|
unit="Default_Organization"
|
|
unit_org_id=1
|
|
|
|
hammer role create --name org-admin-${unit}
|
|
hammer filter create --role org-admin-${unit} --permissions access_dashboard
|
|
hammer filter create --role org-admin-${unit} --permissions download_bootdisk
|
|
hammer filter create --role org-admin-${unit} --permissions view_plugins
|
|
hammer filter create --role org-admin-${unit} --permissions view_statistics
|
|
hammer filter create --role org-admin-${unit} --permissions view_tasks
|
|
hammer filter create --role org-admin-${unit} --permissions create_activation_keys --search "organization_id = ${unit_org_id}"
|
|
hammer filter create --role org-admin-${unit} --permissions destroy_activation_keys --search "organization_id = ${unit_org_id}"
|
|
hammer filter create --role org-admin-${unit} --permissions edit_activation_keys --search "organization_id = ${unit_org_id}"
|
|
hammer filter create --role org-admin-${unit} --permissions view_activation_keys --search "organization_id = ${unit_org_id}"
|
|
hammer filter create --role org-admin-${unit} --permissions view_architectures
|
|
hammer filter create --role org-admin-${unit} --permissions view_audit_logs --search "user ^ ${unit}-"
|
|
hammer filter create --role org-admin-${unit} --permissions create_globals --search "name ^ ${unit}-"
|
|
hammer filter create --role org-admin-${unit} --permissions destroy_globals --search "name ^ ${unit}-"
|
|
hammer filter create --role org-admin-${unit} --permissions edit_globals --search "name ^ ${unit}-"
|
|
hammer filter create --role org-admin-${unit} --permissions view_globals --search "name ^ ${unit}-"
|
|
hammer filter create --role org-admin-${unit} --permissions view_compute_profiles
|
|
hammer filter create --role org-admin-${unit} --permissions console_compute_resources_vms --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions create_compute_resources --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions create_compute_resources_vms --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions destroy_compute_resources --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions destroy_compute_resources_vms --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions edit_compute_resources --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions edit_compute_resources_vms --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions power_compute_resources_vms --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions view_compute_resources --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions view_compute_resources_vms --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions create_content_hosts --search "organization_id = ${unit_org_id}"
|
|
hammer filter create --role org-admin-${unit} --permissions destroy_content_hosts --search "organization_id = ${unit_org_id}"
|
|
hammer filter create --role org-admin-${unit} --permissions edit_content_hosts --search "organization_id = ${unit_org_id}"
|
|
hammer filter create --role org-admin-${unit} --permissions view_content_hosts --search "organization_id = ${unit_org_id}"
|
|
hammer filter create --role org-admin-${unit} --permissions create_content_views --search "organization_id = ${unit_org_id}"
|
|
hammer filter create --role org-admin-${unit} --permissions destroy_content_views --search "organization_id = ${unit_org_id}"
|
|
hammer filter create --role org-admin-${unit} --permissions edit_content_views --search "organization_id = ${unit_org_id}"
|
|
hammer filter create --role org-admin-${unit} --permissions promote_or_remove_content_views --search "organization_id = ${unit_org_id}"
|
|
hammer filter create --role org-admin-${unit} --permissions publish_content_views --search "organization_id = ${unit_org_id}"
|
|
hammer filter create --role org-admin-${unit} --permissions view_content_views --search "organization_id = ${unit_org_id}"
|
|
hammer filter create --role org-admin-${unit} --permissions commit_containers --search "organization_id = ${unit_org_id}"
|
|
hammer filter create --role org-admin-${unit} --permissions create_containers --search "organization_id = ${unit_org_id}"
|
|
hammer filter create --role org-admin-${unit} --permissions destroy_containers --search "organization_id = ${unit_org_id}"
|
|
hammer filter create --role org-admin-${unit} --permissions view_containers --search "organization_id = ${unit_org_id}"
|
|
hammer filter create --role org-admin-${unit} --permissions create_registries --search "organization_id = ${unit_org_id}"
|
|
hammer filter create --role org-admin-${unit} --permissions destroy_registries --search "organization_id = ${unit_org_id}"
|
|
hammer filter create --role org-admin-${unit} --permissions view_registries --search "organization_id = ${unit_org_id}"
|
|
hammer filter create --role org-admin-${unit} --permissions create_domains --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions destroy_domains --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions edit_domains --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions view_domains --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions create_environments --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions destroy_environments --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions edit_environments --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions import_environments --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions view_environments --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions view_external_usergroups
|
|
hammer filter create --role org-admin-${unit} --permissions upload_facts --search "host ^ ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions view_facts --search "host ^ ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions view_filters
|
|
hammer filter create --role org-admin-${unit} --permissions edit_foreman_tasks --search "owner.login ^ ${unit}-"
|
|
hammer filter create --role org-admin-${unit} --permissions view_foreman_tasks --search "owner.login ^ ${unit}- or owner.login = foreman_admin"
|
|
hammer filter create --role org-admin-${unit} --permissions create_gpg_keys --search "organization_id = ${unit_org_id}"
|
|
hammer filter create --role org-admin-${unit} --permissions destroy_gpg_keys --search "organization_id = ${unit_org_id}"
|
|
hammer filter create --role org-admin-${unit} --permissions edit_gpg_keys --search "organization_id = ${unit_org_id}"
|
|
hammer filter create --role org-admin-${unit} --permissions view_gpg_keys --search "organization_id = ${unit_org_id}"
|
|
hammer filter create --role org-admin-${unit} --permissions create_host_collections --search "organization_id = ${unit_org_id}"
|
|
hammer filter create --role org-admin-${unit} --permissions destroy_host_collections --search "organization_id = ${unit_org_id}"
|
|
hammer filter create --role org-admin-${unit} --permissions edit_host_collections --search "organization_id = ${unit_org_id}"
|
|
hammer filter create --role org-admin-${unit} --permissions view_host_collections --search "organization_id = ${unit_org_id}"
|
|
hammer filter create --role org-admin-${unit} --permissions create_hostgroups --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions destroy_hostgroups --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions edit_hostgroups --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions view_hostgroups --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions build_hosts --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions console_hosts --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions create_hosts --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions destroy_hosts --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions edit_hosts --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions ipmi_boot --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions power_hosts --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions puppetrun_hosts --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions view_hosts --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions view_images
|
|
hammer filter create --role org-admin-${unit} --permissions create_lifecycle_environments --search "organization_id = ${unit_org_id}"
|
|
hammer filter create --role org-admin-${unit} --permissions destroy_lifecycle_environments --search "organization_id = ${unit_org_id}"
|
|
hammer filter create --role org-admin-${unit} --permissions edit_lifecycle_environments --search "organization_id = ${unit_org_id}"
|
|
hammer filter create --role org-admin-${unit} --permissions promote_or_remove_content_views_to_environments --search "organization_id = ${unit_org_id}"
|
|
hammer filter create --role org-admin-${unit} --permissions view_lifecycle_environments --search "organization_id = ${unit_org_id}"
|
|
hammer filter create --role org-admin-${unit} --permissions view_locations
|
|
hammer filter create --role org-admin-${unit} --permissions view_mail_notifications
|
|
hammer filter create --role org-admin-${unit} --permissions create_media --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions destroy_media --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions edit_media --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions view_media --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions view_models
|
|
hammer filter create --role org-admin-${unit} --permissions create_operatingsystems --search "name ^ ${unit}-"
|
|
hammer filter create --role org-admin-${unit} --permissions destroy_operatingsystems --search "name ^ ${unit}-"
|
|
hammer filter create --role org-admin-${unit} --permissions edit_operatingsystems --search "name ^ ${unit}-"
|
|
hammer filter create --role org-admin-${unit} --permissions view_operatingsystems --search "name ^ ${unit}- or name ^ RedHat"
|
|
hammer filter create --role org-admin-${unit} --permissions create_ptables --search "name ^ ${unit}-"
|
|
hammer filter create --role org-admin-${unit} --permissions destroy_ptables --search "name ^ ${unit}-"
|
|
hammer filter create --role org-admin-${unit} --permissions edit_ptables --search "name ^ ${unit}-"
|
|
hammer filter create --role org-admin-${unit} --permissions view_ptables --search "name ^ ${unit}- or name ~ default"
|
|
hammer filter create --role org-admin-${unit} --permissions create_products --search "organization_id = ${unit_org_id}"
|
|
hammer filter create --role org-admin-${unit} --permissions destroy_products --search "organization_id = ${unit_org_id}"
|
|
hammer filter create --role org-admin-${unit} --permissions edit_products --search "organization_id = ${unit_org_id}"
|
|
hammer filter create --role org-admin-${unit} --permissions sync_products --search "organization_id = ${unit_org_id}"
|
|
hammer filter create --role org-admin-${unit} --permissions view_products --search "organization_id = ${unit_org_id}"
|
|
hammer filter create --role org-admin-${unit} --permissions create_templates --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions deploy_templates --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions destroy_templates --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions edit_templates --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions lock_templates --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions view_templates --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions view_puppetclasses --search "host ^ ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions create_realms --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions destroy_realms --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions edit_realms --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions view_realms --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions destroy_reports --search "host ^ ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions upload_reports --search "host ^ ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions view_reports --search "host ^ ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions create_smart_proxies --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions create_smart_proxies_autosign --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions destroy_smart_proxies --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions destroy_smart_proxies_autosign --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions destroy_smart_proxies_puppetca --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions edit_smart_proxies --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions edit_smart_proxies_puppetca --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions view_smart_proxies --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions view_smart_proxies_autosign --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions view_smart_proxies_puppetca --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions create_subnets --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions destroy_subnets --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions edit_subnets --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions import_subnets --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions view_subnets --search "organization = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions create_sync_plans --search "organization_id = ${unit_org_id}"
|
|
hammer filter create --role org-admin-${unit} --permissions destroy_sync_plans --search "organization_id = ${unit_org_id}"
|
|
hammer filter create --role org-admin-${unit} --permissions edit_sync_plans --search "organization_id = ${unit_org_id}"
|
|
hammer filter create --role org-admin-${unit} --permissions view_sync_plans --search "organization_id = ${unit_org_id}"
|
|
hammer filter create --role org-admin-${unit} --permissions view_users
|
|
hammer filter create --role org-admin-${unit} --permissions view_usergroups
|
|
hammer filter create --role org-admin-${unit} --permissions view_roles --search "name ^ ${unit}-"
|
|
hammer filter create --role org-admin-${unit} --permissions view_organizations --search "label = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions edit_organizations --search "label = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions view_subscriptions --search "label = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions attach_subscriptions --search "label = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions unattach_subscriptions --search "label = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions import_manifest --search "label = ${unit}"
|
|
hammer filter create --role org-admin-${unit} --permissions delete_manifest --search "label = ${unit}"
|
