foreman_remote_execution 5.0.1 → 5.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: cd91f2539393453fe888022502baba8ad7597da50682a4d87a8cf78dcaaebbfa
4
- data.tar.gz: 2c97670fa1b3555f9660ea8adee03e48ae83779aff3324d977eae65a70b86956
3
+ metadata.gz: 06e8f7e73f607c4b3d5e465f6eb095c8f0352377f1237e32385e1a4dd3d64db4
4
+ data.tar.gz: 6e2a1f2cf43e68d8442a6de224333cbb3712351e8439d25a211505091f16d60e
5
5
  SHA512:
6
- metadata.gz: 7fbc26b3be07128f7dd015db03b8e46d34faee8f13f8b7e7f3d6ff54f360afd70cdd6f4143862695342591be55cfed9a74f315ae77ef5231cd20bee5f9bf8565
7
- data.tar.gz: 851d5fd53efb928e8a6ce15468af83bc992b98265bc289f23fed310834e1c83753113e981a673f89e3183efaa7d6f76ec270f06f1f41072f79c045947a78b6c8
6
+ metadata.gz: c7d4f6804de17435657aab34bf6801a06433eae56e766913503cdfcdae7f0cdc330afd68c46de54b4ef6bc8d617df7f757b2420c92e167c44a94aafaab229f6d
7
+ data.tar.gz: dc42410db0ffe4e28009b370c677b4c37ae4ceccdbc2565f85f920e662d75bea49e2152ebd7385f5eaf4411289afea165d73946750b7a9ab732de1215bfc9615
@@ -8,7 +8,7 @@ module ForemanRemoteExecution
8
8
 
9
9
  def multiple_actions
10
10
  res = super
11
- res += [ [_('Schedule Remote Job'), new_job_invocation_path, false] ] if authorized_for(controller: :job_invocations, action: :new)
11
+ res += [ [_('Schedule Remote Job'), new_job_invocation_path, false] ] if can_schedule_jobs?
12
12
  res
13
13
  end
14
14
 
@@ -22,20 +22,20 @@ module ForemanRemoteExecution
22
22
  end
23
23
  end
24
24
 
25
- def rex_host_features(*args)
26
- return unless authorized_for(controller: :job_invocations, action: :create)
25
+ def rex_host_features(host, *_rest)
26
+ return [] unless can_execute_on_host?(host)
27
27
  RemoteExecutionFeature.with_host_action_button.order(:label).map do |feature|
28
- link_to(_('%s') % feature.name, job_invocations_path(:host_ids => [args.first.id], :feature => feature.label), :method => :post)
28
+ link_to(_('%s') % feature.name, job_invocations_path(:host_ids => [host.id], :feature => feature.label), :method => :post)
29
29
  end
30
30
  end
31
31
 
32
- def schedule_job_button(*args)
33
- return unless authorized_for(controller: :job_invocations, action: :new)
34
- link_to(_('Schedule Remote Job'), new_job_invocation_path(:host_ids => [args.first.id]), :id => :run_button, :class => 'btn btn-default')
32
+ def schedule_job_button(host, *_rest)
33
+ return unless can_execute_on_host?(host)
34
+ link_to(_('Schedule Remote Job'), new_job_invocation_path(:host_ids => [host.id]), :id => :run_button, :class => 'btn btn-default')
35
35
  end
36
36
 
37
37
  def web_console_button(host, *args)
38
- return unless authorized_for(permission: 'cockpit_hosts', auth_object: host)
38
+ return if !authorized_for(permission: 'cockpit_hosts', auth_object: host) || !can_execute_on_infrastructure_host?(host)
39
39
 
40
40
  url = SSHExecutionProvider.cockpit_url_for_host(host.name)
41
41
  url ? link_to(_('Web Console'), url, :class => 'btn btn-default', :id => :'web-console-button', :target => '_new') : nil
@@ -46,6 +46,17 @@ module ForemanRemoteExecution
46
46
  button_group(web_console_button(*args)))
47
47
  super(*args)
48
48
  end
49
- end
50
49
 
50
+ def can_schedule_jobs?
51
+ authorized_for(controller: :job_invocations, action: :create)
52
+ end
53
+
54
+ def can_execute_on_host?(host)
55
+ can_schedule_jobs? && can_execute_on_infrastructure_host?(host)
56
+ end
57
+
58
+ def can_execute_on_infrastructure_host?(host)
59
+ !host.infrastructure_host? || User.current.can?(:execute_jobs_on_infrastructure_hosts)
60
+ end
61
+ end
51
62
  end
@@ -31,7 +31,7 @@ module RemoteExecutionHelper
31
31
 
32
32
  if authorized_for(hash_for_host_path(host).merge(auth_object: host, permission: :view_hosts, authorizer: job_hosts_authorizer))
33
33
  links << { title: _('Host detail'),
34
- action: { href: host_path(host), 'data-method': 'get', id: "#{host.name}-actions-detail" } }
34
+ action: { href: current_host_details_path(host), 'data-method': 'get', id: "#{host.name}-actions-detail" } }
35
35
  end
36
36
 
37
37
  if authorized_for(hash_for_rerun_job_invocation_path(id: job_invocation, host_ids: [ host.id ], authorizer: job_hosts_authorizer))
@@ -121,6 +121,10 @@ module ForemanRemoteExecution
121
121
  @cached_rex_host_params_hash = nil
122
122
  end
123
123
 
124
+ def infrastructure_host?
125
+ infrastructure_facet&.foreman_instance || infrastructure_facet&.smart_proxy_id
126
+ end
127
+
124
128
  private
125
129
 
126
130
  def extend_host_params_hash(params)
@@ -67,7 +67,7 @@ class Targeting < ApplicationRecord
67
67
  return '' if ids.empty?
68
68
 
69
69
  hosts = Host.execution_scope.where(:id => ids).distinct.pluck(:name)
70
- "name ^ (#{hosts.join(', ')})"
70
+ hosts.any? ? "name ^ (#{hosts.join(', ')})" : ''
71
71
  end
72
72
 
73
73
  def resolved?
@@ -7,7 +7,7 @@
7
7
  <% if @hosts.any? -%>
8
8
  <ul>
9
9
  <% @hosts.each do |host| -%>
10
- <li><%= link_to h(host.name), host_path(host), :target => '_blank' %></li>
10
+ <li><%= link_to h(host.name), current_host_details_path(host), :target => '_blank' %></li>
11
11
  <% end -%>
12
12
 
13
13
  <% if @additional > 0 -%>
@@ -28,7 +28,7 @@ end
28
28
  </div>
29
29
  </div>
30
30
  <% if @host %>
31
- <h3><%= _('Target: ') %><%= link_to(@host.name, host_path(@host)) %></h3>
31
+ <h3><%= _('Target: ') %><%= link_to(@host.name, current_host_details_path(@host)) %></h3>
32
32
 
33
33
  <div class="preview hidden">
34
34
  <%= preview_box(@template_invocation, @host) %>
@@ -214,7 +214,11 @@ module ForemanRemoteExecution
214
214
  role 'Remote Execution User', USER_PERMISSIONS, 'Role with permissions to run remote execution jobs against hosts'
215
215
  role 'Remote Execution Manager', MANAGER_PERMISSIONS, 'Role with permissions to manage job templates, remote execution features, cancel jobs and view audit logs'
216
216
 
217
- add_all_permissions_to_default_roles
217
+ add_all_permissions_to_default_roles(except: [:execute_jobs_on_infrastructure_hosts])
218
+ add_permissions_to_default_roles({
219
+ Role::MANAGER => [:execute_jobs_on_infrastructure_hosts],
220
+ Role::SITE_MANAGER => USER_PERMISSIONS + [:execute_jobs_on_infrastructure_hosts],
221
+ })
218
222
 
219
223
  # add menu entry
220
224
  menu :top_menu, :job_templates,
@@ -1,3 +1,3 @@
1
1
  module ForemanRemoteExecution
2
- VERSION = '5.0.1'.freeze
2
+ VERSION = '5.0.2'.freeze
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: foreman_remote_execution
3
3
  version: !ruby/object:Gem::Version
4
- version: 5.0.1
4
+ version: 5.0.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Foreman Remote Execution team
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-12-03 00:00:00.000000000 Z
11
+ date: 2022-02-17 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: deface