Fixes #19789 - fix Layout/SpaceAroundOperators cop
Refs #23776 - correct deprecation for notice
Fixes #23776 - Remove deprecations for 1.18
Fixes #22778 - disableable bruteforce protection
Fixes #19781 - Fix Layout/LeadingCommentSpace cop
fixes #23335 - normalize scsi attributes in rails 5 (#5475)
Fixes #23145 - fix strong params for compute attributes on fail (#5412)
Fixes #19787 - Fix Layout/SpaceAfterComma cop
Fixes #23081 - Fix Style/SafeNavigation cop
Fixes #19894 - Fix Style/RedundantParentheses cop
Fixes #19839 - Fix Rails/Present cop
Fixes #23123 - Fix Rails/ActiveRecordAliases cop
Fixes #23067 - expose option to use oVirt APIv4
Also handle v4 certificate error and v3 path migration
Fixes #22893 - Specify taxonomies on template import (#5323)
fixes #21694 - Add MTU to subnet
Fixes #23075 - Fix Rails/HttpStatus cop
Refs #22285 - Prepare tests for strong params enforcement
- Fix broken hosts api tests- Fix role cloning tests- Fix ssh key controller api test- Fix http proxies controller test- Fix lookup key override api controller test- Fix puppetclass controller api test...
Refs #22285 - Correct parameter filtering for strong params
- Allow $resource_id param on parameters controller- Permit user_id on access token controller- Allow params in templete combination controller Allows `config_template_id` and `:provisioning_template_id`...
Refs #22285 - Remove keep_param
This workaround was needed in Rails 5.0, but 5.1 already supportsfiltering on arbitrary hash params.
Fixes #19857 - Fix Style/EachWithObject cop
Fixes #15286 - New API for auth sources (#4865)
Fixes #22721 - Rename setting to trusted_hosts
The setting trusted_puppetmaster_hosts is used to allow hosts to submitstuff to the facts/reports API endpoint.The name made sense a long time ago, but these days other plugins andany user can submit stuff to this API to generate...
Fixes #21999,#22005 - Migrate toasts to pf-react
Refs #20800 - Move session timed out warning inline
Fixes #19889 - Fix Style/PerlBackrefs cop
Fixes #19907 - Configure Style/TernaryParentheses cop
Fixes #5790 - Add compute resource to hostgroup (#4593)
fixes #22062 - support vmware vmrc console
Fixes #21760 - Fix tests on Rails 5.1
Fixes #21343 - support multiple orgs supported for non-admin users
This adds a full support for taxonomies in API for non-admin users. Itfixes the issue with dirty associations module that only track _ids...
Fixes #19772, #19773, #19774 - Fix some empty line cops
Fixes #21944 - HttpProxy - whitelist taxonomix params
Fixes #21099 - Replace redirect_to :back with redirect_back
Some instances of process_success/error with :back as a redirect alsoneed changing, and the redirect_back_or_to helper should be deprecatedand replaced throughout with redirect_back too.
Fixes #4238 - Prevent login brute forcing
After 30 failed attempts from the same ip, login will be blocked for 5minutes from that ip.
Fixes #21353 - users can edit login if they have permissions
Fixes #12054 - Openstack v3 support
Fixes #17992, #18103 - Improve external usergroup errors
When one submit an user group with external user groups, and thisdoesn't work for whatever reason, like:
Net::LDAP::Error - No route to host - connect(2)LdapFluff::Generic::UnauthenticatedException...
fixes #21394 - user login with access token api
Fixes #21119 - set taxonomies in API
With this we correctly set the default taxonomy for non-admin usersin API calls. Admins are not touched at all, their context remains"any context" for API calls. This also refactors various placeswhere tried to set the right taxonomy and combines them into single...
Fixes #12216 - support http proxies for compute resources
Fixes #20957 - Replace alias_method_chain with Module prepend
Deprecated in Rails 5.0 and will be removed in 5.1. Some instances ofclasses overwriting existing methods can be handled with `super`, otherconcerns or modules are changed to use prepend instead of include....
Fixes #20963 - CVE-2017-7535 prevent XSS on org/loc host assign
Fixes #20951 - Replace render :text with :plain
fixes #20820 - set ajax vars for cr host import
Fixes #20386 - Allow to identify smart proxy by ip only
This allows setting trusted_puppet_master_hosts to an IP in thenon-https case. This can e.g. be useful when testing ansible factimporting from another machine.
Fixes #19031 - move to patternfly pagination style
fixes #4509 - VMWare: multiple scsi controllers
Fixes #16112 - support for netgroups in LDAP auth source
fixes #19913 - fixes rubocop Style/ZeroLengthPredicate
Fixes #19315 - redirect to login when session expired
Refs #19588 - Allow passing header to csv responder
Fixes #19612 - CVE-2017-7505 don't expose admin to taxed users
fixes #19479, #10587, #19500 - two pane notifications are visible
- notification is now inside the content div, allowing two-pane serverresponses to include it.- refactored all notifications to use notification helpers (notice,warning and error) instead of direct flash manipulation...
Fixes #19417 - Safely check params for nested keys
Fixes #19125 - Add description to hostgroup
Fixes #19148 - Add description field to subnets
fixes #19035 - rewrite TopbarSweeper without rails-observers
Moves from the observer object into two mixins, one on the model and oneon the top-level controllers to observe creates/updates/destroys onmonitored models. Replaces rails-observers as it lacks Rails 5 support.
Fixes #18948 - correctly relogin user with SSO sessions
fixes #18476 - users have ssh keys
Fixes #18760 - Allow export to CSV
This introduces a way of exporting tables from the UI to CSV.There are 3 steps to adding a CSV export to a table:
1. Add the CsvResponder concern to the relevant controller.2. Add a `format.csv` block to the index controller action. This block...
fixes #18665 - call #to_h before comparing AC::Parameters to hash
Allows comparisons when ActionController::Parameters is separated fromHash in Rails 5.0. #permit! is now called on inner hashes sent throughKeepParam (similar to rails/rails@e86524c in 5.1) so they are included...
fixes #18664 - ignore missing callbacks in SmartProxyAuth concern
Filters that are only registered on the UI controllers cause errorswhen using SmartProxyAuth on an API controller under Rails 5.0.
Fixes #16982 - Scope properly when no taxonomies are set
The default scope for hosts and other objects did not restrictproperly by taxonomies. An user without organizations orlocations, could do anything it's permissions allow to.The list of hosts was unrestricted and showed hosts in...
fixes #18568 - replace deprecated AC::Parameters#update
The #update method in Rails 5 is returning a HWIA rather than theActionController::Parameters instance, causing keep_param to return thewrong object type. It is also deprecated in 5.0, so replace it with a...
fixes #13618 - cache expensive vmware api calls
Refs #15779 - make background processing unavailable for now (#4217)
The original PR got vetted in the packaging phase and includingforeman-task as dependency of Foreman was refused. We need to rethinkour approach for getting the foreman-tasks functionality available...
Fixes #17681 - Switch to newly created taxonomy
fixes #17545 - adds UI notification support
- Initial data model for notification support, based on manageiq design.- addes notification JSON endpoints.
Fixes #18045 - Puppet classes show up choosing only env.
After #3551 was merged, the hosts controller requires both environmentand hostgroup to be set in order to display puppetclasses.
It shouldn't be required to have both, so we should check what'savailable and use it. If it's only the hostgroup or the environment, it...
Fixes #6502 - List ignored classes and environments on import
When importing environments and classes from puppet, ignoredenvironments and classes defined in ignored_environments.ymlaren't aparent.
This will add them to the list to import as ignored and...
Fixes #15403 - moved puppet to a concern in hosts UI controller
Fixes #17015 - Adds Key pairs controller
Fixes #17503 - Only trigger PXELoader suggestion when needed
Previously every host instantiation triggered a PXELoader suggestion,which led to up to 3 extra queries per host loaded. This changes so thatthe suggestion is only applied when a host changes it's OS.
Fixes #17487 - support sessions for api calls
- authenticated api calls save user to session and set flag api_authenticated_session- sessions with such flag allow posting requests without CSRF token- api sessions exipre the same way as UI sessions- api sessions don't store any additional data to keep the requests...
Fixes #15779 - make background processing available
fixes #17300 - accept Nic::Bond#attached_devices string inputs
Fixes #16548 - Changing user own passwd require current passwd
fixes #16725 - add plugin extension point for smart proxies
Fixes #14277 - Added description field to users
fixes #16514 - redirect to login page if user is deleted
Fixes #4608 - Added description field to role
Fixes #16624 - Make AuthSourceLDAP taxable
This allows users to set organizations/locations on AuthSourceLDAPobjects. That in itself might not be that useful, but it allows us tofollow on and assign the AuthSourceLDAP taxonomies to the usersautocreated through it.
fixes #16578 - make keep_param idempotent, remove duplicate call
Using host_params (and keep_param) twice was causing compute_attributesto be deleted permanently out of `params`. keep_param now restoreselements it deletes, and the controller now only calls host_params once...
Fixes #15846 - Renamed use_puppet_default to omit in LookupValue
fixes #16376 - use correct params filter for nested Puppet LKs
Fixes #7806 - allow taxonomy association on role level
Fixes #16264 - Template combinations cannot be created
Currently, strong parameters is not allowing passing the nestedattributes required to ProvisioningTemplate to createTemplateCombinations through the UI.The fix is as simple as permitting those parameters in a 'nested'...
Fixes #12634 - New HW Model flag pxe_loader
Implementation of
https://github.com/theforeman/rfcs/blob/master/text/0001-PXE-Booting-UEFI.md
In short, new host/hostgroup flag PXE loader is added to specify TFTPDHCP filename and Foreman now orchestrates all PXE-capable templates...
fixes #15951 - pass interface compute_attributes
fixes #3917 - replace protected_attrs with strong parameters
Filtering of attributes has moved from the protected_attributes gem tostrong parameters in controller concerns, to be in line with currentRails recommendations.
Concerns are shared between UI and both API controllers and list the...
Refs #3809 - Using defaults for AndOr cop
Fixes #12193 - Stop using counter_cache for host[group] counts
This is aimed to prevent deadlocks caused by Rails' implementation ofcounter_cache that is hit when multiple hosts are created or updated atthe same time. An added benefit is that the counters will now display...
fixes #15720 - rename *_filter to *_action
The older 'filter' name is changing in Rails to 'action' and is beingdeprecated.
fixes #14666 - support IPv6 in UI
Refs #3809 - Turning on the AndOr cop
Refs #3809 - Turning on some Lint cops
Fixes #14410 - respond 503 when pending migration
Fixes #15268 - limit user taxonomies using my scopes
Fixes CVE-2016-4475
Fixes #14962 - support wildcard certs for proxy authentication
Refs #3809 - Turning on some rubocop cops