| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Added troubleshooting and tips tricks content
* Added troubleshooting and tips tricks content
* Moved DNS host entry override info to customize pod spec section of CG chapter.
* Added troubleshooting and tips tricks content
* Moved DNS host entry override info to customize pod spec section of CG chapter.
* Update docs/docsite/rst/administration/containers_instance_groups.rst
Co-authored-by: Seth Foster <fosterseth@users.noreply.github.com>
* Update docs/docsite/rst/administration/containers_instance_groups.rst
Co-authored-by: Seth Foster <fosterseth@users.noreply.github.com>
* Update docs/docsite/rst/administration/containers_instance_groups.rst
Co-authored-by: Sandra McCann <samccann@redhat.com>
* Incorp'd review feedback from @fosterseth and @samccann
* Update docs/docsite/rst/administration/containers_instance_groups.rst
Co-authored-by: Sandra McCann <samccann@redhat.com>
* Final revisions based on @fosterseth's inputs.
---------
Co-authored-by: Seth Foster <fosterseth@users.noreply.github.com>
Co-authored-by: Sandra McCann <samccann@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Add migration testing for certain managed roles
* Fix managed role bugs
* Add more tests
* Fix another bug with org workflow admin role reference
* Add test because another issue is fixed
* Mark reason for test
* Remove internal markers
* Reword failure message
Co-authored-by: Seth Foster <fosterseth@users.noreply.github.com>
---------
Co-authored-by: Seth Foster <fosterseth@users.noreply.github.com>
|
|
|
|
|
|
|
| |
* Fix object-level permission bugs with DAB RBAC system
* Fix NT organization change regression
* Mark tests to AAP number
|
|
|
|
|
|
|
|
| |
Script was falsely identifying cross-linked
parents. It needs to check if parent roles if
content type is Team and role_field is
member_role OR admin_role.
Signed-off-by: Seth Foster <fosterbseth@gmail.com>
|
| |
|
|
|
|
|
|
| |
* Include a bit of context into the name of the delete function. The
HTTP_ added prepended string may be unexpected if Django's header
transformation isn't top of mind.
|
|
|
|
|
| |
* Increase the surface area of the set of headers that the proxy list
feature looks at for the remote proxy IF x-trusted-proxy is valid.
|
|
|
|
| |
This reverts commit 49e3971cd577127705fc0fd1d3b4ab7e3a3c3c2b.
|
|
|
|
| |
* Integration tests to ensure the integration of the two features.
|
|
|
|
|
| |
* Do not remove special header list if request is from a trusted proxy.
* Continue to remove headers if request if from a non-trusted proxy.
|
| |
|
| |
|
|
|
| |
Co-authored-by: Hao Liu <44379968+TheRealHaoLiu@users.noreply.github.com>
|
|
|
| |
Signed-off-by: Adrian Nackov <adrian.nackov@mail.schwarz>
|
| |
|
| |
|
|
|
|
|
| |
This will mitigate the problem where if any Role gets deleted for some
weird reason it could previously cascade delete important objects.
|
|
|
|
|
|
|
|
|
|
| |
rename AWX_DIRECT_SHARED_RESOURCE_MANAGEMENT_ENABLED
to
ALLOW_LOCAL_RESOURCE_MANAGEMENT
- clearer meaning
- drop prefix so the same setting is used across the platform
Signed-off-by: Seth Foster <fosterbseth@gmail.com>
|
| |
|
|
|
|
| |
when doing the final reset of Role.implicit_parents.
|
|
|
|
| |
to trigger the implicit parent not being in the parents and ancestors lists.
|
| |
|
| |
|
| |
|
|
|
|
| |
Since we use it twice, the second time to get the id field of each.
|
| |
|
| |
|
|
|
|
|
| |
Some relationships known to be handled by the special mapping sql file
were being caught as false positives.
|
|
|
|
|
| |
Also, make use of up-front defined arrays of the tables involved, for
ease of editing in the future.
|
| |
|
| |
|
| |
|
|
|
|
|
| |
it wound up being unworkable, and I think ultimately we only need to
check the immediate parentage of each role.
|
|
|
|
|
| |
I think that rebuild_role_ancestor_list() will then correctly update
all of the affected Role.ancestors.
|
| |
|
|
|
|
|
| |
since the foreign keys to the roles from the resources can make us go
wrong almost immediately.
|
|
|
|
| |
The results in my test now look correct.
|
|
|
|
|
| |
This version, however, has false positives because Roles become
children of Team.member_role when a Role is granted to a Team.
|
|
|
|
| |
Checking if parents and implicit_parents are consistent with ancestors.
|
|
|
|
|
|
|
| |
This is actually happening for one customer, though it seems like it
shouldn't be if the foreign key constraint is set back up properly.
In order to recreate it, I had to add the constraint back with 'NOT
VALID' added on to prevent the check.
|
| |
|
|
|
|
| |
Doing the entire graph is too much on any system with real amounts of Roles.
|
|
|
|
| |
Apparently this has happened to a customer, per Nate Becker.
|
|
|
|
| |
of the Role relationships.
|
| |
|
|
|
|
| |
The underlying role should be re-linked, instead of treated as orphaned.
|
| |
|
| |
|
|
|
|
| |
Also, null out the generic foreign key on orphaned roles before deleting.
|
|
|
|
| |
Also, attempt to rebuild the role ancestors in the fixup script.
|