
+
def delete_filtering(permission_ids)
|
|
59
|
+
feature(:foreman_database).psql(
|
|
60
|
+
"DELETE FROM filterings where permission_id IN (#{permission_ids.join(',')})"
|
|
61
|
+
)
|
|
62
|
+
end
|
|
63
|
+
|
|
64
|
+
def delete_permission(permission_ids)
|
|
65
|
+
feature(:foreman_database).psql(
|
|
66
|
+
"DELETE FROM permissions where id IN (#{permission_ids.join(',')})"
|
|
67
|
+
)
|
|
68
|
+
end
|
|
69
|
+
end
|
|
70
|
+
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: foreman_maintain
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.5.
|
|
4
|
+
version: 0.5.6
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Ivan Nečas
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2020-
|
|
11
|
+
date: 2020-10-01 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: clamp
|
|
@@ -128,6 +128,7 @@ files:
|
|
|
128
128
|
- definitions/checks/disk/available_space.rb
|
|
129
129
|
- definitions/checks/disk/performance.rb
|
|
130
130
|
- definitions/checks/foreman/check_corrupted_roles.rb
|
|
131
|
+
- definitions/checks/foreman/check_duplicate_permission.rb
|
|
131
132
|
- definitions/checks/foreman/check_duplicate_roles.rb
|
|
132
133
|
- definitions/checks/foreman/db_up.rb
|
|
133
134
|
- definitions/checks/foreman/facts_names.rb
|
|
@@ -212,6 +213,7 @@ files:
|
|
|
212
213
|
- definitions/procedures/foreman/apipie_cache.rb
|
|
213
214
|
- definitions/procedures/foreman/fix_corrupted_roles.rb
|
|
214
215
|
- definitions/procedures/foreman/remove_duplicate_obsolete_roles.rb
|
|
216
|
+
- definitions/procedures/foreman/remove_duplicate_permissions.rb
|
|
215
217
|
- definitions/procedures/foreman_docker/remove_foreman_docker.rb
|
|
216
218
|
- definitions/procedures/foreman_openscap/invalid_report_associations.rb
|
|
217
219
|
- definitions/procedures/foreman_proxy/features.rb
|