[foreman-dev] Opinions from plugin maintainers wanted: permissions and roles
Hi, I recently started identifying problematic areas in Permissions and Roles, especially with regard to plugins. Foreman provides 'Viewer' and 'Manager' roles out of the box and users expect these roles to work for plugins as well. But plugins generally do not add their permissions to core's roles, some of them just have their own plugin-specific roles, some not. So if a plugin is installed, user has to go and find what role/permission is missing or ask someone who can grant permissions. After a brief discussion in team C, it was decided that plugins should add their permissions to 'Manager' role and their 'view_' permissions to 'Viewer' role. They should also keep their plugin-specific roles (or create them) for higher granularity and backward compatibility. I started initial work which should allow plugin maintainers to do this, it can be found at [1]. I decided to create 2 methods that would be called from Engine, but we could take a different approach and add permissions from plugins automatically by modifying the 'permission' method that is called from 'security_block'. The way I see things: * adding permissions explicitly, using DSL - extra work for plugin maintainers - permissions can be ommited/forgotten # can be covered with tests? something like the already existing AccessPermissionsTest - extra code in Engine - better control, can handle special cases * adding permissions automatically without plugin knowing about it by modifying 'permission' method - no need for plugin maintainers to do anything - cannot handle special cases - if user removes permission from these default roles, there is no way to detect it and permissions get added again on server restart # users do not modify default roles, they can clone it and modify the cloned one # if the default roles are not meant to be modified, they should be 'frozen' and user should not be able to modify them, implementing this would add code and complexity Anything that I have missed? Where do you stand as a plugin maintainers? Can you think of other ways to go? Ondra [1] https://github.com/theforeman/foreman/pull/4168 -- You received this message because you are subscribed to the Google Groups "foreman-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to foreman-dev+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[foreman-dev] Re: Creation of menu
Hi, I never tried to add items into plugin's menu from another plugin, but I think the issue here is that plugin registration is not ordered in any way. So if you have plugin A with sub_menu :top_menu, :ConfigMonitor #... end and plugin B with: menu :top_menu, :patchmanagement, :parent => :ConfigMonitor your B plugin may be registered before A, so B is trying to add items into menu that does not yet exist. You can get list of already registered plugins if you put a breakpoint right before the Foreman::Plugin.register block in your Engine and call Foreman::Plugin.registered_plugins You could try to create a third plugin, whose sole purpose would be to add menu into navbar and make it a dependency for your existing plugins. Then adding the items into common menu could work, but I haven't really tried it. Ondra -- You received this message because you are subscribed to the Google Groups "foreman-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to foreman-dev+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[foreman-dev] Change in host/managed possibly affecting your plugin
Hi everyone, if you are a plugin developer/maintainer and your plugin has host_extension that adds inheritable attributes to host, then read on. In a recently merged bugfix [1], there has been a change that possibly breaks your plugin. I have already submitted PRs to katello [2] and foreman_openscap [3], but if your plugin uses :alias_method_chain for set_hostgroup_defaults method, you will need to make a minor change. O. [1] https://github.com/theforeman/foreman/pull/3612 [2] https://github.com/Katello/katello/pull/6280 [3] https://github.com/theforeman/foreman_openscap/pull/195/files -- You received this message because you are subscribed to the Google Groups "foreman-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to foreman-dev+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [foreman-dev] Webpack merged into develop branch
There was an issue with webpack when running in a vagrant box and serving assets over https. Have a look at: https://github.com/theforeman/foreman/commit/ab5c7c28f3c8e6a4fd4731cba590b62d5497ac97 ':webpack_dev_server_https: true' in settings.yml fixed the console errors for me On Friday, August 19, 2016 at 8:35:32 PM UTC+2, stephen wrote: > > > > - Original Message - > > From: "Stephen Benjamin"> > To: forem...@googlegroups.com > > Sent: Friday, August 19, 2016 7:29:21 AM > > Subject: Re: [foreman-dev] Webpack merged into develop branch > > > > > > > > - Original Message - > > > From: "Greg Sutcliffe" > > > To: "Foreman" > > > Sent: Friday, August 19, 2016 4:24:17 AM > > > Subject: Re: [foreman-dev] Webpack merged into develop branch > > > > > > On 19 August 2016 at 07:26, Daniel Lobato > wrote: > > > > > > > I'm not sure why - but I also can reproduce this. > > > > > > > > It seems like having `foreman_templates` on your list of plugins is > > > > what's > > > > causing this. I don't really know why yet but I don't get the error > > > > without > > > > that plugin, and I get it the moment I put it in bundler.d > > > > > > > > > > I know I haven't updated templates for this: > https://groups.google.com/d/ > > > topic/foreman-dev/MFW1bAj-eFk/discussion (hit that myself last night). > Not > > > the same error, but possibly related. I'll push that change to > > > templates/develop today and hopefully it'll help. > > > > > > > Thank you, that was it. foreman_chef wasn't updated for that. > > > > > > - Stephen > > Well, sort of. Now none of the menus, dropdowns etc work. There's plenty > of errors in the JS console like this: > > ReferenceError: $ is not defined editable_form.self.js:5:5 > ReferenceError: jQuery is not defined > > I've tried cleaning out the node_modules dir and reinstalled, and trying > webpack:compile with the server off, and it doesn't help. > > > - Stephen > > > -- You received this message because you are subscribed to the Google Groups "foreman-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to foreman-dev+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.