External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-02-27 15:58:45 -03:30
Code Issues Packages Projects Releases Wiki Activity

incorporating RBAC into auto-population and for lookup modal lists

Browse Source 
basically, you shouldn't be able to select a resource you don't have permission to use, either through autopopulation or selecting manually
This commit is contained in:
jaredevantabor
2017-01-20 15:45:00 -08:00
parent fc45603c3b
commit 862a2d3c49
3 changed files with 23 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
awx/ui/client/src/shared/directives.js
View File

@@ -495,19 +495,26 @@ angular.module('AWDirectives', ['RestServices', 'Utilities', 'JobsHelper'])
}
function _doAutoPopulate() {
let query = '';
let query = '?role_level=use_role';
if (attrs.watchbasepath !== undefined && scope[attrs.watchbasepath] !== undefined) {
basePath = scope[attrs.watchbasepath];
query = '&role_level=use_role';
}
else {
basePath = GetBasePath(elm.attr('data-basePath')) || elm.attr('data-basePath');
switch(modelName) {
case 'credential':
query = '?kind=ssh';
query = '?kind=ssh&role_level=use_role';
break;
case 'network_credential':
query = '?kind=net';
query = '?kind=net&role_level=use_role';
break;
case 'organization':
query = '?role_level=admin_role';
break;
case 'inventory_script':
query = '?role_level=admin_role';
break;
}
@@ -517,11 +524,8 @@ angular.module('AWDirectives', ['RestServices', 'Utilities', 'JobsHelper'])
Rest.get()
.success(function (data) {
if (data.count === 1) {
if(data.results[0].summary_fields.user_capabilities.edit === true){
scope[modelKey] = data.results[0].name;
scope[modelName] = data.results[0].id;
}
scope[modelKey] = data.results[0].name;
scope[modelName] = data.results[0].id;
}
});
}

4
awx/ui/client/src/shared/form-generator.js
View File

@@ -1368,8 +1368,8 @@ angular.module('FormGenerator', [GeneratorHelpers.name, 'Utilities', listGenerat
html += `data-basePath="${field.basePath}"`;
html += `data-source="${field.sourceModel}"`;
html += `data-query="?${field.sourceField}__iexact=:value"`;
html += (field.autopopulateLookup !== undefined) ? ` autopopulateLookup=${field.autopopulateLookup} ` : "";
html += (field.watchBasePath !== undefined) ? ` watchBasePath=${field.watchBasePath} ` : "";
html += (field.autopopulateLookup !== undefined) ? ` autopopulateLookup=${field.autopopulateLookup} ` : "";
html += (field.watchBasePath !== undefined) ? ` watchBasePath=${field.watchBasePath} ` : "";
html += `ng-model-options="{ updateOn: 'default blur', debounce: { 'default': 300, 'blur': 0 } }"`;
html += " awlookup >\n";
html += "</div>\n";

10
awx/ui/client/src/shared/stateDefinitions.factory.js
View File

@@ -643,7 +643,10 @@ export default ['$injector', '$stateExtender', '$log', function($injector, $stat
},
params: {
[field.sourceModel + '_search']: {
value: { page_size: '5' }
value: {
page_size: '5',
role_level: 'use_role'
}
}
},
ncyBreadcrumb: {
@@ -683,6 +686,11 @@ export default ['$injector', '$stateExtender', '$log', function($injector, $stat
interpolator = $interpolate(list.basePath);
path = interpolator({ $rootScope: $rootScope, $stateParams: $stateParams });
}
// Need to delete the role_level here b/c organizations and inventory scripts
// don't have a "use_role", only "admin_role" and "read_role"
if(list.iterator === "organization" || list.iterator === "inventory_script"){
delete $stateParams[`${list.iterator}_search`].role_level;
}
return qs.search(path, $stateParams[`${list.iterator}_search`]);
}
]