Revision 4e1a67a2
Added by Marek Hulán about 4 years ago
app/models/domain.rb | ||
---|---|---|
}
|
||
|
||
class Jail < Safemode::Jail
|
||
allow :name, :fullname
|
||
allow :id, :name, :fullname
|
||
end
|
||
|
||
# return the primary name server for our domain based on DNS lookup
|
app/models/hostgroup.rb | ||
---|---|---|
}
|
||
|
||
class Jail < Safemode::Jail
|
||
allow :name, :diskLayout, :puppetmaster, :operatingsystem, :architecture,
|
||
allow :id, :name, :diskLayout, :puppetmaster, :operatingsystem, :architecture,
|
||
:environment, :ptable, :url_for_boot, :params, :puppetproxy,
|
||
:puppet_ca_server, :indent, :os, :arch, :domain, :subnet,
|
||
:subnet6, :realm, :root_pass, :description, :pxe_loader, :title
|
app/models/nic/base.rb | ||
---|---|---|
serialize :compute_attributes, Hash
|
||
|
||
class Jail < ::Safemode::Jail
|
||
allow :managed?, :subnet, :subnet6, :virtual?, :physical?, :mac, :ip, :ip6, :identifier, :attached_to,
|
||
allow :id, :managed?, :subnet, :subnet6, :virtual?, :physical?, :mac, :ip, :ip6, :identifier, :attached_to,
|
||
:link, :tag, :domain, :vlanid, :mtu, :bond_options, :attached_devices, :mode,
|
||
:attached_devices_identifiers, :primary, :provision, :alias?, :inheriting_mac,
|
||
:children_mac_addresses, :nic_delay, :fqdn, :shortname
|
app/models/operatingsystem.rb | ||
---|---|---|
graphql_type '::Types::Operatingsystem'
|
||
|
||
class Jail < Safemode::Jail
|
||
allow :name, :media_url, :major, :minor, :family, :to_s, :==, :release, :release_name, :kernel, :initrd, :pxe_type, :boot_files_uri, :password_hash, :mediumpath
|
||
allow :id, :name, :media_url, :major, :minor, :family, :to_s, :==, :release, :release_name, :kernel, :initrd, :pxe_type, :boot_files_uri, :password_hash, :mediumpath
|
||
end
|
||
|
||
def self.title_name
|
app/models/realm.rb | ||
---|---|---|
}
|
||
|
||
class Jail < ::Safemode::Jail
|
||
allow :name, :realm_type
|
||
allow :id, :name, :realm_type
|
||
end
|
||
end
|
app/models/smart_proxy.rb | ||
---|---|---|
end
|
||
|
||
class Jail < ::Safemode::Jail
|
||
allow :name
|
||
allow :id, :name
|
||
end
|
||
end
|
app/models/ssh_key.rb | ||
---|---|---|
delegate :login, to: :user, prefix: true
|
||
|
||
class Jail < ::Safemode::Jail
|
||
allow :name, :user, :key, :to_export, :fingerprint, :length, :ssh_key, :type, :comment
|
||
allow :id, :name, :user, :key, :to_export, :fingerprint, :length, :ssh_key, :type, :comment
|
||
end
|
||
|
||
def to_export
|
app/models/subnet.rb | ||
---|---|---|
delegate :supports_ipam_mode?, :supported_ipam_modes, :show_mask?, to: 'self.class'
|
||
|
||
class Jail < ::Safemode::Jail
|
||
allow :name, :network, :mask, :cidr, :title, :to_label, :gateway, :dns_primary, :dns_secondary, :dns_servers,
|
||
allow :id, :name, :network, :mask, :cidr, :title, :to_label, :gateway, :dns_primary, :dns_secondary, :dns_servers,
|
||
:vlanid, :mtu, :nic_delay, :boot_mode, :dhcp?, :nil?, :has_vlanid?, :dhcp_boot_mode?, :description, :present?
|
||
end
|
||
|
app/models/taxonomies/location.rb | ||
---|---|---|
user.admin? ? all : where(id: user.location_and_child_ids)
|
||
}
|
||
|
||
class Jail < ::Safemode::Jail
|
||
allow :id, :name, :title, :created_at, :updated_at, :description
|
||
end
|
||
|
||
def dup
|
||
new = super
|
||
new.organizations = organizations
|
app/models/taxonomies/organization.rb | ||
---|---|---|
user.admin? ? all : where(id: user.organization_and_child_ids)
|
||
}
|
||
|
||
class Jail < ::Safemode::Jail
|
||
allow :id, :name, :title, :created_at, :updated_at, :description
|
||
end
|
||
|
||
def dup
|
||
new = super
|
||
new.locations = locations
|
app/models/template.rb | ||
---|---|---|
attr_exportable :name, :description, :snippet, :template_inputs, :model => ->(template) { template.class.to_s }
|
||
|
||
class Jail < Safemode::Jail
|
||
allow :name
|
||
allow :id, :name
|
||
end
|
||
|
||
def skip_strip_attrs
|
app/models/token.rb | ||
---|---|---|
validates :value, :host_id, :presence => true
|
||
|
||
class Jail < ::Safemode::Jail
|
||
allow :host, :value, :expires, :nil?, :present?
|
||
allow :id, :host, :value, :expires, :nil?, :present?
|
||
end
|
||
|
||
def to_s
|
app/models/user.rb | ||
---|---|---|
end
|
||
|
||
class Jail < ::Safemode::Jail
|
||
allow :login, :ssh_keys, :ssh_authorized_keys, :description, :firstname, :lastname, :mail, :last_login_on
|
||
allow :id, :login, :ssh_keys, :ssh_authorized_keys, :description, :firstname, :lastname, :mail, :last_login_on
|
||
end
|
||
|
||
# we need to allow self-editing and self-updating
|
app/models/usergroup.rb | ||
---|---|---|
accepts_nested_attributes_for :external_usergroups, :reject_if => ->(a) { a[:name].blank? }, :allow_destroy => true
|
||
|
||
class Jail < ::Safemode::Jail
|
||
allow :ssh_keys, :all_users, :ssh_authorized_keys
|
||
allow :id, :ssh_keys, :all_users, :ssh_authorized_keys
|
||
end
|
||
|
||
# This methods retrieves all user addresses in a usergroup
|
lib/foreman/renderer/configuration.rb | ||
---|---|---|
:update_ip_from_built_request,
|
||
]
|
||
|
||
DEFAULT_ALLOWED_LOADERS = Foreman::Renderer::Scope::Macros::Loaders::LOADERS.map(&:first)
|
||
|
||
def initialize
|
||
@allowed_variables = DEFAULT_ALLOWED_VARIABLES
|
||
@allowed_global_settings = DEFAULT_ALLOWED_GLOBAL_SETTINGS
|
||
@allowed_generic_helpers = DEFAULT_ALLOWED_GENERIC_HELPERS
|
||
@allowed_host_helpers = DEFAULT_ALLOWED_HOST_HELPERS
|
||
@allowed_loaders = DEFAULT_ALLOWED_LOADERS
|
||
end
|
||
|
||
attr_accessor :allowed_variables, :allowed_global_settings,
|
||
:allowed_generic_helpers, :allowed_host_helpers
|
||
:allowed_generic_helpers, :allowed_host_helpers, :allowed_loaders
|
||
|
||
def allowed_helpers
|
||
allowed_generic_helpers + allowed_host_helpers
|
||
allowed_generic_helpers + allowed_host_helpers + allowed_loaders
|
||
end
|
||
end
|
||
end
|
lib/foreman/renderer/scope/base.rb | ||
---|---|---|
class Base
|
||
include Foreman::Renderer::Scope::Variables
|
||
include Foreman::Renderer::Scope::Macros::Base
|
||
include Foreman::Renderer::Scope::Macros::Loaders
|
||
include Foreman::Renderer::Scope::Macros::TemplateLogging
|
||
include Foreman::Renderer::Scope::Macros::SnippetRendering
|
||
|
lib/foreman/renderer/scope/macros/base.rb | ||
---|---|---|
:host => host, :port => port)
|
||
end
|
||
|
||
def load_hosts(search: '', includes: nil, preload: nil)
|
||
load_resource(klass: Host, search: search, permission: 'view_hosts', includes: includes, preload: preload)
|
||
end
|
||
|
||
def all_host_statuses
|
||
@all_host_statuses ||= HostStatus.status_registry.to_a.sort_by(&:status_name)
|
||
end
|
||
... | ... | |
host.get_status(klass)
|
||
end
|
||
|
||
def load_users(search: '', includes: nil, preload: nil)
|
||
load_resource(klass: User, search: search, permission: :view_users, includes: includes, preload: preload)
|
||
end
|
||
|
||
def user_auth_source_name(user)
|
||
user.auth_source&.name
|
||
end
|
||
... | ... | |
def validate_subnet(subnet)
|
||
raise WrongSubnetError.new(object_name: subnet.to_s, object_class: subnet.class.to_s) unless subnet.is_a?(Subnet)
|
||
end
|
||
|
||
# returns a batched relation, use either
|
||
# .each { |batch| batch.each { |record| record.name }}
|
||
# or
|
||
# .each_record { |record| record.name }
|
||
def load_resource(klass:, search:, permission:, batch: 1_000, includes: nil, limit: nil, select: nil, joins: nil, where: nil, preload: nil)
|
||
limit ||= 10 if preview?
|
||
|
||
base = klass
|
||
base = base.search_for(search)
|
||
base = base.preload(preload) unless preload.nil?
|
||
base = base.includes(includes) unless includes.nil?
|
||
base = base.joins(joins) unless joins.nil?
|
||
base = base.authorized(permission) unless permission.nil?
|
||
base = base.limit(limit) unless limit.nil?
|
||
base = base.where(where) unless where.nil?
|
||
base = base.select(select) unless select.nil?
|
||
base.in_batches(of: batch)
|
||
end
|
||
end
|
||
end
|
||
end
|
lib/foreman/renderer/scope/macros/loaders.rb | ||
---|---|---|
module Foreman
|
||
module Renderer
|
||
module Scope
|
||
module Macros
|
||
module Loaders
|
||
include Foreman::Renderer::Errors
|
||
|
||
LOADERS = [
|
||
[ :load_organizations, Organization, :view_organizations ],
|
||
[ :load_locations, Location, :view_locations ],
|
||
[ :load_hosts, Host, :view_hosts ],
|
||
[ :load_operating_systems, Operatingsystem, :view_operatingsystems ],
|
||
[ :load_subnets, Subnet, :view_subnets ],
|
||
[ :load_smart_proxies, SmartProxy, :view_smart_proxies ],
|
||
[ :load_user_groups, Usergroup, :view_usergroups ],
|
||
[ :load_host_groups, Hostgroup, :view_hostgroups ],
|
||
[ :load_domains, Domain, :view_domains ],
|
||
[ :load_realms, Realm, :view_realms ],
|
||
[ :load_users, User, :view_users ],
|
||
]
|
||
|
||
LOADERS.each do |name, model, permission|
|
||
define_method name do |search: '', includes: nil, preload: nil, joins: nil, select: nil, batch: 1_000, limit: nil|
|
||
load_resource(klass: model, search: search, permission: permission, includes: includes, preload: preload, joins: joins, select: select, batch: batch, limit: limit)
|
||
end
|
||
end
|
||
|
||
private
|
||
|
||
# returns a batched relation, use either
|
||
# .each { |batch| batch.each { |record| record.name }}
|
||
# or
|
||
# .each_record { |record| record.name }
|
||
def load_resource(klass:, search:, permission:, batch: 1_000, includes: nil, limit: nil, select: nil, joins: nil, where: nil, preload: nil)
|
||
limit ||= 10 if preview?
|
||
|
||
base = klass
|
||
base = base.search_for(search)
|
||
base = base.preload(preload) unless preload.nil?
|
||
base = base.includes(includes) unless includes.nil?
|
||
base = base.joins(joins) unless joins.nil?
|
||
base = base.authorized(permission) unless permission.nil?
|
||
base = base.limit(limit) unless limit.nil?
|
||
base = base.where(where) unless where.nil?
|
||
base = base.select(select) unless select.nil?
|
||
base.in_batches(of: batch)
|
||
end
|
||
end
|
||
end
|
||
end
|
||
end
|
||
end
|
Also available in: Unified diff
Fixes #28769 - add more loader macros
There are multiple objects that has Jail defined but can't be loaded in
a sane way. This patch adds load_* macros for all such objects. It also
extracts loaders from base macros to separate file. Load macros are
defined dynamically to avoid repetition of definition and to unify
capabilities of all such macros.