Revision acfbc458
Added by Marek Hulán about 10 years ago
app/controllers/api/v2/hosts_controller.rb | ||
---|---|---|
include Api::TaxonomyScope
|
||
include Foreman::Controller::SmartProxyAuth
|
||
|
||
before_filter :find_resource, :except => [:index, :create, :facts]
|
||
before_filter :find_resource, :except => %w{index create facts}
|
||
before_filter :permissions_check, :only => %w{power boot puppetrun}
|
||
|
||
add_puppetmaster_filters :facts
|
||
|
||
api :GET, "/hosts/", "List all hosts."
|
||
... | ... | |
render :json => { :status => @host.host_status }.to_json if @host
|
||
end
|
||
|
||
# we need to limit resources for a current user
|
||
def resource_scope
|
||
Host.my_hosts
|
||
end
|
||
|
||
api :PUT, "/hosts/:id/puppetrun", "Force a puppet run on the agent."
|
||
param :id, :identifier_dottable, :required => true
|
||
|
||
... | ... | |
|
||
private
|
||
|
||
def resource_scope(controller = controller_name)
|
||
Host.authorized("#{action_permission}_#{controller}", Host)
|
||
end
|
||
|
||
def action_permission
|
||
case params[:action]
|
||
when 'puppetrun'
|
||
:puppetrun
|
||
when 'power'
|
||
:power
|
||
when 'boot'
|
||
:ipmi_boot
|
||
when 'console'
|
||
:console
|
||
else
|
||
super
|
||
end
|
||
end
|
||
|
||
# this is required for template generation (such as pxelinux) which is not done via a web request
|
||
def forward_request_url
|
||
@host.request_url = request.host_with_port if @host.respond_to?(:request_url)
|
||
... | ... | |
raise ::Foreman::Exception.new("A problem occurred when detecting host type: #{e.message}")
|
||
end
|
||
|
||
def permissions_check
|
||
permission = "#{params[:action]}_hosts".to_sym
|
||
deny_access unless Host.authorized(permission).find(@host.id)
|
||
end
|
||
end
|
||
end
|
||
end
|
Also available in: Unified diff
fixes #812 - new permissions model, user group role and nest support, role filters for better granularity
Contributions from: