foreman_remote_execution 0.1.1 → 0.1.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: e5f866fe37c11fd1081d685e3715e64658354b5f
-  data.tar.gz: c5fddb603234b2930bc94226411a982039c5996e
+  metadata.gz: 3de54e0a9f145a63c004e5e569305d4207167111
+  data.tar.gz: 9cea79ef9465ceb6b2164f3eb9b072c45753a0bb
 SHA512:
-  metadata.gz: 64da2786680750ada9d49b6459b63bc6a2440f1c0226de78a08c50b1b632c8b7583cd1d76c569dc1e7e1836318229cfbf1811671517f8aca0be0539188403961
-  data.tar.gz: f707c970f5b3fb9fccbe4e65d4321a449a6980b5b9f3999266ab49e4d238eb56f4644319bb12e88e691e85819570d3fc7267c62e6ec851a7f40fa58d58b6a912
+  metadata.gz: e0dde3c38bf68c68c6cadeb4b5c78d1d916be96b92e0dcd313bb1fb0f2113c8003b2e652c95c3dba8138afb680bb5c40fa631131aa5ff4bb589373f209107993
+  data.tar.gz: 9057f5eaad349a39352a6ecaeeee828978695e58c8f9b20fe10e4395c1ea60066b469bd776f7470cf69dee44a463407a1abca512c584108760143cc5f35afbbc

data/app/assets/javascripts/template_invocation.js

@@ -58,11 +58,6 @@ function job_invocation_form_binds() {
     $('#job_template_' + $(this).val()).show();
   });
 
-  $('input.trigger_mode_selector').on('click', function () {
-     $("#trigger_mode_future").hide();
-     $('#trigger_mode_' + $(this).val()).show();
-   });
-
   $('select#job_invocation_job_name').on('change', refresh_execution_form);
 
   $('button#refresh_execution_form').on('click', refresh_execution_form);
@@ -99,3 +94,51 @@ function job_invocation_refresh_data(){
 function fetch_ids_of_hosts(attribute){
   return $('div#hosts td.host_' + attribute + '[data-refresh_required="true"]').map(function() { return $(this).data('id') }).get();
 }
+
+function regenerate_description(thing) {
+  var fieldset = $(thing).closest('fieldset');
+  var dict = load_keys(fieldset);
+  var format = fieldset.find('#description_format').val();
+  fieldset.find('#description').val(String.format(format, dict));
+}
+
+function load_keys(parent) {
+  var dict = {};
+  var pattern = $(parent).find("#description_format").val();
+  var re = new RegExp("%\\{([^\\}]+)\\}", "gm");
+  var match = re.exec(pattern);
+  while(match != null) {
+    dict[match[1]] = $(parent).find("#" + match[1]).val();
+    match = re.exec(pattern);
+  }
+  dict['job_name'] = $('#job_invocation_job_name').val();
+  return dict;
+}
+
+function description_override(source) {
+    var description_format_container = $(source).closest('fieldset').find('#description_format_container');
+    var description_format = $(description_format_container).find('#description_format');
+    var old_value = $(source).val();
+    if($(source).is(':checked')) {
+	$(description_format_container).hide();
+    } else {
+	$(description_format_container).show();
+    }
+    $(source).val($(description_format).val());
+    $(description_format).val(old_value);
+    regenerate_description(description_format);
+}
+
+String.format = function (pattern, dict) {
+  if(pattern == undefined) {
+    return "";
+  }
+  for (var key in dict) {
+    var regEx = new RegExp("%\\{" + key + "\\}", "gm");
+    if(dict[key] == undefined) {
+      dict[key] = "%{" + key + "}"
+    }
+    pattern = pattern.replace(regEx, dict[key]);
+  }
+  return pattern;
+};

data/app/controllers/api/v2/job_invocations_controller.rb

@@ -6,9 +6,12 @@ module Api
       include ::Foreman::Renderer
 
       before_filter :find_optional_nested_object
+      before_filter :find_host, :only => %w{output}
       before_filter :find_resource, :only => %w{show update destroy clone}
       before_filter :validate_templates, :only => :create
 
+      wrap_parameters JobInvocation, :include => (JobInvocation.attribute_names + [:ssh])
+
       api :GET, "/job_invocations/", N_("List job invocations")
       param_group :search_and_pagination, ::Api::V2::BaseController
       def index
@@ -23,42 +26,84 @@ module Api
       def_param_group :job_invocation do
         param :job_invocation, Hash, :required => true, :action_aware => true do
           param :job_name, String, :required => true, :desc => N_("Job name")
-          param :template_id, String, :required => false, :desc => N_("If using a specific template, the id of that template.")
+          param :job_template_id, String, :required => false, :desc => N_("If using a specific template, the id of that template.")
           param :targeting_type, String, :required => true, :desc => N_("Invocation type, one of %s") % Targeting::TYPES
-          param :inputs, Array, :required => false, :desc => N_("Inputs to use") do
-            param :name, String, :required => true
-            param :value, String, :required => true
+          param :inputs, Hash, :required => false, :desc => N_("Inputs to use")
+          param :ssh, Hash, :desc => N_("Ssh provider specific options") do
+            param :effective_user, String,
+                  :required => false,
+                  :desc => N_("What user should be used to run the script (using sudo-like mechanisms). Defaults to a template parameter or global setting.")
           end
           param :bookmark_id, Integer, :required => false
           param :search_query, Integer, :required => false
         end
       end
 
-      api :POST, "/job_invocations/", N_("Create a job template")
+      api :POST, "/job_invocations/", N_("Create a job invocation")
       param_group :job_invocation, :as => :create
       def create
-        composer = JobInvocationApiComposer.new(JobInvocation.new, User.current, params[:job_invocation])
+        composer = JobInvocationComposer.from_api_params(job_invocation_params)
         composer.save!
         ForemanTasks.async_task(::Actions::RemoteExecution::RunHostsJob, composer.job_invocation)
         @job_invocation = composer.job_invocation
         process_response @job_invocation
       end
 
+      api :GET, "/job_invocations/:id/hosts/:host_id", N_("Get output for a host")
+      param :id, :identifier, :required => true
+      param :host_id, :identifier, :required => true
+      param :since, String, :required => false
+      def output
+        task = @nested_obj.sub_task_for_host(@host)
+        refresh = task.pending?
+        since = params[:since].to_f if params[:since].present?
+
+        line_sets = task.main_action.live_output
+        line_sets = line_sets.drop_while { |o| o['timestamp'].to_f <= since } if since
+
+        if line_sets.blank?
+          render :json => {:refresh => refresh, :output => []}
+        else
+          render :json => {:refresh => refresh, :output => line_sets }
+        end
+      end
+
       private
 
+      def action_permission
+        case params[:action]
+        when 'output'
+          :view
+        else
+          super
+        end
+      end
+
+      def find_host
+        @host = Host::Base.authorized(:view_hosts).find(params['host_id'])
+      rescue ActiveRecord::RecordNotFound
+        not_found({ :error => { :message => (_("Host with id '%{id}' was not found") % { :id => params['host_id'] }) } })
+      end
+
       def validate_templates
         templates = []
-        if params[:job_invocation][:template_id]
-          templates << JobTemplate.find(params[:job_invocation][:template_id])
+        if job_invocation_params[:job_template_id]
+          templates << JobTemplate.find(job_invocation_params[:job_template_id])
         else
-          templates = JobTemplate.where(:job_name => params[:job_invocation][:job_name])
+          templates = JobTemplate.where(:job_name => job_invocation_params[:job_name])
           if templates.pluck(:provider_type).uniq.length != templates.length
-            raise Foreman::Exception, _("Duplicate remote execution providers found for specified Job, please specify a single template_id.")
+            raise Foreman::Exception, _("Duplicate remote execution providers found for specified Job, please specify a single job_template_id.")
           end
         end
 
         raise Foreman::Exception, _("No templates associated with specified Job Name") if templates.empty?
       end
+
+      def job_invocation_params
+        job_invocation_params = params.fetch(:job_invocation, {}).dup
+        job_invocation_params.merge!(job_invocation_params.delete(:ssh)) if job_invocation_params.key?(:ssh)
+        job_invocation_params
+      end
     end
   end
 end

data/app/controllers/api/v2/job_templates_controller.rb

@@ -11,6 +11,8 @@ module Api
 
       before_filter :handle_template_upload, :only => [:create, :update]
 
+      wrap_parameters JobTemplate, :include => (JobTemplate.attribute_names + [:ssh])
+
       api :GET, "/job_templates/", N_("List job templates")
       api :GET, "/locations/:location_id/job_templates/", N_("List job templates per location")
       api :GET, "/organizations/:organization_id/job_templates/", N_("List job templates per organization")
@@ -30,10 +32,17 @@ module Api
           param :name, String, :required => true, :desc => N_("Template name")
           param :job_name, String, :required => true, :desc => N_("Job name")
           param :template, String, :required => true
-          param :provider_type, String, :required => true, :desc => N_("Provider type")
+          param :provider_type, RemoteExecutionProvider.provider_names, :required => true, :desc => N_("Provider type")
           param :snippet, :bool, :allow_nil => true
           param :audit_comment, String, :allow_nil => true
           param :locked, :bool, :desc => N_("Whether or not the template is locked for editing")
+          param :ssh, Hash, :desc => N_("Ssh provider specific options") do
+            param :effective_user, Hash, :desc => N_("Effective user options") do
+              param :value, String, :desc => N_("What user should be used to run the script (using sudo-like mechanisms)"), :allowed_nil => true
+              param :overridable, :bool, :desc => N_("Whether it should be allowed to override the effective user from the invocation form.")
+              param :current_user, :bool, :desc => N_("Whether the current user login should be used as the effective user")
+            end
+          end
           param_group :taxonomies, ::Api::V2::BaseController
         end
       end
@@ -41,7 +50,7 @@ module Api
       api :POST, "/job_templates/", N_("Create a job template")
       param_group :job_template, :as => :create
       def create
-        @job_template = JobTemplate.new(params[:job_template])
+        @job_template = JobTemplate.new(job_template_params)
         process_response @job_template.save
       end
 
@@ -49,7 +58,7 @@ module Api
       param :id, :identifier, :required => true
       param_group :job_template
       def update
-        process_response @job_template.update_attributes(params[:job_template])
+        process_response @job_template.update_attributes(job_template_params)
       end
 
       api :GET, "/job_templates/revision"
@@ -77,7 +86,7 @@ module Api
       def clone
         @job_template = @job_template.clone
         load_vars_from_template
-        @job_template.name = params[:job_template][:name]
+        @job_template.name = job_template_params[:name]
         process_response @job_template.save
       end
 
@@ -87,6 +96,12 @@ module Api
 
       private
 
+      def job_template_params
+        job_template_params = params[:job_template].dup
+        effective_user_attributes = (job_template_params.delete(:ssh) || {}).fetch(:effective_user, {})
+        job_template_params.merge(:effective_user_attributes => effective_user_attributes)
+      end
+
       def action_permission
         case params[:action]
         when 'clone'

data/app/controllers/api/v2/template_inputs_controller.rb

@@ -0,0 +1,88 @@
+module Api
+  module V2
+    class TemplateInputsController < ::Api::V2::BaseController
+      include ::Api::Version2
+      include ::Foreman::Renderer
+
+      before_filter :find_required_nested_object
+      before_filter :find_resource, :only => %w{show update destroy clone}
+      before_filter :normalize_options, :only => %w{create update}
+
+      api :GET, "/templates/:template_id/template_inputs", N_("List template inputs")
+      param :template_id, :identifier, :required => true
+      param_group :search_and_pagination, ::Api::V2::BaseController
+      def index
+        @template_inputs = nested_obj.template_inputs.search_for(*search_options).paginate(paginate_options)
+      end
+
+      api :GET, "/templates/:template_id/template_inputs/:id", N_("Show template input details")
+      param :template_id, :identifier, :required => true
+      param :id, :identifier, :required => true
+      def show
+      end
+
+      def_param_group :template_input do
+        param :template_input, Hash, :required => true, :action_aware => true do
+          param :name, String, :required => true, :desc => N_('Input name')
+          param :input_type, TemplateInput::TYPES.keys.map(&:to_s), :required => true, :desc => N_('Input type')
+          param :fact_name, String, :required => false, :desc => N_('Fact name, used when input type is fact')
+          param :variable_name, String, :required => false, :desc => N_('Variable name, used when input type is variable')
+          param :puppet_parameter_name, String, :required => false, :desc => N_('Puppet parameter name, used when input type is puppet_parameter')
+          param :options, Array, :required => false, :desc => N_('Selectable values for user inputs')
+        end
+      end
+
+      api :POST, "/templates/:template_id/template_inputs/", N_("Create a template input")
+      param :template_id, :identifier, :required => true
+      param_group :template_input, :as => :create
+      def create
+        @template_input = TemplateInput.new(params[:template_input].merge(:template_id => @nested_obj.id))
+        process_response @template_input.save
+      end
+
+      api :DELETE, "/templates/:template_id/template_inputs/:id", N_("Delete a template input")
+      param :template_id, :identifier, :required => true
+      param :id, :identifier, :required => true
+      def destroy
+        process_response @template_input.destroy
+      end
+
+      api :PUT, "/templates/:template_id/template_inputs/:id", N_("Update a template input")
+      param :template_id, :identifier, :required => true
+      param :id, :identifier, :required => true
+      param_group :template_input
+      def update
+        process_response @template_input.update_attributes(params[:template_input])
+      end
+
+      def resource_name(nested_resource = nil)
+        nested_resource || 'template_input'
+      end
+
+      def controller_permission
+        'templates'
+      end
+
+      def action_permission
+        case params[:action]
+        when :create, :edit, :destroy
+          'edit'
+        else
+          super
+        end
+      end
+
+      private
+
+      def normalize_options
+        if params[:template_input][:options].is_a?(Array)
+          params[:template_input][:options] = params[:template_input][:options].join("\n")
+        end
+      end
+
+      def resource_class
+        TemplateInput
+      end
+    end
+  end
+end

data/app/controllers/job_invocations_controller.rb

@@ -1,9 +1,13 @@
 class JobInvocationsController < ApplicationController
   include Foreman::Controller::AutoCompleteSearch
 
+  before_filter :find_or_create_triggering, :only => [:create, :refresh]
+
   def new
-    @composer = JobInvocationComposer.new.compose_from_params(
+    @composer = JobInvocationComposer.from_ui_params(
       :host_ids => params[:host_ids],
+      :job_invocation => {
+      },
       :targeting => {
         :targeting_type => Targeting::STATIC_TYPE,
         :bookmark_id => params[:bookmark_id]
@@ -12,7 +16,7 @@ class JobInvocationsController < ApplicationController
 
   def rerun
     job_invocation = resource_base.find(params[:id])
-    @composer = JobInvocationComposer.new.compose_from_invocation(job_invocation)
+    @composer = JobInvocationComposer.from_job_invocation(job_invocation)
 
     if params[:failed_only]
       host_ids = job_invocation.failed_host_ids
@@ -23,17 +27,11 @@ class JobInvocationsController < ApplicationController
   end
 
   def create
-    @composer = JobInvocationComposer.new.compose_from_params(params)
-    action = ::Actions::RemoteExecution::RunHostsJob
+    @composer = JobInvocationComposer.from_ui_params(params)
     if @composer.save
       job_invocation = @composer.job_invocation
-      if job_invocation.trigger_mode == :future
-        ForemanTasks.delay action,
-                           job_invocation.delay_options,
-                           job_invocation
-      else
-        ForemanTasks.async_task(action, job_invocation)
-      end
+      job_invocation.generate_description! if job_invocation.description.blank?
+      @composer.triggering.trigger(::Actions::RemoteExecution::RunHostsJob, job_invocation)
       redirect_to job_invocation_path(job_invocation)
     else
       render :action => 'new'
@@ -42,22 +40,22 @@ class JobInvocationsController < ApplicationController
 
   def show
     @job_invocation = resource_base.find(params[:id])
-    @auto_refresh = @job_invocation.last_task.try(:pending?)
+    @auto_refresh = @job_invocation.task.try(:pending?)
     hosts_base = @job_invocation.targeting.hosts.authorized(:view_hosts, Host)
     @hosts = hosts_base.search_for(params[:search], :order => params[:order] || 'name ASC').paginate(:page => params[:page])
   end
 
   def index
-    @job_invocations = resource_base.search_for(params[:search]).paginate(:page => params[:page]).order('id DESC')
+    @job_invocations = resource_base.search_for(params[:search]).paginate(:page => params[:page]).with_task.order(params[:order] || 'job_invocations.id DESC')
   end
 
   # refreshes the form
   def refresh
-    @composer = JobInvocationComposer.new.compose_from_params(params)
+    @composer = JobInvocationComposer.from_ui_params(params)
   end
 
   def preview_hosts
-    composer = JobInvocationComposer.new.compose_from_params(params)
+    composer = JobInvocationComposer.from_ui_params(params)
 
     @hosts = composer.targeted_hosts.limit(Setting[:entries_per_page])
     @additional = composer.targeted_hosts.count - Setting[:entries_per_page]
@@ -69,6 +67,10 @@ class JobInvocationsController < ApplicationController
 
   private
 
+  def find_or_create_triggering
+    @triggering ||= ::ForemanTasks::Triggering.new_from_params(params[:triggering])
+  end
+
   def action_permission
     case params[:action]
       when 'rerun'

data/app/controllers/template_invocations_controller.rb

@@ -1,4 +1,6 @@
 class TemplateInvocationsController < ApplicationController
+  include Foreman::Controller::AutoCompleteSearch
+
   def controller_permission
     'job_invocations'
   end

data/app/helpers/remote_execution_helper.rb

@@ -10,7 +10,7 @@ module RemoteExecutionHelper
   def job_invocation_chart(invocation)
     options = { :class => 'statistics-pie small', :expandable => true, :border => 0, :show_title => true }
 
-    if (bulk_task = invocation.last_task)
+    if (bulk_task = invocation.task)
       failed_tasks = bulk_task.sub_tasks.select { |sub_task| task_failed? sub_task }
       cancelled_tasks, failed_tasks = failed_tasks.partition { |task| task_cancelled? task }
       success = bulk_task.output['success_count'] || 0
@@ -30,15 +30,15 @@ module RemoteExecutionHelper
   end
 
   def job_invocation_status(invocation)
-    if invocation.last_task.blank?
+    if invocation.task.blank?
       _('Job not started yet 0%')
-    elsif invocation.last_task.state == 'scheduled'
-      _('Job set to execute at %s') % invocation.last_task.start_at
-    elsif invocation.last_task.state == 'stopped' && invocation.last_task.result == 'error'
-      invocation.last_task.execution_plan.errors.map(&:message).join("\n")
+    elsif invocation.task.state == 'scheduled'
+      _('Job set to execute at %s') % invocation.task.start_at
+    elsif invocation.task.state == 'stopped' && invocation.task.result == 'error'
+      invocation.task.execution_plan.errors.map(&:message).join("\n")
     else
-      label = invocation.last_task.pending ? _('Running') : _('Finished')
-      label + ' ' + (invocation.last_task.progress * 100).to_i.to_s + '%'
+      label = invocation.task.pending ? _('Running') : _('Finished')
+      label + ' ' + (invocation.task.progress * 100).to_i.to_s + '%'
     end
   end
 
@@ -87,26 +87,27 @@ module RemoteExecutionHelper
 
   def remote_execution_provider_for(task)
     template_invocation = task.locks.where(:resource_type => 'TemplateInvocation').first.try(:resource) unless task.nil?
-    template_invocation.nil? ? _('N/A') : _(RemoteExecutionProvider.provider_for(template_invocation.template.provider_type))
+    template_invocation.nil? ? _('N/A') : template_invocation.template.provider.humanized_name
   end
 
   # rubocop:disable Metrics/AbcSize
   def job_invocation_task_buttons(task)
+    job_invocation = task.task_groups.find { |group| group.class == JobInvocationTaskGroup }.job_invocation
     buttons = []
     buttons << link_to(_('Refresh'), {}, :class => 'btn btn-default', :title => _('Refresh this page'))
     if authorized_for(hash_for_new_job_invocation_path)
-      buttons << link_to(_("Rerun"), rerun_job_invocation_path(:id => task.locks.where(:resource_type => 'JobInvocation').first.resource),
+      buttons << link_to(_("Rerun"), rerun_job_invocation_path(:id => job_invocation.id),
                          :class => "btn btn-default",
                          :title => _('Rerun the job'))
     end
     if authorized_for(hash_for_new_job_invocation_path)
-      buttons << link_to(_("Rerun failed"), rerun_job_invocation_path(:id => task.locks.where(:resource_type => 'JobInvocation').first.resource, :failed_only => 1),
+      buttons << link_to(_("Rerun failed"), rerun_job_invocation_path(:id => job_invocation.id, :failed_only => 1),
                          :class => "btn btn-default",
                          :disabled => !task.sub_tasks.any? { |sub_task| task_failed?(sub_task) },
                          :title => _('Rerun on failed hosts'))
     end
     if authorized_for(:permission => :view_foreman_tasks, :auth_object => task)
-      buttons << link_to(_("Last Job Task"), foreman_tasks_task_path(task),
+      buttons << link_to(_("Job Task"), foreman_tasks_task_path(task),
                          :class => "btn btn-default",
                          :title => _('See the last task details'))
     end
@@ -139,9 +140,9 @@ module RemoteExecutionHelper
   end
 
   def link_to_invocation_task_if_authorized(invocation)
-    if invocation.last_task.present? && invocation.last_task.state != 'scheduled'
+    if invocation.task.present? && invocation.task.state != 'scheduled'
       link_to_if_authorized job_invocation_status(invocation),
-                            hash_for_foreman_tasks_task_path(invocation.last_task).merge(:auth_object => invocation.last_task, :permission => :view_foreman_tasks)
+                            hash_for_foreman_tasks_task_path(invocation.task).merge(:auth_object => invocation.task, :permission => :view_foreman_tasks)
     else
       job_invocation_status(invocation)
     end
@@ -149,8 +150,8 @@ module RemoteExecutionHelper
 
   def invocation_count(invocation, options = {})
     options = { :unknown_string => 'N/A' }.merge(options)
-    if invocation.last_task.nil? || invocation.last_task.state != 'scheduled'
-      (invocation.last_task.try(:output) || {}).fetch(options[:output_key], options[:unknown_string])
+    if invocation.task.nil? || invocation.task.state != 'scheduled'
+      (invocation.task.try(:output) || {}).fetch(options[:output_key], options[:unknown_string])
     else
       options[:unknown_string]
     end
@@ -176,4 +177,14 @@ module RemoteExecutionHelper
       tab == :overview ? active : inactive
     end
   end
+
+  def time_ago(time)
+    if time.nil?
+      _('-')
+    else
+      content_tag :span, _("%s ago") % time_ago_in_words(time),
+                  { :'data-original-title' => time.try(:in_time_zone), :rel => 'twipsy' }
+    end
+  end
+
 end

data/app/lib/actions/middleware/bind_job_invocation.rb

@@ -4,7 +4,11 @@ module Actions
     class BindJobInvocation < ::Dynflow::Middleware
 
       def delay(*args)
-        _schedule_options, job_invocation = args
+        schedule_options, job_invocation = args
+        if !job_invocation.task_id.nil? && job_invocation.task_id != task.id
+          job_invocation = job_invocation.deep_clone
+          args = [schedule_options, job_invocation]
+        end
         pass(*args).tap { bind(job_invocation) }
       end
 
@@ -16,11 +20,11 @@ module Actions
       private
 
       def task
-        @task ||= ForemanTasks::Task::DynflowTask.find_by_external_id!(action.execution_plan_id)
+        @task ||= ForemanTasks::Task::DynflowTask.where(:external_id => action.execution_plan_id).first!
       end
 
       def bind(job_invocation)
-        job_invocation.update_attribute :last_task_id, task.id if job_invocation.last_task_id != task.id
+        job_invocation.update_attribute :task_id, task.id if job_invocation.task_id != task.id
       end
 
     end

data/app/lib/actions/remote_execution/run_host_job.rb

@@ -2,20 +2,27 @@ module Actions
   module RemoteExecution
     class RunHostJob < Actions::EntryAction
 
+      middleware.do_not_use Dynflow::Middleware::Common::Transaction
       include Actions::RemoteExecution::Helpers::LiveOutput
 
       def resource_locks
         :link
       end
 
-      def plan(job_invocation, host, template_invocation, proxy, connection_options = {})
-        action_subject(host, :job_name => job_invocation.job_name)
+      def plan(job_invocation, host, template_invocation, proxy)
+        action_subject(host, :job_name => job_invocation.job_name, :description => job_invocation.description)
+
+        template_invocation.update_attribute :host_id, host.id
+        link!(job_invocation)
+        link!(template_invocation)
+
+        verify_permissions(host, template_invocation)
         hostname = find_ip_or_hostname(host)
 
         raise _("Could not use any template used in the job invocation") if template_invocation.blank?
 
-        settings =  { :global_proxy   => 'remote_execution_global_proxy',
-                      :fallback_proxy => 'remote_execution_fallback_proxy' }
+        settings = { :global_proxy   => 'remote_execution_global_proxy',
+                     :fallback_proxy => 'remote_execution_fallback_proxy' }
 
         raise _("Could not use any proxy. Consider configuring %{global_proxy} " +
                 "or %{fallback_proxy} in settings") % settings if proxy.blank?
@@ -24,11 +31,8 @@ module Actions
         script = renderer.render
         raise _("Failed rendering template: %s") % renderer.error_message unless script
 
-        link!(job_invocation)
-        link!(template_invocation)
-
-        provider = template_invocation.template.provider_type.to_s
-        plan_action(RunProxyCommand, proxy, hostname, script, { :connection_options => connection_options }.merge(provider_settings(provider, host)))
+        provider = template_invocation.template.provider
+        plan_action(RunProxyCommand, proxy, hostname, script, provider.proxy_command_options(template_invocation, host))
         plan_self
       end
 
@@ -53,7 +57,9 @@ module Actions
       end
 
       def humanized_name
-        _('Run %{job_name} on %{host}') % { :job_name => input[:job_name], :host => input[:host][:name] }
+        _('%{description} on %{host}') % { :job_name => input[:job_name],
+                                           :host => input[:host][:name],
+                                           :description => input[:description].try(:capitalize) || input[:job_name] }
       end
 
       def find_ip_or_hostname(host)
@@ -70,13 +76,18 @@ module Actions
         return host.fqdn
       end
 
-      def provider_settings(provider, host)
-        case provider
-        when 'Ssh'
-          { :ssh_user => host.params['remote_execution_ssh_user'] || Setting[:remote_execution_ssh_user] }
-        else
-          {}
-        end
+      private
+
+      def verify_permissions(host, template_invocation)
+        raise _('User can not execute job on host %s') % host.name unless User.current.can?(:view_hosts, host)
+        raise _('User can not execute this job template') unless User.current.can?(:view_job_templates, template_invocation.template)
+
+        # we don't want to load all template_invocations to verify so we construct Authorizer object manually and set
+        # the base collection to current template
+        authorizer = Authorizer.new(User.current, :collection => [ template_invocation.id ])
+        raise _('User can not execute this job template on %s') % host.name unless authorizer.can?(:execute_template_invocation, template_invocation)
+
+        true
       end
     end
   end