Revision 399bb10b
Added by Marek Hulán almost 8 years ago
| app/controllers/concerns/foreman/controller/taxonomies_controller.rb | ||
|---|---|---|
|
|
||
|
def nest
|
||
|
@taxonomy = taxonomy_class.new
|
||
|
@taxonomy.parent_id = params[:id].to_i
|
||
|
@taxonomy.parent_id = params[:id].to_i if resource_scope.find_by_id(params[:id])
|
||
|
render 'taxonomies/new'
|
||
|
end
|
||
|
|
||
| ... | ... | |
|
not_found and return if params[:id].blank?
|
||
|
case controller_name
|
||
|
when 'organizations'
|
||
|
@taxonomy = @organization = Organization.find(params[:id])
|
||
|
@taxonomy = @organization = resource_scope.find(params[:id])
|
||
|
when 'locations'
|
||
|
@taxonomy = @location = Location.find(params[:id])
|
||
|
@taxonomy = @location = resource_scope.find(params[:id])
|
||
|
end
|
||
|
end
|
||
|
|
||
|
def resource_scope
|
||
|
taxonomy_class.send("my_#{taxonomies_plural}")
|
||
|
end
|
||
|
|
||
|
def count_nil_hosts
|
||
|
return @count_nil_hosts if @count_nil_hosts
|
||
|
@count_nil_hosts = hosts_scope_without_taxonomy.count
|
||
Also available in: Unified diff
Fixes #15268 - limit user taxonomies using my scopes
Fixes CVE-2016-4475
(cherry picked from commit a30ab44ed6f140f1791afc51a1e448afc2ff28f9)