add cors domains parameter

theforeman · Feb 23, 2019 · e9abf3d · e9abf3d
1 parent 022fcb9
commit e9abf3d
Show file tree

Hide file tree

Showing 4 changed files with 21 additions and 0 deletions.
diff --git a/manifests/init.pp b/manifests/init.pp
@@ -211,6 +211,8 @@
 #
 # $hsts_enabled::                 Should HSTS enforcement in https requests be enabled
 #
+# $cors_domains::               List of domains that show be allowed for Cross-Origin Resource Sharing
+#
 class foreman (
   Stdlib::HTTPUrl $foreman_url = $::foreman::params::foreman_url,
   Boolean $puppetrun = $::foreman::params::puppetrun,
@@ -311,6 +313,7 @@
   Stdlib::Port $dynflow_pool_size = $::foreman::params::dynflow_pool_size,
   String $jobs_service = $::foreman::params::jobs_service,
   Boolean $hsts_enabled = $::foreman::params::hsts_enabled,
+  Array[Stdlib::HTTPUrl] $cors_domains = $::foreman::params::cors_domains,
 ) inherits foreman::params {
   if $db_adapter == 'UNSET' {
     $db_adapter_real = $::foreman::db_type ? {

diff --git a/manifests/params.pp b/manifests/params.pp
@@ -50,6 +50,8 @@
   $version           = 'present'
   $plugin_version    = 'present'
 
+  $cors_domains = []
+
   # when undef, foreman-selinux will be installed if SELinux is enabled
   # setting to false/true will override this check (e.g. set to false on 1.1)
   $selinux     = undef

diff --git a/spec/classes/foreman_spec.rb b/spec/classes/foreman_spec.rb
@@ -366,6 +366,14 @@ class {'apache':
         end
       end
 
+      describe 'with cors domains' do
+        let(:params) { super().merge(cors_domains: ['https://example.com']) }
+        it 'should set cors config' do
+          should contain_concat__fragment('foreman_settings+01-header.yaml').
+            with_content(/^:cors_domains:\n\s+- 'https:\/\/example\.com'\n$/)
+        end
+      end
+
       context 'with email configured for SMTP' do
         let(:params) { super().merge(email_delivery_method: 'smtp') }
 

diff --git a/templates/settings.yaml.erb b/templates/settings.yaml.erb
@@ -46,6 +46,14 @@
     :type: <%= scope.lookupvar("foreman::logging_type") %>
     :layout: <%= scope.lookupvar("foreman::logging_layout") %>
 
+<% if Array(scope.lookupvar('foreman::cors_domains')).size >= 1 -%>
+# List of domains allowed for Cross-Origin Resource Sharing
+:cors_domains:
+<% scope.lookupvar('foreman::cors_domains').each do |domain| -%>
+ - '<%= domain %>'
+<% end -%>
+
+<% end -%>
 # Individual logging types can be toggled on/off here
 :loggers:
 <% scope.lookupvar("foreman::loggers").each do |logger,enabled| -%>