Fixes #11579 - Reports show/destroy restricted by host authorization (CVE-2015-5233)
ReportsController 'show' and 'destroy' now perform a check to see ifthe User is authorized to see the Host associated with the Report. Incase it's not, it returns 404, as to not give hints whether a Report...
Fixes #10731 - Allow matches to merge with default values
fixes #9058 - interfaces should not be affected when changing loc/org
Fixes #11303: Allow scoped search by name for permissions.
This both provides this functionality and fixes an issue with creatingfilters using hammer. Hammer attempts to search for a permission byname using scoped search syntax when creating a filter with the...
fixes #11240 - Add api docs to hostgroup params
Fixes #11219 - rename config_template attributes in os_default_templates
fixes #7275 - remove welcome page and replace with docs button
Fixes #9591 - Added support for "inherit" state.
fixes #11175 - [API] Add taxonomies to ptables, display ptables in taxonomies
Refs #3809 - Enable cop Style/MultilineTernaryOperator
Refs #3809 - Enable cop Style/AlignArray
Fixes #10929 - Add removed widgets to dashboard
This commit allows users to re-add widgets. At this point it's onlypossible to recover removed widgets by clicking on "Reset to default".
To do this I populate the 'Add widgets' list by getting a diffbetween the current widgets and the available ones. The code calls any...
Fixes #4830 - Added a new template to show when no trend data is collected.
refs #10550 - extract settings API error string
Fixes #10550 - Settings API will not update when value parameter is missing
Fixes #6854 - Api status allowed for all users
Fixes #11035 - template preview feature
Fixes #8343 - Consolidated code paths, and removed unnecessary DB calls for parent object
Fixes #9603 - fixed websockets_* set of settings
Fixes #11078 - Substitute find_all_by by where to comply with Rails 4
This commit takes away all instances up to this point of find_all_by toimprove Rails 4 compatibility. They are substituted by .where calls.
Fixes #10356 - changed the POST/PUT RABL template to be the same as the GET template
HTTP response code standardized to 201 on create.
Fixes #11033 - adding missing params to auth_source ldap API docs
Refs #3809 - Style/blocks cop enabled
fixes #11018 - correct syntax error in version number
Fixes #10635 - Formalize deprecation warning
Fixes #10963 - partition table can't access os ids
Fixes #10917 - Update API docs for template combinations
Fixes #10916 - convert config_template_ids in operatingsystems
Fixes #10853 - add config_template_ids back to organization
Refs #10720 - Use API v2 response for vm_compute_attributes
Fixes #9793 - API v2 fact_values index works for non-admins
Fixes #6976 - Build default PXE menu should be POST request
Fixes #10713 - improved backtrace logging
Fixes #7096 - Adds STI to templates
This commit converts Ptables to be just another type of Template so itgets the same features as ConfigTemplate. ConfigTemplate was renamed toProvisioningTemplate to reflect UI and the name under it's commonly known.
fixes #10720 - Adds API to get host vm attributes
This exposes an API to fetch a host's vm_compute_attributes,such as vmware cpus and memory. It lives at a separate endpointbecause it involves a fetch for data from the compute resource,and may have different performance characteristics than the database.
Fixes #10715 - api build_pxe_default returns non-JSON message
The fix adds a new method `render_message` for responding with a statustext.
fixes #9031 - Add routes to view template_combinations per hostgroup / environment
fixes #9632 - updated compute resource names to follow brand names
this commit changes strings such as Ovirt to oVirt in API v{1,2}descriptions
fixes #10586 - make the 401 status comparison actually match.
Fixes #10583 - perform uniq in database instead of in memory when possible
fixes #10509 - add toggle for LDAP usergroup updating
fixes #10471 - use Rails' force_ssl
Fixes #8525 - Rename "Mail" to "Email" in user preferences
fixes #10437 - remove incorrect/duplicate hash statements
Refs #10337 - Update Host searches to use outofsync_interval
Refs #3809 - Remove nested ternary and nil checking
Fixes #10337 - Added setting out of sync duration
fixes #9812 - Adds validation on override value, ensure match returns error if blank
Fixes #9506 - Add granular permissions to config groups
fixes #10342 - adding :host_parameters_attributes to except list in template_used()
Fixes #9687 - respect custom controller permissions
Fixes #9674 - Handle ProxyAPI exceptions on PuppetCA controller
fixes #9773 - correctly render template URL
Fixes #10111 - Use a dummy primary interface for unmanaged hosts
Unmanaged hosts require a host interface due to delegation of networkingattributes, and some others like 'name'. Since unmanaged hosts do notnecessarily have an interface associated (unless created through puppet...
fixes #10167 - change default API from v1 to v2
Fixes #9884 - refresh deleted external usergroups
Fixes #9878 - refresh external usergroup on API manipulation
Fixes #8812 - Pass model type so search_for is called on Host
At least on version 1.6.1, the absence of this second parameter leads to aruntime crash when it's time to validate if the current user (non-admin) isallowed to perform a power operation on given a host via the APIv2....
Fixes #8106 - Dashboard rewrite to allow better customization
Fixes #9921 - specify requirements on apidoc params for NICs
Fixes #8593 - remove N+1 queries on puppetclass index page
Fixes #8890 - Allow selection of plaintext "encryption" method for root password
Fixes #7378 - fixed API lookup keys filters
refs #9877 - s/variable/class parameter/ on param :override
fixes #9877 - Add descriptions to smart_class_parameters in api/v2
Fixes #9444 - prevent 404 error on current_parameters and domain_selected
fixes #9823 - Add description to smart variables
fixes #9469 - redirect to reports#index on destroy
Fixes #9723 - missing owner_type in host api docs
Fixes #9657 - merge NICs from compute profile in host create API
- updated api docs for hosts and interfaces- host create/update api actions now merge interfaces from compute profiles- NIC type mapping extracted into a separate class- return full host detail after host update
Fixes #9678 - Can't update admin flag for users via API
find_resource needs to be defined prior to UsersMixin is included as itrequires the variable @user being set.
Fixes #9480 - multiple NICs integration with compute profiles
From users point of view:- interfaces setup in compute profiles is back- interface related compute attrs get merged into host NICs upon compute profile selection- NIC overview table displays details in the column "Type"...
Fixes #9427 - Return meaningful errors from subnets/freeip and parse the error response to the UI
fixes #9397 - Make usage of @host.operatingsystem in UnattendedController consistent
Changed all host.os to host.operatingsystem
Fixes #8736 - confirmation before host delete for freshly created hosts
Fixes #9452 - correct capitalization of VMware
Refs #3809 - Remove classcheck cop
Refs #3809 - Remove cop IndentationConsistency
Refs #3809 - Remove cops for empty lines
fixes #9358 - match unattended template requests against provision interface
Fixes #9231 - Require English lib and fix ENC failure
fixes #9362 - Add mediapath support to CoreOS
fixes #5812 - url parameter in compute_resource#create is not required for EC2, removing the required flag
Fixes #9113 - api docs for users miss locale and timestamp params
Locale was missing also in the server responses.
fixes #9030 - Adds support to clone config template via api
Fixes #9225 - private is defined twice in hosts controller
Fixes #7456 - Extract primary interface from host
All host must have at least one primary interface and one provision (can...
Fixes #9099 - Upgrade rubocop to 0.28.0
Fixes #8838 - Replace HTTP error codes with human-readable symbols
Fixes #8764 - adds description to taxonomies
fixes #8484 - make SmartProxyAuth concern more useful to plugins
Fixes #8837 - Return correctly formatted response on ajax_error
Fixes #6832 - Don't show location/organization on host edit page if host has none
fixes #7652 - Implements CoreOS OS support
fixes #8049 - Add timezone to user
fixes #8442 - add eager loading of users on audit show page for history tab
fixes #8638 - ensure that a redirect to hosts index after host destroy
Fixes #8790 - Fix N+1 query on user list page
fixes #8627 - add host comment field to API documentation
fixes #8590 - handle missing 'config' when listing vSphere VMs