Skip to content

Commit

Permalink
Merge pull request #14427 from lfu/prevent_request_host_scan
Browse files Browse the repository at this point in the history
Add policy checking for request_host_scan.
  • Loading branch information
gmcculloug authored Mar 30, 2017
2 parents f15a504 + e69e061 commit 5e9e1c7
Show file tree
Hide file tree
Showing 2 changed files with 37 additions and 12 deletions.
19 changes: 7 additions & 12 deletions app/models/host.rb
Original file line number Diff line number Diff line change
Expand Up @@ -1333,22 +1333,17 @@ def first_cat_entry(name)
Classification.first_cat_entry(name, self)
end

# TODO: Rename this to scan_queue and rename scan_from_queue to scan to match
# standard from other places.
def scan(userid = "system", _options = {})
def scan(userid = "system", options = {})
log_target = "#{self.class.name} name: [#{name}], id: [#{id}]"

task = MiqTask.create(:name => "SmartState Analysis for '#{name}' ", :userid => userid)

_log.info("Requesting scan of #{log_target}")
begin
MiqEvent.raise_evm_job_event(self, :type => "scan", :prefix => "request")
rescue => err
_log.warn("Error raising request scan event for #{log_target}: #{err.message}")
return
end
check_policy_prevent(:request_host_scan, :scan_queue, userid, options)
end

def scan_queue(userid = 'system', _options = {})
log_target = "#{self.class.name} name: [#{name}], id: [#{id}]"
_log.info("Queuing scan of #{log_target}")

task = MiqTask.create(:name => "SmartState Analysis for '#{name}' ", :userid => userid)
timeout = ::Settings.host_scan.queue_timeout.to_i_with_method
cb = {:class_name => task.class.name, :instance_id => task.id, :method_name => :queue_callback_on_exceptions, :args => ['Finished']}
MiqQueue.put(
Expand Down
30 changes: 30 additions & 0 deletions spec/models/host_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -622,4 +622,34 @@ def assert_remote_credentials_validated
expect(Host.non_clustered).to eq([host])
end
end

describe "#scan" do
before do
EvmSpecHelper.create_guid_miq_server_zone
@host = FactoryGirl.create(:host_vmware)
FactoryGirl.create(:miq_event_definition, :name => :request_host_scan)
# admin user is needed to process Events
User.super_admin || FactoryGirl.create(:user_with_group, :userid => "admin")
end

it "policy passes" do
expect_any_instance_of(ManageIQ::Providers::Vmware::InfraManager::Host).to receive(:scan_queue)

allow(MiqAeEngine).to receive_messages(:deliver => ['ok', 'sucess', MiqAeEngine::MiqAeWorkspaceRuntime.new])
@host.scan
status, message, result = MiqQueue.first.deliver
MiqQueue.first.delivered(status, message, result)
end

it "policy prevented" do
expect_any_instance_of(ManageIQ::Providers::Vmware::InfraManager::Host).to_not receive(:scan_queue)

event = {:attributes => {"full_data" => {:policy => {:prevented => true}}}}
allow_any_instance_of(MiqAeEngine::MiqAeWorkspaceRuntime).to receive(:get_obj_from_path).with("/").and_return(:event_stream => event)
allow(MiqAeEngine).to receive_messages(:deliver => ['ok', 'sucess', MiqAeEngine::MiqAeWorkspaceRuntime.new])
@host.scan
status, message, _result = MiqQueue.first.deliver
MiqQueue.first.delivered(status, message, MiqAeEngine::MiqAeWorkspaceRuntime.new)
end
end
end

0 comments on commit 5e9e1c7

Please sign in to comment.