/app/services/foreman/access_permissions.rb - Diff - Foreman

« Previous | Next »

Revision acfbc458

Added by Marek Hulán about 10 years ago

ID acfbc45886c4d81a2a3ca5af433a6124a0a7191a
Parent 8cf10332
Child 0bebeaf3

fixes #812 - new permissions model, user group role and nest support, role filters for better granularity

Contributions from:

Daniel Lobato <elobatocs@gmail.com>
Joseph Magen <jmagen@redhat.com>
Tom McKay <thomasmckay@redhat.com>
Greg Sutcliffe <gsutclif@redhat.com>
Dominic Cleal <dcleal@redhat.com>

     # Permissions
     Foreman::AccessControl.map do |map|
       map.security_block :public do |map|
         map.permission :user_logout, { :users => [:logout] }, :public => true
         map.permission :my_account, { :users => [:edit] }, :public => true
       end
       map.security_block :architectures do |map|
         map.permission :view_architectures,
                        :architectures => [:index, :show, :auto_complete_search],
-...
                                                      :"api/v2/override_values" => [:create, :update, :destroy]}
       end
       map.security_block :filters do |map|
         map.permission :view_filters,    {:filters => [:index, :auto_complete_search],
                                           :'api/v2/filters' => [:index, :show]}
         map.permission :create_filters,  {:filters => [:new, :create],
                                           :'api/v2/filters' => [:create]}
         map.permission :edit_filters,    {:filters => [:edit, :update], :permissions => [:index],
                                           :'api/v2/filters' => [:update], :'api/v2/permissions' => [:index, :show]}
         map.permission :destroy_filters, {:filters => [:destroy],
                                           :'api/v2/filters' => [:destroy]}
       end
       map.security_block :global_variables do |map|
         map.permission :view_globals,    {:common_parameters => [:index, :show, :auto_complete_search],
                                           :"api/v1/common_parameters" => [:index, :show],
-...
+                                                }
       end
       map.security_block :roles do |map|
         map.permission :view_roles,    {:roles => [:index, :auto_complete_search],
                                         :'api/v2/roles' => [:index, :show]}
         map.permission :create_roles,  {:roles => [:new, :create, :clone],
                                         :'api/v2/roles' => [:create]}
         map.permission :edit_roles,    {:roles => [:edit, :update],
                                         :'api/v2/roles' => [:update]}
         map.permission :destroy_roles, {:roles => [:destroy],
                                         :'api/v2/roles' => [:destroy]}
       end
       map.security_block :smart_proxies do |map|
         map.permission :view_smart_proxies,    {:smart_proxies => [:index, :ping],
         map.permission :view_smart_proxies,    {:smart_proxies => [:index, :ping, :auto_complete_search],
                                               :"api/v1/smart_proxies" => [:index, :show],
                                               :"api/v2/smart_proxies" => [:index, :show]
+        }
-...
       end
       map.security_block :usergroups do |map|
         map.permission :view_usergroups,    {:usergroups => [:index, :show],
         map.permission :view_usergroups,    {:usergroups => [:index, :show, :auto_complete_search],
                                              :"api/v1/usergroups" => [:index, :show],
                                              :"api/v2/usergroups" => [:index, :show]
+        }

Also available in: Unified diff

Project

General

Profile

Revision acfbc458

Added by Marek Hulán about 10 years ago

Project

General

Profile

Revision acfbc458

Added by Marek Hulán about 10 years ago

Related issues