mirror of
https://github.com/ansible/awx.git
synced 2026-03-04 10:11:05 -03:30
move org edit permission check to route resolve
This commit is contained in:
Jake McDermott
@@ -20,7 +20,7 @@ function EditCredentialsController (
|
|||||||
credential,
|
credential,
|
||||||
credentialType,
|
credentialType,
|
||||||
organization,
|
organization,
|
||||||
isOrgCredAdmin,
|
isOrgEditableByUser,
|
||||||
} = models;
|
} = models;
|
||||||
|
|
||||||
const omit = ['user', 'team', 'inputs'];
|
const omit = ['user', 'team', 'inputs'];
|
||||||
@@ -75,14 +75,7 @@ function EditCredentialsController (
|
|||||||
vm.form.disabled = !isEditable;
|
vm.form.disabled = !isEditable;
|
||||||
}
|
}
|
||||||
|
|
||||||
const isOrgAdmin = _.some(me.get('related.admin_of_organizations.results'), (org) => org.id === organization.get('id'));
|
vm.form.organization._disabled = !isOrgEditableByUser;
|
||||||
const isSuperuser = me.get('is_superuser');
|
|
||||||
const isCurrentAuthor = Boolean(credential.get('summary_fields.created_by.id') === me.get('id'));
|
|
||||||
vm.form.organization._disabled = true;
|
|
||||||
|
|
||||||
if (isSuperuser || isOrgAdmin || isOrgCredAdmin || (credential.get('organization') === null && isCurrentAuthor)) {
|
|
||||||
vm.form.organization._disabled = false;
|
|
||||||
}
|
|
||||||
|
|
||||||
vm.form.organization._resource = 'organization';
|
vm.form.organization._resource = 'organization';
|
||||||
vm.form.organization._model = organization;
|
vm.form.organization._model = organization;
|
||||||
|
|||||||
@@ -45,13 +45,21 @@ function CredentialsResolve (
|
|||||||
organization: new Organization('get', orgId),
|
organization: new Organization('get', orgId),
|
||||||
credentialInputSources: models.credential.extend('GET', 'input_sources')
|
credentialInputSources: models.credential.extend('GET', 'input_sources')
|
||||||
};
|
};
|
||||||
|
|
||||||
dependents.isOrgCredAdmin = dependents.organization.then((org) => org.search({ role_level: 'credential_admin_role' }));
|
dependents.isOrgCredAdmin = dependents.organization.then((org) => org.search({ role_level: 'credential_admin_role' }));
|
||||||
|
|
||||||
return $q.all(dependents)
|
return $q.all(dependents)
|
||||||
.then(related => {
|
.then(related => {
|
||||||
models.credentialType = related.credentialType;
|
models.credentialType = related.credentialType;
|
||||||
models.organization = related.organization;
|
models.organization = related.organization;
|
||||||
models.isOrgCredAdmin = related.isOrgCredAdmin;
|
|
||||||
|
const isOrgAdmin = _.some(models.me.get('related.admin_of_organizations.results'), (org) => org.id === models.organization.get('id'));
|
||||||
|
const isSuperuser = models.me.get('is_superuser');
|
||||||
|
const isCurrentAuthor = Boolean(models.credential.get('summary_fields.created_by.id') === models.me.get('id'));
|
||||||
|
|
||||||
|
models.isOrgEditableByUser = (isSuperuser || isOrgAdmin
|
||||||
|
|| related.isOrgCredAdmin
|
||||||
|
|| (models.credential.get('organization') === null && isCurrentAuthor));
|
||||||
|
|
||||||
return models;
|
return models;
|
||||||
});
|
});
|
||||||
|
|||||||
Reference in New Issue
Block a user