Feature #366
Provide a basic authorization infrastructure
| Status: | Closed | Start: | 08/26/2010 | |
|---|---|---|---|---|
| Priority: | Normal | Due date: | ||
| Assigned to: |  Paul Kelly |
% Done: | 100% |
|
| Category: | Authorization | |||
| Target version: | 0.1-6 | |||
| Backlog: | Difficulity: | |||
| Votes: | 0 |
Description
Foreman know you are but does not use this information to grant or disallow access to any functionality.
The Redmine authorization infrastructure is a good starting point for this feature. A port of this code should be performed and the links/actions should be modified in the rest of the application to refer to a set of roles.
Related issues
| duplicated by Foreman - Feature #401: authorisation | Duplicate | 10/05/2010 | ||
| blocks Foreman - Feature #139: per host authorization for making changes. | Closed | 12/18/2009 |
Associated revisions
Revision 9fd7478e89b07e8adc70bbf61bcb19a6f5af9a5e
Fixes #366 - Redmine authorization port
This is a major feature which provides RBAC authorization within Foreman
a mental note to myself - never ever work on large commits
Revision 1efdb38afe477f4f40066a1fcb3db358a8f77da6
wrong link to domain edit page, refs #366
Revision 6b728c1d3fd0eead832c5afd90dbafb8e721da78
Fixes broken links - refs #366
Revision 23e593278d7e4600797d5f8bac59477e5f4b8d2c
Ensures that all anonymous actions are allowed - refs #366
History
Updated by Paul Kelly over 1 year ago
- Status changed from New to Ready For Testing
- Assigned to set to Paul Kelly
- Branch set to feature/366-redmine-authorization-port-collapsed
The submitted code is a simple port of the redmine authorization module. It includes the modifications to Foreman to use its functionality but it is not yet a full patch. I believe that this needs some reviewing and some thought about use cases but is basically 95% there.
Note the branch name ends in -collapsed
Updated by Paul Kelly over 1 year ago
Extensively updated after discussion with Ohad.
Tested
new branch pushed
Updated by Ohad Levy over 1 year ago
Paul Kelly wrote:
Extensively updated after discussion with Ohad. Tested new branch pushed
my tests are failing - not sure why:
(in /home/olevy/git/foreman)
/usr/bin/ruby -I"lib:test" "/usr/lib/ruby/gems/1.8/gems/rake-0.8.7/lib/rake/rake_test_loader.rb" "test/unit/domain_parameter_test.rb" "test/unit/user_fact_test.rb" "test/unit/operatingsystem_test.rb" "test/unit/environment_test.rb" "test/unit/puppetclass_test.rb" "test/unit/usergroup_test.rb" "test/unit/media_test.rb" "test/unit/lookup_key_test.rb" "test/unit/common_parameter_test.rb" "test/unit/report_observer_test.rb" "test/unit/architecture_test.rb" "test/unit/auth_source_test.rb" "test/unit/domain_test.rb" "test/unit/ptable_test.rb" "test/unit/helpers/parameters_helper_test.rb" "test/unit/helpers/statistics_helper_test.rb" "test/unit/helpers/auth_sources_helper_test.rb" "test/unit/helpers/host_groups_helper_test.rb" "test/unit/helpers/puppetclasses_helper_test.rb" "test/unit/helpers/environments_helper_test.rb" "test/unit/helpers/usergroups_helper_test.rb" "test/unit/helpers/dashboard_helper_test.rb" "test/unit/helpers/users_helper_test.rb" "test/unit/helpers/lookup_keys_helper_test.rb" "test/unit/helpers/fact_values_helper_test.rb" "test/unit/helpers/domain_helper_test.rb" "test/unit/helpers/ptables_helper_test.rb" "test/unit/helpers/media_helper_test.rb" "test/unit/helpers/operatingsystem_helper_test.rb" "test/unit/helpers/audit_helper_test.rb" "test/unit/helpers/reports_helper_test.rb" "test/unit/helpers/model_helper_test.rb" "test/unit/helpers/architecture_helper_test.rb" "test/unit/helpers/unattended_helper_test.rb" "test/unit/helpers/home_helper_test.rb" "test/unit/helpers/hosts_helper_test.rb" "test/unit/role_test.rb" "test/unit/subnet_test.rb" "test/unit/parameter_test.rb" "test/unit/report_test.rb" "test/unit/user_test.rb" "test/unit/auth_source_ldap_test.rb" "test/unit/host_parameter_test.rb" "test/unit/host_observer_test.rb" "test/unit/host_mailer_test.rb" "test/unit/group_parameter_test.rb" "test/unit/hostgroup_test.rb" "test/unit/fact_value_test.rb" "test/unit/host_test.rb" "test/unit/model_test.rb"
/home/olevy/git/foreman/config/../vendor/rails/railties/lib/rails/gem_dependency.rb:119:Warning: Gem::Dependency#version_requirements is deprecated and will be removed on or after August 2010. Use #requirement
/home/olevy/git/foreman/app/helpers/common_parameters_helper.rb:7: warning: parenthesize argument(s) for future version
./test/unit/role_test.rb:23: warning: parenthesize argument(s) for future version
./test/unit/role_test.rb:26: warning: parenthesize argument(s) for future version
./test/unit/role_test.rb:27: warning: parenthesize argument(s) for future version
./test/unit/role_test.rb:23: undefined method `have_many' for RoleTest:Class (NoMethodError)
from /home/olevy/git/foreman/vendor/rails/activesupport/lib/active_support/dependencies.rb:147:in `load_without_new_constant_marking'
from /home/olevy/git/foreman/vendor/rails/activesupport/lib/active_support/dependencies.rb:147:in `load'
from /usr/lib/ruby/gems/1.8/gems/rake-0.8.7/lib/rake/rake_test_loader.rb:4
from /usr/lib/ruby/gems/1.8/gems/rake-0.8.7/lib/rake/rake_test_loader.rb:4:in `each'
from /usr/lib/ruby/gems/1.8/gems/rake-0.8.7/lib/rake/rake_test_loader.rb:4
/usr/bin/ruby -I"lib:test" "/usr/lib/ruby/gems/1.8/gems/rake-0.8.7/lib/rake/rake_test_loader.rb" "test/functional/ptables_controller_test.rb" "test/functional/operatingsystems_controller_test.rb" "test/functional/dashboard_controller_test.rb" "test/functional/hosts_controller_test.rb" "test/functional/audits_controller_test.rb" "test/functional/home_controller_test.rb" "test/functional/fact_values_controller_test.rb" "test/functional/medias_controller_test.rb" "test/functional/auth_source_ldaps_controller_test.rb" "test/functional/statistics_controller_test.rb" "test/functional/common_parameters_controller_test.rb" "test/functional/domains_controller_test.rb" "test/functional/unattended_controller_test.rb" "test/functional/usergroups_controller_test.rb" "test/functional/puppetclasses_controller_test.rb" "test/functional/roles_controller_test.rb" "test/functional/lookup_keys_controller_test.rb" "test/functional/architectures_controller_test.rb" "test/functional/reports_controller_test.rb" "test/functional/environments_controller_test.rb" "test/functional/hostgroups_controller_test.rb" "test/functional/users_controller_test.rb" "test/functional/models_controller_test.rb"
/home/olevy/git/foreman/config/../vendor/rails/railties/lib/rails/gem_dependency.rb:119:Warning: Gem::Dependency#version_requirements is deprecated and will be removed on or after August 2010. Use #requirement
/home/olevy/git/foreman/app/helpers/common_parameters_helper.rb:7: warning: parenthesize argument(s) for future version
./test/functional/ptables_controller_test.rb:56: undefined method `context' for PtablesControllerTest:Class (NoMethodError)
from /usr/lib/ruby/gems/1.8/gems/rake-0.8.7/lib/rake/rake_test_loader.rb:4:in `load'
from /usr/lib/ruby/gems/1.8/gems/rake-0.8.7/lib/rake/rake_test_loader.rb:4
from /usr/lib/ruby/gems/1.8/gems/rake-0.8.7/lib/rake/rake_test_loader.rb:4:in `each'
from /usr/lib/ruby/gems/1.8/gems/rake-0.8.7/lib/rake/rake_test_loader.rb:4
/usr/bin/ruby -I"lib:test" "/usr/lib/ruby/gems/1.8/gems/rake-0.8.7/lib/rake/rake_test_loader.rb"
Errors running test:units and test:functionals!
Updated by Paul Kelly over 1 year ago
Rewrote the login code, (again.)
Added some tests for the login code. Maybe I need more?
rebased
and tested
Still need ideas on sensible default roles
Updated by Ohad Levy over 1 year ago
- Target version set to 0.1-6
Updated by Paul Kelly over 1 year ago
Tested and incorporating some fixes highlighted by Ohad. The fixes are added as an additional commit so that you can review them more easily. If you are happy I will rebase into one commit. Unfortunately you will have to do a rebase otherwise I will be rewrinting the history if I do a pull --rebase and then a push.
Updated by Paul Kelly over 1 year ago
Fixed issue with the fact importer.
This is a nasty fix but I would rather do this then try to understand puppet internals
Again this is a separate commit for ease of review
There are many errors in the test.log and I am unclear as to which are supposed to be there.
Updated by Paul Kelly over 1 year ago
Fixed another minor issue with the fixtures
I now think that there are no problems with errors in the test.log. Except for the audits fixtures but I guess that this is due to there being no audits model in the app tree
Updated by Paul Kelly over 1 year ago
Updated the user edit page to not automatically show the filters section unless the user is using filtering
Added an explicit filter_on_owner flag to the user object.
Did not refactor the Authorization code as this is already in an external module that is included into all models.
Updated the tests and ensured they passed
Updated by Paul Kelly over 1 year ago
- Subject changed from Provide a basic authorization infreastructure to Provide a basic authorization infrastructure
Updated by Ohad Levy over 1 year ago
- File patch added
here is a patch against develop, for anyone who wishes to give a hand in testing this huge feature
Updated by Ohad Levy over 1 year ago
- File 366.patch added
Updated by Ohad Levy over 1 year ago
- File deleted (
patch)
Updated by Paul Kelly about 1 year ago
- % Done changed from 0 to 100
Applied in changeset 9fd7478e89b07e8adc70bbf61bcb19a6f5af9a5e.
Updated by Ohad Levy about 1 year ago
- Status changed from Ready For Testing to Closed
