-
Notifications
You must be signed in to change notification settings - Fork 27
Hardening_conductor_entry_points
Mo Morsi edited this page Jan 9, 2013
·
3 revisions
title: Hardening_conductor_entry_points
updated_on: Thu Aug 16 12:44:02 ~~0400 2012\
\
h1. Hardening/Conductor entry points
\
Hardening home page~~ [[Hardening\_the\_app]]
Conductor Entry Points
----------------------
api controller namespace ‘’’not’‘’ analyzed as it is being removed
\
|*.Controller|*.Method|*.Authenticates User|*.Authorizes User +
Data|*.Validates Data|*.Securely invokes functionality|\_.Other|\
| | | | | | |\
|user\_sessions|new|no|||yes||\
|user\_sessions|create|no||uses :login, :password params to login|?|uses
regex global variable when doing http basic auth validation|\
|user\_sessions|edit|||||method does not exist|\
|user\_sessions|show|||||method does not exist|\
|user\_sessions|update|||||method does not exist|\
|user\_sessions|destroy|yes|||yes||\
|users|new|n/a|Privilege::CREATE on User class if user is logged
in|n/a|yes|\
|users|create|n/a|Privilege::MODIFY on User class if user is logged
in|params[:commit] tested against static string, params[:user] used to
create new User instance|yes|Quota may be set twice, is this correct
(?);|\
|users|edit|yes|Privilege::MODIFY on User class unless user being edited
is current user|looks up user by ’id’ parameter|yes|\
|users|show|yes|Privilege::VIEW on User class unless user being viewed
is current user|looks up user by ‘id’ parameter, uses ‘details\_tab’,
‘details\_pane’ to determine which view is rendered, |yes||\
|users|update|yes|Privilege::MODIFY on User class unless user being
updated is current user|looks up user by ‘id’ param, updates user
instance w/ ‘user’ param, tests ‘commit’ param against static ‘Reset’
string to control workflow|yes||\
|users|destroy|yes|Privilege::MODIFY on User class|looks up user by ‘id’
param|yes|\
|users|multi\_destroy|yes|Privilege::MODIFY on User class|looks up users
by ‘user\_selected’ param|yes|\
|users|filter|no (change?)|no|uses :current\_path,
:users\_preset\_filter, and :users\_search params to construct
redirect\_to location|yes|\
|users|index|yes|Privilege::VIEW on User class|makes ‘params’ array
available to views (good idea?); uses :users\_preset\_filter,
:users\_search params to filter users, :sort\_by to sort users |yes|
(method needs to be optimized)|\
|permissions|load\_headers|n/a|n/a|uses :sort\_by parameter to specify
‘order’ to db users query|yes||\
|permissions|set\_permission\_object|n/a|Privilege::PERM\_SET on db
entity specified by
:permission\_object\_type,:permission\_object\_id|uses
:permission\_object\_type,:permission\_object\_id params to lookup db
entity; :path\_prefix, :use\_tabs, :polymorphic\_path\_extras params to
construct url path|yes||\
|permissions|index|yes|Privilege::PERM\_VIEW on db entity specified by
:permission\_object\_type,:permission\_object\_id|see
permissions::set\_permission\_object and
permissions::load\_headers|yes|\
|permissions|list|yes||||\
|permissions|multi\_destroy|yes|Privilege::PERM\_SET on db entity
specified by :permission\_object\_type,:permission\_object\_id and
Privilege::PERM\_SET on permission\_objects of permissions specified
:permission\_selected|see permissions::set\_permission\_object; uses
:permission\_selected param to find Permission entities to delete|yes|\
|permissions|multi\_update|yes|Privilege::PERM\_SET on db entity
specified by :permission\_object\_type,:permission\_object\_id|see
permissions::set\_permission\_object; uses:user\_role\_selected
parameter for user\_id/role\_id inputs to new Permission entity|yes|\
|permissions|filter|yes|||yes||\
|permissions|create|yes|Privilege::PERM\_SET on db entity specified by
:permission\_object\_type,:permission\_object\_id|see
permissions::set\_permission\_object; uses:user\_role\_selected
parameter for user\_id/role\_id inputs to new Permission entity|yes|\
|permissions|new|yes|Privilege::PERM\_SET on db entity specified by
:permission\_object\_type,:permission\_object\_id|see
permissions::set\_permission\_object and
permissions::load\_headers|yes|\
|permissions|edit|||||method does not exist|\
|permissions|show|yes||||method does not exist|\
|permissions|update|yes||||method does not exist|\
|permissions|destroy|yes|Privilege::PERM\_SET on db entity specified by
:permission[:id]|uses :permission[:id] to find permission to
destroy|yes||\
|settings|self\_service|yes|Privilege::MODIFY|n/a|yes||\
|settings|general\_settings|yes|Privilege::MODIFY|n/a|yes||\
|settings|index|yes|no|n/a|yes||\
|settings|create|||||method does not exist|\
|settings|new|||||method does not exist|\
|settings|edit|||||method does not exist|\
|settings|show|||||method does not exist|\
|settings|update|yes|no|if params[self\_service\_default\_quota] is set,
it is used to update\_attributes of the
self\_service\_default\_quota\_metadata object|no|this method should be
locked down + simplified (especially given the KEYS array) or removed
alltogether|\
|settings|destroy|||||method does not exist|\
|pools|hardware\_profiles|||||method does not exist, route should be
removed|\
|pools|realms|||||method does not exist, route should be removed|\
|pools|multi\_destroy|yes|Privilege::MODIFY on pools specified by
params[:pools\_selected]|params[:pools\_selected] used as an array of
ids to find|yes||\
|pools|filter|no (change?)|no|uses:pools\_preset\_filter and
:pools\_search params to construct redirect\_to location|yes||\
|pools|index|yes|retrieves list of pools for current user for which they
have Privilege::Create on deployments|used :details\_tab, :only\_tab,
:view params to construct view components; uses :pools\_preset\_filter,
:pools\_search, :instances\_preset\_filter, :instances\_search,
:deployments\_preset\_filter,:deployments\_search to apply\_filters to
Pools, Instances, Deployments|yes||\
|pools|create|yes|Privilege::CREATE on Pool|uses params[:pool] to create
a new pool|yes||\
|pools|new|yes|Privilege::CREATE on Pool|uses params[:pool\_family\_id]
to lookup pool|yes|should there be an additional privilege check for the
pool family?|\
|pools|edit|yes|Privilege::MODIFY on the pool specified by
params[:id]|uses params[:id] to find pool|yes||\
|pools|show|yes|Privilege::VIEW on the pools specified by
params[:id]|uses :details\_tab, to format view components, uses
:deployments\_preset\_filter, :deployments\_search to apply\_filters to
pool deployments|yes||\
|pools|update|yes|Privilege::MODIFY on the pool specified by
params[:id]|uses params[:id] to find pool; uses params[:pool] to update
pool; uses params[:quota] and :unlimited\_quota to set
max\_running\_instances of pool’s quota|yes||\
|pools|destroy|yes|Privilege::MODIFY on the pool(s) specified by
:pools\_selected/:id/:ids params|uses :pools\_selected/:id/:ids params
to find pools to destroy|yes||\
|deployments|multi\_stop|yes|retrieves pools which the current\_user has
Privilege::Create on deployments, requires Privilege::Use of
deployments’ instances|uses :deployments\_selected to find deployments,
uses :deployments\_preset\_filter, :deployments\_search params to
apply\_filters to Deployment, and :page param to paginate Deployments
|yes|can functionality can be delegated to a lower method?|\
|deployments|multi\_destroy|y|requires Privilege::Modify on deployments
specified by :deployments\_selected, retrieves pools which the
current\_user has Privilege::Create on deployments|uses
:deployments\_selected param to find deployment, uses :backlink param as
redirect path, uses :deployments\_preset\_filter, :deployments\_search
params to apply\_filters to Deployment, and :page param to paginate
Deployments|yes| |\
|deployments|launch\_new|y|requires Privilege::Create on deployments in
the pool specified by the :pool\_id param|uses :pool\_id param to find
Pool|yes| |\
|deployments|launch\_time\_params|y|requires Privileges::Create on
deployments in the pool corresponding to that specified in the
:deployment param|:deployable\_id param is used to find the deployable,
:deployment param is used to construct a new deployment|yes| |\
|deployments|overview|y|requires Privileges::Create on deployments in
the pool corresponding to that specified in the :deployment param,
retrieves deployables which the current\_user has Privilege::USE on,
retrieves pools which the current\_user has Privilege::Create on
deployments|:deployable\_id param is used to find the deployable,
:deployment param is used to construct a new deployment|yes|Does not
enforce permission checks on deployable found by deployable\_id or
realms/hardwareprofiles retrieved (change?)|\
|deployments|check\_name|y|n|uses :name param to find deployable by
name, returns true/false|yes|remove race condition comment|\
|deployments|launch\_from\_catalog|y|requires Privilege::View on catalog
specified by catalog\_id|uses :catalog\_id to find catalog, uses :page
command to paginate catalog deployables|yes| |\
|deployments|filter|y|no|uses :deployments\_preset\_filter and
:deployments\_search params to construct redirect\_to location|yes||\
|deployments|index|y|retrieves pools which the current\_user has
Privilege::Create on deployments, retrieves deployments in those
pools|uses :deployments\_preset\_filter and :deployments\_search params
to filter deployments and :page param to paginate|yes| |\
|deployments|create|y|requires Privileges::Create on deployments in the
pool corresponding to that specified in the :deployment param, retrieves
deployables which the current\_user has Privilege::USE on, retrieves
pools which the current\_user has Privilege::Create on
deployments|:deployable\_id param is used to find the deployable,
:launch\_parameters\_encoded param is used to populate
params[:deployment][:launch\_parameters], :deployment param is used to
construct a new deployment, :commit param used to direct flow
control|yes|method can be simplified? scope of respond\_to should be
reduced, seems to do some steps twice|\
|deployments|new|y| | | | |\
|deployments|edit|y|requires Privilege::Modify on deployment specified
by :id|uses :id param to find deployment|yes||\
|deployments|show|y|requires Privilege::VIEW on deployment found w/ :id
param, retrieves deployables which the current\_user has Privilege::USE
on, retrieves pools which the current\_user has Privilege::Create on
deployments|uses :id param to find deployment, uses
:instances\_preset\_filter, :instance\_search params to apply\_filters
to Instance, uses :detail\_tab param to render view components|y|should
further permission checks be performed on instances?|\
|deployments|update|y|requires Privilege::Modify on deployment specified
by :id|uses :id param to find deployment, uses :deployment param to
update\_attributes of deployment found|yes||\
|deployments|destroy|y|requires Privilege::Modify on deployment
specified by :id, retrieves pools which the current\_user has
Privilege::Create on deployments|uses :id param to find deployment, uses
:deployment param to update\_attributes of deployment found|yes| |\
|instances|index|yes|instances are loaded for pools which current\_user
has Privilege::CREATE on Instance|assigns params array to
`params member and uses :deployment_id, :instances_preset_filter, and :instances_search params to apply_filter and where clause of Instance queries, uses :deployments_preset_filter, :deployments_search params to apply_filters to Deployment, and :page param to paginate Deployments|yes||
|instances|create|yes||||empty method, remove?|
|instances|new|yes||||emtpy method, remove?|
|instances|edit|yes|Privilege::MODIFY and Privilege::USE on the instance specified with :id param|:id param is used to find the instance|yes||
|instances|show|yes|instances are loaded for pools which current_user has Privilege::CREATE on Instance and requires Privilege::USE on instances specified by :id param|uses :details_tab and :details pane params to format view components, :page param to paginate instance events|yes||
|instances|update|yes|Privilege::MODIFY on `instance specified w/ :id
param|uses params[:instance] to update\_attributes of instance specified
by :id param|yes||\
|instances|destroy|yes|Privilege::MODIFY on instance(s) specified by :id
or :ids params|:id and :ids params used to lookup instances|yes||\
|instances|start|||||method not defined, remove?|\
|instances|multi\_stop|yes|Privilege::USE,instance on instances
specified with:instance\_selected param|params[:instance\_selected] used
to find Instances, params[:backlink] used as the redirect\_to path on
success|yes||\
|instances|multi\_reboot|yes|Privilege::USE,instance on instances
specified with:instance\_selected param|params[:instance\_selected] used
to find Instances, params[:backlink] used as the redirect\_to path on
success|yes||\
|instances|remove\_failed|||||method not defined, remove?|\
|instances|export\_events|yes|instances are loaded for pools which
current\_user has Privilege::CREATE on Instance|uses :deployment\_id,
:instances\_preset\_filter, and :instances\_search params to
apply\_filter and where clause of Instance queries|yes|will export.csv
be ovrerridden for each request? (will this result in a race condition
on parallel requests?)|\
|instances|filter|yes|no|uses :instances\_preset\_filter and
:instances\_search params to construct redirect\_to location|yes||\
|instances|key|yes|Privilege::MODIFY on
`instance specified w/ :id param|uses :id to find instance|yes||
|instances|stop|yes|no!|:id is used to lookup instance|yes||
|instances|reboot|yes|no!|:id is used to lookup instance|yes||
|instance_parameters|index|||||controller does not exist, route placeholder added, never implemented|
|instance_parameters|create|||||controller does not exist|
|instance_parameters|new|||||controller does not exist|
|instance_parameters|edit|||||controller does not exist|
|instance_parameters|show|||||controller does not exist|
|instance_parameters|update|||||controller does not exist|
|instance_parameters|destroy|||||controller does not exist|
|image_imports|index|||||controller does not exist, removed [https://github.com/aeolusproject/conductor/commit/32cbe3b1c69c14c18b35300ecb903c4e103aefa6], route should be removed|
|image_imports|create|||||controller does not exist, removed|
|image_imports|new|||||controller does not exist, removed|
|image_imports|edit|||||controller does not exist, removed|
|image_imports|show|||||controller does not exist, removed|
|image_imports|update|||||controller does not exist, removed|
|image_imports|destroy|||||controller does not exist, removed|
|hardware_profiles|multi_destroy|yes|Privilege::MODIFY on hardware profiles specified by params[::hardware_profile_selected]|:hardware_profile_selected param used to find hardwareprofiles to destroy|yes||
|hardware_profiles|filter|yes|no (change?)|uses :hardware_profiles_preset_filter and :hardware_profiles_search params to construct redirect_to location|yes||
|hardware_profiles|index|yes|no|assigns params array to `params member
and uses params[:hardware\_profile] subattributes to construct new
hwp|yes||\
|hardware\_profiles|create|yes|Privilege::CREATE on
HardwareProfile|params[:hardware\_profile] used to create a new hwp and
:commit param used to determine rendering/redirect flow control|yes|see
note about matching\_provider\_hardware\_profiles|\
|hardware\_profiles|new|yes|Privilege::CREATE on
HardwareProfile|n/a|yes|\
|hardware\_profiles|edit|yes|Privilege::MODIFY on hardware\_profile
specified by :id param|:id param is used to find User|yes|see note about
matching\_provider\_hardware\_profiles|\
|hardware\_profiles|show|yes|Privilege::VIEW on
`hardware_profile specified by :id param|uses :details_tab and :details pane params to format view components, :id param to lookup hwp|yes||
|hardware_profiles|update|yes|Privilege::MODIFY on `hardware\_profile
specified by id; and Privilege::VIEW on HardwareProfile|params[:id] used
to find hwp, params[:hardware\_profile] used to construct hwp|yes|see
note about matching\_provider\_hardware\_profiles|\
|hardware\_profiles|destroy|yes|Privilege::MODIFY on hardware\_profile
specified by :id param|:id param is used to find User|yes||\
|provider\_accounts|multi\_destroy|yes|requires Privilege::Modify on
provider\_accounts specified by :accounts\_selected param|uses
provider\_id param to find provider, uses :accounts\_selected param to
find provider\_accounts to destroy|yes|require privilege::modify on
provider?|\
|provider\_accounts|set\_selected\_provider|yes|n/a|uses
:provider\_account[:provider\_id] to find provider|yes||\
|provider\_accounts|index|yes|retrieves provider accounts the
current\_user has Privilege::VIEW on||yes||\
|provider\_accounts|create|yes|requires Privilege::Create on
ProviderAccounts on provider specified by
params[:provider\_account][:provider\_id]|uses
:provider\_account[:provider] param to find provider by name, uses
:provider\_account[:provider\_id] param to find provider, uses
:provider\_account param to create new provider, uses
:quota][:maximum\_running\_instances] to set\_maximum\_running\_instance
on provider account quota|yes||\
|provider\_accounts|new|yes|n/a|uses :provider\_id to find
provider|yes||\
|provider\_accounts|edit|yes|requires Privilege::Modify on
provider\_account specified by :id param|uses :id to find
provider\_account, uses :provider\_id to find provider|yes|update method
also requires user to have Privilege::Modify on provider, need to
enforce that here by restricting which provider accounts are
retrieved?|\
|provider\_accounts|show|yes|retrieves provider accounts the
current\_user has Privilege::VIEW on, requires Privilege::VIEW on the
provider\_account specified by the :id param|uses :id param to find
provider account, uses :provider\_id to find provider, uses
:details\_tab param to render view components, uses :test\_account param
to direct flow control|yes||\
|provider\_accounts|update|yes|requires Privilege::Modify on
provider\_account specified by :id param, and
provider\_account.provider|uses :id param to find provider\_account to
update, uses :quota[:maximum\_running\_instances] to
set\_maximum\_running\_instances on provider account ,uses
:provider\_account param to update\_attributes of provider\_account
|yes||\
|provider\_accounts|destroy|yes|requires Privilege::Modify on
`provider_account|uses :id param to find provider_account to destroy, uses :provider_id param to find provider|yes||
|providers|multi_destroy|||||method does not exist, remove|
|providers|index|yes|retrieves list of providers current user has Privilege::View on|assigns params array to `params
member and uses session[:current\_provider\_id] to find provider|yes||\
|providers|create|yes|retrieves list of providers current user has
Privilege::View on and Privilege::CREATE on Provider|uses :provider
param to create new provider and lookup provider type|yes||\
|providers|new|yes|retrieves list of providers current user has
Privilege::View on and requires Privilege::CREATE on Provider
|n/a|yes||\
|providers|edit|yes|retrieves list of providers current user has
Privilege::View on, list of provider accounts current user has
Privilege::View on, and requires Privilege::MODIFY & Privilege::VIEW on
provider specified by :id|uses :id param to lookup provider,
:test\_provider param as flow control boolean, :details\_tab to format
view component|yes||\
|providers|show|yes|retrieves list of providers current user has
Privilege::View on and requires Privilege::VIEW on provider specified by
:id|uses :id param to lookup provider, :test\_provider param as flow
control boolean, :details\_tab and :details\_pane parameters to format
view components|yes||\
|providers|update|yes|retrieves list of providers current user has
Privilege::View on, list of provider accounts current user has
Privilege::View on, and requires Privilege::MODIFY & Privilege::VIEW on
provider specified by :id param|uses :id param to find provider,
params[:provider] to update provider attributes, :details\_tab to format
view components,:provider\_accounts\_preset\_filter and
:provider\_accounts\_search to apply\_filters to provider
accounts|yes||\
|providers|destroy|yes|retrieves list of providers current user has
Privilege::View on and requires Privilege::MODIFY on provider specified
by :id param|uses :id param to find provider to destroy|yes||\
|config\_servers|test|yes|no|uses :id param to find config
server|yes|evaluated v0.9.0rc1 as 0.4.0 didn’t incorporate
config\_servers|\
|config\_servers|index|yes||||method missing|\
|config\_servers|new|yes|requires Privilege::Modify on provider\_account
specified by :provider\_account\_id param|uses :provider\_account\_id to
find provider\_account|yes||\
|config\_servers|create|yes|requires Privilege::Modify on
provider\_account specified by :provider\_account\_id param|uses
:provider\_account\_id to find provider\_account, uses :config\_server
to create new config\_server|yes|calls strip! on each config\_server
param|\
|config\_servers|edit|yes|requires Privilege::Modify on
provider\_account of config\_server specified by :id|uses :id to find
config\_server|yes||\
|config\_servers|show|yes||||method missing|\
|config\_servers|update|yes|requires Privilege::Modify on
provider\_account of config\_server specified by :id param|uses :id to
find config\_server to update, uses :config\_server to
update\_attributes of config\_server found|yes|calls strip! on each
config\_server param|\
|config\_servers|destroy|yes|requires Privilege::Modify on
provider\_account of config\_server specified by :id param|uses :id to
find config\_server to destroy|yes||\
|roles|multi\_destroy|y|requires Privilege::PERM\_SET|uses
:role\_selected param to find roles to destroy|yes||\
|roles|index|y|no?|uses :order\_field, :order\_dir, :page to paginate /
sort roles retrieved|yes||\
|roles|create|y|requires Privilege::PERM\_SET|n/a|yes|\
|roles|new|y|requires Privilege::PERM\_SET|uses :role param to create
new role|yes|note about roles scope needs to be flushed out|\
|roles|edit|y|requires Privilege::PERM\_SET|uses :id param to find the
role|yes||\
|roles|show|y|requires Privilege::PERM\_VIEW|uses :id param to find the
role; uses :details\_tab, :details\_pane params to format view
components|no|details tab param should be validated before being passed
into render partial|\
|roles|update|y|requires Privilege::PERM\_SET|uses :id param to find the
role; uses :commit param to direct flow control, uses :role param to
update role found|yes||\
|roles|destroy|y|requires Privilege::PERM\_SET|uses :id param to find
the role|yes||\
|pool\_families|multi\_destroy|y|requires Privilege::Modify on pool
families specified by :pool\_family\_select param|uses
:pool\_family\_select param to find pool families to destroy|yes||\
|pool\_families|add\_provider\_account|y|requires Privilege::Modify on
pool family specified by :id, requires Privileges::Use on provider
accounts specified by :accounts\_selected param, retrieves provider
accounts the current user has Privilege::User on|uses :id param to find
pool family, uses :accounts\_selected param to find provider accounts to
add to pool family|yes||\
|pool\_families|remove\_provider\_accounts|y|requires Privilege::Modify
on pool family specified by :id|uses :id param to find pool family, uses
:accounts\_selected param to find provider accounts to remove from pool
family|yes||\
|pool\_families|index|y|retrieves PoolFamilies which the current\_user
has Privilege::View on Pool|uses :order\_field, :order\_dir params to
sort pool families|yes||\
|pool\_families|create|y|requires Privilege::Create on
PoolFamily|n/a|yes|\
|pool\_families|new|y|requires Privilege::Create on PoolFamily|uses
:pool\_family param to create new pool family|yes||\
|pool\_families|edit|y|requires Privilege::Modify on pool family
specified by :id|uses :id param to find pool family|yes||\
|pool\_families|show|y|requires Privilege::View on pool family specified
by :id param, retrieves PoolFamilies which the current\_user has
Privilege::View on Pool|uses :id to find PoolFamily, uses :order\_field,
:order\_dir params to sort pool families, uses details\_tab param to
render view components|yes|should restrict found images?|\
|pool\_families|update|y|requires Privilege::Modify on pool family
specified by :id|uses :id param to find pool family, uses :pool\_family
param to update\_attributes of pool family|yes||\
|pool\_families|destroy|y|requires Privilege::Modify on pool family
specified by :id|uses :id param to find pool family|yes||\
|realms|multi\_destroy|y|requires Privilege::MODIFY on Realm|uses
:realm\_selected param to find realms to destroy |yes|can be optimized
to call require\_privilege method once|\
|realms|index|y|no|uses :realms\_preset\_filter, :realms\_search params
to apply\_filters to FrontendRealms retrieved|yes||\
|realms|filter|y|no (change?)|uses :realms\_preset\_filter and
:realms\_search params to construct redirect\_to location|yes||\
|realms|new|y|requires Privilege::CREATE on Realm, retrieves privileges
on which current\_user has Privilege::VIEW|n/a|yes||\
|realms|create|y|requires Privilege::CREATE on Realm, retrieves
privileges on which current\_user has Privilege::VIEW|uses
:frontend\_realm param to create new realm|yes||\
|realms|edit|y|requires Privilege::MODIFY on Realm, retrieves privileges
on which current\_user has Privilege::VIEW|uses :id param to find
FrontendRealm|yes||\
|realms|show|y|no?|uses :id param to find FrontendRealm; uses
:details\_tab, :details\_pane params to format view components|yes||\
|realms|update|y|requires Privilege::MODIFY on Realm, retrieves
privileges on which current\_user has Privilege::VIEW|uses :id param to
find FrontendRealm; uses :commit param to direct flow control, uses
:frontend\_realm param to update\_attributes of realm found|yes||\
|realms|destroy|y|requires Privilege::MODIFY on Realm|uses :id param to
find FrontendRealm to destroy|yes||\
|provider\_realms|index|yes|n/a|uses :provider\_realms\_preset\_filter,
and :provider\_realms\_search to apply\_filters params to realms|yes
(?)|evaluated v0.9.0rc1 as 0.4.0 didn’t incorporate provider\_realms,
should restrict providers retrieved in any way?|\
|provider\_realms|filter|yes|n/a|uses :provider\_realms\_preset\_filter,
and :provider\_realms\_search params to construct redirect\_to
location|yes||\
|provider\_realms|create|||||method does not exist|\
|provider\_realms|new|||||method does not exist|\
|provider\_realms|edit|||||method does not exist|\
|provider\_realms|show|yes|n/a|uses :id param to find realm, uses
:details\_tab and :details pane params to format view components|yes||\
|provider\_realms|update|||||method does not exist|\
|provider\_realms|destroy|||||method does not exist|\
|realm\_mappings|new|yes|requires Privilege::Create on Realm, retrieves
providers which the current\_user has Privilege::View on|uses
:frontend\_realm\_id, :realm\_or\_provider\_type to construct
placeholder RealmBackendTarget |yes (?)|if :realm\_or\_provider\_type
param == ‘Realm’, all realms are retrieved, want to limit this?|\
|realm\_mappings|multi\_destroy|yes|requires Privilege::Modify on
Realm|uses :id param to find RealmBackendTarget to destroy, uses
:frontend\_realm\_id param to construct redirect path|yes||\
|realm\_mappings|index|||||method does not exist|\
|realm\_mappings|create|yes|requires Privilege::Create on Realm|uses
:realm\_backend\_targets param to create new RealmBackendTarget|yes||\
|realm\_mappings|edit|||||method does not exist|\
|realm\_mappings|show|||||method does not exist|\
|realm\_mappings|update|||||method does not exist|\
|realm\_mappings|destroy|||||method does not exist|\
|deployables|multi\_destroy|y|requires Privilege::Modify on deployables
found w/ :deployables\_selected param|:deployables\_selected param is
used to find deployable, :catalog\_id param is used to find catalog if
present|no|Permission check should be enforced on catalog retrieved|\
|deployables|filter|y|no (change?)|uses
:catalog\_entries\_preset\_filter and :catalog\_entries\_search params
to construct redirect\_to location|yes||\
|deployables|definition|y|requires Privilege::View on deployable found
w/ :id param|:id param is used to find deployable|yes||\
|deployables|build|y|requires Privilege::View on deployable found w/ :id
param, requires Privilege::Modify on catalog found by :catalog\_id param
if present, retrieves provider accounts current\_user has
Privilege::VIEW on|:id param is used to find deployable, :catalog\_id
param is used to find catalog if present, uses :build\_options to
determine flow control |yes||\
|deployables|index|y|retrieves all deployables which current\_user has
Privilege::VIEW on ‘’’only if’’’ catalog\_id is not self, no permission
check otherwise|uses :catalog\_id to lookup
catalog|no|uses :environment param to find pool family, sets
`name member var using :name param, sets `xml using :image\_xml param;
:back, :make\_deployable params is used to direct flow control|yes||\
|images|new|y|retrieves provider accounts which current\_user has
Privilege::Use on|uses :tab param to direct flow control, uses
:enviornment param to find PoolFamilies|yes||\
|images|edit|||||method does not exist and should be removed|\
|images|show|y|no!|uses :id param to find warehouse image, uses :build
param to select build if present|yes||\
|images|update|||||method does not exist and should be removed|\
|images|multi\_destroy|y|no|uses :images\_selected param to find image
warehouse images to destroy|yes||\
|target\_images|index|||||method does not exist|\
|target\_images|create|yes|requires Privilege::Use on pool\_family of
warehouse image specified by :image\_id param|uses :image\_id to find
warehouse image, uses :image\_id, :build\_id, and :target params to
create new image factory image; uses :image\_id, :build\_id params to
construct redirect\_path|no|should verify user has rights to warehouse
image and build, should not use global exception variables, evaluated
v0.9.0rc1 as 0.4.0 didn’t incorporate target\_images|\
|target\_images|new|||||method does not exist|\
|target\_images|edit|||||method does not exist|\
|target\_images|show|||||method does not exist|\
|target\_images|update|||||method does not exist|\
|target\_images|destroy|yes|requires Privilege::Use on pool\_family of
warehouse image specified by :image\_id param|uses :image\_id param to
find warehouse image, uses :id param to find warehouse target image to
destroy; uses :image\_id param to construct redirect\_path|yes
(?)|should require additional restrictions to delete image, look into
rescue nil bit|\
|provider\_images|index|||||method does not exist|\
|provider\_images|create|yes|requires Privilege::Use on pool\_family of
warehouse image specified by :image\_id param|uses :image\_id to find
warehouse image, uses :account\_id to find provider\_account, uses
:image\_id, :build\_id, :target\_image\_id params to create new image
factory provider image; uses :image\_id, :build\_id to construct
redirect\_to path|no|should restrict provider account to ensure user has
access; evaluated v0.9.0rc1 as 0.4.0 didn’t incorporate
provider\_images|\
|provider\_images|new|||||method does not exist|\
|provider\_images|edit|||||method does not exist|\
|provider\_images|show|||||method does not exist|\
|provider\_images|update|||||method does not exist|\
|provider\_images|destroy|yes|requires Privilege::Use on pool\_family of
warehouse image specified by :image\_id param|uses :image\_id param to
find warehouse image, uses :id param to find warehouse image to destroy;
uses :image\_id param to construct redirect\_path|yes (?)|should require
additional restrictions to delete image, look into rescue nil bit|\
|provider\_images|index|||||method does not exist|\
|provider\_types|index|yes||||yes||\
|dashboard|dashboard|||||dashboard controller removed|