External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-03-21 02:47:35 -02:30
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1401 from jlmitch5/rbacCredUI

Browse Source 
Rbac cred ui
This commit is contained in:
jlmitch5
2016-04-05 11:26:25 -04:00
parent 2d9e34162c 83a656653d
commit 5eeb298536
3 changed files with 116 additions and 139 deletions
Download Patch File Download Diff File Expand all files Collapse all files

81
awx/ui/client/src/controllers/Credentials.js
View File

@@ -132,7 +132,7 @@ CredentialsList.$inject = ['$scope', '$rootScope', '$location', '$log',
export function CredentialsAdd($scope, $rootScope, $compile, $location, $log, export function CredentialsAdd($scope, $rootScope, $compile, $location, $log,
$stateParams, CredentialForm, GenerateForm, Rest, Alert, ProcessErrors, $stateParams, CredentialForm, GenerateForm, Rest, Alert, ProcessErrors,
ReturnToCaller, ClearScope, GenerateList, SearchInit, PaginateInit, ReturnToCaller, ClearScope, GenerateList, SearchInit, PaginateInit,
LookUpInit, UserList, TeamList, GetBasePath, GetChoices, Empty, KindChange, LookUpInit, OrganizationList, GetBasePath, GetChoices, Empty, KindChange,
OwnerChange, FormSave, $state, CreateSelect2) { OwnerChange, FormSave, $state, CreateSelect2) {
ClearScope(); ClearScope();
@@ -173,22 +173,32 @@ export function CredentialsAdd($scope, $rootScope, $compile, $location, $log,
multiple: false multiple: false
}); });
LookUpInit({ $scope.canShareCredential = false;
scope: $scope,
form: form,
current_item: (!Empty($stateParams.user_id)) ? $stateParams.user_id : null,
list: UserList,
field: 'user',
input_type: 'radio',
autopopulateLookup: false
});
if ($rootScope.current_user.is_superuser) {
$scope.canShareCredential = true;
} else {
Rest.setUrl(`/api/v1/users/${$rootScope.current_user.id}/admin_of_organizations`);
Rest.get()
.success(function(data) {
$scope.canShareCredential = (data.count) ? true : false;
}).error(function (data, status) {
ProcessErrors($scope, data, status, null, { hdr: 'Error!', msg: 'Failed to find if users is admin of org' + status });
});
}
var orgUrl = ($rootScope.current_user.is_superuser) ?
GetBasePath("organizations") :
$rootScope.current_user.url + "admin_of_organizations?";
// Create LookUpInit for organizations
LookUpInit({ LookUpInit({
scope: $scope, scope: $scope,
url: orgUrl,
form: form, form: form,
current_item: (!Empty($stateParams.team_id)) ? $stateParams.team_id : null, list: OrganizationList,
list: TeamList, field: 'organization',
field: 'team',
input_type: 'radio', input_type: 'radio',
autopopulateLookup: false autopopulateLookup: false
}); });
@@ -251,11 +261,6 @@ export function CredentialsAdd($scope, $rootScope, $compile, $location, $log,
} }
}; };
// Handle Owner change
$scope.ownerChange = function () {
OwnerChange({ scope: $scope });
};
$scope.formCancel = function () { $scope.formCancel = function () {
$state.transitionTo('credentials'); $state.transitionTo('credentials');
}; };
@@ -305,7 +310,7 @@ export function CredentialsAdd($scope, $rootScope, $compile, $location, $log,
CredentialsAdd.$inject = ['$scope', '$rootScope', '$compile', '$location', CredentialsAdd.$inject = ['$scope', '$rootScope', '$compile', '$location',
'$log', '$stateParams', 'CredentialForm', 'GenerateForm', 'Rest', 'Alert', '$log', '$stateParams', 'CredentialForm', 'GenerateForm', 'Rest', 'Alert',
'ProcessErrors', 'ReturnToCaller', 'ClearScope', 'generateList', 'ProcessErrors', 'ReturnToCaller', 'ClearScope', 'generateList',
'SearchInit', 'PaginateInit', 'LookUpInit', 'UserList', 'TeamList', 'SearchInit', 'PaginateInit', 'LookUpInit', 'OrganizationList',
'GetBasePath', 'GetChoices', 'Empty', 'KindChange', 'OwnerChange', 'GetBasePath', 'GetChoices', 'Empty', 'KindChange', 'OwnerChange',
'FormSave', '$state', 'CreateSelect2' 'FormSave', '$state', 'CreateSelect2'
]; ];
@@ -314,7 +319,7 @@ CredentialsAdd.$inject = ['$scope', '$rootScope', '$compile', '$location',
export function CredentialsEdit($scope, $rootScope, $compile, $location, $log, export function CredentialsEdit($scope, $rootScope, $compile, $location, $log,
$stateParams, CredentialForm, GenerateForm, Rest, Alert, ProcessErrors, $stateParams, CredentialForm, GenerateForm, Rest, Alert, ProcessErrors,
RelatedSearchInit, RelatedPaginateInit, ReturnToCaller, ClearScope, Prompt, RelatedSearchInit, RelatedPaginateInit, ReturnToCaller, ClearScope, Prompt,
GetBasePath, GetChoices, KindChange, UserList, TeamList, LookUpInit, Empty, GetBasePath, GetChoices, KindChange, OrganizationList, LookUpInit, Empty,
OwnerChange, FormSave, Wait, $state, CreateSelect2) { OwnerChange, FormSave, Wait, $state, CreateSelect2) {
ClearScope(); ClearScope();
@@ -330,6 +335,20 @@ export function CredentialsEdit($scope, $rootScope, $compile, $location, $log,
generator.reset(); generator.reset();
$scope.id = id; $scope.id = id;
$scope.canShareCredential = false;
if ($rootScope.current_user.is_superuser) {
$scope.canShareCredential = true;
} else {
Rest.setUrl(`/api/v1/users/${$rootScope.current_user.id}/admin_of_organizations`);
Rest.get()
.success(function(data) {
$scope.canShareCredential = (data.count) ? true : false;
}).error(function (data, status) {
ProcessErrors($scope, data, status, null, { hdr: 'Error!', msg: 'Failed to find if users is admin of org' + status });
});
}
function setAskCheckboxes() { function setAskCheckboxes() {
var fld, i; var fld, i;
for (fld in form.fields) { for (fld in form.fields) {
@@ -359,22 +378,20 @@ export function CredentialsEdit($scope, $rootScope, $compile, $location, $log,
$scope.removeCredentialLoaded(); $scope.removeCredentialLoaded();
} }
$scope.removeCredentialLoaded = $scope.$on('credentialLoaded', function () { $scope.removeCredentialLoaded = $scope.$on('credentialLoaded', function () {
LookUpInit({ var orgUrl = ($rootScope.current_user.is_superuser) ?
scope: $scope, GetBasePath("organizations") :
form: form, $rootScope.current_user.url + "admin_of_organizations?";
current_item: (!Empty($scope.user_id)) ? $scope.user_id : null,
list: UserList,
field: 'user',
input_type: 'radio'
});
// create LookUpInit for organizations
LookUpInit({ LookUpInit({
scope: $scope, scope: $scope,
url: orgUrl,
form: form, form: form,
current_item: (!Empty($scope.team_id)) ? $scope.team_id : null, current_item: $scope.organization,
list: TeamList, list: OrganizationList,
field: 'organization',
input_type: 'radio', input_type: 'radio',
field: 'team' autopopulateLookup: false
}); });
setAskCheckboxes(); setAskCheckboxes();
@@ -630,6 +647,6 @@ CredentialsEdit.$inject = ['$scope', '$rootScope', '$compile', '$location',
'$log', '$stateParams', 'CredentialForm', 'GenerateForm', 'Rest', 'Alert', '$log', '$stateParams', 'CredentialForm', 'GenerateForm', 'Rest', 'Alert',
'ProcessErrors', 'RelatedSearchInit', 'RelatedPaginateInit', 'ProcessErrors', 'RelatedSearchInit', 'RelatedPaginateInit',
'ReturnToCaller', 'ClearScope', 'Prompt', 'GetBasePath', 'GetChoices', 'ReturnToCaller', 'ClearScope', 'Prompt', 'GetBasePath', 'GetChoices',
'KindChange', 'UserList', 'TeamList', 'LookUpInit', 'Empty', 'OwnerChange', 'KindChange', 'OrganizationList', 'LookUpInit', 'Empty', 'OwnerChange',
'FormSave', 'Wait', '$state', 'CreateSelect2' 'FormSave', 'Wait', '$state', 'CreateSelect2'
]; ];

50
awx/ui/client/src/forms/Credentials.js
View File

@@ -40,47 +40,19 @@ export default
addRequired: false, addRequired: false,
editRequired: false editRequired: false
}, },
owner: { organization: {
label: "Does this credential belong to a team or user?", addRequired: false,
type: 'radio_group', editRequired: false,
ngChange: "ownerChange()", ngShow: 'canShareCredential',
options: [{ label: 'Organization',
label: 'User',
value: 'user',
selected: true
}, {
label: 'Team',
value: 'team'
}],
awPopOver: "<p>A credential must be associated with either a user or a team. Choosing a user allows only the selected user access " +
"to the credential. Choosing a team shares the credential with all team members.</p>",
dataTitle: 'Owner',
dataPlacement: 'right',
dataContainer: "body"
},
user: {
label: 'User that owns this credential',
type: 'lookup', type: 'lookup',
sourceModel: 'user', sourceModel: 'organization',
sourceField: 'username',
ngClick: 'lookUpUser()',
ngShow: "owner == 'user'",
awRequiredWhen: {
variable: "user_required",
init: "false"
}
},
team: {
label: 'Team that owns this credential',
type: 'lookup',
sourceModel: 'team',
sourceField: 'name', sourceField: 'name',
ngClick: 'lookUpTeam()', ngClick: 'lookUpOrganization()',
ngShow: "owner == 'team'", awPopOver: "<p>If no organization is given, the credential can only be used by the user that creates the credential. organization admins and system administrators can assign an organization so that roles can be assigned to users and teams in that organization.</p>",
awRequiredWhen: { dataTitle: 'Required ',
variable: "team_required", dataPlacement: 'bottom',
init: "false" dataContainer: "body"
}
}, },
kind: { kind: {
label: 'Type', label: 'Type',

124
awx/ui/client/src/helpers/Credentials.js
View File

@@ -193,8 +193,8 @@ angular.module('CredentialsHelper', ['Utilities'])
} }
]) ])
.factory('FormSave', ['Refresh', '$location', 'Alert', 'Rest', 'ProcessErrors', 'Empty', 'GetBasePath', 'CredentialForm', 'ReturnToCaller', 'Wait', .factory('FormSave', ['$rootScope', 'Refresh', '$location', 'Alert', 'Rest', 'ProcessErrors', 'Empty', 'GetBasePath', 'CredentialForm', 'ReturnToCaller', 'Wait',
function (Refresh, $location, Alert, Rest, ProcessErrors, Empty, GetBasePath, CredentialForm, ReturnToCaller, Wait) { function ($rootScope, Refresh, $location, Alert, Rest, ProcessErrors, Empty, GetBasePath, CredentialForm, ReturnToCaller, Wait) {
return function (params) { return function (params) {
var scope = params.scope, var scope = params.scope,
mode = params.mode, mode = params.mode,
@@ -204,7 +204,9 @@ angular.module('CredentialsHelper', ['Utilities'])
for (fld in form.fields) { for (fld in form.fields) {
if (fld !== 'access_key' && fld !== 'secret_key' && fld !== 'ssh_username' && if (fld !== 'access_key' && fld !== 'secret_key' && fld !== 'ssh_username' &&
fld !== 'ssh_password') { fld !== 'ssh_password') {
if (scope[fld] === null) { if (fld === "organization" && !scope[fld]) {
data["user"] = $rootScope.current_user.id;
} else if (scope[fld] === null) {
data[fld] = ""; data[fld] = "";
} else { } else {
data[fld] = scope[fld]; data[fld] = scope[fld];
@@ -212,14 +214,6 @@ angular.module('CredentialsHelper', ['Utilities'])
} }
} }
if (!Empty(scope.team)) {
data.team = scope.team;
data.user = "";
} else {
data.user = scope.user;
data.team = "";
}
data.kind = scope.kind.value; data.kind = scope.kind.value;
if (scope.become_method === null) { if (scope.become_method === null) {
data.become_method = ""; data.become_method = "";
@@ -247,65 +241,59 @@ angular.module('CredentialsHelper', ['Utilities'])
data.username = scope.subscription_id; data.username = scope.subscription_id;
} }
if (Empty(data.team) && Empty(data.user)) { Wait('start');
Alert('Missing User or Team', 'You must provide either a User or a Team. If this credential will only be accessed by a specific ' + if (mode === 'add') {
'user, select a User. To allow a team of users to access this credential, select a Team.', 'alert-danger'); url = GetBasePath("credentials");
Rest.setUrl(url);
Rest.post(data)
.success(function (data) {
scope.addedItem = data.id;
Refresh({
scope: scope,
set: 'credentials',
iterator: 'credential',
url: url
});
Wait('stop');
var base = $location.path().replace(/^\//, '').split('/')[0];
if (base === 'credentials') {
ReturnToCaller();
}
else {
ReturnToCaller(1);
}
})
.error(function (data, status) {
Wait('stop');
ProcessErrors(scope, data, status, form, {
hdr: 'Error!',
msg: 'Failed to create new Credential. POST status: ' + status
});
});
} else { } else {
Wait('start'); url = GetBasePath('credentials') + scope.id + '/';
if (mode === 'add') { Rest.setUrl(url);
url = (!Empty(data.team)) ? GetBasePath('teams') + data.team + '/credentials/' : Rest.put(data)
GetBasePath('users') + data.user + '/credentials/'; .success(function () {
Rest.setUrl(url); Wait('stop');
Rest.post(data) var base = $location.path().replace(/^\//, '').split('/')[0];
.success(function (data) { if (base === 'credentials') {
scope.addedItem = data.id; ReturnToCaller();
}
Refresh({ else {
scope: scope, ReturnToCaller(1);
set: 'credentials', }
iterator: 'credential', })
url: url .error(function (data, status) {
}); Wait('stop');
ProcessErrors(scope, data, status, form, {
Wait('stop'); hdr: 'Error!',
var base = $location.path().replace(/^\//, '').split('/')[0]; msg: 'Failed to update Credential. PUT status: ' + status
if (base === 'credentials') {
ReturnToCaller();
}
else {
ReturnToCaller(1);
}
})
.error(function (data, status) {
Wait('stop');
ProcessErrors(scope, data, status, form, {
hdr: 'Error!',
msg: 'Failed to create new Credential. POST status: ' + status
});
}); });
} else { });
url = GetBasePath('credentials') + scope.id + '/'; }
Rest.setUrl(url);
Rest.put(data)
.success(function () {
Wait('stop');
var base = $location.path().replace(/^\//, '').split('/')[0];
if (base === 'credentials') {
ReturnToCaller();
}
else {
ReturnToCaller(1);
}
})
.error(function (data, status) {
Wait('stop');
ProcessErrors(scope, data, status, form, {
hdr: 'Error!',
msg: 'Failed to update Credential. PUT status: ' + status
});
});
}
}
}; };
} }
]); ]);