Fixes #36753 - Only allow coherent default CVE

in global registration form - remove 'Lifecycle Environment' field from global registration form - add Rails validator preventing content view environments from using a non-default lifecycle environment with the Default Organization View
Katello · Oct 9, 2023 · 73b586e · 73b586e
1 parent 9d03ca6
commit 73b586e
Show file tree

Hide file tree

Showing 7 changed files with 45 additions and 138 deletions.
diff --git a/app/lib/katello/validators/content_view_environment_coherent_default_validator.rb b/app/lib/katello/validators/content_view_environment_coherent_default_validator.rb
@@ -0,0 +1,22 @@
+module Katello
+  module Validators
+    # ensures that the Default Organization View content view can only be used with the Library environment
+    class ContentViewEnvironmentCoherentDefaultValidator < ActiveModel::Validator
+      def validate(record)
+        #support lifecycle_environment_id for foreman models
+        environment_id = record.respond_to?(:lifecycle_environment_id) ? record.lifecycle_environment_id : record.environment_id
+        if record.content_view_id
+          view = ContentView.where(:id => record.content_view_id).first
+          if environment_id
+            env = KTEnvironment.where(:id => environment_id).first
+            return if view.blank? || env.blank?
+            if view.default? && !env.library?
+              record.errors[:base] << _("Lifecycle environment '%{env}' cannot be used with content view '%{view}'") %
+                                        {:view => view.name, :env => env.name}
+            end
+          end
+        end
+      end
+    end
+  end
+end
diff --git a/app/lib/katello/validators/content_view_environment_validator.rb b/app/lib/katello/validators/content_view_environment_validator.rb
@@ -1,5 +1,6 @@
 module Katello
   module Validators
+    # used by activation key and content facet
     class ContentViewEnvironmentValidator < ActiveModel::Validator
       def validate(record)
         #support lifecycle_environment_id for foreman models

diff --git a/app/models/katello/content_view_environment.rb b/app/models/katello/content_view_environment.rb
@@ -19,6 +19,7 @@ class ContentViewEnvironment < Katello::Model
     validates :environment_id, uniqueness: {scope: :content_view_id}, presence: true
     validates :content_view_id, presence: true
     validates_with Validators::ContentViewEnvironmentOrgValidator
+    validates_with Validators::ContentViewEnvironmentCoherentDefaultValidator
 
     before_save :generate_info
 
@@ -42,6 +43,10 @@ def activation_keys
       content_view.activation_keys.in_environment(environment)
     end
 
+    def default_environment?
+      content_view.default? && environment.library?
+    end
+
     # TODO: uncomment when we need to start showing multiple CVE names in UI
     # def candlepin_name
     #   "#{environment.label}/#{content_view.label}"
@@ -52,7 +57,7 @@ def activation_keys
     def generate_info
       self.name ||= environment.name
 
-      if content_view.default?
+      if default_environment?
         self.label ||= environment.label
         self.cp_id ||= Katello::Util::Data.hexdigest(environment.organization.label)
       else

diff --git a/webpack/components/extensions/RegistrationCommands/__tests__/LifeCycleEnvironment.test.js b/webpack/components/extensions/RegistrationCommands/__tests__/LifeCycleEnvironment.test.js
diff --git a/...extensions/RegistrationCommands/__tests__/__snapshots__/LifeCycleEnvironment.test.js.snap b/...extensions/RegistrationCommands/__tests__/__snapshots__/LifeCycleEnvironment.test.js.snap
diff --git a/webpack/components/extensions/RegistrationCommands/fields/LifecycleEnvironment.js b/webpack/components/extensions/RegistrationCommands/fields/LifecycleEnvironment.js
diff --git a/webpack/components/extensions/RegistrationCommands/index.js b/webpack/components/extensions/RegistrationCommands/index.js
@@ -3,62 +3,38 @@ import PropTypes from 'prop-types';
 import { noop } from 'foremanReact/common/helpers';
 
 import ActivationKeys from './fields/ActivationKeys';
-import LifecycleEnvironment from './fields/LifecycleEnvironment';
 import IgnoreSubmanErrors from './fields/IgnoreSubmanErrors';
 import Force from './fields/Force';
 
 export const RegistrationCommands = ({
-  organizationId,
-  hostGroupId,
   pluginValues,
-  pluginData,
   onChange,
   isLoading,
-}) => {
-  useEffect(() => {
-    onChange({ lifecycleEnvironmentId: '' });
-  }, [onChange, organizationId, hostGroupId]);
-
-  return (
-    <>
-      <LifecycleEnvironment
-        pluginValues={pluginValues}
-        lifecycleEnvironments={pluginData?.lifecycleEnvironments}
-        hostGroupEnvironment={pluginData?.hostGroupEnvironment}
-        organizationId={organizationId}
-        onChange={onChange}
-        isLoading={isLoading}
-      />
-      <IgnoreSubmanErrors
-        value={pluginValues?.ignoreSubmanErrors}
-        pluginValues={pluginValues}
-        onChange={onChange}
-        isLoading={isLoading}
-      />
-      <Force
-        value={pluginValues?.force}
-        pluginValues={pluginValues}
-        onChange={onChange}
-        isLoading={isLoading}
-      />
-    </>
-  );
-};
+}) => (
+  <>
+    <IgnoreSubmanErrors
+      value={pluginValues?.ignoreSubmanErrors}
+      pluginValues={pluginValues}
+      onChange={onChange}
+      isLoading={isLoading}
+    />
+    <Force
+      value={pluginValues?.force}
+      pluginValues={pluginValues}
+      onChange={onChange}
+      isLoading={isLoading}
+    />
+  </>
+);
 
 RegistrationCommands.propTypes = {
-  organizationId: PropTypes.oneOfType([PropTypes.string, PropTypes.number]),
-  hostGroupId: PropTypes.oneOfType([PropTypes.string, PropTypes.number]),
   pluginValues: PropTypes.object, // eslint-disable-line react/forbid-prop-types
-  pluginData: PropTypes.object, // eslint-disable-line react/forbid-prop-types
   onChange: PropTypes.func,
   isLoading: PropTypes.bool,
 };
 
 RegistrationCommands.defaultProps = {
-  organizationId: undefined,
-  hostGroupId: undefined,
   pluginValues: {},
-  pluginData: {},
   isLoading: false,
   onChange: noop,
 };