Foreman Plugin permission

Hello All,

I have developed one custom foreman plugin where i have created one role
after written below line in engine.rb file:

Add permissions

    security_block :foreman_config_monitor do
     permission :view_foreman_config_monitor, 

{:'foreman_config_monitor/versions' =>
[:version,:show,:update,:config_reports,:comparison,:compare]}
end

Now i have requirement to attach some existing permission like edit_hosts,
view_hosts to the above created role.

Can we add this to somewhere in engine.rb file.

Thanks,
Aditya

Hello

you've created a permission called "view_foreman_config_monitor", not a role.
This permission grants user to use action like show and update (so maybe you
should have two different permissions). Anyway to create a role, you should
add following

role 'Config monitor role', [:view_foreman_config_monitor]

somewhere below your security blog.

See plugin creation docs at [1]

[1]
http://projects.theforeman.org/projects/foreman/wiki/How_to_Create_a_Plugin#Adding-roles

Hope this helps

··· On Monday 04 of January 2016 19:25:39 Aditya Gupta wrote: > Hello All, > > I have developed one custom foreman plugin where i have created one role > after written below line in engine.rb file: > > # Add permissions > security_block :foreman_config_monitor do > permission :view_foreman_config_monitor, > {:'foreman_config_monitor/versions' => > [:version,:show,:update,:config_reports,:comparison,:compare]} > end > > > Now i have requirement to attach some existing permission like edit_hosts, > view_hosts to the above created role. > > Can we add this to somewhere in engine.rb file. > > Thanks, > Aditya


Marek

Thanks marken for hint…

I found the answer where we can use existing permissions to the custom
created role:

Add a new role called 'ForemanConfigMonitor' if it doesn't exist

     role 'ForemanConfigMonitor', 

[:view_foreman_config_monitor,:view_hosts,:edit_hosts,:console_hosts,:puppetrun_hosts]

Thanks,
Aditya

··· On Tuesday, January 5, 2016 at 2:14:29 PM UTC+5:30, Marek Hulan wrote: > > On Monday 04 of January 2016 19:25:39 Aditya Gupta wrote: > > Hello All, > > > > I have developed one custom foreman plugin where i have created one role > > after written below line in engine.rb file: > > > > # Add permissions > > security_block :foreman_config_monitor do > > permission :view_foreman_config_monitor, > > {:'foreman_config_monitor/versions' => > > [:version,:show,:update,:config_reports,:comparison,:compare]} > > end > > > > > > Now i have requirement to attach some existing permission like > edit_hosts, > > view_hosts to the above created role. > > > > Can we add this to somewhere in engine.rb file. > > > > Thanks, > > Aditya > > Hello > > you've created a permission called "view_foreman_config_monitor", not a > role. > This permission grants user to use action like show and update (so maybe > you > should have two different permissions). Anyway to create a role, you > should > add following > > role 'Config monitor role', [:view_foreman_config_monitor] > > somewhere below your security blog. > > See plugin creation docs at [1] > > [1] > > http://projects.theforeman.org/projects/foreman/wiki/How_to_Create_a_Plugin#Adding-roles > > Hope this helps > > -- > Marek >