RubyGems - foreman_remote_execution - Versions diffs - 5.0.1 → 5.0.2 - Mend

foreman_remote_execution 5.0.1 → 5.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

checksums.yaml +4 -4
data/app/helpers/concerns/foreman_remote_execution/hosts_helper_extensions.rb +20 -9
data/app/helpers/remote_execution_helper.rb +1 -1
data/app/models/concerns/foreman_remote_execution/host_extensions.rb +4 -0
data/app/models/targeting.rb +1 -1
data/app/views/job_invocations/_preview_hosts_list.html.erb +1 -1
data/app/views/template_invocations/show.html.erb +1 -1
data/lib/foreman_remote_execution/engine.rb +5 -1
data/lib/foreman_remote_execution/version.rb +1 -1
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: cd91f2539393453fe888022502baba8ad7597da50682a4d87a8cf78dcaaebbfa
-  data.tar.gz: 2c97670fa1b3555f9660ea8adee03e48ae83779aff3324d977eae65a70b86956
+  metadata.gz: 06e8f7e73f607c4b3d5e465f6eb095c8f0352377f1237e32385e1a4dd3d64db4
+  data.tar.gz: 6e2a1f2cf43e68d8442a6de224333cbb3712351e8439d25a211505091f16d60e
 SHA512:
-  metadata.gz: 7fbc26b3be07128f7dd015db03b8e46d34faee8f13f8b7e7f3d6ff54f360afd70cdd6f4143862695342591be55cfed9a74f315ae77ef5231cd20bee5f9bf8565
-  data.tar.gz: 851d5fd53efb928e8a6ce15468af83bc992b98265bc289f23fed310834e1c83753113e981a673f89e3183efaa7d6f76ec270f06f1f41072f79c045947a78b6c8
+  metadata.gz: c7d4f6804de17435657aab34bf6801a06433eae56e766913503cdfcdae7f0cdc330afd68c46de54b4ef6bc8d617df7f757b2420c92e167c44a94aafaab229f6d
+  data.tar.gz: dc42410db0ffe4e28009b370c677b4c37ae4ceccdbc2565f85f920e662d75bea49e2152ebd7385f5eaf4411289afea165d73946750b7a9ab732de1215bfc9615

data/app/helpers/concerns/foreman_remote_execution/hosts_helper_extensions.rb CHANGED Viewed

@@ -8,7 +8,7 @@ module ForemanRemoteExecution
     def multiple_actions
       res = super
-      res += [ [_('Schedule Remote Job'), new_job_invocation_path, false] ] if authorized_for(controller: :job_invocations, action: :new)
+      res += [ [_('Schedule Remote Job'), new_job_invocation_path, false] ] if can_schedule_jobs?
       res
     end
@@ -22,20 +22,20 @@ module ForemanRemoteExecution
       end
     end
-    def rex_host_features(*args)
-      return unless authorized_for(controller: :job_invocations, action: :create)
+    def rex_host_features(host, *_rest)
+      return [] unless can_execute_on_host?(host)
       RemoteExecutionFeature.with_host_action_button.order(:label).map do |feature|
-        link_to(_('%s') % feature.name, job_invocations_path(:host_ids => [args.first.id], :feature => feature.label), :method => :post)
+        link_to(_('%s') % feature.name, job_invocations_path(:host_ids => [host.id], :feature => feature.label), :method => :post)
       end
     end
-    def schedule_job_button(*args)
-      return unless authorized_for(controller: :job_invocations, action: :new)
-      link_to(_('Schedule Remote Job'), new_job_invocation_path(:host_ids => [args.first.id]), :id => :run_button, :class => 'btn btn-default')
+    def schedule_job_button(host, *_rest)
+      return unless can_execute_on_host?(host)
+      link_to(_('Schedule Remote Job'), new_job_invocation_path(:host_ids => [host.id]), :id => :run_button, :class => 'btn btn-default')
     end
     def web_console_button(host, *args)
-      return unless authorized_for(permission: 'cockpit_hosts', auth_object: host)
+      return if !authorized_for(permission: 'cockpit_hosts', auth_object: host) || !can_execute_on_infrastructure_host?(host)
       url = SSHExecutionProvider.cockpit_url_for_host(host.name)
       url ? link_to(_('Web Console'), url, :class => 'btn btn-default', :id => :'web-console-button', :target => '_new') : nil
@@ -46,6 +46,17 @@ module ForemanRemoteExecution
         button_group(web_console_button(*args)))
       super(*args)
     end
-  end
+    def can_schedule_jobs?
+      authorized_for(controller: :job_invocations, action: :create)
+    end
+    def can_execute_on_host?(host)
+      can_schedule_jobs? && can_execute_on_infrastructure_host?(host)
+    end
+    def can_execute_on_infrastructure_host?(host)
+      !host.infrastructure_host? || User.current.can?(:execute_jobs_on_infrastructure_hosts)
+    end
+  end
 end

data/app/helpers/remote_execution_helper.rb CHANGED Viewed

@@ -31,7 +31,7 @@ module RemoteExecutionHelper
     if authorized_for(hash_for_host_path(host).merge(auth_object: host, permission: :view_hosts, authorizer: job_hosts_authorizer))
       links << { title: _('Host detail'),
-        action: { href: host_path(host), 'data-method': 'get', id: "#{host.name}-actions-detail" } }
+        action: { href: current_host_details_path(host), 'data-method': 'get', id: "#{host.name}-actions-detail" } }
     end
     if authorized_for(hash_for_rerun_job_invocation_path(id: job_invocation, host_ids: [ host.id ], authorizer: job_hosts_authorizer))

data/app/models/concerns/foreman_remote_execution/host_extensions.rb CHANGED Viewed

@@ -121,6 +121,10 @@ module ForemanRemoteExecution
       @cached_rex_host_params_hash = nil
     end
+    def infrastructure_host?
+      infrastructure_facet&.foreman_instance || infrastructure_facet&.smart_proxy_id
+    end
     private
     def extend_host_params_hash(params)

data/app/models/targeting.rb CHANGED Viewed

@@ -67,7 +67,7 @@ class Targeting < ApplicationRecord
     return '' if ids.empty?
     hosts = Host.execution_scope.where(:id => ids).distinct.pluck(:name)
-    "name ^ (#{hosts.join(', ')})"
+    hosts.any? ? "name ^ (#{hosts.join(', ')})" : ''
   end
   def resolved?

data/app/views/job_invocations/_preview_hosts_list.html.erb CHANGED Viewed

@@ -7,7 +7,7 @@
 <% if @hosts.any? -%>
   <ul>
     <% @hosts.each do |host| -%>
-        <li><%= link_to h(host.name), host_path(host), :target => '_blank' %></li>
+        <li><%= link_to h(host.name), current_host_details_path(host), :target => '_blank' %></li>
     <% end -%>
     <% if @additional > 0 -%>

data/app/views/template_invocations/show.html.erb CHANGED Viewed

@@ -28,7 +28,7 @@ end
   </div>
 </div>
 <% if @host %>
-  <h3><%= _('Target: ') %><%= link_to(@host.name, host_path(@host)) %></h3>
+  <h3><%= _('Target: ') %><%= link_to(@host.name, current_host_details_path(@host)) %></h3>
   <div class="preview hidden">
     <%= preview_box(@template_invocation, @host) %>

data/lib/foreman_remote_execution/engine.rb CHANGED Viewed

@@ -214,7 +214,11 @@ module ForemanRemoteExecution
         role 'Remote Execution User', USER_PERMISSIONS, 'Role with permissions to run remote execution jobs against hosts'
         role 'Remote Execution Manager', MANAGER_PERMISSIONS, 'Role with permissions to manage job templates, remote execution features, cancel jobs and view audit logs'
-        add_all_permissions_to_default_roles
+        add_all_permissions_to_default_roles(except: [:execute_jobs_on_infrastructure_hosts])
+        add_permissions_to_default_roles({
+          Role::MANAGER => [:execute_jobs_on_infrastructure_hosts],
+          Role::SITE_MANAGER => USER_PERMISSIONS + [:execute_jobs_on_infrastructure_hosts],
+        })
         # add menu entry
         menu :top_menu, :job_templates,

data/lib/foreman_remote_execution/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module ForemanRemoteExecution
-  VERSION = '5.0.1'.freeze
+  VERSION = '5.0.2'.freeze
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: foreman_remote_execution
 version: !ruby/object:Gem::Version
-  version: 5.0.1
+  version: 5.0.2
 platform: ruby
 authors:
 - Foreman Remote Execution team
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-12-03 00:00:00.000000000 Z
+date: 2022-02-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: deface