fixes #2121, #2069 - restrict importers and ENC to puppetmasters and users

CVE-2013-0171: report and fact importers parse YAML directly from the remote
host without authentication. Untrusted YAML can instantiate objects and be
used to exploit Foreman.

CVE-2013-0174: external nodes (ENC) output is available to any source and...

v2 api for configuration_templates and template_combinations

fixes #1944 - Listing VMWare virtual machines under Computer resources is slow.

fixes #1814 - converts sp_* attributes into a BMC interface class

this patch also includes the following

• added a new interfaces table, and STI objects to represent a NIC, BMC, Managed
  and a bootable interface.
• refactored DHCP/DNS orchestation code, so they can work on the...

fixes #1890 api host status

fixes #1834 to get foreman running under ruby 1.9.3

added compute resource actions and tests

host routes api changes squashed

Clear the thread values outside of handling request

Adding an around filter to clear the thread values. Without this there
is a risk that the thread value from previous request will be used in
other request, which can lead to security issues.

We clear the current user at the beginning of the request (except the...

Fix inter-test dependencies

After the thread clean-up, some tests were failing because they
implicitly expected User.current to be set. Stating the dependencies
explicitly.

added template_kinds controller to api

Add organization and location to foreman.

This feature allows foreman to provide multi location, multi tenant and
multi organizations capablities.

the idea is that resources within foreman (e.g. hosts, subnets, users,
environments etc) can belong to one or more locations and organization,...

set apiadmin user in headers before api controller tests

smart proxies api - filtering by proxy type

This commit adds most of the functionality required for API v1

The overall goal was to extract the existing JSON response
overall controllers, and to move them to a seperate name space.

• documentation was added to all requests (available under /apidoc)...

fixes #1957 - remove old libvirt hypervisors code

Since foreman 1.0 libvirt hypervisors are now part of compute resources
this patch removes the old code and migrate any existing hypervisors to
be libvirt based compute resources.

Fixed array structure in API v1 user controller test

Refs #1920 : Fix failing tests for Setting[:foreman_url] Ensure plain 'http' protocol is used in templates Add a test to ensure http is used when https is in @request

used media/show partial and added to tests

added dns_id, dhcp_id, tft_ip attributes even though they are nested as children to be consistent with current api

typo on index.json.rabl for environments.

added missing s char

auto create admin-user when missing in API requests

add getter for admin user User.admin which auto creates admin when missing

Use tokens for discovery of host identity during installation

- fixes #1069
- fixes #1720
- refs #969

fixes #832 - adds parameterized class support

Credits:
This patch is based on the original work of Olivier Favre
<olivier@yakaz.com> many many thanks!

• import class parameters, and try to understand their types
• support a complex matrix of environments, puppet classes and their...

trying to fix/figure out travis complains

fixes #1843 - Accepts a plain hash as facts source

Subnets API

a bunch of fixes to get functional tests running under 1.9.2

added environment API

fix failing 'show nested fact json' test in fact_values_controller_test

api v1 - domains controller

api v1 - added media and dashboard controllers

api v1 - config templates

fixes #1820 - Authenticate API calls via REMOTE_USER

This patch allows API requests authentication via REMOTE_USER
only if authorize_login_delegation and authorize_login_delegation_api
are enabled.

fixes #1799 moved REMOTE_ADDR verification to settings

api v1 - Users controller and tests

- split api routes to separate routes file
- better detection of permission failure in model
- fix ApiConstraints
- catch bad routes in api and return json
- render home#index links from restapi
- fixed resource params recognition

api v1 - fisrt version of bookmarks controller

Fixed bookmark tests (API v1)

api v1 - Authorization

• added authorization handling to api and tests
• fixed auth handling for controllers without auth
• handling status code in permision related errors

api v1 - architectures controler and tests

api v1 - tests for operating systems controller

api v1 - fixing permissions

cleanups in base controller

api v1 - render errors with rabl

better detection of permission failure in model
fix ApiConstraints
catch bad routes in api and return json

couple of test fixes after upgrading to a newer mocha/shoulda

minor fix and added a few tests to ensure config templates works correctly

fixes #1649 Puppet class and environment import works only on the first smart-proxy

fixes #1115 Host parameters are not available via the API

add a test to ensure that assoicated template oss are failing to delete the template

fixes #1619 - X-Forwarded-For multiple IPs

fixes #1597 - Restrict compute resources access by user

And add some rights to give non admin users so they can perform some normal actions on the hosts they own.

unit/domain_parameter_test.rb self-broke... added a tiny fix.
Removing compute_resources/vms nesting, it is such a nightmare for functional tests....

adds ec2 provisioning support fixes #1223

- added progress bar for instance creation
- minor fixes for certname based deployments
- added ssh provisioning support to orchestartion, which utilize finish
scripts by default
- added images support (part of the vm compute tab)...

fixes #137 - Better support for non-hostname certnames

This patch introduce a new setting :use_uuid_for_certificates which
defaults to false.

users who wish to deploy their hosts using a random unique id, should
enable that setting, and use the certname directive in their puppet.conf...

fixes #1540 added suport for provisioning on ovirt/rhvem using fog.

This patch addes a compute resource concept within foreman

Signed-off-by: Ohad Levy <ohadlevy@gmail.com>

code smell

fixes #1503 - When creating a host, it should be possible to define a Puppet CA and a Puppet Master to use

fixes #1509 - Foreman should use the proxy to import puppet classes

fixes #1324 - Separate permssions on hosts from permissions for objects within hosts.

This allows a user to be granted permission to edit the host (and so change the group or proxy) but not, for example, edit the parameters
This could probably be extended further if necessary.

fixes #1175 - PXELinux does not render with spoof

fixes a couple of broken tests + show full error trace in development mode.

fixes #1446 - expire idle web sessions

fixes #402 - Add noops/pending to metric handling, and provide pending hosts for dashboard views.

This change adds the ability to see noops in metric reports inside
foreman graphs, charts and lists. The business reason for this is to allow
users to run their puppet agents in noop mode, and see where nodes have...

WIP rails3 migration

fixes #1174 - some error messages may show up twice

fixes #1208 - Unauthenticated IP spoofing should not be allowed

fixed broken test - refs #1211

clean up unused views and tests, refs #1184

refactor - various facts cleanups

fixes #1148 - CRUD on lookup values via the API

fixes #1125 - tftp proxy might not always be initialized

fixes #1120 - Replaced DHCP functionaitlity by the new net dhcp record classes

fixes #1077 - Ensure that host OS attributes are related to the OS itself

FEATURE #982 API call to get fact keys

Signed-off-by: Corey Osman <corey@logicminds.biz>

Fixes #1047 - settings controller tests fail to set_session_user

Signed-off-by: Paul Kelly <paul.ian.kelly@googlemail.com>

fixes #322 Ability to add custom variables and multiple values resovled
in a dynamic Hierarchally order

This commits introduces the ability to define variables per puppet
class.

additionally, each class can have multiple values, depends on the host
which is requesting that variable....

fixes #100 - Setting is now a ActiveRecord object

This allows users to manage foreman settings via the UI.

the UI is a bit ugly, but works :)

fixes #35 - Allow hostgroup nesting for puppet classes and parameters

Fixes #820 - Intel Solaris support

Signed-off-by: Paul Kelly <paul.ian.kelly@googlemail.com>

fixes #967 - bookmark fails if its name includes a "."

fixes #948 - better support for API config_templates api

• url now uses template name as an id, instead of numerical id's.
• index queries now respect search condtions
• added search to the UI part too.
• fine grained json output

Fixes 867 - Allow update_multiple to clear hostgroup

Also added the facility for clearing the environment to update_multiple_environments

Signed-off-by: Paul Kelly <paul.ian.kelly@googlemail.com>

fixed broken test - refs #836

Fixes #883 - Enable Authorization checking during rake tests

Signed-off-by: Paul Kelly <paul.ian.kelly@googlemail.com>

Feature #882 - add api call to reports page to get the index section

Signed-off-by: Corey Osman <corey@logicminds.biz>
Signed-off-by: Ohad Levy <ohadlevy@gmail.com>

Feature #896 add json response for statistics page

a few test fixtures had to be changed, in order to ensure that
statistics are returned correctly.

Signed-off-by: Corey Osman <corey@logicminds.biz>
Signed-off-by: Ohad Levy <ohadlevy@gmail.com>

added search bookmarks, fixes #836

• adds sub navigations under main menu items, each sub navigation is a bookmark.
• adds visual improvements to main menu

  app/controllers/bookmarks_controller.rb | 74 ++++++++
  app/helpers/application_helper.rb | 2 +-...

refs #815 - converted mulity host selections to a dialog box

• added selected counter
• checkbox are now always shown, disabled or enabled based on users permissions
• cleanups

Fixes #865 - adds support for api to select multiple hosts via name and id

Signed-off-by: Corey Osman <corey@logicminds.biz>
Signed-off-by: Ohad Levy <ohadlevy@gmail.com>

fixes #815 - Redirect to login page when editing multiple hosts

this patch converts the mulitple selections to be pure javascript,
removing the buggy AJAX implementation.

fixes #400 - Puppetca Monitor

fixes #847 - Retrieve last report information per host via the api

this adds two URLS to the API:

/hosts/fqdn/reports/last
/reports/last

both supports JSON output which provides all of the report information.

fixes #827 add support for retrieving classes per host via the api

This allows queries like
/hosts/fqdn/puppetclasses
/puppetclasses/klass/hosts

it also changes the puppetclasses urls to include the class name instead of its ID.

fixes #723 - Hypervisor details page

This also include basic functionality to power on/off guests

Fixes #789 - External node interpolation of puppetmaster

Signed-off-by: Paul Kelly <paul.ian.kelly@googlemail.com>

Fixes #565 - rake puppet:import:puppet_classes misses some changes

Signed-off-by: Paul Kelly <paul.ian.kelly@googlemail.com>

Fixes #609 - Orchestrate puppetca operations

This also includes adding support for a puppet smart-proxy target type
and providing migration support
Updated to provide backward compatability for host and hostgroup objects
Now terminates the build and incorporates other fixes...

Fixes #641 - Allow editing of the host's managed atribute

Signed-off-by: Paul Kelly <paul.ian.kelly@googlemail.com>

Fixes #691 - Implement simple status service

Signed-off-by: Lukas Zapletal <lzap+git@redhat.com>

Fixes #695 - Unattended being false should skip some tests

Signed-off-by: Paul Kelly <paul.ian.kelly@googlemail.com>

Fixes #670 - Adds proper json support for most CRUD operations

Fixes #632 - Adds the ability to generate a PXE menu containig
provisioning template and hostgroup combinations on smart proxies