Revision acfbc458
Added by Marek Hulán about 10 years ago
app/services/foreman/access_permissions.rb | ||
---|---|---|
|
||
# Permissions
|
||
Foreman::AccessControl.map do |map|
|
||
map.security_block :public do |map|
|
||
map.permission :user_logout, { :users => [:logout] }, :public => true
|
||
map.permission :my_account, { :users => [:edit] }, :public => true
|
||
end
|
||
|
||
map.security_block :architectures do |map|
|
||
map.permission :view_architectures,
|
||
:architectures => [:index, :show, :auto_complete_search],
|
||
... | ... | |
:"api/v2/override_values" => [:create, :update, :destroy]}
|
||
end
|
||
|
||
map.security_block :filters do |map|
|
||
map.permission :view_filters, {:filters => [:index, :auto_complete_search],
|
||
:'api/v2/filters' => [:index, :show]}
|
||
map.permission :create_filters, {:filters => [:new, :create],
|
||
:'api/v2/filters' => [:create]}
|
||
map.permission :edit_filters, {:filters => [:edit, :update], :permissions => [:index],
|
||
:'api/v2/filters' => [:update], :'api/v2/permissions' => [:index, :show]}
|
||
map.permission :destroy_filters, {:filters => [:destroy],
|
||
:'api/v2/filters' => [:destroy]}
|
||
end
|
||
|
||
map.security_block :global_variables do |map|
|
||
map.permission :view_globals, {:common_parameters => [:index, :show, :auto_complete_search],
|
||
:"api/v1/common_parameters" => [:index, :show],
|
||
... | ... | |
}
|
||
end
|
||
|
||
map.security_block :roles do |map|
|
||
map.permission :view_roles, {:roles => [:index, :auto_complete_search],
|
||
:'api/v2/roles' => [:index, :show]}
|
||
map.permission :create_roles, {:roles => [:new, :create, :clone],
|
||
:'api/v2/roles' => [:create]}
|
||
map.permission :edit_roles, {:roles => [:edit, :update],
|
||
:'api/v2/roles' => [:update]}
|
||
map.permission :destroy_roles, {:roles => [:destroy],
|
||
:'api/v2/roles' => [:destroy]}
|
||
end
|
||
|
||
map.security_block :smart_proxies do |map|
|
||
map.permission :view_smart_proxies, {:smart_proxies => [:index, :ping],
|
||
map.permission :view_smart_proxies, {:smart_proxies => [:index, :ping, :auto_complete_search],
|
||
:"api/v1/smart_proxies" => [:index, :show],
|
||
:"api/v2/smart_proxies" => [:index, :show]
|
||
}
|
||
... | ... | |
end
|
||
|
||
map.security_block :usergroups do |map|
|
||
map.permission :view_usergroups, {:usergroups => [:index, :show],
|
||
map.permission :view_usergroups, {:usergroups => [:index, :show, :auto_complete_search],
|
||
:"api/v1/usergroups" => [:index, :show],
|
||
:"api/v2/usergroups" => [:index, :show]
|
||
}
|
Also available in: Unified diff
fixes #812 - new permissions model, user group role and nest support, role filters for better granularity
Contributions from: