Role permission

I have foreman 1.18.1 and I cannot deny “yaml” button on my test user.
My role:
Resource_type: view_hosts
Search: hostgroup = test_hg

test_hg - hostgroup with 3 host
Then I login to web interface -> Hosts -> <any_host from test_hg>, now my URL is https: // FQDN / hosts / hostname, on section “Details” I can push button “YAML”. How I can ban it action?

As far as I can see you cannot because it is not intended.

Besides…why do you want to ban that specific action? It’s just a parameter export and therefore nothing you haven’t in other formats.


I have simple ruby application, they use foreman api. I want use special user with minimal privileges. How I can grant privileges to use only one request type, without /enc? For example: I want have user with permission on ?search=hostgroup_title= query only. Can you write exaple filter for me?

All options you have are displayed in the create filter view. I don’t think you can be more explicit than that.

thank you for your reply, and have a good day. The question is actual, I try grant minimal permission to show list hosts in group, but cannot do it without permit on /enc via API or yaml button. This is security problem for me. I search way without use any blacklist, want use white list policy. Any good tips?