From 9ab141753c7fd61785c811a9aea8aa2ab52a5108 Mon Sep 17 00:00:00 2001 From: Jared Tabor Date: Fri, 28 Jul 2017 16:50:00 -0700 Subject: [PATCH 1/6] Changing text displayed for empty insights --- .../inventories/insights/insights.partial.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/awx/ui/client/src/inventories-hosts/inventories/insights/insights.partial.html b/awx/ui/client/src/inventories-hosts/inventories/insights/insights.partial.html index 5bd39fb816..d82a010092 100644 --- a/awx/ui/client/src/inventories-hosts/inventories/insights/insights.partial.html +++ b/awx/ui/client/src/inventories-hosts/inventories/insights/insights.partial.html @@ -61,7 +61,7 @@
- No data is available. Either there are no issues to report or no scan jobs have been run on this host. + No data is available. There are no issues to report.
The Insights Credential for {{inventory.name}} was not found. From 07f472381ec76fa01a99c73dd679b4087bb69289 Mon Sep 17 00:00:00 2001 From: Jared Tabor Date: Fri, 28 Jul 2017 18:09:21 -0700 Subject: [PATCH 2/6] hiding Remdiate Inventory button for non org-admins/admins also found an error in deleting permissions --- awx/ui/client/src/access/permissions-list.controller.js | 2 +- .../inventories/standard-inventory/inventory.form.js | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/awx/ui/client/src/access/permissions-list.controller.js b/awx/ui/client/src/access/permissions-list.controller.js index 92ed68de9c..f36ee5fa64 100644 --- a/awx/ui/client/src/access/permissions-list.controller.js +++ b/awx/ui/client/src/access/permissions-list.controller.js @@ -20,7 +20,7 @@ export default ['$scope', 'ListDefinition', 'Dataset', 'Wait', 'Rest', 'ProcessE $('#prompt-modal').modal('hide'); Wait('start'); Rest.setUrl(url); - Rest.post({ "disassociate": true, "id": userId }) + Rest.post({ "disassociate": true, "id": Number(userId) }) .success(function() { Wait('stop'); $state.go('.', null, {reload: true}); diff --git a/awx/ui/client/src/inventories-hosts/inventories/standard-inventory/inventory.form.js b/awx/ui/client/src/inventories-hosts/inventories/standard-inventory/inventory.form.js index 6a720ceb31..186e44abf0 100644 --- a/awx/ui/client/src/inventories-hosts/inventories/standard-inventory/inventory.form.js +++ b/awx/ui/client/src/inventories-hosts/inventories/standard-inventory/inventory.form.js @@ -201,7 +201,7 @@ function(i18n, InventoryCompletedJobsList) { relatedButtons: { remediate_inventory: { ngClick: 'remediateInventory(id, insights_credential)', - ngShow: 'is_insights && mode !== "add"', + ngShow: 'is_insights && mode !== "add" && canEditOrg', label: i18n._('Remediate Inventory'), class: 'Form-primaryButton' } From 71fefc42a53ec0920b81ab0795cba2ca47a22f53 Mon Sep 17 00:00:00 2001 From: Jared Tabor Date: Mon, 31 Jul 2017 13:56:16 -0700 Subject: [PATCH 3/6] creating CanRemdiate flag for permissions to remediate an inventory --- .../src/inventories-hosts/inventories/main.js | 32 ++++++++++++++++++- .../edit/inventory-edit.controller.js | 4 ++- .../standard-inventory/inventory.form.js | 2 +- 3 files changed, 35 insertions(+), 3 deletions(-) diff --git a/awx/ui/client/src/inventories-hosts/inventories/main.js b/awx/ui/client/src/inventories-hosts/inventories/main.js index 22c8c773e5..6af683753a 100644 --- a/awx/ui/client/src/inventories-hosts/inventories/main.js +++ b/awx/ui/client/src/inventories-hosts/inventories/main.js @@ -123,8 +123,38 @@ angular.module('inventory', [ 'status: ' + status }); }); + }], + CanRemediate: ['resourceData', '$stateParams', 'Rest', 'GetBasePath', 'ProcessErrors', + function(resourceData, $stateParams, Rest, GetBasePath, ProcessErrors){ + if(_.has(resourceData, 'data.summary_fields.insights_credential')){ + let credential_id = resourceData.data.summary_fields.insights_credential.id, + path = `${GetBasePath('projects')}?credential__id=${credential_id}`; + Rest.setUrl(path); + return Rest.get() + .then(({data}) => { + if (data.results.length > 0 && + _.has(data, 'results[0].summary_fields.user_capabilities.edit')) { + return data.results[0].summary_fields.user_capabilities.edit; + } + else { + return false; + } + }) + .catch(({data, status}) => { + ProcessErrors(null, data, status, null, { + hdr: 'Error!', + msg: 'Failed to get instance groups. GET returned ' + + 'status: ' + status + }); + }); + } + else { + return false; + } + }] - } + }, + } }); diff --git a/awx/ui/client/src/inventories-hosts/inventories/standard-inventory/edit/inventory-edit.controller.js b/awx/ui/client/src/inventories-hosts/inventories/standard-inventory/edit/inventory-edit.controller.js index 2af0a612b0..0c003841ed 100644 --- a/awx/ui/client/src/inventories-hosts/inventories/standard-inventory/edit/inventory-edit.controller.js +++ b/awx/ui/client/src/inventories-hosts/inventories/standard-inventory/edit/inventory-edit.controller.js @@ -13,7 +13,8 @@ function InventoriesEdit($scope, $location, $stateParams, InventoryForm, Rest, ProcessErrors, GetBasePath, ParseTypeChange, Wait, ToJSON, - ParseVariableString, $state, OrgAdminLookup, $rootScope, resourceData, CreateSelect2, InstanceGroupsService, InstanceGroupsData) { + ParseVariableString, $state, OrgAdminLookup, $rootScope, resourceData, + CreateSelect2, InstanceGroupsService, InstanceGroupsData, CanRemediate) { // Inject dynamic view let defaultUrl = GetBasePath('inventory'), @@ -37,6 +38,7 @@ function InventoriesEdit($scope, $location, $scope.inventory_variables = inventoryData.variables === null || inventoryData.variables === '' ? '---' : ParseVariableString(inventoryData.variables); $scope.parseType = 'yaml'; $scope.instance_groups = InstanceGroupsData; + $scope.canRemediate = CanRemediate; $rootScope.$on('$stateChangeSuccess', function(event, toState) { if(toState.name === 'inventories.edit') { diff --git a/awx/ui/client/src/inventories-hosts/inventories/standard-inventory/inventory.form.js b/awx/ui/client/src/inventories-hosts/inventories/standard-inventory/inventory.form.js index 186e44abf0..fa4ed8d106 100644 --- a/awx/ui/client/src/inventories-hosts/inventories/standard-inventory/inventory.form.js +++ b/awx/ui/client/src/inventories-hosts/inventories/standard-inventory/inventory.form.js @@ -201,7 +201,7 @@ function(i18n, InventoryCompletedJobsList) { relatedButtons: { remediate_inventory: { ngClick: 'remediateInventory(id, insights_credential)', - ngShow: 'is_insights && mode !== "add" && canEditOrg', + ngShow: 'is_insights && mode !== "add" && canRemediate', label: i18n._('Remediate Inventory'), class: 'Form-primaryButton' } From 74f5c56607e7b93b400d7bf879f1cf11ad79aac7 Mon Sep 17 00:00:00 2001 From: Jared Tabor Date: Mon, 31 Jul 2017 15:37:17 -0700 Subject: [PATCH 4/6] changing url for role_level for projects --- awx/ui/client/src/inventories-hosts/inventories/main.js | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/awx/ui/client/src/inventories-hosts/inventories/main.js b/awx/ui/client/src/inventories-hosts/inventories/main.js index 6af683753a..184d46e195 100644 --- a/awx/ui/client/src/inventories-hosts/inventories/main.js +++ b/awx/ui/client/src/inventories-hosts/inventories/main.js @@ -128,13 +128,12 @@ angular.module('inventory', [ function(resourceData, $stateParams, Rest, GetBasePath, ProcessErrors){ if(_.has(resourceData, 'data.summary_fields.insights_credential')){ let credential_id = resourceData.data.summary_fields.insights_credential.id, - path = `${GetBasePath('projects')}?credential__id=${credential_id}`; + path = `${GetBasePath('projects')}?credential__id=${credential_id}&role_level=use_role`; Rest.setUrl(path); return Rest.get() .then(({data}) => { - if (data.results.length > 0 && - _.has(data, 'results[0].summary_fields.user_capabilities.edit')) { - return data.results[0].summary_fields.user_capabilities.edit; + if (data.results.length > 0){ + return true; } else { return false; From a99818f7cd65bfcd453f88ec0f6a2db7e2d7bf6d Mon Sep 17 00:00:00 2001 From: Jared Tabor Date: Tue, 1 Aug 2017 17:25:55 -0700 Subject: [PATCH 5/6] checking project and inventory "use" permission to remediate --- .../src/inventories-hosts/inventories/main.js | 58 ++++++++++++------- .../edit/inventory-edit.controller.js | 3 +- 2 files changed, 39 insertions(+), 22 deletions(-) diff --git a/awx/ui/client/src/inventories-hosts/inventories/main.js b/awx/ui/client/src/inventories-hosts/inventories/main.js index 184d46e195..9587e32086 100644 --- a/awx/ui/client/src/inventories-hosts/inventories/main.js +++ b/awx/ui/client/src/inventories-hosts/inventories/main.js @@ -123,35 +123,51 @@ angular.module('inventory', [ 'status: ' + status }); }); - }], - CanRemediate: ['resourceData', '$stateParams', 'Rest', 'GetBasePath', 'ProcessErrors', - function(resourceData, $stateParams, Rest, GetBasePath, ProcessErrors){ + }], + checkProjectPermission: ['resourceData', '$stateParams', 'Rest', 'GetBasePath', + function(resourceData, $stateParams, Rest, GetBasePath){ if(_.has(resourceData, 'data.summary_fields.insights_credential')){ let credential_id = resourceData.data.summary_fields.insights_credential.id, - path = `${GetBasePath('projects')}?credential__id=${credential_id}&role_level=use_role`; - Rest.setUrl(path); - return Rest.get() - .then(({data}) => { - if (data.results.length > 0){ - return true; - } - else { + path = `${GetBasePath('projects')}?credential__id=${credential_id}&role_level=use_role`; + Rest.setUrl(path); + return Rest.get().then(({data}) => { + if (data.results.length > 0){ + return true; + } + else { + return false; + } + }).catch(() => { return false; - } - }) - .catch(({data, status}) => { - ProcessErrors(null, data, status, null, { - hdr: 'Error!', - msg: 'Failed to get instance groups. GET returned ' + - 'status: ' + status }); - }); } else { return false; } - - }] + }], + checkInventoryPermission: ['resourceData', '$stateParams', 'Rest', 'GetBasePath', + function(resourceData, $stateParams, Rest, GetBasePath){ + if(_.has(resourceData, 'data.summary_fields.insights_credential')){ + let path = `${GetBasePath('inventory')}${$stateParams.inventory_id}/?role_level=use_role`; + Rest.setUrl(path); + return Rest.get().then(() => { + return true; + }).catch(() => { + return false; + }); + } + else { + return false; + } + }], + CanRemediate: ['checkProjectPermission', 'checkInventoryPermission', + function(checkProjectPermission, checkInventoryPermission){ + // the user can remediate an insights + // inv if the user has "use" permission on + // an insights project and the inventory + // being edited: + return checkProjectPermission === true && checkInventoryPermission === true; + }] }, } diff --git a/awx/ui/client/src/inventories-hosts/inventories/standard-inventory/edit/inventory-edit.controller.js b/awx/ui/client/src/inventories-hosts/inventories/standard-inventory/edit/inventory-edit.controller.js index 0c003841ed..58a428304a 100644 --- a/awx/ui/client/src/inventories-hosts/inventories/standard-inventory/edit/inventory-edit.controller.js +++ b/awx/ui/client/src/inventories-hosts/inventories/standard-inventory/edit/inventory-edit.controller.js @@ -117,5 +117,6 @@ export default ['$scope', '$location', '$stateParams', 'InventoryForm', 'Rest', 'ProcessErrors', 'GetBasePath', 'ParseTypeChange', 'Wait', 'ToJSON', 'ParseVariableString', - '$state', 'OrgAdminLookup', '$rootScope', 'resourceData', 'CreateSelect2', 'InstanceGroupsService', 'InstanceGroupsData', InventoriesEdit, + '$state', 'OrgAdminLookup', '$rootScope', 'resourceData', 'CreateSelect2', + 'InstanceGroupsService', 'InstanceGroupsData', 'CanRemediate', InventoriesEdit, ]; From ba27ad07a16c1298f5a828d59c33d8d0fbca9de1 Mon Sep 17 00:00:00 2001 From: Jared Tabor Date: Tue, 1 Aug 2017 17:38:43 -0700 Subject: [PATCH 6/6] adding "canRemediate" flag to insights dashboard --- .../insights/insights.controller.js | 7 +-- .../insights/insights.partial.html | 2 +- .../inventories/insights/insights.route.js | 46 ++++++++++++++++++- 3 files changed, 50 insertions(+), 5 deletions(-) diff --git a/awx/ui/client/src/inventories-hosts/inventories/insights/insights.controller.js b/awx/ui/client/src/inventories-hosts/inventories/insights/insights.controller.js index 0e143d0b35..5022fc519d 100644 --- a/awx/ui/client/src/inventories-hosts/inventories/insights/insights.controller.js +++ b/awx/ui/client/src/inventories-hosts/inventories/insights/insights.controller.js @@ -5,8 +5,9 @@ *************************************************/ export default [ 'InsightsData', '$scope', 'moment', '$state', 'InventoryData', - 'InsightsService', -function (data, $scope, moment, $state, InventoryData, InsightsService) { + 'InsightsService', 'CanRemediate', +function (data, $scope, moment, $state, InventoryData, InsightsService, + CanRemediate) { function init() { $scope.reports = (data && data.reports) ? data.reports : []; @@ -24,7 +25,7 @@ function (data, $scope, moment, $state, InventoryData, InsightsService) { $scope.insights_credential = (InventoryData && InventoryData.summary_fields && InventoryData.summary_fields.insights_credential && InventoryData.summary_fields.insights_credential.id) ? InventoryData.summary_fields.insights_credential.id : null; - + $scope.canRemediate = CanRemediate; } function filter(str){ diff --git a/awx/ui/client/src/inventories-hosts/inventories/insights/insights.partial.html b/awx/ui/client/src/inventories-hosts/inventories/insights/insights.partial.html index d82a010092..986decd7b2 100644 --- a/awx/ui/client/src/inventories-hosts/inventories/insights/insights.partial.html +++ b/awx/ui/client/src/inventories-hosts/inventories/insights/insights.partial.html @@ -88,6 +88,6 @@
- +
diff --git a/awx/ui/client/src/inventories-hosts/inventories/insights/insights.route.js b/awx/ui/client/src/inventories-hosts/inventories/insights/insights.route.js index 179af657af..cd116fa062 100644 --- a/awx/ui/client/src/inventories-hosts/inventories/insights/insights.route.js +++ b/awx/ui/client/src/inventories-hosts/inventories/insights/insights.route.js @@ -49,6 +49,50 @@ export default { return resourceData.data; } } - ] + ], + checkProjectPermission: ['InventoryData', '$stateParams', 'Rest', 'GetBasePath', + function(InventoryData, $stateParams, Rest, GetBasePath){ + if(_.has(InventoryData, 'summary_fields.insights_credential')){ + let credential_id = InventoryData.summary_fields.insights_credential.id, + path = `${GetBasePath('projects')}?credential__id=${credential_id}&role_level=use_role`; + Rest.setUrl(path); + return Rest.get().then(({data}) => { + if (data.results.length > 0){ + return true; + } + else { + return false; + } + }).catch(() => { + return false; + }); + } + else { + return false; + } + }], + checkInventoryPermission: ['InventoryData', '$stateParams', 'Rest', 'GetBasePath', + function(InventoryData, $stateParams, Rest, GetBasePath){ + if(_.has(InventoryData, 'summary_fields.insights_credential')){ + let path = `${GetBasePath('inventory')}${InventoryData.id}/?role_level=use_role`; + Rest.setUrl(path); + return Rest.get().then(() => { + return true; + }).catch(() => { + return false; + }); + } + else { + return false; + } + }], + CanRemediate: ['checkProjectPermission', 'checkInventoryPermission', + function(checkProjectPermission, checkInventoryPermission){ + // the user can remediate an insights + // inv if the user has "use" permission on + // an insights project and the inventory + // being edited: + return checkProjectPermission === true && checkInventoryPermission === true; + }] } };