Fix a bug that did not allow project_admin's to create a project.

This was a regression from previous functionality

awx/main/access.py

@@ -1208,7 +1208,7 @@ class ProjectAccess(BaseAccess):
     @check_superuser
     def can_add(self, data):
         if not data:  # So the browseable API will work
-            return Organization.accessible_objects(self.user, 'admin_role').exists()
+            return Organization.accessible_objects(self.user, 'project_admin_role').exists()
         return (self.check_related('organization', Organization, data, role_field='project_admin_role', mandatory=True) and
                 self.check_related('credential', Credential, data, role_field='use_role'))
 

awx/main/tests/functional/test_rbac_project.py

@@ -0,0 +1,25 @@
+import pytest
+
+from awx.main.access import (
+    ProjectAccess,
+)
+
+
+@pytest.mark.django_db
+@pytest.mark.parametrize("role", ["admin_role", "project_admin_role"])
+def test_access_admin(role, organization, project, user):
+    a = user('admin', False)
+    project.organization = organization
+
+    role = getattr(organization, role)
+    role.members.add(a)
+
+    access = ProjectAccess(a)
+    assert access.can_read(project)
+    assert access.can_add(None)
+    assert access.can_add({'organization': organization.id})
+    assert access.can_change(project, None)
+    assert access.can_change(project, {'organization': organization.id})
+    assert access.can_admin(project, None)
+    assert access.can_admin(project, {'organization': organization.id})
+    assert access.can_delete(project)