forked from theforeman/foreman_salt
/
plugin.rb
148 lines (120 loc) · 6.27 KB
/
plugin.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
# frozen_string_literal: true
# rubocop:disable BlockLength
Foreman::Plugin.register :foreman_salt do
requires_foreman '>= 1.14'
apipie_documented_controllers ["#{ForemanSalt::Engine.root}/app/controllers/foreman_salt/api/v2/*.rb"]
# Menus
menu :top_menu, :salt_environments,
:url_hash => { :controller => :'foreman_salt/salt_environments', :action => :index },
:caption => 'Environments',
:parent => :configure_menu,
:after => :common_parameters
menu :top_menu, :salt_modules,
:url_hash => { :controller => :'foreman_salt/salt_modules', :action => :index },
:caption => 'States',
:parent => :configure_menu,
:after => :common_parameters
divider :top_menu, :parent => :configure_menu,
:caption => 'Salt',
:after => :common_parameters
# Permissions
security_block :foreman_salt do
permission :destroy_smart_proxies_salt_autosign,
{ :'foreman_salt/salt_autosign' => [:destroy],
:'foreman_salt/api/v2/salt_autosign' => [:destroy] },
:resource_type => 'SmartProxy'
permission :create_smart_proxies_salt_autosign,
{ :'foreman_salt/salt_autosign' => [:new, :create],
:'foreman_salt/api/v2/salt_autosign' => [:create] },
:resource_type => 'SmartProxy'
permission :view_smart_proxies_salt_autosign,
{ :'foreman_salt/salt_autosign' => [:index],
:'foreman_salt/api/v2/salt_autosign' => [:index] },
:resource_type => 'SmartProxy'
permission :create_salt_environments,
{ :'foreman_salt/salt_environments' => [:new, :create],
:'foreman_salt/api/v2/salt_environments' => [:create] },
:resource_type => 'ForemanSalt::SaltEnvironment'
permission :view_salt_environments,
{ :'foreman_salt/salt_environments' => [:index, :show, :auto_complete_search],
:'foreman_salt/api/v2/salt_environments' => [:index, :show] },
:resource_type => 'ForemanSalt::SaltEnvironment'
permission :edit_salt_environments,
{ :'foreman_salt/salt_environments' => [:update, :edit] },
:resource_type => 'ForemanSalt::SaltEnvironment'
permission :destroy_salt_environments,
{ :'foreman_salt/salt_environments' => [:destroy],
:'foreman_salt/api/v2/salt_environments' => [:destroy] },
:resource_type => 'ForemanSalt::SaltEnvironment'
permission :create_reports,
{ :'foreman_salt/api/v2/jobs' => [:upload] },
:resource_type => 'Report'
permission :saltrun_hosts,
{ :'foreman_salt/minions' => [:run] },
:resource_type => 'Host'
permission :edit_hosts,
{ :'foreman_salt/api/v2/salt_minions' => [:update],
:'foreman_salt/minions' => [:salt_environment_selected],
:hosts => [:select_multiple_salt_master, :update_multiple_salt_master,
:select_multiple_salt_environment, :update_multiple_salt_environment] },
:resource_type => 'Host'
permission :view_hosts,
{ :'foreman_salt/minions' => [:node],
:'foreman_salt/api/v2/salt_minions' => [:index, :show] },
:resource_type => 'Host'
permission :edit_hostgroups,
{ :hostgroups => [:salt_environment_selected] },
:resource_type => 'Hostgroup'
permission :view_smart_proxies_salt_keys,
{ :'foreman_salt/salt_keys' => [:index],
:'foreman_salt/api/v2/salt_keys' => [:index] },
:resource_type => 'SmartProxy'
permission :destroy_smart_proxies_salt_keys,
{ :'foreman_salt/salt_keys' => [:destroy],
:'foreman_salt/api/v2/salt_keys' => [:destroy] },
:resource_type => 'SmartProxy'
permission :edit_smart_proxies_salt_keys,
{ :'foreman_salt/salt_keys' => [:accept, :reject],
:'foreman_salt/api/v2/salt_keys' => [:update] },
:resource_type => 'SmartProxy'
permission :create_salt_modules,
{ :'foreman_salt/salt_modules' => [:new, :create],
:'foreman_salt/api/v2/salt_states' => [:create] },
:resource_type => 'ForemanSalt::SaltModule'
permission :import_salt_modules,
{ :'foreman_salt/salt_modules' => [:import, :apply_changes],
:'foreman_salt/api/v2/salt_states' => [:import] },
:resource_type => 'ForemanSalt::SaltModule'
permission :view_salt_modules,
{ :'foreman_salt/salt_modules' => [:index, :show, :auto_complete_search],
:'foreman_salt/api/v2/salt_states' => [:index, :show] },
:resource_type => 'ForemanSalt::SaltModule'
permission :edit_salt_modules,
{ :'foreman_salt/salt_modules' => [:update, :edit] },
:resource_type => 'ForemanSalt::SaltModule'
permission :destroy_salt_modules,
{ :'foreman_salt/salt_modules' => [:destroy],
:'foreman_salt/api/v2/salt_states' => [:destroy] },
:resource_type => 'ForemanSalt::SaltModule'
end
# Roles
role 'Salt admin', [:saltrun_hosts, :create_salt_modules,
:view_salt_modules, :edit_salt_modules,
:destroy_salt_modules,
:view_smart_proxies_salt_keys,
:destroy_smart_proxies_salt_keys,
:edit_smart_proxies_salt_keys,
:create_smart_proxies_salt_autosign,
:view_smart_proxies_salt_autosign,
:destroy_smart_proxies_salt_autosign,
:create_salt_environments, :view_salt_environments,
:edit_salt_environments,
:destroy_salt_environments]
# Parameter filters
parameter_filter Hostgroup, :salt_proxy_id, :salt_proxy_name, :salt_environment_id,
:salt_environment_name, :salt_modules => [], :salt_module_ids => []
parameter_filter Host::Managed, :salt_proxy_id, :salt_proxy_name,
:salt_environment_id, :salt_environment_name, :salt_modules => [],
:salt_module_ids => []
end
# rubocop:enable BlockLength