External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-03-03 09:48:51 -03:30
Code Issues Packages Projects Releases Wiki Activity

Check /api/v1/me to determine if user can perform create/update/delete on Permissions.

Browse Source
This commit is contained in:
chouseknecht
2013-06-27 04:51:23 -04:00
parent 0277a2177c
commit 652f7ceb7b
7 changed files with 101 additions and 43 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
awx/ui/static/js/app.js
View File

@@ -58,7 +58,8 @@ angular.module('ansible', [
'ChildrenHelper', 'ChildrenHelper',
'EventsHelper', 'EventsHelper',
'ProjectPathHelper', 'ProjectPathHelper',
'md5Helper' 'md5Helper',
'AccessHelper'
]) ])
.config(['$routeProvider', function($routeProvider) { .config(['$routeProvider', function($routeProvider) {
$routeProvider. $routeProvider.

19
awx/ui/static/js/controllers/Permissions.js
View File

@@ -22,15 +22,18 @@ function PermissionsList ($scope, $rootScope, $location, $log, $routeParams, Res
LoadBreadCrumbs(); LoadBreadCrumbs();
scope.addPermission = function() { scope.addPermission = function() {
$location.path($location.path() + '/add'); if (checkAccess()) {
$location.path($location.path() + '/add');
}
} }
scope.editPermission = function(id) { scope.editPermission = function(id) {
$location.path($location.path() + '/' + id); if (checkAccess()) {
$location.path($location.path() + '/' + id);
}
} }
scope.deletePermission = function(id, name) { scope.deletePermission = function(id, name) {
var action = function() { var action = function() {
var url = GetBasePath('base') + 'permissions/' + id + '/'; var url = GetBasePath('base') + 'permissions/' + id + '/';
Rest.setUrl(url); Rest.setUrl(url);
@@ -46,10 +49,12 @@ function PermissionsList ($scope, $rootScope, $location, $log, $routeParams, Res
}); });
}; };
Prompt({ hdr: 'Delete', if (checkAccess()) {
body: 'Are you sure you want to delete ' + name + '?', Prompt({ hdr: 'Delete',
action: action body: 'Are you sure you want to delete ' + name + '?',
}); action: action
});
}
} }
} }

38
awx/ui/static/js/controllers/Teams.js
View File

@@ -220,7 +220,7 @@ TeamsAdd.$inject = [ '$scope', '$rootScope', '$compile', '$location', '$log', '$
function TeamsEdit ($scope, $rootScope, $compile, $location, $log, $routeParams, TeamForm, function TeamsEdit ($scope, $rootScope, $compile, $location, $log, $routeParams, TeamForm,
GenerateForm, Rest, Alert, ProcessErrors, LoadBreadCrumbs, RelatedSearchInit, GenerateForm, Rest, Alert, ProcessErrors, LoadBreadCrumbs, RelatedSearchInit,
RelatedPaginateInit, ReturnToCaller, ClearScope, TeamLookUpOrganizationInit, Prompt, RelatedPaginateInit, ReturnToCaller, ClearScope, TeamLookUpOrganizationInit, Prompt,
GetBasePath) GetBasePath, CheckAccess)
{ {
ClearScope('htmlTemplate'); //Garbage collection. Don't leave behind any listeners/watchers from the prior ClearScope('htmlTemplate'); //Garbage collection. Don't leave behind any listeners/watchers from the prior
//scope. //scope.
@@ -318,7 +318,9 @@ function TeamsEdit ($scope, $rootScope, $compile, $location, $log, $routeParams,
scope.add = function(set) { scope.add = function(set) {
$rootScope.flashMessage = null; $rootScope.flashMessage = null;
if (set == 'permissions') { if (set == 'permissions') {
$location.path('/' + base + '/' + $routeParams.team_id + '/' + set + '/add'); if (CheckAccess()) {
$location.path('/' + base + '/' + $routeParams.team_id + '/' + set + '/add');
}
} }
else { else {
$location.path('/' + base + '/' + $routeParams.team_id + '/' + set); $location.path('/' + base + '/' + $routeParams.team_id + '/' + set);
@@ -329,7 +331,9 @@ function TeamsEdit ($scope, $rootScope, $compile, $location, $log, $routeParams,
scope.edit = function(set, id, name) { scope.edit = function(set, id, name) {
$rootScope.flashMessage = null; $rootScope.flashMessage = null;
if (set == 'permissions') { if (set == 'permissions') {
$location.path('/' + base + '/' + $routeParams.team_id + '/' + set + '/' + id); if (CheckAccess()) {
$location.path('/' + base + '/' + $routeParams.team_id + '/' + set + '/' + id);
}
} }
else { else {
$location.path('/' + set + '/' + id); $location.path('/' + set + '/' + id);
@@ -343,18 +347,20 @@ function TeamsEdit ($scope, $rootScope, $compile, $location, $log, $routeParams,
var action = function() { var action = function() {
var url; var url;
if (set == 'permissions') { if (set == 'permissions') {
url = GetBasePath('base') + 'permissions/' + itm_id + '/'; if (CheckAccess()) {
Rest.setUrl(url); url = GetBasePath('base') + 'permissions/' + itm_id + '/';
Rest.destroy() Rest.setUrl(url);
.success( function(data, status, headers, config) { Rest.destroy()
$('#prompt-modal').modal('hide'); .success( function(data, status, headers, config) {
scope.search(form.related[set].iterator); $('#prompt-modal').modal('hide');
}) scope.search(form.related[set].iterator);
.error( function(data, status, headers, config) { })
$('#prompt-modal').modal('hide'); .error( function(data, status, headers, config) {
ProcessErrors(scope, data, status, null, $('#prompt-modal').modal('hide');
{ hdr: 'Error!', msg: 'Call to ' + url + ' failed. DELETE returned status: ' + status }); ProcessErrors(scope, data, status, null,
}); { hdr: 'Error!', msg: 'Call to ' + url + ' failed. DELETE returned status: ' + status });
});
}
} }
else { else {
var url = defaultUrl + $routeParams.team_id + '/' + set + '/'; var url = defaultUrl + $routeParams.team_id + '/' + set + '/';
@@ -383,6 +389,6 @@ function TeamsEdit ($scope, $rootScope, $compile, $location, $log, $routeParams,
TeamsEdit.$inject = [ '$scope', '$rootScope', '$compile', '$location', '$log', '$routeParams', 'TeamForm', TeamsEdit.$inject = [ '$scope', '$rootScope', '$compile', '$location', '$log', '$routeParams', 'TeamForm',
'GenerateForm', 'Rest', 'Alert', 'ProcessErrors', 'LoadBreadCrumbs', 'RelatedSearchInit', 'GenerateForm', 'Rest', 'Alert', 'ProcessErrors', 'LoadBreadCrumbs', 'RelatedSearchInit',
'RelatedPaginateInit', 'ReturnToCaller', 'ClearScope', 'TeamLookUpOrganizationInit', 'Prompt', 'RelatedPaginateInit', 'ReturnToCaller', 'ClearScope', 'TeamLookUpOrganizationInit', 'Prompt',
'GetBasePath' 'GetBasePath', 'CheckAccess'
]; ];

39
awx/ui/static/js/controllers/Users.js
View File

@@ -137,7 +137,8 @@ function UsersList ($scope, $rootScope, $location, $log, $routeParams, Rest,
} }
UsersList.$inject = [ '$scope', '$rootScope', '$location', '$log', '$routeParams', 'Rest', 'Alert', 'UserList', 'GenerateList', UsersList.$inject = [ '$scope', '$rootScope', '$location', '$log', '$routeParams', 'Rest', 'Alert', 'UserList', 'GenerateList',
'LoadBreadCrumbs', 'Prompt', 'SearchInit', 'PaginateInit', 'ReturnToCaller', 'ClearScope', 'ProcessErrors' ]; 'LoadBreadCrumbs', 'Prompt', 'SearchInit', 'PaginateInit', 'ReturnToCaller', 'ClearScope', 'ProcessErrors'
];
function UsersAdd ($scope, $rootScope, $compile, $location, $log, $routeParams, UserForm, function UsersAdd ($scope, $rootScope, $compile, $location, $log, $routeParams, UserForm,
@@ -224,7 +225,7 @@ UsersAdd.$inject = [ '$scope', '$rootScope', '$compile', '$location', '$log', '$
function UsersEdit ($scope, $rootScope, $compile, $location, $log, $routeParams, UserForm, function UsersEdit ($scope, $rootScope, $compile, $location, $log, $routeParams, UserForm,
GenerateForm, Rest, Alert, ProcessErrors, LoadBreadCrumbs, RelatedSearchInit, GenerateForm, Rest, Alert, ProcessErrors, LoadBreadCrumbs, RelatedSearchInit,
RelatedPaginateInit, ReturnToCaller, ClearScope, GetBasePath, Prompt) RelatedPaginateInit, ReturnToCaller, ClearScope, GetBasePath, Prompt, CheckAccess)
{ {
ClearScope('htmlTemplate'); //Garbage collection. Don't leave behind any listeners/watchers from the prior ClearScope('htmlTemplate'); //Garbage collection. Don't leave behind any listeners/watchers from the prior
//scope. //scope.
@@ -320,7 +321,9 @@ function UsersEdit ($scope, $rootScope, $compile, $location, $log, $routeParams,
scope.add = function(set) { scope.add = function(set) {
$rootScope.flashMessage = null; $rootScope.flashMessage = null;
if (set == 'permissions') { if (set == 'permissions') {
$location.path('/' + base + '/' + $routeParams.user_id + '/' + set + '/add'); if (CheckAccess()) {
$location.path('/' + base + '/' + $routeParams.user_id + '/' + set + '/add');
}
} }
else { else {
$location.path('/' + base + '/' + $routeParams.user_id + '/' + set); $location.path('/' + base + '/' + $routeParams.user_id + '/' + set);
@@ -331,7 +334,9 @@ function UsersEdit ($scope, $rootScope, $compile, $location, $log, $routeParams,
scope.edit = function(set, id, name) { scope.edit = function(set, id, name) {
$rootScope.flashMessage = null; $rootScope.flashMessage = null;
if (set == 'permissions') { if (set == 'permissions') {
$location.path('/users/' + $routeParams.user_id + '/permissions/' + id); if (CheckAccess()) {
$location.path('/users/' + $routeParams.user_id + '/permissions/' + id);
}
} }
else { else {
$location.path('/' + set + '/' + id); $location.path('/' + set + '/' + id);
@@ -345,18 +350,20 @@ function UsersEdit ($scope, $rootScope, $compile, $location, $log, $routeParams,
var action = function() { var action = function() {
var url; var url;
if (set == 'permissions') { if (set == 'permissions') {
url = GetBasePath('base') + 'permissions/' + itm_id + '/'; if (CheckAccess()) {
Rest.setUrl(url); url = GetBasePath('base') + 'permissions/' + itm_id + '/';
Rest.destroy() Rest.setUrl(url);
.success( function(data, status, headers, config) { Rest.destroy()
$('#prompt-modal').modal('hide'); .success( function(data, status, headers, config) {
scope.search(form.related[set].iterator); $('#prompt-modal').modal('hide');
}) scope.search(form.related[set].iterator);
.error( function(data, status, headers, config) { })
$('#prompt-modal').modal('hide'); .error( function(data, status, headers, config) {
ProcessErrors(scope, data, status, null, $('#prompt-modal').modal('hide');
ProcessErrors(scope, data, status, null,
{ hdr: 'Error!', msg: 'Call to ' + url + ' failed. DELETE returned status: ' + status }); { hdr: 'Error!', msg: 'Call to ' + url + ' failed. DELETE returned status: ' + status });
}); });
}
} }
else { else {
url = defaultUrl + $routeParams.user_id + '/' + set + '/'; url = defaultUrl + $routeParams.user_id + '/' + set + '/';
@@ -384,5 +391,5 @@ function UsersEdit ($scope, $rootScope, $compile, $location, $log, $routeParams,
UsersEdit.$inject = [ '$scope', '$rootScope', '$compile', '$location', '$log', '$routeParams', 'UserForm', UsersEdit.$inject = [ '$scope', '$rootScope', '$compile', '$location', '$log', '$routeParams', 'UserForm',
'GenerateForm', 'Rest', 'Alert', 'ProcessErrors', 'LoadBreadCrumbs', 'RelatedSearchInit', 'GenerateForm', 'Rest', 'Alert', 'ProcessErrors', 'LoadBreadCrumbs', 'RelatedSearchInit',
'RelatedPaginateInit', 'ReturnToCaller', 'ClearScope', 'GetBasePath', 'Prompt']; 'RelatedPaginateInit', 'ReturnToCaller', 'ClearScope', 'GetBasePath', 'Prompt', 'CheckAccess'];

36
awx/ui/static/js/helpers/Access.js Normal file
View File

@@ -0,0 +1,36 @@
/*********************************************
* Copyright (c) 2013 AnsibleWorks, Inc.
*
*/
angular.module('AccessHelper', ['RestServices', 'Utilities'])
.factory('CheckAccess', ['$rootScope', 'Alert', 'Rest', 'GetBasePath','ProcessErrors', 'Alert',
function($rootScope, Alert, Rest, GetBasePath, ProcessErrors, Prompt) {
return function(params) {
var me = $rootScope.current_user;
var access = false;
if (me.is_superuser) {
access = true;
}
else {
if (me.related.admin_of_organizations) {
Rest.setUrl(me.related.admin_of_organizations);
Rest.get()
.success( function(data, status, headers, config) {
if (data.results.length > 0) {
access = true;
}
})
.error( function(data, status, headers, config) {
ProcessErrors(scope, data, status, null,
{ hdr: 'Error!', msg: 'Call to ' + me.related.admin_of_organizations +
' failed. DELETE returned status: ' + status });
});
}
}
if (!access) {
Alert('Access Denied', 'You do not have access to this function. Please contact your system administrator.');
}
return access;
}
}]);

4
awx/ui/static/partials/login-dialog.html
View File

@@ -6,7 +6,9 @@
<h3>Ansible Login</h3> <h3>Ansible Login</h3>
</div> </div>
<div class="modal-body"> <div class="modal-body">
<div class="alert alert-warning alert-block" ng-show="(sessionExpired == true)">Your session timed out due to inactivity. Please sign in again. Session timeout is set to: {{ sessionTimeout }} minutes.</div> <div style="padding-bottom: 20px;" class="alert alert-warning alert-block" ng-show="(sessionExpired == true)">
Your session timed out due to inactivity. Please sign in again.
</div>
<form id="login-form" name="loginForm" class="form-horizontal" novalidate> <form id="login-form" name="loginForm" class="form-horizontal" novalidate>
<div class="control-group"> <div class="control-group">
<label class="control-label">Username:</label> <label class="control-label">Username:</label>

1
awx/ui/templates/ui/index.html
View File

@@ -81,6 +81,7 @@
<script src="{{ STATIC_URL }}js/helpers/Children.js"></script> <script src="{{ STATIC_URL }}js/helpers/Children.js"></script>
<script src="{{ STATIC_URL }}js/helpers/ProjectPath.js"></script> <script src="{{ STATIC_URL }}js/helpers/ProjectPath.js"></script>
<script src="{{ STATIC_URL }}js/helpers/md5.js"></script> <script src="{{ STATIC_URL }}js/helpers/md5.js"></script>
<script src="{{ STATIC_URL }}js/helpers/Access.js"></script>
<script src="{{ STATIC_URL }}lib/ansible/directives.js"></script> <script src="{{ STATIC_URL }}lib/ansible/directives.js"></script>
<script src="{{ STATIC_URL }}lib/ansible/filters.js"></script> <script src="{{ STATIC_URL }}lib/ansible/filters.js"></script>
<script src="{{ STATIC_URL }}lib/ansible/api-loader.js"></script> <script src="{{ STATIC_URL }}lib/ansible/api-loader.js"></script>