Fixes #17296 - Add setting access_unattended_without_build

ohadlevy · Nov 25, 2016 · 2652dea · 2652dea
1 parent d39ced2
commit 2652dea
Show file tree

Hide file tree

Showing 4 changed files with 17 additions and 1 deletion.
diff --git a/app/controllers/unattended_controller.rb b/app/controllers/unattended_controller.rb
@@ -152,7 +152,7 @@ def find_host_by_ip_or_mac
   end
 
   def allowed_to_install?
-    (@host.build || @spoof) ? true : head(:method_not_allowed)
+    (@host.build || @spoof || Setting[:access_unattended_without_build]) ? true : head(:method_not_allowed)
   end
 
   # Cleans Certificate and enable autosign. This is run as a before_action for provisioning templates.

diff --git a/app/models/setting/provisioning.rb b/app/models/setting/provisioning.rb
@@ -12,6 +12,7 @@ def self.load_defaults
         self.set('root_pass', N_("Default encrypted root password on provisioned hosts"), nil, N_('Root password')),
         self.set('unattended_url', N_("URL hosts will retrieve templates from during build (normally http as many installers don't support https)"), unattended_url, N_('Unattended URL')),
         self.set('safemode_render', N_("Enable safe mode config templates rendering (recommended)"), true, N_('Safemode rendering')),
+        self.set('access_unattended_without_build', N_("Allow access to unattended URLs without build mode being used"), false, N_('Access unattended without build')),
         self.set('manage_puppetca', N_("Foreman will automate certificate signing upon provision of new host"), true, N_('Manage PuppetCA')),
         self.set('ignore_puppet_facts_for_provisioning', N_("Stop updating IP address and MAC values from Puppet facts (affects all interfaces)"), false, N_('Ignore Puppet facts for provisioning')),
         self.set('ignored_interface_identifiers', N_("Ignore interfaces that match these values during facts importing, you can use * wildcard to match names with indexes e.g. macvtap*"), ['lo', 'usb*', 'vnet*', 'macvtap*', '_vdsmdummy_', 'veth*'], N_('Ignore interfaces with matching identifier')),

diff --git a/test/controllers/unattended_controller_test.rb b/test/controllers/unattended_controller_test.rb
@@ -196,6 +196,16 @@ class UnattendedControllerTest < ActionController::TestCase
     assert_response :method_not_allowed
   end
 
+  test "should provide unattened files to hosts which are not in built state when access_unattended_without_build=true" do
+    @request.env["HTTP_X_RHN_PROVISIONING_MAC_0"] = "eth0 #{@rh_host.mac}"
+    @request.env['REMOTE_ADDR'] = '10.0.1.2'
+    Setting[:access_unattended_without_build] = true
+    get :built
+    assert_response :created
+    get :host_template, {:kind => 'provision'}
+    assert_response :success
+  end
+
   test "should not provide unattended files to hosts which we don't know about" do
     get :host_template, {:kind => 'provision'}
     assert_response :not_found

diff --git a/test/fixtures/settings.yml b/test/fixtures/settings.yml
@@ -308,3 +308,8 @@ attributes63:
   default: nil
   description: 'Encrypted password'
   encrypted: true
+attributes64:
+  name: access_unattended_without_build
+  category: Setting::Provisioning
+  default: "false"
+  description: 'Allow access to unattended URLs without build mode being used'