Skip to content

Commit

Permalink
Dev: wizards: don't use root password
Browse files Browse the repository at this point in the history
The root password that the user submits in the Wizards passwd-textbox
eventually comes into the CrmScript.run, but it's simply
ignored there. Here we delete the whole flow of the root password.
  • Loading branch information
Aleksei Burlakov committed Sep 24, 2024
1 parent 8945dc8 commit c02f089
Show file tree
Hide file tree
Showing 5 changed files with 9 additions and 40 deletions.
4 changes: 2 additions & 2 deletions hawk/app/controllers/wizards_controller.rb
Original file line number Diff line number Diff line change
Expand Up @@ -50,10 +50,10 @@ def submit
@wizard.verify(pa)
if @wizard.errors.length > 0
render json: @wizard.errors.to_json, status: :unprocessable_entity
elsif current_cib.sim? && @wizard.need_rootpw
elsif current_cib.sim?
render json: [_("Wizard cannot be applied when the simulator is active")], status: :unprocessable_entity
else
@wizard.run(pa, params[:rootpw])
@wizard.run(pa)
if @wizard.errors.length > 0
render json: @wizard.errors.to_json, status: :unprocessable_entity
else
Expand Down
2 changes: 1 addition & 1 deletion hawk/app/lib/crm_script.rb
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ def cleanerr(err)
end
module_function :cleanerr

def run(jsondata, rootpw)
def run(jsondata)
user = current_user
cmd = crmsh_escape(JSON.dump(jsondata))
tmpf = Tempfile.new 'crmscript'
Expand Down
24 changes: 5 additions & 19 deletions hawk/app/models/wizard.rb
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,6 @@ class Wizard
attr_reader :actions
attr_reader :output
attr_reader :errors
attr_reader :need_rootpw

def persisted?
true
Expand All @@ -39,7 +38,6 @@ def initialize(name, category, shortdesc, longdesc)
@actions = nil
@output = nil
@errors = nil
@need_rootpw = false
end

def id
Expand All @@ -63,26 +61,14 @@ def verify(params)
@params = params
@actions = []
@errors = []
CrmScript.run ["verify", @name, params], nil do |action, err|
CrmScript.run ["verify", @name, params] do |action, err|
@errors << err if err
unless action.nil?
@errors << action["error"] if action.key? "error"
action['text'].gsub!(/\t/, " ") if action.key? "text"
@actions << action unless action.key? "error"
end
end

@need_rootpw = @errors.empty? && @actions.any? do |action|
return false if action['name'] == 'cib'
if action['name'] == 'crm'
t = (action['text'] || '').split.first || ''
return false if ['configure', 'resource', 'cib'].any? { |c| c == t }
end
if action['name'] == 'call' && action['sudo'].nil? && action['nodes'] == 'local'
return false
end
true
end
end

def command_string
Expand All @@ -99,14 +85,14 @@ def command_string
base.join(" ")
end

def run(params, rootpw=nil)
def run(params)
# TODO: live-update frontend
@params = params
@actions = []
@errors = []
@output = nil
CrmEvents.instance.push command_string
CrmScript.run ["run", @name, @params], rootpw do |result, err|
CrmScript.run ["run", @name, @params] do |result, err|
@errors << err if err
unless result.nil?
Rails.logger.debug "result: #{result}"
Expand Down Expand Up @@ -152,7 +138,7 @@ def parse_full(data)

def find(name)
w = nil
CrmScript.run ["show", name], nil do |item, err|
CrmScript.run ["show", name] do |item, err|
Rails.logger.error "Wizard.find: #{err}" unless err.nil?
raise Cib::RecordNotFound, _("Requested wizard does not exist") unless err.nil?
w = Wizard.parse_full(item) unless item.nil?
Expand All @@ -178,7 +164,7 @@ def wizard_ok(item)
def all
Rails.cache.fetch(:all_wizards, expires_in: 2.hours) do
[].tap do |wizards|
CrmScript.run ["list"], nil do |item, err|
CrmScript.run ["list"] do |item, err|
Rails.logger.debug "Error listing scripts: #{err}" unless err.blank?
wizards.push Wizard.parse_brief(item) if wizard_ok(item)
end
Expand Down
16 changes: 0 additions & 16 deletions hawk/app/views/wizards/update.html.erb
Original file line number Diff line number Diff line change
Expand Up @@ -61,22 +61,6 @@
<% end %>
</ul>
</div>
<% if @wizard.need_rootpw %>
<div class="alert alert-warning">
<p>
<%= _("To apply the changes, Hawk requires root access, and password-less SSH access must be configured. See the Hawk documentation for more information.") %>
</p>
</div>
<div class="form-group">
<div class="col-sm-5 text-right">
<%= label_tag(:rootpw, _("Root password")) %>
</div>
<div class="col-sm-7">
<%= password_field_tag :rootpw, nil, class: "form-control", required: true %>
</div>
<div class="col-sm-5 help-block"></div>
</div>
<% end %>
</fieldset>
<%= main_form.button_group class: "wizard" do %>
<%= link_to _("Cancel"), cib_wizards_path(cib_id: current_cib.id), class: "btn btn-default", data: { confirm: _("Do you really want to cancel the wizard setup?") } %>
Expand Down
3 changes: 1 addition & 2 deletions hawk/config/initializers/filter.rb
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,6 @@

Rails.application.config.tap do |config|
config.filter_parameters += [
:password,
:rootpw
:password
]
end

0 comments on commit c02f089

Please sign in to comment.