From 55564cc2b4d2feea3ee6e2fb886abf9d6c68d78e Mon Sep 17 00:00:00 2001
From: Akita Noek <anoek@ansible.com>
Date: Wed, 16 Mar 2016 13:16:26 -0400
Subject: [PATCH] Fix Credential admin_role to add itself under the
 user.admin_role when it exists

---
 awx/main/models/credential.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/awx/main/models/credential.py b/awx/main/models/credential.py
index 9ae6b47298..2c32d5cdbb 100644
--- a/awx/main/models/credential.py
+++ b/awx/main/models/credential.py
@@ -164,6 +164,7 @@ class Credential(PasswordFieldsModel, CommonModelNameNotUnique, ResourceMixin):
         role_description='Owner of the credential',
         parent_role=[
             'team.admin_role',
+            'user.admin_role',
             'singleton:' + ROLE_SINGLETON_SYSTEM_ADMINISTRATOR,
         ],
         permissions = {'all': True}
@@ -180,7 +181,7 @@ class Credential(PasswordFieldsModel, CommonModelNameNotUnique, ResourceMixin):
         role_name='Credential User',
         role_description='May use this credential, but not read sensitive portions or modify it',
         parent_role= 'team.member_role',
-        permissions = {'use': True}
+        permissions = {'read': True, 'use': True}
     )
 
     @property