foremancommunity-templatesforeman_api
Fixes #11579 - Reports show/destroy restricted by host authorization (CVE-2015-5233)
ReportsController 'show' and 'destroy' now perform a check to see ifthe User is authorized to see the Host associated with the Report. Incase it's not, it returns 404, as to not give hints whether a Report...
fixes #10482 - get external user group members only once during refresh
(cherry picked from commit 0fd7412faaa76787bf15ed1901ffc9eb4d6353fa)
Fixes #10123 - Tests API v2 external user groups
The addition of a .refresh call after create, update and delete, causedour tests to fail because of many failed calls to LDAP.We can just expect the method to return true as we're not testing therefresh functionality in these methods....
Fixes #8812 - Pass model type so search_for is called on Host
At least on version 1.6.1, the absence of this second parameter leads to aruntime crash when it's time to validate if the current user (non-admin) isallowed to perform a power operation on given a host via the APIv2....
Fixes #10002 - Add attribute ancestry to taxonomies API v2
(cherry picked from commit 1f47202ce4e70fd036437f1d81646b6b811bf02d)
Fixes #7378 - fixed API lookup keys filters
(cherry picked from commit bc68c48da5b718084c3e531e61e48124e8e00d36)
Fixes #9657 - merge NICs from compute profile in host create API
- updated api docs for hosts and interfaces- host create/update api actions now merge interfaces from compute profiles- NIC type mapping extracted into a separate class- return full host detail after host update...
Fixes #9678 - Can't update admin flag for users via API
find_resource needs to be defined prior to UsersMixin is included as itrequires the variable @user being set.
(cherry picked from commit 1b1b39861e485523b0cc0c6435fef30c38df7e07)
Refs #3809 - Remove classcheck cop
Refs #3809 - Remove various small cops
View revisions
Also available in: Atom