Merge branch 'main' into im/server_options

chef · Jan 3, 2024 · 9a885e0 · 9a885e0
2 parents 422611c + 3757793
commit 9a885e0
Show file tree

Hide file tree

Showing 9 changed files with 145 additions and 36 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,16 +1,18 @@
 # Chef Server Changelog
 <!-- usage documentation: http://expeditor-docs.es.chef.io/configuration/changelog/ -->
-<!-- latest_release 15.9.16 -->
-## [15.9.16](https://github.com/chef/chef-server/tree/15.9.16) (2023-12-15)
+<!-- latest_release 15.9.18 -->
+## [15.9.18](https://github.com/chef/chef-server/tree/15.9.18) (2024-01-02)
 
 #### Merged Pull Requests
-- Update release announcement to use chef download page [#3754](https://github.com/chef/chef-server/pull/3754) ([kalroy](https://github.com/kalroy))
+- [CHEF-6100 CHEF-6112] GTM and OneTrust changes [#3738](https://github.com/chef/chef-server/pull/3738) ([ayush-billore](https://github.com/ayush-billore))
 <!-- latest_release -->
 
 <!-- release_rollup since=15.9.12 -->
 ### Changes since 15.9.12 release
 
 #### Merged Pull Requests
+- [CHEF-6100 CHEF-6112] GTM and OneTrust changes [#3738](https://github.com/chef/chef-server/pull/3738) ([ayush-billore](https://github.com/ayush-billore)) <!-- 15.9.18 -->
+- Correct some text in docs [#3698](https://github.com/chef/chef-server/pull/3698) ([IanMadd](https://github.com/IanMadd)) <!-- 15.9.17 -->
 - Update release announcement to use chef download page [#3754](https://github.com/chef/chef-server/pull/3754) ([kalroy](https://github.com/kalroy)) <!-- 15.9.16 -->
 - [CHEF-6088 CHEF-6094 CHEF-6107] Cookie policy, Privacy policy, logo and favicon changes [#3737](https://github.com/chef/chef-server/pull/3737) ([ayush-billore](https://github.com/ayush-billore)) <!-- 15.9.15 -->
 - Upgrade restclient gem version in erchef [#3721](https://github.com/chef/chef-server/pull/3721) ([RajeshPaul38](https://github.com/RajeshPaul38)) <!-- 15.9.14 -->

diff --git a/VERSION b/VERSION
@@ -1 +1 @@
-15.9.16
+15.9.18
diff --git a/docs-chef-io/content/server/reusable/md/server_rbac_permissions_object.md b/docs-chef-io/content/server/reusable/md/server_rbac_permissions_object.md
@@ -1,34 +1,8 @@
 The Chef Infra Server includes the following object permissions:
 
-<table>
-<colgroup>
-<col style="width: 12%" />
-<col style="width: 87%" />
-</colgroup>
-<thead>
-<tr class="header">
-<th>Permission</th>
-<th>Description</th>
-</tr>
-</thead>
-<tbody>
-<tr>
-<td><strong>Delete</strong></td>
-<td>Use the <strong>Delete</strong> permission to define which users and groups may delete an object. This permission is required for any user who uses the <code>knife [object] delete [object_name]</code> argument to interact with objects on the Chef Infra Server.</td>
-</tr>
-<tr>
-<td><strong>Grant</strong></td>
-<td>Use the <strong>Grant</strong> permission to define which users and groups may configure permissions on an object. This permission is required for any user who configures permissions using the <strong>Administration</strong> tab in the Chef management console.</td>
-</tr>
-<tr>
-<td><strong>Read</strong></td>
-<td>Use the <strong>Read</strong> permission to define which users and groups may view the details of an object. This permission is required for any user who uses the <code>knife [object] show [object_name]</code> argument to interact with objects on the Chef Infra Server.</td>
-</tr>
-<tr>
-<td><strong>Update</strong></td>
-<td>Use the <strong>Update</strong> permission to define which users and groups may edit the details of an object. This permission is required for any user who uses the <code>knife [object] edit [object_name]</code> argument to interact with objects on the Chef Infra Server and for any Chef Infra Client to save node data to the Chef Infra Server at the conclusion of a Chef Infra Client run.</td>
-</tr>
-</tbody>
-</table>
-
-{{/* moved to chef-server repo */}}
+| Permission | Description |
+| --- | --- |
+| **Delete** | Use the **Delete** permission to define which users and groups may delete an object. This permission is required for any user who uses the `knife [object] delete [object_name]` argument to interact with objects on the Chef Infra Server. |
+| **Grant** | Use the **Grant** permission to define which users and groups may configure permissions on an object. This permission is required for any user who configures permissions using the **Administration** tab in the Chef management console. |
+| **Read** | Use the **Read** permission to define which users and groups may view the details of an object. This permission is required for any user who uses the `knife [object] show [object_name]` argument to interact with objects on the Chef Infra Server. |
+| **Update** | Use the **Update** permission to define which users and groups may edit the details of an object. This permission is required for any user who uses the `knife [object] edit [object_name]` argument to interact with objects on the Chef Infra Server and for any Chef Infra Client to save node data to the Chef Infra Server at the conclusion of a Chef Infra Client run. |
diff --git a/omnibus/files/server-ctl-cookbooks/infra-server/attributes/default.rb b/omnibus/files/server-ctl-cookbooks/infra-server/attributes/default.rb
@@ -748,6 +748,9 @@
 default['private_chef']['oc_id']['sign_up_url'] = nil
 default['private_chef']['oc_id']['email_from_address'] = node['private_chef']['from_email']
 default['private_chef']['oc_id']['origin'] = node['private_chef']['api_fqdn']
+default['private_chef']['oc_id']['gtm_id'] = nil
+default['private_chef']['oc_id']['enable_gtm'] = false
+default['private_chef']['oc_id']['enable_onetrust'] = false
 
 default['private_chef']['oc_id']['administrators'] = []
 

diff --git a/omnibus/files/server-ctl-cookbooks/infra-server/recipes/oc_id.rb b/omnibus/files/server-ctl-cookbooks/infra-server/recipes/oc_id.rb
@@ -57,6 +57,9 @@
   'sign_up_url' => sign_up_url,
   'email_from_address' => node['private_chef']['oc_id']['email_from_address'],
   'origin' => node['private_chef']['oc_id']['origin'],
+  'enable_gtm' => node['private_chef']['oc_id']['enable_gtm'],
+  'enable_onetrust' => node['private_chef']['oc_id']['enable_onetrust'],
+  'gtm_id' => node['private_chef']['oc_id']['gtm_id'] || '',
 }
 
 oc_id_dir = node['private_chef']['oc_id']['dir']

diff --git a/src/oc-id/app/helpers/feature_flag_helper.rb b/src/oc-id/app/helpers/feature_flag_helper.rb
@@ -0,0 +1,9 @@
+module FeatureFlagHelper
+  def gtm_enabled?
+    Settings.enable_gtm == true
+  end
+
+  def onetrust_enabled?
+    Settings.enable_onetrust == true
+  end
+end
diff --git a/src/oc-id/app/views/application/_analytics.html.erb b/src/oc-id/app/views/application/_analytics.html.erb
@@ -0,0 +1,45 @@
+<% if gtm_enabled? %>
+  <!-- Google Tag Manager conditional -->
+  <%= javascript_tag type: "text/javascript" do %>
+    var oneTrustHelper = (function () {
+      function evalGTMScript() {
+          var gtmScript = document.getElementById("GTMScript");
+          gtmScript.type = "text/javascript";
+          gtmScript.classList.remove("optanon-category-1");
+          eval(gtmScript.innerHTML);
+      };
+
+      return {
+        gtmFallback: function () {
+          console.warn('OneTrust not loaded.');
+          if (document.readyState !== 'loading') {
+            evalGTMScript();
+          } else {
+            document.addEventListener('readystatechange', function () {
+              if (document.readyState === 'interactive') {
+                evalGTMScript();
+                }
+            });
+          };
+        }
+      };
+    })();
+  <% end %>
+<% end %>
+
+<% if onetrust_enabled? %>
+  <!-- Onetrust Script -->
+  <script async src="https://cdn.cookielaw.org/consent/e231efa5-3ed9-4b92-96bc-f4c0872ca486/otSDKStub.js"  type="text/javascript" charset="UTF-8" data-domain-script="e231efa5-3ed9-4b92-96bc-f4c0872ca486" onerror="oneTrustHelper.gtmFallback()"></script>
+<% end %>
+
+<% if gtm_enabled? && Settings.gtm_id.present? %>
+  <!-- Google Tag Manager Script -->
+  <%= javascript_tag type: "text/plain", id: "GTMScript", class: "optanon-category-1" do %>
+    (function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':
+    new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0],
+    j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src=
+    'https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f);
+    })(window,document,'script','dataLayer','<%= Settings.gtm_id %>');
+  <% end %>
+  <!-- End Google Tag Manager -->
+<% end %>
diff --git a/src/oc-id/app/views/layouts/application.html.erb b/src/oc-id/app/views/layouts/application.html.erb
@@ -8,8 +8,14 @@
   <%= javascript_include_tag '//cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js' %>
   <%= csrf_meta_tags %>
   <%= favicon_link_tag asset_path('favicon.ico') %>
+  <%= render 'application/analytics' %>
 </head>
 <body>
+  <% if gtm_enabled? && Settings.gtm_id.present? %>
+    <!-- Google Tag Manager (noscript) -->
+    <noscript><iframe src="https://www.googletagmanager.com/ns.html?id=<%= Settings.gtm_id %>" height="0" width="0" style="display:none;visibility:hidden"></iframe></noscript>
+    <!-- End Google Tag Manager (noscript) -->
+  <% end %>
   <div class="contain-to-grid">
     <nav class="top-bar" data-topbar role="navigation">
       <ul class="title-area">

diff --git a/src/oc-id/lib/assets/images/chef-logo.svg b/src/oc-id/lib/assets/images/chef-logo.svg