From 6c7c4061d17e6d5b14947e1842d94e4b0ad05788 Mon Sep 17 00:00:00 2001 From: jaredevantabor Date: Fri, 20 Jan 2017 16:33:50 -0800 Subject: [PATCH] When a user types into a lookup field, we now only match against objects the user has permission to access. I also included the type of thing it was. So for instance, if you're typing into cloud credentials, it should validate against cloud credentials, instead of validating against all credentials. --- awx/ui/client/src/shared/directives.js | 29 ++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/awx/ui/client/src/shared/directives.js b/awx/ui/client/src/shared/directives.js index d64ad4d091..35b9e8716b 100644 --- a/awx/ui/client/src/shared/directives.js +++ b/awx/ui/client/src/shared/directives.js @@ -587,6 +587,35 @@ angular.module('AWDirectives', ['RestServices', 'Utilities', 'JobsHelper']) basePath = GetBasePath(elm.attr('data-basePath')) || elm.attr('data-basePath'); query = elm.attr('data-query'); query = query.replace(/\:value/, encodeURIComponent(viewValue)); + + let base = ctrl.$name.split('_name')[0]; + if (attrs.watchbasepath !== undefined && scope[attrs.watchbasepath] !== undefined) { + basePath = scope[attrs.watchbasepath]; + query += '&role_level=use_role'; + query = query.replace('?', '&'); + } + else { + switch(base) { + case 'credential': + query += '&kind=ssh&role_level=use_role'; + break; + case 'network_credential': + query += '&kind=net&role_level=use_role'; + break; + case 'cloud_credential': + query += '&cloud=true&role_level=use_role'; + break; + case 'organization': + query += '&role_level=admin_role'; + break; + case 'inventory_script': + query += '&role_level=admin_role'; + break; + default: + query += '&role_level=use_role'; + } + } + Rest.setUrl(`${basePath}${query}`); // https://github.com/ansible/ansible-tower/issues/3549 // capturing both success/failure conditions in .then() promise