Contents

class RemoveOvalPermissions < ActiveRecord::Migration[6.1]
  def up
    ['ForemanOpenscap::OvalPolicy', 'ForemanOpenscap::OvalContent', 'ForemanOpenscap::Cve'].each do |resource_type|
      Permission.where(resource_type: resource_type).each do |permission|
        # Filter has before_destroy check if it belongs to a locked role (e.g. default one). Since this is a cleanup, we don't care.
        permission.filters.delete_all
        # Permission should remove Filterings on destroy
        permission.destroy
      end
    end
    # Not a permission, but still a leftover from OVAL removal
    if ForemanOpenscap.with_remote_execution?
      oval_feature = RemoteExecutionFeature.find_by(label: 'foreman_openscap_run_oval_scans')
      oval_scan_template = Template.find_by(name: 'Run OVAL scans')
      if oval_scan_template
        TemplateInvocation.where(template_id: oval_scan_template.id).delete_all
        TemplateInput.where(template_id: oval_scan_template.id).delete_all
      end
      JobInvocation.where(remote_execution_feature_id: oval_feature.id).delete_all if oval_feature
      oval_feature&.destroy
      oval_scan_template&.delete
    end
  end
end

Version data entries

8 entries across 8 versions & 1 rubygems

Version	Path
foreman_openscap-10.0.3	db/migrate/20240617105409_remove_oval_permissions.rb
foreman_openscap-10.0.2	db/migrate/20240617105409_remove_oval_permissions.rb
foreman_openscap-10.0.1	db/migrate/20240617105409_remove_oval_permissions.rb
foreman_openscap-10.0.0	db/migrate/20240617105409_remove_oval_permissions.rb
foreman_openscap-9.0.4	db/migrate/20240617105409_remove_oval_permissions.rb
foreman_openscap-9.0.3	db/migrate/20240617105409_remove_oval_permissions.rb
foreman_openscap-9.0.2	db/migrate/20240617105409_remove_oval_permissions.rb
foreman_openscap-9.0.1	db/migrate/20240617105409_remove_oval_permissions.rb