/ - Diff - Foreman

« Previous | Next »

Revision 1a6e0963

Fixes #5689 - Plugin permissions are migrated too

         end
         class Permission
           attr_reader :name, :actions, :security_block
           attr_reader :name, :actions, :security_block, :resource_type, :engine
           def initialize(name, hash, options)
             @name = name
-...
             @public = options[:public] || false
             @require = options[:require]
             @security_block = options[:security_block]
             @resource_type = options[:resource_type]
             @engine = options[:engine]
             hash.each do |controller, actions|
               if actions.is_a? Array
                 @actions << actions.collect {|action| "#{controller}/#{action}"}

         #   class to which this permissions is related, rest of options is passed
         #   to AccessControl
         def permission(name, hash, options={})
           resource_type = options.delete(:resource_type)
           Permission.first rescue return false
           Permission.find_or_create_by_name_and_resource_type(name, resource_type)
           return false if pending_migrations
           options[:engine] ||= self.id.to_s
           Permission.find_or_create_by_name_and_resource_type(name, options[:resource_type])
           options.merge!(:security_block => @security_block)
           Foreman::AccessControl.map do |map|
             map.permission name, hash, options
-...
         # Add a new role if it doesn't exist
         def role(name, permissions)
           Permission.first rescue return false
           return false if pending_migrations
           Role.transaction do
             role = Role.find_or_create_by_name(name)
             role.add_permissions!(permissions) if role.permissions.empty?
           end
         end
         def pending_migrations
           migrations = ActiveRecord::Migrator.new(:up, ActiveRecord::Migrator.migrations_paths).pending_migrations
           migrations.size > 0
         end
         # List of helper methods allowed for templates in safe mode
         def allowed_template_helpers(*helpers)
           Foreman::Renderer::ALLOWED_HELPERS.concat(helpers)

     class MigratePermissions < ActiveRecord::Migration
       def self.up
         if old_permissions_present
           make_sure_all_permissions_are_present
           migrate_roles
           migrate_user_filters
-...
         end
       end
       # STEP 0 - add missing permissions to DB
       # some engines could have defined new permissions during their initialization
       # but permissions table hadn't existed yet so we check all registered
       # permissions and create those that are missing in database
       def self.make_sure_all_permissions_are_present
         engine_permissions = Foreman::AccessControl.permissions.select { |p| p.engine.present? }
         engine_permissions.each do |permission|
           FakePermission.find_or_create_by_name_and_resource_type(permission.name, permission.resource_type)
         end
       end
       # STEP 1 - migrate roles
       # for all role permissions we'll create unlimited filters
       # we'll group permissions into filters by their resource

Also available in: Unified diff