foreman/app/registries/foreman/access_permissions.rb @ 9d43fc71
40fffe69 | Dominic Cleal | require_dependency 'foreman/access_control'
|
|
9fd7478e | Paul Kelly | ||
# Permissions
|
|||
bfcc8168 | Daniel Lobato | Foreman::AccessControl.map do |permission_set|
|
|
permission_set.security_block :public do |map|
|
|||
acfbc458 | Marek Hulan | map.permission :user_logout, { :users => [:logout] }, :public => true
|
|
363cab56 | Ohad Levy | map.permission :my_account, { :users => [:edit],
|
|
59cdda31 | Gilad Lekner | :notification_recipients => [:index, :update, :destroy, :update_group_as_read, :destroy_group ] }, :public => true
|
|
d4449f45 | Tomer Brisker | map.permission :api_status, { :"api/v2/home" => [:status]}, :public => true
|
|
3d81c7df | aagrawal | map.permission :about_index, { :about => [:index] }, :public => true
|
|
acfbc458 | Marek Hulan | end
|
|
bfcc8168 | Daniel Lobato | permission_set.security_block :architectures do |map|
|
|
63efbbf5 | Petr Chalupa (Pitr) | map.permission :view_architectures,
|
|
1873eb7e | dhlavac | :architectures => [:index, :show, :auto_complete_search, :welcome],
|
|
dc38aad3 | Joseph Magen | :"api/v2/architectures" => [:index, :show]
|
|
63efbbf5 | Petr Chalupa (Pitr) | map.permission :create_architectures,
|
|
dc38aad3 | Joseph Magen | :architectures => [:new, :create],
|
|
453dc693 | Joseph Magen | :"api/v2/architectures" => [:create]
|
|
63efbbf5 | Petr Chalupa (Pitr) | map.permission :edit_architectures,
|
|
dc38aad3 | Joseph Magen | :architectures => [:edit, :update],
|
|
453dc693 | Joseph Magen | :"api/v2/architectures" => [:update]
|
|
63efbbf5 | Petr Chalupa (Pitr) | map.permission :destroy_architectures,
|
|
dc38aad3 | Joseph Magen | :architectures => [:destroy],
|
|
:"api/v2/architectures" => [:destroy]
|
|||
9fd7478e | Paul Kelly | end
|
|
bfcc8168 | Daniel Lobato | permission_set.security_block :authentication_providers do |map|
|
|
cb71e86a | amirfefer | ajax_actions = [:test_connection]
|
|
f4459c11 | David Davis | map.permission :view_authenticators, {:auth_source_ldaps => [:index, :show],
|
|
67b925e9 | Dominik Hlavac | :"api/v2/auth_source_ldaps" => [:index, :show],
|
|
:"api/v2/auth_sources" => [:index, :show],
|
|||
:"api/v2/auth_source_internals" => [:index, :show],
|
|||
:"api/v2/auth_source_externals" => [:index, :show]
|
|||
e00b6ef0 | Joseph Mitchell Magen | }
|
|
f4459c11 | David Davis | map.permission :create_authenticators, {:auth_source_ldaps => [:new, :create].push(*ajax_actions),
|
|
e00b6ef0 | Joseph Mitchell Magen | :"api/v2/auth_source_ldaps" => [:create]
|
|
}
|
|||
f4459c11 | David Davis | map.permission :edit_authenticators, {:auth_source_ldaps => [:edit, :update].push(*ajax_actions),
|
|
67b925e9 | Dominik Hlavac | :"api/v2/auth_source_ldaps" => [:update, :test],
|
|
:"api/v2/auth_source_externals" => [:update]
|
|||
e00b6ef0 | Joseph Mitchell Magen | }
|
|
map.permission :destroy_authenticators, {:auth_source_ldaps => [:destroy],
|
|||
:"api/v2/auth_source_ldaps" => [:destroy]
|
|||
}
|
|||
9fd7478e | Paul Kelly | end
|
|
bfcc8168 | Daniel Lobato | permission_set.security_block :bookmarks do |map|
|
|
63efbbf5 | Petr Chalupa (Pitr) | map.permission :view_bookmarks,
|
|
2b24dd66 | Shlomi Zadok | :bookmarks => [:index, :show, :auto_complete_search],
|
|
dc38aad3 | Joseph Magen | :"api/v2/bookmarks" => [:index, :show]
|
|
63efbbf5 | Petr Chalupa (Pitr) | map.permission :create_bookmarks,
|
|
dc38aad3 | Joseph Magen | :bookmarks => [:new, :create],
|
|
:"api/v2/bookmarks" => [:new, :create]
|
|||
63efbbf5 | Petr Chalupa (Pitr) | map.permission :edit_bookmarks,
|
|
dc38aad3 | Joseph Magen | :bookmarks => [:edit, :update],
|
|
:"api/v2/bookmarks" => [:edit, :update]
|
|||
63efbbf5 | Petr Chalupa (Pitr) | map.permission :destroy_bookmarks,
|
|
dc38aad3 | Joseph Magen | :bookmarks => [:destroy],
|
|
:"api/v2/bookmarks" => [:destroy]
|
|||
ad3d61b7 | Paul Kelly | end
|
|
bfcc8168 | Daniel Lobato | permission_set.security_block :compute_profiles do |map|
|
|
7cb41918 | Daniel Lobato | map.permission :view_compute_profiles, { :compute_profiles => [:index, :show, :auto_complete_search],
|
|
:"api/v2/compute_profiles" => [:index, :show] }
|
|||
map.permission :create_compute_profiles, { :compute_profiles => [:new, :create],
|
|||
:"api/v2/compute_profiles" => [:create] }
|
|||
map.permission :edit_compute_profiles, { :compute_profiles => [:edit, :update],
|
|||
:"api/v2/compute_profiles" => [:update] }
|
|||
map.permission :destroy_compute_profiles, { :compute_profiles => [:destroy],
|
|||
:"api/v2/compute_profiles" => [:destroy] }
|
|||
end
|
|||
bfcc8168 | Daniel Lobato | permission_set.security_block :compute_resources do |map|
|
|
66b40d57 | Dominic Cleal | ajax_actions = [:test_connection]
|
|
9caab04b | Timo Goebel | map.permission :view_compute_resources, {:compute_resources => [:index, :show, :auto_complete_search, :ping, :available_images, :refresh_cache],
|
|
fe1a2733 | Greg Petras | :"api/v2/compute_resources" => [:index, :show, :available_images, :available_clusters, :available_folders,
|
|
e669d488 | Alves Lobo Michael | :available_flavors, :available_networks, :available_resource_pools,
|
|
d46cc693 | Timo Goebel | :available_security_groups, :available_storage_domains, :available_zones,
|
|
9caab04b | Timo Goebel | :available_storage_pods, :refresh_cache]
|
|
e00b6ef0 | Joseph Mitchell Magen | }
|
|
f4459c11 | David Davis | map.permission :create_compute_resources, {:compute_resources => [:new, :create].push(*ajax_actions),
|
|
e00b6ef0 | Joseph Mitchell Magen | :"api/v2/compute_resources" => [:create]
|
|
}
|
|||
f4459c11 | David Davis | map.permission :edit_compute_resources, {:compute_resources => [:edit, :update].push(*ajax_actions),
|
|
10ac97b0 | Joseph Magen | :compute_attributes => [:new, :create, :edit, :update],
|
|
:"api/v2/compute_resources" => [:update],
|
|||
:"api/v2/compute_attributes" => [:create, :update]
|
|||
e00b6ef0 | Joseph Mitchell Magen | }
|
|
map.permission :destroy_compute_resources, {:compute_resources => [:destroy],
|
|||
:"api/v2/compute_resources" => [:destroy]
|
|||
}
|
|||
e170c321 | Olivier Favre | end
|
|
bfcc8168 | Daniel Lobato | permission_set.security_block :compute_resources_vms do |map|
|
|
e170c321 | Olivier Favre | map.permission :view_compute_resources_vms, {:compute_resources_vms => [:index, :show]}
|
|
66b40d57 | Dominic Cleal | map.permission :create_compute_resources_vms, {:compute_resources_vms => [:new, :create]}
|
|
map.permission :edit_compute_resources_vms, {:compute_resources_vms => [:edit, :update]}
|
|||
e170c321 | Olivier Favre | map.permission :destroy_compute_resources_vms, {:compute_resources_vms => [:destroy]}
|
|
a6ce3c99 | Daniel Lobato | map.permission :power_compute_resources_vms, {:compute_resources_vms => [:power, :pause]}
|
|
66b40d57 | Dominic Cleal | map.permission :console_compute_resources_vms, {:compute_resources_vms => [:console]}
|
|
e170c321 | Olivier Favre | end
|
|
510d53cd | Marek Hulan | permission_set.security_block :provisioning_templates do |map|
|
|
404ead2a | Marek Hulan | map.permission :view_provisioning_templates, {:provisioning_templates => [:index, :show, :revision, :auto_complete_search, :preview, :export],
|
|
e00b6ef0 | Joseph Mitchell Magen | :"api/v2/config_templates" => [:index, :show, :revision],
|
|
404ead2a | Marek Hulan | :"api/v2/provisioning_templates" => [:index, :show, :revision, :export],
|
|
e00b6ef0 | Joseph Mitchell Magen | :"api/v2/template_combinations" => [:index, :show],
|
|
dc38aad3 | Joseph Magen | :"api/v2/template_kinds" => [:index]
|
|
e00b6ef0 | Joseph Mitchell Magen | }
|
|
510d53cd | Marek Hulan | map.permission :create_provisioning_templates, {:provisioning_templates => [:new, :create, :clone_template],
|
|
fa941058 | Shlomi Zadok | :"api/v2/config_templates" => [:create, :clone],
|
|
ca51c513 | Marek Hulan | :"api/v2/provisioning_templates" => [:create, :clone, :import],
|
|
e00b6ef0 | Joseph Mitchell Magen | :"api/v2/template_combinations" => [:create]
|
|
}
|
|||
510d53cd | Marek Hulan | map.permission :edit_provisioning_templates, {:provisioning_templates => [:edit, :update],
|
|
e00b6ef0 | Joseph Mitchell Magen | :"api/v2/config_templates" => [:update],
|
|
ca51c513 | Marek Hulan | :"api/v2/provisioning_templates" => [:update, :import],
|
|
e00b6ef0 | Joseph Mitchell Magen | :"api/v2/template_combinations" => [:update]
|
|
}
|
|||
510d53cd | Marek Hulan | map.permission :destroy_provisioning_templates, {:provisioning_templates => [:destroy],
|
|
e00b6ef0 | Joseph Mitchell Magen | :"api/v2/config_templates" => [:destroy],
|
|
510d53cd | Marek Hulan | :"api/v2/provisioning_templates" => [:destroy],
|
|
e00b6ef0 | Joseph Mitchell Magen | :"api/v2/template_combinations" => [:destroy]
|
|
}
|
|||
510d53cd | Marek Hulan | map.permission :deploy_provisioning_templates, {:provisioning_templates => [:build_pxe_default],
|
|
:"api/v2/config_templates" => [:build_pxe_default],
|
|||
:"api/v2/provisioning_templates" => [:build_pxe_default]
|
|||
e00b6ef0 | Joseph Mitchell Magen | }
|
|
4a28771d | Stephen Benjamin | ||
510d53cd | Marek Hulan | map.permission :lock_provisioning_templates, {:provisioning_templates => [:lock, :unlock],
|
|
:"api/v2/config_templates" => [:lock, :unlock],
|
|||
:"api/v2/provisioning_templates" => [:lock, :unlock]
|
|||
4a28771d | Stephen Benjamin | }
|
|
ad3d61b7 | Paul Kelly | end
|
|
e6b0f4fa | Justin Sherrill | permission_set.security_block :http_proxies do |map|
|
|
map.permission :view_http_proxies, {:http_proxies => [:index, :show, :auto_complete_search],
|
|||
:"api/v2/http_proxies" => [:index, :show]
|
|||
}
|
|||
map.permission :create_http_proxies, {:http_proxies => [:new, :create, :test_connection],
|
|||
:"api/v2/http_proxies" => [:create]
|
|||
}
|
|||
map.permission :edit_http_proxies, {:http_proxies => [:edit, :update, :test_connection],
|
|||
:"api/v2/http_proxies" => [:update]
|
|||
}
|
|||
map.permission :destroy_http_proxies, {:http_proxies => [:destroy],
|
|||
:"api/v2/http_proxies" => [:destroy]
|
|||
}
|
|||
end
|
|||
bfcc8168 | Daniel Lobato | permission_set.security_block :realms do |map|
|
|
f4459c11 | David Davis | map.permission :view_realms, {:realms => [:index, :show, :auto_complete_search],
|
|
77f70152 | Stephen Benjamin | :"api/v2/realms" => [:index, :show]
|
|
}
|
|||
f4459c11 | David Davis | map.permission :create_realms, {:realms => [:new, :create],
|
|
77f70152 | Stephen Benjamin | :"api/v2/realms" => [:create]
|
|
}
|
|||
f4459c11 | David Davis | map.permission :edit_realms, {:realms => [:edit, :update],
|
|
77f70152 | Stephen Benjamin | :"api/v2/realms" => [:update]
|
|
}
|
|||
f4459c11 | David Davis | map.permission :destroy_realms, {:realms => [:destroy],
|
|
77f70152 | Stephen Benjamin | :"api/v2/realms" => [:destroy]
|
|
}
|
|||
end
|
|||
bfcc8168 | Daniel Lobato | permission_set.security_block :domains do |map|
|
|
1873eb7e | dhlavac | map.permission :view_domains, {:domains => [:index, :show, :auto_complete_search, :welcome],
|
|
c7f55be1 | Ori Rabin | :"api/v2/domains" => [:index, :show]
|
|
e00b6ef0 | Joseph Mitchell Magen | }
|
|
f4459c11 | David Davis | map.permission :create_domains, {:domains => [:new, :create],
|
|
e00b6ef0 | Joseph Mitchell Magen | :"api/v2/domains" => [:create]
|
|
}
|
|||
f4459c11 | David Davis | map.permission :edit_domains, {:domains => [:edit, :update],
|
|
c7f55be1 | Ori Rabin | :"api/v2/domains" => [:update]
|
|
e00b6ef0 | Joseph Mitchell Magen | }
|
|
f4459c11 | David Davis | map.permission :destroy_domains, {:domains => [:destroy],
|
|
e00b6ef0 | Joseph Mitchell Magen | :"api/v2/domains" => [:destroy]
|
|
}
|
|||
ad3d61b7 | Paul Kelly | end
|
|
bfcc8168 | Daniel Lobato | permission_set.security_block :environments do |map|
|
|
1873eb7e | dhlavac | map.permission :view_environments, {:environments => [:index, :show, :auto_complete_search, :welcome],
|
|
e00b6ef0 | Joseph Mitchell Magen | :"api/v2/environments" => [:index, :show]
|
|
}
|
|||
f4459c11 | David Davis | map.permission :create_environments, {:environments => [:new, :create],
|
|
e00b6ef0 | Joseph Mitchell Magen | :"api/v2/environments" => [:create]
|
|
}
|
|||
f4459c11 | David Davis | map.permission :edit_environments, {:environments => [:edit, :update],
|
|
e00b6ef0 | Joseph Mitchell Magen | :"api/v2/environments" => [:update]
|
|
}
|
|||
map.permission :destroy_environments, {:environments => [:destroy],
|
|||
:"api/v2/environments" => [:destroy]
|
|||
}
|
|||
f4459c11 | David Davis | map.permission :import_environments, {:environments => [:import_environments, :obsolete_and_new],
|
|
eef1a369 | Joseph Magen | :"api/v2/environments" => [:import_puppetclasses],
|
|
:"api/v2/smart_proxies" => [:import_puppetclasses]
|
|||
}
|
|||
9fd7478e | Paul Kelly | end
|
|
bfcc8168 | Daniel Lobato | permission_set.security_block :external_variables do |map|
|
|
21bf889a | Joseph Mitchell Magen | map.permission :view_external_variables, {:lookup_keys => [:index, :show, :auto_complete_search],
|
|
6b4b489f | Ori Rabin | :variable_lookup_keys => [:index, :show, :auto_complete_search],
|
|
21bf889a | Joseph Mitchell Magen | :lookup_values => [:index],
|
|
:"api/v2/smart_variables" => [:index, :show],
|
|||
:"api/v2/override_values" => [:index, :show]}
|
|||
66b40d57 | Dominic Cleal | map.permission :create_external_variables, {:lookup_keys => [:new, :create],
|
|
6b4b489f | Ori Rabin | :variable_lookup_keys => [:new, :create],
|
|
21bf889a | Joseph Mitchell Magen | :lookup_values => [:create],
|
|
:"api/v2/smart_variables" => [:create],
|
|||
:"api/v2/override_values" => [:create]}
|
|||
66b40d57 | Dominic Cleal | map.permission :edit_external_variables, {:lookup_keys => [:edit, :update],
|
|
6b4b489f | Ori Rabin | :variable_lookup_keys => [:edit, :update],
|
|
21bf889a | Joseph Mitchell Magen | :lookup_values => [:create, :update, :destroy],
|
|
:"api/v2/smart_variables" => [:update],
|
|||
:"api/v2/override_values" => [:create, :update, :destroy]}
|
|||
66b40d57 | Dominic Cleal | map.permission :destroy_external_variables, {:lookup_keys => [:destroy],
|
|
6b4b489f | Ori Rabin | :variable_lookup_keys => [:destroy],
|
|
21bf889a | Joseph Mitchell Magen | :lookup_values => [:destroy],
|
|
:"api/v2/smart_variables" => [:destroy],
|
|||
3fe2ea3d | Ori Rabin | :"api/v2/override_values" => [:create, :update, :destroy]}
|
|
map.permission :view_external_parameters, {:lookup_keys => [:index, :show, :auto_complete_search],
|
|||
:puppetclass_lookup_keys => [:index, :show, :auto_complete_search],
|
|||
:lookup_values => [:index],
|
|||
:"api/v2/smart_class_parameters" => [:index, :show],
|
|||
:"api/v2/override_values" => [:index, :show]}
|
|||
map.permission :create_external_parameters, {:lookup_keys => [:new, :create],
|
|||
:puppetclass_lookup_keys => [:new, :create],
|
|||
:lookup_values => [:create],
|
|||
:"api/v2/smart_class_parameters" => [:create],
|
|||
:"api/v2/override_values" => [:create]}
|
|||
map.permission :edit_external_parameters, {:lookup_keys => [:edit, :update],
|
|||
:puppetclass_lookup_keys => [:edit, :update],
|
|||
:lookup_values => [:create, :update, :destroy],
|
|||
:"api/v2/smart_class_parameters" => [:update],
|
|||
:"api/v2/override_values" => [:create, :update, :destroy]}
|
|||
map.permission :destroy_external_parameters, {:lookup_keys => [:destroy],
|
|||
:puppetclass_lookup_keys => [:destroy],
|
|||
:lookup_values => [:destroy],
|
|||
21bf889a | Joseph Mitchell Magen | :"api/v2/smart_class_parameters" => [:destroy],
|
|
:"api/v2/override_values" => [:create, :update, :destroy]}
|
|||
9fd7478e | Paul Kelly | end
|
|
bfcc8168 | Daniel Lobato | permission_set.security_block :filters do |map|
|
|
acfbc458 | Marek Hulan | map.permission :view_filters, {:filters => [:index, :auto_complete_search],
|
|
:'api/v2/filters' => [:index, :show]}
|
|||
map.permission :create_filters, {:filters => [:new, :create],
|
|||
:'api/v2/filters' => [:create]}
|
|||
f619eb4d | Marek Hulan | map.permission :edit_filters, {:filters => [:edit, :update, :disable_overriding], :permissions => [:index],
|
|
14e81700 | Tomas Strachota | :'api/v2/filters' => [:update],
|
|
:'api/v2/permissions' => [:index, :show, :resource_types]}
|
|||
acfbc458 | Marek Hulan | map.permission :destroy_filters, {:filters => [:destroy],
|
|
:'api/v2/filters' => [:destroy]}
|
|||
end
|
|||
bfcc8168 | Daniel Lobato | permission_set.security_block :hostgroups do |map|
|
|
e0d9186e | Dominic Cleal | ajax_actions = [:architecture_selected, :domain_selected, :environment_selected, :medium_selected, :os_selected,
|
|
1873eb7e | dhlavac | :use_image_selected, :process_hostgroup, :puppetclass_parameters, :welcome]
|
|
e0d9186e | Dominic Cleal | host_ajax_actions = [:process_hostgroup]
|
|
pc_ajax_actions = [:parameters]
|
|||
e00b6ef0 | Joseph Mitchell Magen | map.permission :view_hostgroups, {:hostgroups => [:index, :show, :auto_complete_search],
|
|
:"api/v2/hostgroups" => [:index, :show]
|
|||
}
|
|||
e0f4f396 | Joseph Mitchell Magen | map.permission :create_hostgroups, {:hostgroups => [:new, :create, :clone, :nest, :process_hostgroup].push(*ajax_actions),
|
|
e0d9186e | Dominic Cleal | :host => host_ajax_actions,
|
|
e00b6ef0 | Joseph Mitchell Magen | :puppetclasses => pc_ajax_actions,
|
|
:"api/v2/hostgroups" => [:create, :clone]
|
|||
}
|
|||
e0f4f396 | Joseph Mitchell Magen | map.permission :edit_hostgroups, {:hostgroups => [:edit, :update, :architecture_selected, :process_hostgroup].push(*ajax_actions),
|
|
e0d9186e | Dominic Cleal | :host => host_ajax_actions,
|
|
aa2cd9f2 | Joseph Mitchell Magen | :puppetclasses => pc_ajax_actions,
|
|
abd38baa | Trey Dockendorf | :"api/v2/hostgroups" => [:update, :rebuild_config],
|
|
e00b6ef0 | Joseph Mitchell Magen | :"api/v2/hostgroup_classes" => [:index, :create, :destroy]
|
|
}
|
|||
map.permission :destroy_hostgroups, {:hostgroups => [:destroy],
|
|||
:"api/v2/hostgroups" => [:destroy]
|
|||
}
|
|||
9fd7478e | Paul Kelly | end
|
|
bfcc8168 | Daniel Lobato | permission_set.security_block :config_groups do |map|
|
|
1873eb7e | dhlavac | map.permission :view_config_groups, {:config_groups => [:index, :auto_complete_search, :welcome],
|
|
111cde57 | Joseph Magen | :"api/v2/config_groups" => [:index, :show]
|
|
}
|
|||
map.permission :create_config_groups, {:config_groups => [:new, :create],
|
|||
:"api/v2/config_groups" => [:create]
|
|||
}
|
|||
map.permission :edit_config_groups, {:config_groups => [:edit, :update],
|
|||
:"api/v2/config_groups" => [:update]
|
|||
}
|
|||
map.permission :destroy_config_groups, {:config_groups => [:destroy],
|
|||
:"api/v2/config_groups" => [:destroy]
|
|||
}
|
|||
end
|
|||
bfcc8168 | Daniel Lobato | permission_set.security_block :hosts do |map|
|
|
e0d9186e | Dominic Cleal | ajax_actions = [:architecture_selected, :compute_resource_selected, :domain_selected, :environment_selected,
|
|
17622a29 | Daniel Lobato | :hostgroup_or_environment_selected, :medium_selected, :os_selected, :use_image_selected, :process_hostgroup,
|
|
4a811e63 | Dominic Cleal | :process_taxonomy, :current_parameters, :puppetclass_parameters, :template_used, :interfaces, :scheduler_hint_selected,
|
|
:random_name]
|
|||
9034d78e | Baptiste | cr_ajax_actions = [:cluster_selected, :template_selected, :instance_type_selected, :provider_selected, :resource_pools]
|
|
e0d9186e | Dominic Cleal | pc_ajax_actions = [:parameters]
|
|
subnets_ajax_actions = [:freeip]
|
|||
tasks_ajax_actions = [:show]
|
|||
88ed4900 | Amos Benari | map.permission :view_hosts, {:hosts => [:index, :show, :errors, :active, :out_of_sync, :disabled, :pending, :vm,
|
|
1d1e4dab | Ewoud Kohl van Wijngaarden | :externalNodes, :pxe_config, :auto_complete_search, :bmc,
|
|
9ca77d08 | Timo Goebel | :runtime, :resources, :templates, :overview, :nics, :get_power_state, :preview_host_collection],
|
|
66b40d57 | Dominic Cleal | :dashboard => [:OutOfSync, :errors, :active],
|
|
b1997f52 | Dominic Cleal | :unattended => [:host_template, :hostgroup_template],
|
|
45e7f2c7 | Ondřej Pražák | :"api/v2/hosts" => [:index, :show, :status, :get_status, :vm_compute_attributes, :template, :enc],
|
|
c65bdeac | Joseph Magen | :"api/v2/interfaces" => [:index, :show],
|
|
:locations => [:mismatches],
|
|||
:organizations => [:mismatches]
|
|||
e00b6ef0 | Joseph Mitchell Magen | }
|
|
e0d9186e | Dominic Cleal | map.permission :create_hosts, {:hosts => [:new, :create, :clone].push(*ajax_actions),
|
|
637da2f2 | Timo Goebel | :compute_resources_vms => [:import],
|
|
e0d9186e | Dominic Cleal | :compute_resources => cr_ajax_actions,
|
|
:puppetclasses => pc_ajax_actions,
|
|||
e00b6ef0 | Joseph Mitchell Magen | :subnets => subnets_ajax_actions,
|
|
4a811e63 | Dominic Cleal | :interfaces => [:new, :random_name],
|
|
8588f9ac | Daniel Lobato | :"api/v2/hosts" => [:create],
|
|
bb3916d6 | Ohad Levy | :"api/v2/interfaces" => [:create],
|
|
:"api/v2/tasks" => [:index]
|
|||
e00b6ef0 | Joseph Mitchell Magen | }
|
|
66b40d57 | Dominic Cleal | map.permission :edit_hosts, {:hosts => [:edit, :update, :multiple_actions, :reset_multiple, :submit_multiple_enable,
|
|
17622a29 | Daniel Lobato | :select_multiple_hostgroup, :select_multiple_environment, :submit_multiple_disable,
|
|
:multiple_parameters, :multiple_disable, :multiple_enable, :update_multiple_environment,
|
|||
:update_multiple_hostgroup, :update_multiple_parameters, :toggle_manage,
|
|||
:select_multiple_organization, :update_multiple_organization,
|
|||
:disassociate, :multiple_disassociate, :update_multiple_disassociate,
|
|||
a92ee5bc | Timo Goebel | :select_multiple_owner, :update_multiple_owner,
|
|
8ca6c6bb | Timo Goebel | :select_multiple_power_state, :update_multiple_power_state,
|
|
5131edbf | Timo Goebel | :select_multiple_puppet_proxy, :update_multiple_puppet_proxy,
|
|
fbb47ea5 | Timo Goebel | :select_multiple_puppet_ca_proxy, :update_multiple_puppet_ca_proxy,
|
|
4a811e63 | Dominic Cleal | :select_multiple_location, :update_multiple_location].push(*ajax_actions),
|
|
805358df | Jason Montleon | :compute_resources => [:associate].push(cr_ajax_actions),
|
|
:compute_resources_vms => [:associate],
|
|||
e0d9186e | Dominic Cleal | :puppetclasses => pc_ajax_actions,
|
|
aa2cd9f2 | Joseph Mitchell Magen | :subnets => subnets_ajax_actions,
|
|
03510341 | Lukas Zapletal | :interfaces => [:new, :random_name],
|
|
3ccd0ef6 | Jason Montleon | :"api/v2/hosts" => [:update, :disassociate],
|
|
:"api/v2/interfaces" => [:create, :update, :destroy],
|
|||
:"api/v2/compute_resources" => [:associate]
|
|||
e00b6ef0 | Joseph Mitchell Magen | }
|
|
map.permission :destroy_hosts, {:hosts => [:destroy, :multiple_actions, :reset_multiple, :multiple_destroy, :submit_multiple_destroy],
|
|||
8588f9ac | Daniel Lobato | :"api/v2/hosts" => [:destroy],
|
|
:"api/v2/interfaces" => [:destroy]
|
|||
aa2cd9f2 | Joseph Mitchell Magen | }
|
|
2fba6ad7 | Ondrej Prazak | map.permission :build_hosts, {:hosts => [:setBuild, :cancelBuild, :multiple_build, :submit_multiple_build, :review_before_build,
|
|
:rebuild_config, :submit_rebuild_config],
|
|||
bb3916d6 | Ohad Levy | :tasks => tasks_ajax_actions,
|
|
2fba6ad7 | Ondrej Prazak | :"api/v2/tasks" => [:index],
|
|
f4459c11 | David Davis | :"api/v2/hosts" => [:rebuild_config]
|
|
2fba6ad7 | Ondrej Prazak | }
|
|
8588f9ac | Daniel Lobato | map.permission :power_hosts, {:hosts => [:power],
|
|
:"api/v2/hosts" => [:power] }
|
|||
map.permission :console_hosts, {:hosts => [:console] }
|
|||
4090ccb5 | Daniel Lobato Garcia | map.permission :ipmi_boot_hosts, { :hosts => [:ipmi_boot],
|
|
:"api/v2/hosts" => [:boot] }
|
|||
0fda4cf6 | Joseph Mitchell Magen | map.permission :puppetrun_hosts, {:hosts => [:puppetrun, :multiple_puppetrun, :update_multiple_puppetrun],
|
|
8588f9ac | Daniel Lobato | :"api/v2/hosts" => [:puppetrun] }
|
|
9fd7478e | Paul Kelly | end
|
|
bfcc8168 | Daniel Lobato | permission_set.security_block :host_editing do |map|
|
|
9d43fc71 | Michael Moll | map.permission :edit_classes, { :host_editing => [:edit_classes],
|
|
c7f55be1 | Ori Rabin | :"api/v2/host_classes" => [:index, :create, :destroy]
|
|
}
|
|||
map.permission :view_params, { :host_editing => [:view_params],
|
|||
4e6d2262 | Marek Hulan | :parameters => [:index, :auto_complete_search],
|
|
:common_parameters => [:index, :show, :auto_complete_search],
|
|||
:"api/v2/common_parameters" => [:index, :show],
|
|||
c7f55be1 | Ori Rabin | :"api/v2/parameters" => [:index, :show]
|
|
}
|
|||
map.permission :create_params, { :host_editing => [:create_params],
|
|||
4e6d2262 | Marek Hulan | :common_parameters => [:new, :create],
|
|
:"api/v2/common_parameters" => [:create],
|
|||
e00b6ef0 | Joseph Mitchell Magen | :"api/v2/parameters" => [:create]
|
|
c7f55be1 | Ori Rabin | }
|
|
map.permission :edit_params, { :host_editing => [:edit_params],
|
|||
4e6d2262 | Marek Hulan | :common_parameters => [:edit, :update],
|
|
:"api/v2/common_parameters" => [:update],
|
|||
c7f55be1 | Ori Rabin | :"api/v2/parameters" => [:update]
|
|
}
|
|||
map.permission :destroy_params, { :host_editing => [:destroy_params],
|
|||
4e6d2262 | Marek Hulan | :common_parameters => [:destroy],
|
|
:"api/v2/common_parameters" => [:destroy],
|
|||
c7f55be1 | Ori Rabin | :"api/v2/parameters" => [:destroy, :reset]
|
|
}
|
|||
54358a76 | Greg Sutcliffe | end
|
|
bfcc8168 | Daniel Lobato | permission_set.security_block :images do |map|
|
|
f4459c11 | David Davis | map.permission :view_images, {:images => [:index, :show, :auto_complete_search],
|
|
e00b6ef0 | Joseph Mitchell Magen | :"api/v2/images" => [:index, :show]
|
|
}
|
|||
f4459c11 | David Davis | map.permission :create_images, {:images => [:new, :create],
|
|
e00b6ef0 | Joseph Mitchell Magen | :"api/v2/images" => [:create]
|
|
}
|
|||
f4459c11 | David Davis | map.permission :edit_images, {:images => [:edit, :update],
|
|
e00b6ef0 | Joseph Mitchell Magen | :"api/v2/images" => [:update]
|
|
}
|
|||
map.permission :destroy_images, {:images => [:destroy],
|
|||
:"api/v2/images" => [:destroy]
|
|||
}
|
|||
66b40d57 | Dominic Cleal | end
|
|
59e7136a | Shlomi Zadok | permission_set.security_block :key_pairs do |map|
|
|
map.permission :view_keypairs, {:key_pairs => [:index, :show]}
|
|||
map.permission :destroy_keypairs, {:key_pairs => [:destroy, :create]}
|
|||
end
|
|||
611f5bff | Amos Benari | if SETTINGS[:locations_enabled]
|
|
bfcc8168 | Daniel Lobato | permission_set.security_block :locations do |map|
|
|
c65bdeac | Joseph Magen | map.permission :view_locations, {:locations => [:index, :show, :auto_complete_search],
|
|
e00b6ef0 | Joseph Mitchell Magen | :"api/v2/locations" => [:index, :show]
|
|
}
|
|||
1fa008a4 | Joseph Magen | map.permission :create_locations, {:locations => [:new, :create, :clone_taxonomy, :step2, :nest],
|
|
e00b6ef0 | Joseph Mitchell Magen | :"api/v2/locations" => [:create]
|
|
}
|
|||
89a04e1a | Joseph Magen | map.permission :edit_locations, {:locations => [:edit, :update, :import_mismatches, :parent_taxonomy_selected],
|
|
e00b6ef0 | Joseph Mitchell Magen | :"api/v2/locations" => [:update]
|
|
}
|
|||
map.permission :destroy_locations, {:locations => [:destroy],
|
|||
:"api/v2/locations" => [:destroy]
|
|||
}
|
|||
66b40d57 | Dominic Cleal | map.permission :assign_locations, {:locations => [:assign_all_hosts, :assign_hosts, :assign_selected_hosts]}
|
|
611f5bff | Amos Benari | end
|
|
end
|
|||
bfcc8168 | Daniel Lobato | permission_set.security_block :mail_notifications do |map|
|
|
3a36bdf6 | Stephen Benjamin | map.permission :view_mail_notifications, { :mail_notifications => [:index, :auto_complete_search, :show],
|
|
:"api/v2/mail_notifications" => [:index, :show] }
|
|||
end
|
|||
bfcc8168 | Daniel Lobato | permission_set.security_block :media do |map|
|
|
1873eb7e | dhlavac | map.permission :view_media, {:media => [:index, :show, :auto_complete_search, :welcome],
|
|
e00b6ef0 | Joseph Mitchell Magen | :"api/v2/media" => [:index, :show]
|
|
}
|
|||
map.permission :create_media, {:media => [:new, :create],
|
|||
:"api/v2/media" => [:create]
|
|||
}
|
|||
map.permission :edit_media, {:media => [:edit, :update],
|
|||
:"api/v2/media" => [:update]
|
|||
}
|
|||
map.permission :destroy_media, {:media => [:destroy],
|
|||
:"api/v2/media" => [:destroy]
|
|||
}
|
|||
9fd7478e | Paul Kelly | end
|
|
bfcc8168 | Daniel Lobato | permission_set.security_block :models do |map|
|
|
f4459c11 | David Davis | map.permission :view_models, {:models => [:index, :show, :auto_complete_search],
|
|
e00b6ef0 | Joseph Mitchell Magen | :"api/v2/models" => [:index, :show]
|
|
}
|
|||
f4459c11 | David Davis | map.permission :create_models, {:models => [:new, :create],
|
|
e00b6ef0 | Joseph Mitchell Magen | :"api/v2/models" => [:create]
|
|
}
|
|||
f4459c11 | David Davis | map.permission :edit_models, {:models => [:edit, :update],
|
|
e00b6ef0 | Joseph Mitchell Magen | :"api/v2/models" => [:update]
|
|
}
|
|||
map.permission :destroy_models, {:models => [:destroy],
|
|||
:"api/v2/models" => [:destroy]
|
|||
}
|
|||
9fd7478e | Paul Kelly | end
|
|
bfcc8168 | Daniel Lobato | permission_set.security_block :operatingsystems do |map|
|
|
e00b6ef0 | Joseph Mitchell Magen | map.permission :view_operatingsystems, { :operatingsystems => [:index, :show, :bootfiles, :auto_complete_search],
|
|
997bfddb | Joseph Magen | :"api/v2/operatingsystems" => [:index, :show, :bootfiles],
|
|
:"api/v2/os_default_templates" => [:index, :show]
|
|||
e00b6ef0 | Joseph Mitchell Magen | }
|
|
map.permission :create_operatingsystems, {:operatingsystems => [:new, :create],
|
|||
:"api/v2/operatingsystems" => [:create],
|
|||
997bfddb | Joseph Magen | :"api/v2/os_default_templates" => [:create]
|
|
e00b6ef0 | Joseph Mitchell Magen | }
|
|
map.permission :edit_operatingsystems, {:operatingsystems => [:edit, :update],
|
|||
:"api/v2/operatingsystems" => [:update],
|
|||
997bfddb | Joseph Magen | :"api/v2/os_default_templates" => [:create, :update, :destroy]
|
|
e00b6ef0 | Joseph Mitchell Magen | }
|
|
map.permission :destroy_operatingsystems, {:operatingsystems => [:destroy],
|
|||
997bfddb | Joseph Magen | :"api/v2/operatingsystems" => [:destroy],
|
|
:"api/v2/os_default_templates" => [:create]
|
|||
e00b6ef0 | Joseph Mitchell Magen | }
|
|
9fd7478e | Paul Kelly | end
|
|
bfcc8168 | Daniel Lobato | permission_set.security_block :partition_tables do |map|
|
|
404ead2a | Marek Hulan | map.permission :view_ptables, {:ptables => [:index, :show, :auto_complete_search, :revision, :preview, :welcome, :export],
|
|
:"api/v2/ptables" => [:index, :show, :revision, :export]
|
|||
e00b6ef0 | Joseph Mitchell Magen | }
|
|
f4459c11 | David Davis | map.permission :create_ptables, {:ptables => [:new, :create, :clone_template],
|
|
ca51c513 | Marek Hulan | :"api/v2/ptables" => [:create, :clone, :import]
|
|
e00b6ef0 | Joseph Mitchell Magen | }
|
|
f4459c11 | David Davis | map.permission :edit_ptables, {:ptables => [:edit, :update],
|
|
ca51c513 | Marek Hulan | :"api/v2/ptables" => [:update, :import]
|
|
e00b6ef0 | Joseph Mitchell Magen | }
|
|
map.permission :destroy_ptables, {:ptables => [:destroy],
|
|||
:"api/v2/ptables" => [:destroy]
|
|||
}
|
|||
f4459c11 | David Davis | map.permission :lock_ptables, {:ptables => [:lock, :unlock],
|
|
510d53cd | Marek Hulan | :"api/v2/ptables" => [:lock, :unlock]
|
|
}
|
|||
9fd7478e | Paul Kelly | end
|
|
bfcc8168 | Daniel Lobato | permission_set.security_block :puppetclasses do |map|
|
|
e00b6ef0 | Joseph Mitchell Magen | map.permission :view_puppetclasses, {:puppetclasses => [:index, :show, :auto_complete_search],
|
|
:"api/v2/puppetclasses" => [:index, :show],
|
|||
21bf889a | Joseph Mitchell Magen | :"api/v2/smart_variables" => [:index, :show],
|
|
f4459c11 | David Davis | :"api/v2/smart_class_parameters" => [:index, :show]
|
|
e00b6ef0 | Joseph Mitchell Magen | }
|
|
map.permission :create_puppetclasses, {:puppetclasses => [:new, :create],
|
|||
:"api/v2/puppetclasses" => [:create]
|
|||
21bf889a | Joseph Mitchell Magen | }
|
|
61750a4f | karmab | map.permission :edit_puppetclasses, {:puppetclasses => [:edit, :update, :override ],
|
|
e00b6ef0 | Joseph Mitchell Magen | :"api/v2/puppetclasses" => [:update],
|
|
21bf889a | Joseph Mitchell Magen | :"api/v2/smart_variables" => [:create, :update, :destroy],
|
|
:"api/v2/smart_class_parameters" => [:create, :update, :destroy]
|
|||
}
|
|||
e00b6ef0 | Joseph Mitchell Magen | map.permission :destroy_puppetclasses, {:puppetclasses => [:destroy],
|
|
:"api/v2/puppetclasses" => [:destroy]
|
|||
}
|
|||
eef1a369 | Joseph Magen | map.permission :import_puppetclasses, {:puppetclasses => [:import_environments, :obsolete_and_new],
|
|
:"api/v2/environments" => [:import_puppetclasses],
|
|||
:"api/v2/smart_proxies" => [:import_puppetclasses]
|
|||
}
|
|||
9fd7478e | Paul Kelly | end
|
|
bfcc8168 | Daniel Lobato | permission_set.security_block :roles do |map|
|
|
acfbc458 | Marek Hulan | map.permission :view_roles, {:roles => [:index, :auto_complete_search],
|
|
:'api/v2/roles' => [:index, :show]}
|
|||
map.permission :create_roles, {:roles => [:new, :create, :clone],
|
|||
8813aee5 | Ondrej Prazak | :'api/v2/roles' => [:create, :clone]}
|
|
f619eb4d | Marek Hulan | map.permission :edit_roles, {:roles => [:edit, :update, :disable_filters_overriding],
|
|
acfbc458 | Marek Hulan | :'api/v2/roles' => [:update]}
|
|
map.permission :destroy_roles, {:roles => [:destroy],
|
|||
:'api/v2/roles' => [:destroy]}
|
|||
end
|
|||
bfcc8168 | Daniel Lobato | permission_set.security_block :smart_proxies do |map|
|
|
7cdaddab | Shlomi Zadok | map.permission :view_smart_proxies, {:smart_proxies => [:index, :ping, :auto_complete_search, :version,
|
|
2ac8d7ba | Tomer Brisker | :show, :plugin_version, :tftp_server, :puppet_environments,
|
|
33d9f9ee | Lukas Zapletal | :puppet_dashboard, :log_pane, :failed_modules, :errors_card,
|
|
:modules_card],
|
|||
:"api/v2/smart_proxies" => [:index, :show, :version, :logs]
|
|||
e00b6ef0 | Joseph Mitchell Magen | }
|
|
f4459c11 | David Davis | map.permission :create_smart_proxies, {:smart_proxies => [:new, :create],
|
|
e00b6ef0 | Joseph Mitchell Magen | :"api/v2/smart_proxies" => [:create]
|
|
}
|
|||
f4459c11 | David Davis | map.permission :edit_smart_proxies, {:smart_proxies => [:edit, :update, :refresh, :expire_logs],
|
|
c3d8dd61 | Dominic Cleal | :"api/v2/smart_proxies" => [:update, :refresh]
|
|
e00b6ef0 | Joseph Mitchell Magen | }
|
|
map.permission :destroy_smart_proxies, {:smart_proxies => [:destroy],
|
|||
:"api/v2/smart_proxies" => [:destroy]
|
|||
}
|
|||
ad3d61b7 | Paul Kelly | end
|
|
bfcc8168 | Daniel Lobato | permission_set.security_block :smart_proxies_autosign do |map|
|
|
2ac8d7ba | Tomer Brisker | map.permission :view_smart_proxies_autosign, {:autosign => [:index, :show, :counts],
|
|
9f16bd9e | Joseph Magen | :"api/v2/autosign" => [:index]
|
|
}
|
|||
0b22ca40 | Ondřej Pražák | map.permission :create_smart_proxies_autosign, {:autosign => [:new, :create],
|
|
:"api/v2/autosign" => [:create]}
|
|||
map.permission :destroy_smart_proxies_autosign, {:autosign => [:destroy],
|
|||
:"api/v2/autosign" => [:destroy]}
|
|||
ad3d61b7 | Paul Kelly | end
|
|
bfcc8168 | Daniel Lobato | permission_set.security_block :smart_proxies_puppetca do |map|
|
|
2ac8d7ba | Tomer Brisker | map.permission :view_smart_proxies_puppetca, {:puppetca => [:index, :counts, :expiry]}
|
|
92148e73 | Dominic Cleal | map.permission :edit_smart_proxies_puppetca, {:puppetca => [:update]}
|
|
map.permission :destroy_smart_proxies_puppetca, {:puppetca => [:destroy]}
|
|||
ad3d61b7 | Paul Kelly | end
|
|
bfcc8168 | Daniel Lobato | permission_set.security_block :subnets do |map|
|
|
f4459c11 | David Davis | map.permission :view_subnets, {:subnets => [:index, :show, :auto_complete_search],
|
|
83ee7350 | Timo Goebel | :"api/v2/subnets" => [:index, :show, :freeip]
|
|
e00b6ef0 | Joseph Mitchell Magen | }
|
|
f4459c11 | David Davis | map.permission :create_subnets, {:subnets => [:new, :create],
|
|
e00b6ef0 | Joseph Mitchell Magen | :"api/v2/subnets" => [:create]
|
|
}
|
|||
map.permission :edit_subnets, {:subnets => [:edit, :update],
|
|||
:"api/v2/subnets" => [:update]
|
|||
}
|
|||
map.permission :destroy_subnets, {:subnets => [:destroy],
|
|||
:"api/v2/subnets" => [:destroy]
|
|||
}
|
|||
f4459c11 | David Davis | map.permission :import_subnets, {:subnets => [:import, :create_multiple]}
|
|
ad3d61b7 | Paul Kelly | end
|
|
611f5bff | Amos Benari | if SETTINGS[:organizations_enabled]
|
|
bfcc8168 | Daniel Lobato | permission_set.security_block :organizations do |map|
|
|
c65bdeac | Joseph Magen | map.permission :view_organizations, {:organizations => [:index, :show, :auto_complete_search],
|
|
e00b6ef0 | Joseph Mitchell Magen | :"api/v2/organizations" => [:index, :show]
|
|
}
|
|||
1fa008a4 | Joseph Magen | map.permission :create_organizations, {:organizations => [:new, :create, :clone_taxonomy, :step2, :nest],
|
|
e00b6ef0 | Joseph Mitchell Magen | :"api/v2/organizations" => [:create]
|
|
}
|
|||
89a04e1a | Joseph Magen | map.permission :edit_organizations, {:organizations => [:edit, :update, :import_mismatches, :parent_taxonomy_selected],
|
|
e00b6ef0 | Joseph Mitchell Magen | :"api/v2/organizations" => [:update]
|
|
}
|
|||
map.permission :destroy_organizations, {:organizations => [:destroy],
|
|||
:"api/v2/organizations" => [:destroy]
|
|||
}
|
|||
66b40d57 | Dominic Cleal | map.permission :assign_organizations, {:organizations => [:assign_all_hosts, :assign_hosts, :assign_selected_hosts]}
|
|
611f5bff | Amos Benari | end
|
|
end
|
|||
bfcc8168 | Daniel Lobato | permission_set.security_block :usergroups do |map|
|
|
f4459c11 | David Davis | map.permission :view_usergroups, {:usergroups => [:index, :show, :auto_complete_search],
|
|
e00b6ef0 | Joseph Mitchell Magen | :"api/v2/usergroups" => [:index, :show]
|
|
}
|
|||
f4459c11 | David Davis | map.permission :create_usergroups, {:usergroups => [:new, :create],
|
|
e00b6ef0 | Joseph Mitchell Magen | :"api/v2/usergroups" => [:create]
|
|
}
|
|||
f4459c11 | David Davis | map.permission :edit_usergroups, {:usergroups => [:edit, :update],
|
|
e00b6ef0 | Joseph Mitchell Magen | :"api/v2/usergroups" => [:update]
|
|
}
|
|||
map.permission :destroy_usergroups, {:usergroups => [:destroy],
|
|||
:"api/v2/usergroups" => [:destroy]
|
|||
}
|
|||
9fd7478e | Paul Kelly | end
|
|
bfcc8168 | Daniel Lobato | permission_set.security_block :external_usergroups do |map|
|
|
4b2dffae | Daniel Lobato | map.permission :view_external_usergroups, :external_usergroups => [:index, :show],
|
|
:"api/v2/external_usergroups" => [:index, :show]
|
|||
map.permission :create_external_usergroups, :external_usergroups => [:new, :create],
|
|||
:"api/v2/external_usergroups" => [:new, :create]
|
|||
map.permission :edit_external_usergroups, :external_usergroups => [:edit, :update, :refresh],
|
|||
:"api/v2/external_usergroups" => [:update, :refresh]
|
|||
map.permission :destroy_external_usergroups, :external_usergroups => [:destroy],
|
|||
:"api/v2/external_usergroups" => [:destroy]
|
|||
d5953972 | Jan Pazdziora | end
|
|
bfcc8168 | Daniel Lobato | permission_set.security_block :users do |map|
|
|
25236783 | amirfefer | ajax_actions = [:auth_source_selected]
|
|
e0d9186e | Dominic Cleal | ||
ba69b49b | Martin Bačovský | map.permission :view_users,
|
|
25236783 | amirfefer | :users => [:index, :show, :auto_complete_search, :test_mail],
|
|
e00b6ef0 | Joseph Mitchell Magen | :"api/v2/users" => [:index, :show]
|
|
ba69b49b | Martin Bačovský | map.permission :create_users,
|
|
e00b6ef0 | Joseph Mitchell Magen | :users => [:new, :create].push(*ajax_actions),
|
|
:"api/v2/users" => [:create]
|
|||
ba69b49b | Martin Bačovský | map.permission :edit_users,
|
|
e00b6ef0 | Joseph Mitchell Magen | :users => [:edit, :update].push(*ajax_actions),
|
|
:"api/v2/users" => [:update]
|
|||
ba69b49b | Martin Bačovský | map.permission :destroy_users,
|
|
e00b6ef0 | Joseph Mitchell Magen | :users => [:destroy],
|
|
:"api/v2/users" => [:destroy]
|
|||
9fd7478e | Paul Kelly | end
|
|
bfcc8168 | Daniel Lobato | permission_set.security_block :dashboard do |map|
|
|
8685d606 | Tomer Brisker | map.permission :access_dashboard, {:dashboard => [:index, :show, :save_positions, :reset_default, :create, :destroy],
|
|
e00b6ef0 | Joseph Mitchell Magen | :"api/v2/dashboard" => [:index]
|
|
}
|
|||
9fd7478e | Paul Kelly | end
|
|
e8d6d2d6 | Shlomi Zadok | permission_set.security_block :config_reports do |map|
|
|
d4449f45 | Tomer Brisker | map.permission :view_config_reports, {"api/v2/reports" => [:index, :show, :last],
|
|
e8d6d2d6 | Shlomi Zadok | :config_reports => [:index, :show, :auto_complete_search],
|
|
:"api/v2/config_reports" => [:index, :show, :last]
|
|||
}
|
|||
map.permission :destroy_config_reports, {:config_reports => [:destroy],
|
|||
:"api/v2/reports" => [:destroy],
|
|||
:"api/v2/config_reports" => [:destroy]
|
|||
}
|
|||
map.permission :upload_config_reports, {:"api/v2/reports" => [:create],
|
|||
:"api/v2/config_reports" => [:create]}
|
|||
9fd7478e | Paul Kelly | end
|
|
bfcc8168 | Daniel Lobato | permission_set.security_block :facts do |map|
|
|
9d43fc71 | Michael Moll | map.permission :view_facts, {:facts => [:index, :show],
|
|
e00b6ef0 | Joseph Mitchell Magen | :fact_values => [:index, :show, :auto_complete_search],
|
|
:"api/v2/fact_values" => [:index, :show]
|
|||
}
|
|||
01055e77 | Greg Sutcliffe | map.permission :upload_facts, {:"api/v2/hosts" => [:facts] }
|
|
9fd7478e | Paul Kelly | end
|
|
bfcc8168 | Daniel Lobato | permission_set.security_block :audit_logs do |map|
|
|
f4459c11 | David Davis | map.permission :view_audit_logs, {:audits => [:index, :show, :auto_complete_search],
|
|
e00b6ef0 | Joseph Mitchell Magen | :"api/v2/audits" => [:index, :show]
|
|
}
|
|||
9fd7478e | Paul Kelly | end
|
|
bfcc8168 | Daniel Lobato | ||
permission_set.security_block :statistics do |map|
|
|||
9d43fc71 | Michael Moll | map.permission :view_statistics, {:statistics => [:index, :show],
|
|
f78b4651 | Joseph Mitchell Magen | :"api/v2/statistics" => [:index]
|
|
}
|
|||
9fd7478e | Paul Kelly | end
|
|
bfcc8168 | Daniel Lobato | permission_set.security_block :trends do |map|
|
|
b7cb483f | Shira Maximov | map.permission :view_trends, {:trends => [:index, :show],
|
|
:"api/v2/trends" => [:index, :show]}
|
|||
map.permission :create_trends, {:trends => [:new, :create],
|
|||
:"api/v2/trends" => [:new, :create]}
|
|||
32a9ce5a | rbirnie | map.permission :edit_trends, {:trends => [:edit, :update]}
|
|
b7cb483f | Shira Maximov | map.permission :destroy_trends, {:trends => [:destroy],
|
|
:"api/v2/trends" => [:destroy]}
|
|||
66b40d57 | Dominic Cleal | map.permission :update_trends, {:trends => [:count]}
|
|
32a9ce5a | rbirnie | end
|
|
e0d9186e | Dominic Cleal | ||
bfcc8168 | Daniel Lobato | permission_set.security_block :tasks do |map|
|
|
e0d9186e | Dominic Cleal | map.permission :view_tasks, {:trends => [:show]}
|
|
end
|
|||
611fd588 | Amos Benari | ||
bfcc8168 | Daniel Lobato | permission_set.security_block :plugins do |map|
|
|
f4459c11 | David Davis | map.permission :view_plugins, {:plugins => [:index],
|
|
611fd588 | Amos Benari | :"api/v2/plugins" => [:index]
|
|
}
|
|||
end
|
|||
bfcc8168 | Daniel Lobato | ||
permission_set.security_block :anonymous do |map|
|
|||
89c820d2 | Amos Benari | map.permission :logout, {:users => [:logout]}, :public => true
|
|
end
|
|||
28b7dd9f | Timo Goebel | ||
permission_set.security_block :ssh_keys do |map|
|
|||
map.permission :view_ssh_keys,
|
|||
:"api/v2/ssh_keys" => [:index, :show]
|
|||
map.permission :create_ssh_keys,
|
|||
:ssh_keys => [:new, :create],
|
|||
:"api/v2/ssh_keys" => [:create]
|
|||
map.permission :destroy_ssh_keys,
|
|||
:ssh_keys => [:destroy],
|
|||
:"api/v2/ssh_keys" => [:destroy]
|
|||
end
|
|||
7d8b5c2e | Timo Goebel | ||
permission_set.security_block :personal_access_tokens do |map|
|
|||
map.permission :view_personal_access_tokens,
|
|||
:"api/v2/personal_access_tokens" => [:index, :show]
|
|||
map.permission :create_personal_access_tokens,
|
|||
:"api/v2/personal_access_tokens" => [:create]
|
|||
map.permission :revoke_personal_access_tokens,
|
|||
:"api/v2/personal_access_tokens" => [:destroy]
|
|||
end
|
|||
9fd7478e | Paul Kelly | end
|