Fixes #11693 - removed 'destroy' for smart class parameter from API controllers
fixes #10832 - separating lookup keys into puppet and variable
Fixes #11579 - Reports show/destroy restricted by host authorization (CVE-2015-5233)
ReportsController 'show' and 'destroy' now perform a check to see ifthe User is authorized to see the Host associated with the Report. Incase it's not, it returns 404, as to not give hints whether a Report...
Fixes #11089 - Adapt tests to Rails 4
This commit contains all changes to tests in branchhttps://github.com/theforeman/foreman/pull/2055 that I found to beretrocompatible with Rails 3. The more of these we can get in, the lesscode we will have to review for Rails 4, and the more relevant it will...
Fixes #7096 - Adds STI to templates
This commit converts Ptables to be just another type of Template so itgets the same features as ConfigTemplate. ConfigTemplate was renamed toProvisioningTemplate to reflect UI and the name under it's commonly known.
Fixes #9678 - Can't update admin flag for users via API
find_resource needs to be defined prior to UsersMixin is included as itrequires the variable @user being set.
Refs #3809 - Remove various small cops
Refs #3809 - Remove cops for empty lines
Refs #3809 - Remove useless assignments
Fixes #7733 - Remove hosts.yml fixtures and use FactoryGirl instead
Refs #3809 - Use parentheses in method definitions
Refs #3809 - Remove rubocop TODOs
Removed the following TODOs so that cops for these will run from now on:
Lint/AmbiguousOperator, DefEndAlignment, DeprecatedClassMethodsEnsureReturn, RequireParentheses, Void, BlockAlignment, EndAlignment,UselessAccessModifier,...
fixes #6964 - replace default scope that hides users with explicit scope
Fixes #813 - External usergroups can be linked to an LDAP auth source
fixes #6430 - validate presence of location and organization for managed host if Settings are turned on
fixes #6753 - fix API v1 examples in docs that show error messages by re-ordering functional tests
Fixes #6285 - Settings API does not parse incoming values to correct data type
fixes #6216, #4416 - avoid foreign key errors when deleting some objects in use
fixes #6229 - validate installation media exists for new host if pxe_build
fixes #4204 - add config groups feature - assign multiple config groups to a host or hostgroup
Fixes #4976 - ensure the process is really running inside a rake task
Fixes #4851: a SmartProxy.with_features scope replaces feature-specific scopes generated during class loading
fixes #4314 - ignore default scope ordering on host search by puppet class
fixes #3001 - Facts searchable by both host id and name
fixes #812 - new permissions model, user group role and nest support, role filters for better granularity
fixes #3939 - add option to 'inherit from parent' for hostgroup attributes
fixes #3725, #4167 - root password validations, remove default password
fixes #3920 - prevent 500 ScopedSearch errors on the API, raise UI errors correctly
fixes #2231 - hostgroup deletion is restricted to hostgroups without children
fixes #3515 - API handles not found objects with 404
fixes #3752 - move data population from migrations into seed script
fixes #2983 - Add autosign#index to API v1 and v2 and remove from UI controller
fixes #3736 - users API uses login name as an identifying attribute
fixes #3577 - do not treat `params[:dryrun]` with value `false` as true
fixes #2951 - Host API documentation lacks compute_resource_id
fixes #3140 - API to allow importing of puppet classes
Fixes #3293 add FactoryGirl to tests
fixes #1244 - add smart proxy feature refresh link + API call
Fixes #2984 - API v1/v2 StatisticsController and remove JSON from UI controller
fixes #2400 migration to remove orphaned records and add foreign keys constraints to database tables
fixes #2969 - remove all legacy api code in UI controllers, add deprecation response
fixes #2863 - restrict APIs to resources that a user is permitted to manage (CVE-2013-4182)
fixes #2728 - POST /api/hostgroups does not accept ancestry
fixes #2602 - scoped_search error when using postgresql
fixes #2553 let setting admin attribute on user creation
fixes #2550 Puppetclass search_by_host doesn't return all classes for an unknown host
Tests for puppetclass API searches on nonexistent hosts
Puppetclass search_by_host does not fail if Host does not belong to any Hostgroup
Puppetclass search_by_host query looks for distinct puppetclasses instead of pruning them afterwards...
refs #2400 clean up tests so there are no orphaned foreign keys
fixes #1814 - converts sp_* attributes into a BMC interface class
this patch also includes the following
fixes #1890 api host status
fixes #1834 to get foreman running under ruby 1.9.3
added compute resource actions and tests
host routes api changes squashed
Fix inter-test dependencies
After the thread clean-up, some tests were failing because theyimplicitly expected User.current to be set. Stating the dependenciesexplicitly.
added template_kinds controller to api
set apiadmin user in headers before api controller tests
smart proxies api - filtering by proxy type
This commit adds most of the functionality required for API v1
The overall goal was to extract the existing JSON responseoverall controllers, and to move them to a seperate name space.
Fixed array structure in API v1 user controller test
used media/show partial and added to tests
added dns_id, dhcp_id, tft_ip attributes even though they are nested as children to be consistent with current api
typo on index.json.rabl for environments.
added missing s char
Subnets API
a bunch of fixes to get functional tests running under 1.9.2
added environment API
api v1 - domains controller
api v1 - added media and dashboard controllers
api v1 - config templates
api v1 - Users controller and tests
- split api routes to separate routes file- better detection of permission failure in model- fix ApiConstraints- catch bad routes in api and return json- render home#index links from restapi- fixed resource params recognition
api v1 - fisrt version of bookmarks controller
Fixed bookmark tests (API v1)
api v1 - Authorization
api v1 - architectures controler and tests
api v1 - tests for operating systems controller
api v1 - fixing permissions
cleanups in base controller
api v1 - render errors with rabl
better detection of permission failure in modelfix ApiConstraintscatch bad routes in api and return json