foreman_remote_execution 5.0.1 → 5.0.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (10) hide show
  1. checksums.yaml +4 -4
  2. data/app/helpers/concerns/foreman_remote_execution/hosts_helper_extensions.rb +20 -9
  3. data/app/helpers/remote_execution_helper.rb +1 -1
  4. data/app/models/concerns/foreman_remote_execution/host_extensions.rb +4 -0
  5. data/app/models/targeting.rb +1 -1
  6. data/app/views/job_invocations/_preview_hosts_list.html.erb +1 -1
  7. data/app/views/template_invocations/show.html.erb +1 -1
  8. data/lib/foreman_remote_execution/engine.rb +5 -1
  9. data/lib/foreman_remote_execution/version.rb +1 -1
  10. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: cd91f2539393453fe888022502baba8ad7597da50682a4d87a8cf78dcaaebbfa
4
- data.tar.gz: 2c97670fa1b3555f9660ea8adee03e48ae83779aff3324d977eae65a70b86956
3
+ metadata.gz: 06e8f7e73f607c4b3d5e465f6eb095c8f0352377f1237e32385e1a4dd3d64db4
4
+ data.tar.gz: 6e2a1f2cf43e68d8442a6de224333cbb3712351e8439d25a211505091f16d60e
5
5
  SHA512:
6
- metadata.gz: 7fbc26b3be07128f7dd015db03b8e46d34faee8f13f8b7e7f3d6ff54f360afd70cdd6f4143862695342591be55cfed9a74f315ae77ef5231cd20bee5f9bf8565
7
- data.tar.gz: 851d5fd53efb928e8a6ce15468af83bc992b98265bc289f23fed310834e1c83753113e981a673f89e3183efaa7d6f76ec270f06f1f41072f79c045947a78b6c8
6
+ metadata.gz: c7d4f6804de17435657aab34bf6801a06433eae56e766913503cdfcdae7f0cdc330afd68c46de54b4ef6bc8d617df7f757b2420c92e167c44a94aafaab229f6d
7
+ data.tar.gz: dc42410db0ffe4e28009b370c677b4c37ae4ceccdbc2565f85f920e662d75bea49e2152ebd7385f5eaf4411289afea165d73946750b7a9ab732de1215bfc9615
data/app/helpers/concerns/foreman_remote_execution/hosts_helper_extensions.rb CHANGED
@@ -8,7 +8,7 @@ module ForemanRemoteExecution
8
8
 
9
9
  def multiple_actions
10
10
  res = super
11
- res += [ [_('Schedule Remote Job'), new_job_invocation_path, false] ] if authorized_for(controller: :job_invocations, action: :new)
11
+ res += [ [_('Schedule Remote Job'), new_job_invocation_path, false] ] if can_schedule_jobs?
12
12
  res
13
13
  end
14
14
 
@@ -22,20 +22,20 @@ module ForemanRemoteExecution
22
22
  end
23
23
  end
24
24
 
25
- def rex_host_features(*args)
26
- return unless authorized_for(controller: :job_invocations, action: :create)
25
+ def rex_host_features(host, *_rest)
26
+ return [] unless can_execute_on_host?(host)
27
27
  RemoteExecutionFeature.with_host_action_button.order(:label).map do |feature|
28
- link_to(_('%s') % feature.name, job_invocations_path(:host_ids => [args.first.id], :feature => feature.label), :method => :post)
28
+ link_to(_('%s') % feature.name, job_invocations_path(:host_ids => [host.id], :feature => feature.label), :method => :post)
29
29
  end
30
30
  end
31
31
 
32
- def schedule_job_button(*args)
33
- return unless authorized_for(controller: :job_invocations, action: :new)
34
- link_to(_('Schedule Remote Job'), new_job_invocation_path(:host_ids => [args.first.id]), :id => :run_button, :class => 'btn btn-default')
32
+ def schedule_job_button(host, *_rest)
33
+ return unless can_execute_on_host?(host)
34
+ link_to(_('Schedule Remote Job'), new_job_invocation_path(:host_ids => [host.id]), :id => :run_button, :class => 'btn btn-default')
35
35
  end
36
36
 
37
37
  def web_console_button(host, *args)
38
- return unless authorized_for(permission: 'cockpit_hosts', auth_object: host)
38
+ return if !authorized_for(permission: 'cockpit_hosts', auth_object: host) || !can_execute_on_infrastructure_host?(host)
39
39
 
40
40
  url = SSHExecutionProvider.cockpit_url_for_host(host.name)
41
41
  url ? link_to(_('Web Console'), url, :class => 'btn btn-default', :id => :'web-console-button', :target => '_new') : nil
@@ -46,6 +46,17 @@ module ForemanRemoteExecution
46
46
  button_group(web_console_button(*args)))
47
47
  super(*args)
48
48
  end
49
- end
50
49
 
50
+ def can_schedule_jobs?
51
+ authorized_for(controller: :job_invocations, action: :create)
52
+ end
53
+
54
+ def can_execute_on_host?(host)
55
+ can_schedule_jobs? && can_execute_on_infrastructure_host?(host)
56
+ end
57
+
58
+ def can_execute_on_infrastructure_host?(host)
59
+ !host.infrastructure_host? || User.current.can?(:execute_jobs_on_infrastructure_hosts)
60
+ end
61
+ end
51
62
  end
data/app/helpers/remote_execution_helper.rb CHANGED
@@ -31,7 +31,7 @@ module RemoteExecutionHelper
31
31
 
32
32
  if authorized_for(hash_for_host_path(host).merge(auth_object: host, permission: :view_hosts, authorizer: job_hosts_authorizer))
33
33
  links << { title: _('Host detail'),
34
- action: { href: host_path(host), 'data-method': 'get', id: "#{host.name}-actions-detail" } }
34
+ action: { href: current_host_details_path(host), 'data-method': 'get', id: "#{host.name}-actions-detail" } }
35
35
  end
36
36
 
37
37
  if authorized_for(hash_for_rerun_job_invocation_path(id: job_invocation, host_ids: [ host.id ], authorizer: job_hosts_authorizer))
data/app/models/concerns/foreman_remote_execution/host_extensions.rb CHANGED
@@ -121,6 +121,10 @@ module ForemanRemoteExecution
121
121
  @cached_rex_host_params_hash = nil
122
122
  end
123
123
 
124
+ def infrastructure_host?
125
+ infrastructure_facet&.foreman_instance || infrastructure_facet&.smart_proxy_id
126
+ end
127
+
124
128
  private
125
129
 
126
130
  def extend_host_params_hash(params)
data/app/models/targeting.rb CHANGED
@@ -67,7 +67,7 @@ class Targeting < ApplicationRecord
67
67
  return '' if ids.empty?
68
68
 
69
69
  hosts = Host.execution_scope.where(:id => ids).distinct.pluck(:name)
70
- "name ^ (#{hosts.join(', ')})"
70
+ hosts.any? ? "name ^ (#{hosts.join(', ')})" : ''
71
71
  end
72
72
 
73
73
  def resolved?
data/app/views/job_invocations/_preview_hosts_list.html.erb CHANGED
@@ -7,7 +7,7 @@
7
7
  <% if @hosts.any? -%>
8
8
  <ul>
9
9
  <% @hosts.each do |host| -%>
10
- <li><%= link_to h(host.name), host_path(host), :target => '_blank' %></li>
10
+ <li><%= link_to h(host.name), current_host_details_path(host), :target => '_blank' %></li>
11
11
  <% end -%>
12
12
 
13
13
  <% if @additional > 0 -%>
data/app/views/template_invocations/show.html.erb CHANGED
@@ -28,7 +28,7 @@ end
28
28
  </div>
29
29
  </div>
30
30
  <% if @host %>
31
- <h3><%= _('Target: ') %><%= link_to(@host.name, host_path(@host)) %></h3>
31
+ <h3><%= _('Target: ') %><%= link_to(@host.name, current_host_details_path(@host)) %></h3>
32
32
 
33
33
  <div class="preview hidden">
34
34
  <%= preview_box(@template_invocation, @host) %>
data/lib/foreman_remote_execution/engine.rb CHANGED
@@ -214,7 +214,11 @@ module ForemanRemoteExecution
214
214
  role 'Remote Execution User', USER_PERMISSIONS, 'Role with permissions to run remote execution jobs against hosts'
215
215
  role 'Remote Execution Manager', MANAGER_PERMISSIONS, 'Role with permissions to manage job templates, remote execution features, cancel jobs and view audit logs'
216
216
 
217
- add_all_permissions_to_default_roles
217
+ add_all_permissions_to_default_roles(except: [:execute_jobs_on_infrastructure_hosts])
218
+ add_permissions_to_default_roles({
219
+ Role::MANAGER => [:execute_jobs_on_infrastructure_hosts],
220
+ Role::SITE_MANAGER => USER_PERMISSIONS + [:execute_jobs_on_infrastructure_hosts],
221
+ })
218
222
 
219
223
  # add menu entry
220
224
  menu :top_menu, :job_templates,
data/lib/foreman_remote_execution/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module ForemanRemoteExecution
2
- VERSION = '5.0.1'.freeze
2
+ VERSION = '5.0.2'.freeze
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: foreman_remote_execution
3
3
  version: !ruby/object:Gem::Version
4
- version: 5.0.1
4
+ version: 5.0.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Foreman Remote Execution team
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-12-03 00:00:00.000000000 Z
11
+ date: 2022-02-17 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: deface