Skip to content

Commit

Permalink
Fixes #16002 - convert to strong params
Browse files Browse the repository at this point in the history
  • Loading branch information
@iNecas
iNecas committed Aug 12, 2016
1 parent 8021dcb commit 3db0553
Show file tree
Hide file tree
Showing 24 changed files with 115 additions and 26 deletions.
5 changes: 3 additions & 2 deletions app/controllers/api/v2/foreign_input_sets_controller.rb
View file
Expand Up @@ -3,6 +3,7 @@ module V2
class ForeignInputSetsController < ::Api::V2::BaseController
include ::Api::Version2
include ::Foreman::Renderer
include ::Foreman::Controller::Parameters::ForeignInputSet

before_filter :find_required_nested_object
before_filter :find_resource, :only => %w{show update destroy}
Expand Down Expand Up @@ -34,7 +35,7 @@ def show
param :template_id, :identifier, :required => true
param_group :foreign_input_set, :as => :create
def create
@foreign_input_set = resource_class.new(params[:foreign_input_set].merge(:template_id => @nested_obj.id))
@foreign_input_set = resource_class.new(foreign_input_set_params.merge(:template_id => @nested_obj.id))
process_response @foreign_input_set.save
end

Expand All @@ -50,7 +51,7 @@ def destroy
param :id, :identifier, :required => true
param_group :foreign_input_set
def update
process_response @foreign_input_set.update_attributes(params[:foreign_input_set])
process_response @foreign_input_set.update_attributes(foreign_input_set_params)
end

def resource_name(nested_resource = nil)
Expand Down
4 changes: 3 additions & 1 deletion app/controllers/api/v2/job_templates_controller.rb
View file
Expand Up @@ -5,6 +5,7 @@ class JobTemplatesController < ::Api::V2::BaseController
include ::Api::TaxonomyScope
include ::Foreman::Renderer
include ::Foreman::Controller::ProvisioningTemplates
include ::Foreman::Controller::Parameters::JobTemplate

before_filter :find_optional_nested_object
before_filter :find_resource, :only => %w{show update destroy clone export}
Expand Down Expand Up @@ -118,9 +119,10 @@ def resource_name
private

def job_template_params
job_template_params = params[:job_template].dup
job_template_params = params[:job_template]
effective_user_attributes = (job_template_params.delete(:ssh) || {}).fetch(:effective_user, {})
job_template_params.merge(:effective_user_attributes => effective_user_attributes)
super
end

def action_permission
Expand Down
3 changes: 2 additions & 1 deletion app/controllers/api/v2/remote_execution_features_controller.rb
View file
Expand Up @@ -2,6 +2,7 @@ module Api
module V2
class RemoteExecutionFeaturesController < ::Api::V2::BaseController
include ::Api::Version2
include ::Foreman::Controller::Parameters::RemoteExecutionFeature

before_filter :find_resource, :only => %w{show update}

Expand All @@ -25,7 +26,7 @@ def show
param :id, :identifier, :required => true
param_group :remote_execution_feature
def update
process_response @remote_execution_feature.update_attributes(params[:remote_execution_feature])
process_response @remote_execution_feature.update_attributes(remote_execution_feature_params)
end

private
Expand Down
5 changes: 3 additions & 2 deletions app/controllers/api/v2/template_inputs_controller.rb
View file
Expand Up @@ -3,6 +3,7 @@ module V2
class TemplateInputsController < ::Api::V2::BaseController
include ::Api::Version2
include ::Foreman::Renderer
include ::Foreman::Controller::Parameters::TemplateInput

before_filter :find_required_nested_object
before_filter :find_resource, :only => %w{show update destroy}
Expand Down Expand Up @@ -40,7 +41,7 @@ def show
param :template_id, :identifier, :required => true
param_group :template_input, :as => :create
def create
@template_input = resource_class.new(params[:template_input].merge(:template_id => @nested_obj.id))
@template_input = resource_class.new(template_input_params.merge(:template_id => @nested_obj.id))
process_response @template_input.save
end

Expand All @@ -56,7 +57,7 @@ def destroy
param :id, :identifier, :required => true
param_group :template_input
def update
process_response @template_input.update_attributes(params[:template_input])
process_response @template_input.update_attributes(template_input_params)
end

def resource_name(nested_resource = nil)
Expand Down
16 changes: 16 additions & 0 deletions app/controllers/concerns/foreman/controller/parameters/foreign_input_set.rb
View file
@@ -0,0 +1,16 @@
module ::Foreman::Controller::Parameters::ForeignInputSet
extend ActiveSupport::Concern

class_methods do
def foreign_input_set_params_filter
Foreman::ParameterFilter.new(::ForeignInputSet).tap do |filter|
filter.permit_by_context(:id, :_destroy, :template_id, :target_template_id, :include_all, :include, :exclude,
:nested => true)
end
end
end

def foreign_input_set_params
self.class.foreign_input_set_params_filter.filter_params(params, parameter_filter_context, :foreign_input_set)
end
end
31 changes: 31 additions & 0 deletions app/controllers/concerns/foreman/controller/parameters/job_template.rb
View file
@@ -0,0 +1,31 @@
module Foreman::Controller::Parameters::JobTemplate
extend ActiveSupport::Concern
include Foreman::Controller::Parameters::Taxonomix
include Foreman::Controller::Parameters::Template
include Foreman::Controller::Parameters::TemplateInput
include Foreman::Controller::Parameters::ForeignInputSet

class_methods do
def job_template_effective_user_filter
Foreman::ParameterFilter.new(::JobTemplateEffectiveUser).tap do |filter|
filter.permit_by_context(:value, :current_user, :overridable,
:nested => true)
end
end

def job_template_params_filter
Foreman::ParameterFilter.new(::TemplateInput).tap do |filter|
filter.permit :job_category, :provider_type, :description_format,
:effective_user_attributes => [job_template_effective_user_filter],
:template_inputs_attributes => [template_input_params_filter],
:foreign_input_sets_attributes => [foreign_input_set_params_filter]
add_template_params_filter(filter)
add_taxonomix_params_filter(filter)
end
end
end

def job_template_params
self.class.job_template_params_filter.filter_params(params, parameter_filter_context, :job_template)
end
end
15 changes: 15 additions & 0 deletions app/controllers/concerns/foreman/controller/parameters/remote_execution_feature.rb
View file
@@ -0,0 +1,15 @@
module Foreman::Controller::Parameters::RemoteExecutionFeature
extend ActiveSupport::Concern

class_methods do
def remote_execution_feature_params_filter
::Foreman::ParameterFilter.new(::RemoteExecutionFeature).tap do |filter|
filter.permit :label, :name, :provided_input_names, :description, :job_template_id
end
end
end

def remote_execution_feature_params
self.class.remote_execution_feature_params_filter.filter_params(params, parameter_filter_context, :remote_execution_feature)
end
end
11 changes: 11 additions & 0 deletions app/controllers/concerns/foreman/controller/parameters/targeting.rb
View file
@@ -0,0 +1,11 @@
module Foreman::Controller::Parameters::Targeting
extend ActiveSupport::Concern

class_methods do
def targeting_params_filter
Foreman::ParameterFilter.new(::Targeting).tap do |filter|
filter.permit_by_context :targeting_type, :bookmark_id, :user, :search_query, :nested => true
end
end
end
end
17 changes: 17 additions & 0 deletions app/controllers/concerns/foreman/controller/parameters/template_input.rb
View file
@@ -0,0 +1,17 @@
module Foreman::Controller::Parameters::TemplateInput
extend ActiveSupport::Concern

class_methods do
def template_input_params_filter
Foreman::ParameterFilter.new(::TemplateInput).tap do |filter|
filter.permit_by_context :id, :_destroy, :name, :required, :input_type, :fact_name,
:variable_name, :puppet_class_name, :puppet_parameter_name, :description, :template_id,
:options, :advanced, :nested => true
end
end
end

def template_input_params
self.class.template_input_params_filter.filter_params(params, parameter_filter_context, :template_input)
end
end
5 changes: 3 additions & 2 deletions app/controllers/job_invocations_controller.rb
View file
@@ -1,5 +1,6 @@
class JobInvocationsController < ApplicationController
include Foreman::Controller::AutoCompleteSearch
include ::Foreman::Controller::AutoCompleteSearch
include ::ForemanTasks::Concerns::Parameters::Triggering

def new
ui_params = {
Expand Down Expand Up @@ -34,7 +35,7 @@ def rerun
end

def create
@composer = JobInvocationComposer.from_ui_params(params)
@composer = JobInvocationComposer.from_ui_params(params.merge(:triggering => triggering_params))
if @composer.trigger
redirect_to job_invocation_path(@composer.job_invocation)
else
Expand Down
2 changes: 2 additions & 0 deletions app/controllers/job_templates_controller.rb
View file
@@ -1,4 +1,6 @@
class JobTemplatesController < ::TemplatesController
include ::Foreman::Controller::Parameters::JobTemplate

def load_vars_from_template
return unless @template

Expand Down
3 changes: 2 additions & 1 deletion app/controllers/remote_execution_features_controller.rb
View file
@@ -1,5 +1,6 @@
class RemoteExecutionFeaturesController < ::ApplicationController
before_filter :find_resource, :only => [:show, :update]
include ::Foreman::Controller::Parameters::RemoteExecutionFeature

def index
@remote_execution_features = resource_base.all
Expand All @@ -9,7 +10,7 @@ def show
end

def update
if @remote_execution_feature.update_attributes(params[:remote_execution_feature])
if @remote_execution_feature.update_attributes(remote_execution_feature_params)
process_success :object => @remote_execution_feature
else
process_error :object => @remote_execution_feature
Expand Down
1 change: 0 additions & 1 deletion app/models/concerns/foreman_remote_execution/nic_extensions.rb
View file
Expand Up @@ -4,7 +4,6 @@ module NicExtensions

included do
before_validation :set_execution_flag
attr_accessible :execution
validate :exclusive_execution_interface
end

Expand Down
1 change: 0 additions & 1 deletion app/models/concerns/foreman_remote_execution/subnet_extensions.rb
View file
Expand Up @@ -5,7 +5,6 @@ module SubnetExtensions
included do
has_many :target_remote_execution_proxies, :as => :target
has_many :remote_execution_proxies, :dependent => :destroy, :through => :target_remote_execution_proxies
attr_accessible :remote_execution_proxies, :remote_execution_proxy_ids
end
end
end
1 change: 0 additions & 1 deletion app/models/concerns/foreman_remote_execution/template_extensions.rb
View file
Expand Up @@ -12,7 +12,6 @@ def template_inputs_with_foreign(templates_stack = [])
end
accepts_nested_attributes_for :template_inputs, :allow_destroy => true
accepts_nested_attributes_for :foreign_input_sets, :allow_destroy => true
attr_accessible :template_inputs_attributes, :foreign_input_sets_attributes
end

# create or overwrite instance methods...
Expand Down
1 change: 0 additions & 1 deletion app/models/foreign_input_set.rb
View file
Expand Up @@ -4,7 +4,6 @@ class ForeignInputSet < ActiveRecord::Base
class CircularDependencyError < Foreman::Exception
end

attr_accessible :template_id, :target_template_id, :include_all, :include, :exclude
attr_exportable :exclude, :include, :include_all, :template => ->(input_set) { input_set.template.name }

belongs_to :template
Expand Down
1 change: 0 additions & 1 deletion app/models/job_template.rb
View file
Expand Up @@ -4,7 +4,6 @@ class JobTemplate < ::Template
class NonUniqueInputsError < Foreman::Exception
end

attr_accessible :job_category, :provider_type, :description_format, :effective_user_attributes
attr_exportable :name, :job_category, :description_format, :snippet, :template_inputs,
:foreign_input_sets, :provider_type, :kind => ->(template) { template.class.name.underscore }

Expand Down
2 changes: 0 additions & 2 deletions app/models/job_template_effective_user.rb
View file
@@ -1,7 +1,5 @@
class JobTemplateEffectiveUser < ActiveRecord::Base

attr_accessible :value, :current_user, :overridable

belongs_to :job_template

before_validation :set_defaults
Expand Down
2 changes: 0 additions & 2 deletions app/models/remote_execution_feature.rb
View file
@@ -1,6 +1,4 @@
class RemoteExecutionFeature < ActiveRecord::Base
attr_accessible :label, :name, :provided_input_names, :description, :job_template_id

validates :label, :name, :presence => true, :uniqueness => true

belongs_to :job_template
Expand Down
2 changes: 0 additions & 2 deletions app/models/targeting.rb
View file
Expand Up @@ -16,8 +16,6 @@ class Targeting < ActiveRecord::Base
validates :targeting_type, :presence => true, :inclusion => Targeting::TYPES.keys
validate :bookmark_or_query_is_present

attr_accessible :targeting_type, :bookmark_id, :user, :search_query

before_create :assign_search_query, :if => :static?

def clone
Expand Down
7 changes: 2 additions & 5 deletions app/models/template_input.rb
View file
Expand Up @@ -9,11 +9,8 @@ class UnsatisfiedRequiredInput < ::Foreman::Exception
TYPES = { :user => N_('User input'), :fact => N_('Fact value'), :variable => N_('Variable'),
:puppet_parameter => N_('Puppet parameter') }.with_indifferent_access

attr_accessible :name, :required, :input_type, :fact_name, :variable_name,
:puppet_class_name, :puppet_parameter_name, :description, :template_id,
:options, :advanced

attr_exportable(*self.accessible_attributes - %w(template_id))
attr_exportable(:name, :required, :input_type, :fact_name, :variable_name, :puppet_class_name,
:puppet_parameter_name, :description, :options, :advanced)

belongs_to :template
has_many :template_invocation_input_values, :dependent => :destroy
Expand Down
2 changes: 1 addition & 1 deletion foreman_remote_execution.gemspec
View file
Expand Up @@ -20,7 +20,7 @@ Gem::Specification.new do |s|

s.add_dependency 'deface'
s.add_dependency 'dynflow', '~> 0.8.10'
s.add_dependency 'foreman-tasks', '~> 0.7.11'
s.add_dependency 'foreman-tasks', '~> 0.8.0'

s.add_development_dependency 'rubocop'
s.add_development_dependency 'rdoc'
Expand Down
3 changes: 3 additions & 0 deletions lib/foreman_remote_execution/engine.rb
View file
Expand Up @@ -103,6 +103,9 @@ class Engine < ::Rails::Engine
register_custom_status HostStatus::ExecutionStatus
# add dashboard widget
# widget 'foreman_remote_execution_widget', name: N_('Foreman plugin template widget'), sizex: 4, sizey: 1

parameter_filter Subnet, :remote_execution_proxies, :remote_execution_proxy_ids
parameter_filter Nic, :execution
end
end

Expand Down
1 change: 1 addition & 0 deletions lib/tasks/foreman_remote_execution_tasks.rake
View file
Expand Up @@ -16,6 +16,7 @@ namespace :test do
t.libs << ['test', test_dir]
t.pattern = "#{test_dir}/**/*_test.rb"
t.verbose = true
t.warning = false
end
end

Expand Down

0 comments on commit 3db0553

Please sign in to comment.