mirror of
https://github.com/ansible/awx.git
synced 2026-03-23 20:05:03 -02:30
Permissions for org admin
The series of events for checking a user's access level was happening out of order for loading the permissions page/form. I added a callback so that the access level can be checked first and then a secondary action (like filling a form as readonly or not) could happen next.
This commit is contained in:
Jared Tabor
@@ -215,78 +215,86 @@ function PermissionsEdit($scope, $rootScope, $compile, $location, $log, $routePa
|
|||||||
generator.reset();
|
generator.reset();
|
||||||
|
|
||||||
|
|
||||||
CheckAccess({ scope: $scope });
|
|
||||||
|
|
||||||
$scope.selectCategory = function (resetIn) {
|
$scope.selectCategory = function (resetIn) {
|
||||||
var reset = (resetIn === false) ? false : true;
|
var reset = (resetIn === false) ? false : true;
|
||||||
PermissionCategoryChange({ scope: $scope, reset: reset });
|
PermissionCategoryChange({ scope: $scope, reset: reset });
|
||||||
};
|
};
|
||||||
|
if ($scope.removeFillForm) {
|
||||||
// Retrieve detail record and prepopulate the form
|
$scope.removeFillForm();
|
||||||
Wait('start');
|
}
|
||||||
Rest.setUrl(defaultUrl);
|
$scope.removeFillForm = $scope.$on('FillForm', function () {
|
||||||
Rest.get()
|
// Retrieve detail record and prepopulate the form
|
||||||
.success(function (data) {
|
Wait('start');
|
||||||
var fld, sourceModel, sourceField;
|
Rest.setUrl(defaultUrl);
|
||||||
LoadBreadCrumbs({ path: '/users/' + base_id + '/permissions/' + id, title: data.name });
|
Rest.get()
|
||||||
for (fld in form.fields) {
|
.success(function (data) {
|
||||||
if (data[fld]) {
|
var fld, sourceModel, sourceField;
|
||||||
if (form.fields[fld].sourceModel) {
|
LoadBreadCrumbs({ path: '/users/' + base_id + '/permissions/' + id, title: data.name });
|
||||||
sourceModel = form.fields[fld].sourceModel;
|
for (fld in form.fields) {
|
||||||
sourceField = form.fields[fld].sourceField;
|
if (data[fld]) {
|
||||||
$scope[sourceModel + '_' + sourceField] = data.summary_fields[sourceModel][sourceField];
|
if (form.fields[fld].sourceModel) {
|
||||||
master[sourceModel + '_' + sourceField] = data.summary_fields[sourceModel][sourceField];
|
sourceModel = form.fields[fld].sourceModel;
|
||||||
|
sourceField = form.fields[fld].sourceField;
|
||||||
|
$scope[sourceModel + '_' + sourceField] = data.summary_fields[sourceModel][sourceField];
|
||||||
|
master[sourceModel + '_' + sourceField] = data.summary_fields[sourceModel][sourceField];
|
||||||
|
}
|
||||||
|
$scope[fld] = data[fld];
|
||||||
|
master[fld] = $scope[fld];
|
||||||
}
|
}
|
||||||
$scope[fld] = data[fld];
|
|
||||||
master[fld] = $scope[fld];
|
|
||||||
}
|
}
|
||||||
}
|
|
||||||
|
|
||||||
$scope.category = 'Deploy';
|
$scope.category = 'Deploy';
|
||||||
if (data.permission_type !== 'run' && data.permission_type !== 'check') {
|
if (data.permission_type !== 'run' && data.permission_type !== 'check') {
|
||||||
$scope.category = 'Inventory';
|
$scope.category = 'Inventory';
|
||||||
}
|
}
|
||||||
master.category = $scope.category;
|
master.category = $scope.category;
|
||||||
$scope.selectCategory(false); //call without resetting $scope.category value
|
$scope.selectCategory(false); //call without resetting $scope.category value
|
||||||
|
|
||||||
LookUpInit({
|
LookUpInit({
|
||||||
scope: $scope,
|
scope: $scope,
|
||||||
form: form,
|
form: form,
|
||||||
current_item: data.inventory,
|
current_item: data.inventory,
|
||||||
list: InventoryList,
|
list: InventoryList,
|
||||||
field: 'inventory',
|
field: 'inventory',
|
||||||
input_type: "radio"
|
input_type: "radio"
|
||||||
});
|
|
||||||
|
|
||||||
LookUpInit({
|
|
||||||
scope: $scope,
|
|
||||||
form: form,
|
|
||||||
current_item: data.project,
|
|
||||||
list: ProjectList,
|
|
||||||
field: 'project',
|
|
||||||
input_type: 'radio'
|
|
||||||
});
|
|
||||||
|
|
||||||
if (!$scope.PermissionAddAllowed) {
|
|
||||||
// If not a privileged user, disable access
|
|
||||||
$('form[name="permission_form"]').find('select, input, button').each(function () {
|
|
||||||
if ($(this).is('input') || $(this).is('select')) {
|
|
||||||
$(this).attr('readonly', 'readonly');
|
|
||||||
}
|
|
||||||
if ($(this).is('input[type="checkbox"]') ||
|
|
||||||
$(this).is('input[type="radio"]') ||
|
|
||||||
$(this).is('button')) {
|
|
||||||
$(this).attr('disabled', 'disabled');
|
|
||||||
}
|
|
||||||
});
|
});
|
||||||
}
|
|
||||||
Wait('stop');
|
|
||||||
})
|
|
||||||
.error(function (data, status) {
|
|
||||||
ProcessErrors($scope, data, status, form, { hdr: 'Error!',
|
|
||||||
msg: 'Failed to retrieve Permission: ' + id + '. GET status: ' + status });
|
|
||||||
});
|
|
||||||
|
|
||||||
|
LookUpInit({
|
||||||
|
scope: $scope,
|
||||||
|
form: form,
|
||||||
|
current_item: data.project,
|
||||||
|
list: ProjectList,
|
||||||
|
field: 'project',
|
||||||
|
input_type: 'radio'
|
||||||
|
});
|
||||||
|
|
||||||
|
if (!$scope.PermissionAddAllowed) {
|
||||||
|
// If not a privileged user, disable access
|
||||||
|
$('form[name="permission_form"]').find('select, input, button').each(function () {
|
||||||
|
if ($(this).is('input') || $(this).is('select')) {
|
||||||
|
$(this).attr('readonly', 'readonly');
|
||||||
|
}
|
||||||
|
if ($(this).is('input[type="checkbox"]') ||
|
||||||
|
$(this).is('input[type="radio"]') ||
|
||||||
|
$(this).is('button')) {
|
||||||
|
$(this).attr('disabled', 'disabled');
|
||||||
|
}
|
||||||
|
});
|
||||||
|
}
|
||||||
|
Wait('stop');
|
||||||
|
})
|
||||||
|
.error(function (data, status) {
|
||||||
|
ProcessErrors($scope, data, status, form, { hdr: 'Error!',
|
||||||
|
msg: 'Failed to retrieve Permission: ' + id + '. GET status: ' + status });
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
CheckAccess({
|
||||||
|
scope: $scope,
|
||||||
|
callback: 'FillForm'
|
||||||
|
});
|
||||||
|
|
||||||
// Save changes to the parent
|
// Save changes to the parent
|
||||||
$scope.formSave = function () {
|
$scope.formSave = function () {
|
||||||
|
|||||||
@@ -20,7 +20,9 @@ angular.module('AccessHelper', ['RestServices', 'Utilities'])
|
|||||||
return function (params) {
|
return function (params) {
|
||||||
// set PermissionAddAllowed to true or false based on user access. admins and org admins are granted
|
// set PermissionAddAllowed to true or false based on user access. admins and org admins are granted
|
||||||
// accesss.
|
// accesss.
|
||||||
var scope = params.scope, me;
|
var scope = params.scope,
|
||||||
|
callback = params.callback || undefined,
|
||||||
|
me;
|
||||||
|
|
||||||
// uer may have refreshed the browser, in which case retrieve current user info from session cookie
|
// uer may have refreshed the browser, in which case retrieve current user info from session cookie
|
||||||
me = ($rootScope.current_user) ? $rootScope.current_user : $cookieStore.get('current_user');
|
me = ($rootScope.current_user) ? $rootScope.current_user : $cookieStore.get('current_user');
|
||||||
@@ -37,6 +39,7 @@ angular.module('AccessHelper', ['RestServices', 'Utilities'])
|
|||||||
} else {
|
} else {
|
||||||
scope.PermissionAddAllowed = false;
|
scope.PermissionAddAllowed = false;
|
||||||
}
|
}
|
||||||
|
|
||||||
})
|
})
|
||||||
.error(function (data, status) {
|
.error(function (data, status) {
|
||||||
ProcessErrors(scope, data, status, null, {
|
ProcessErrors(scope, data, status, null, {
|
||||||
@@ -47,6 +50,9 @@ angular.module('AccessHelper', ['RestServices', 'Utilities'])
|
|||||||
});
|
});
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
if(callback){
|
||||||
|
scope.$emit(callback);
|
||||||
|
}
|
||||||
//if (!access) {
|
//if (!access) {
|
||||||
// Alert('Access Denied', 'You do not have access to this function. Please contact your system administrator.');
|
// Alert('Access Denied', 'You do not have access to this function. Please contact your system administrator.');
|
||||||
//}
|
//}
|
||||||
|
|||||||
Reference in New Issue
Block a user