Merge pull request #2605 from jakemcdermott/fix-2601

remove admin and member roles from organization->team permissions 

Reviewed-by: https://github.com/softwarefactory-project-zuul[bot]

awx/ui/client/src/access/add-rbac-resource/rbac-resource.controller.js

@@ -27,6 +27,17 @@ export default ['$rootScope', '$scope', 'GetBasePath', 'Rest', '$q', 'Wait', 'Pr
         // array for all possible roles for the object
         scope.roles = scope.object.summary_fields.object_roles;
 
+        const objectType = _.get(scope, ['object', 'type']);
+        const teamRoles = _.get(scope, ['object', 'summary_fields', 'object_roles'], {});
+
+        if (objectType === 'organization') {
+            // some organization object_roles aren't allowed for teams
+            delete teamRoles.admin_role;
+            delete teamRoles.member_role;
+        }
+
+        scope.teamRoles = teamRoles;
+
         // TODO: get working with api
         // array w roles and descriptions for key
         scope.roleKey = Object

awx/ui/client/src/access/add-rbac-resource/rbac-resource.partial.html

@@ -88,7 +88,7 @@
                                             {{ obj.type }}
                                         </span>
                                     </div>
-                                    <rbac-multiselect-role class="AddPermissions-roleSelect" roles="roles" model="obj.roles">
+                                    <rbac-multiselect-role class="AddPermissions-roleSelect" roles="tab.teams ? teamRoles : roles" model="obj.roles">
                                     </rbac-multiselect-role>
                                     <button class="AddPermissions-roleRemove"
                                         ng-click="removeObject(obj)">