diff --git a/awx/ui/client/features/credentials/add-credentials.controller.js b/awx/ui/client/features/credentials/add-credentials.controller.js index c991f62b0f..193c2cbb5b 100644 --- a/awx/ui/client/features/credentials/add-credentials.controller.js +++ b/awx/ui/client/features/credentials/add-credentials.controller.js @@ -43,8 +43,8 @@ function AddCredentialsController (models, $state, strings) { }; vm.form.save = data => { - data.user = me.getSelf().id; - + data.user = me.get('id'); + return credential.request('post', data); }; diff --git a/awx/ui/client/features/credentials/edit-credentials.controller.js b/awx/ui/client/features/credentials/edit-credentials.controller.js index 92a3dc357c..177dab5239 100644 --- a/awx/ui/client/features/credentials/edit-credentials.controller.js +++ b/awx/ui/client/features/credentials/edit-credentials.controller.js @@ -45,6 +45,14 @@ function EditCredentialsController (models, $state, $scope, strings) { vm.form.disabled = !isEditable; } + let isOrgAdmin = _.some(me.get('related.admin_of_organizations.results'), (org) => {return org.id === organization.get('id');}); + let isSuperuser = me.get('is_superuser'); + let isCurrentAuthor = Boolean(credential.get('summary_fields.created_by.id') === me.get('id')); + vm.form.organization._disabled = true; + if(isSuperuser || isOrgAdmin || (credential.get('organization') === null && isCurrentAuthor)){ + vm.form.organization._disabled = false; + } + vm.form.organization._resource = 'organization'; vm.form.organization._model = organization; vm.form.organization._route = 'credentials.edit.organization'; @@ -75,12 +83,12 @@ function EditCredentialsController (models, $state, $scope, strings) { }; /** - * If a credential's `credential_type` is changed while editing, the inputs associated with - * the old type need to be cleared before saving the inputs associated with the new type. + * If a credential's `credential_type` is changed while editing, the inputs associated with + * the old type need to be cleared before saving the inputs associated with the new type. * Otherwise inputs are merged together making the request invalid. */ vm.form.save = data => { - data.user = me.getSelf().id; + data.user = me.get('id'); credential.unset('inputs'); return credential.request('put', data); diff --git a/awx/ui/client/features/credentials/index.js b/awx/ui/client/features/credentials/index.js index c11dc3e1d6..391e5acbb6 100644 --- a/awx/ui/client/features/credentials/index.js +++ b/awx/ui/client/features/credentials/index.js @@ -7,7 +7,9 @@ function CredentialsResolve ($q, $stateParams, Me, Credential, CredentialType, O let id = $stateParams.credential_id; let promises = { - me: new Me('get') + me: new Me('get').then((me) => { + return me.extend('get', 'admin_of_organizations'); + }) }; if (!id) { diff --git a/awx/ui/client/lib/models/Base.js b/awx/ui/client/lib/models/Base.js index db2851bc53..a1c60e1bd9 100644 --- a/awx/ui/client/lib/models/Base.js +++ b/awx/ui/client/lib/models/Base.js @@ -277,9 +277,35 @@ function has (method, keys) { return value !== undefined && value !== null; } +function extend (method, related) { + if (!related) { + related = method + method = 'GET' + } else { + method = method.toUpperCase() + } + + if (this.has(method, `related.${related}`)) { + let id = this.get('id') + + let req = { + method, + url: this.get(`related.${related}`) + }; + + return $http(req) + .then(({data}) => { + this.set(method, `related.${related}`, data); + return this; + }) + } + + return Promise.reject(new Error(`No related property, ${related}, exists`)); +} + function normalizePath (resource) { let version = '/api/v2/'; - + return `${version}${resource}/`; } @@ -383,6 +409,7 @@ function BaseModel (path, settings) { this.search = search; this.set = set; this.unset = unset; + this.extend = extend; this.http = { get: httpGet.bind(this), diff --git a/awx/ui/client/lib/models/Me.js b/awx/ui/client/lib/models/Me.js index 9393132e8e..a606db9731 100644 --- a/awx/ui/client/lib/models/Me.js +++ b/awx/ui/client/lib/models/Me.js @@ -1,16 +1,19 @@ let BaseModel; -function getSelf () { - return this.get('results[0]'); -} - function MeModel (method, resource, graft) { BaseModel.call(this, 'me'); this.Constructor = MeModel; - this.getSelf = getSelf.bind(this); - return this.create(method, resource, graft); + return this.create(method, resource, graft) + .then(() => { + if (this.has('results')) { + _.merge(this.model.GET, this.get('results[0]')); + this.unset('results'); + } + + return this; + }); } function MeModelLoader (_BaseModel_) { diff --git a/awx/ui/client/lib/models/index.js b/awx/ui/client/lib/models/index.js index 0734340dae..c40f9e156d 100644 --- a/awx/ui/client/lib/models/index.js +++ b/awx/ui/client/lib/models/index.js @@ -13,4 +13,3 @@ angular .service('CredentialTypeModel', CredentialType) .service('MeModel', Me) .service('OrganizationModel', Organization); - diff --git a/awx/ui/client/src/projects/edit/projects-edit.controller.js b/awx/ui/client/src/projects/edit/projects-edit.controller.js index 1ba9315dcc..4ac43a8160 100644 --- a/awx/ui/client/src/projects/edit/projects-edit.controller.js +++ b/awx/ui/client/src/projects/edit/projects-edit.controller.js @@ -8,11 +8,12 @@ export default ['$scope', '$rootScope', '$stateParams', 'ProjectsForm', 'Rest', 'Alert', 'ProcessErrors', 'GenerateForm', 'Prompt', 'GetBasePath', 'GetProjectPath', 'Authorization', 'GetChoices', 'Empty', 'Wait', 'ProjectUpdate', '$state', 'CreateSelect2', 'ToggleNotification', - 'i18n', 'CredentialTypes', + 'i18n', 'CredentialTypes', 'OrgAdminLookup', function($scope, $rootScope, $stateParams, ProjectsForm, Rest, Alert, ProcessErrors, GenerateForm, Prompt, GetBasePath, GetProjectPath, Authorization, GetChoices, Empty, Wait, ProjectUpdate, - $state, CreateSelect2, ToggleNotification, i18n, CredentialTypes) { + $state, CreateSelect2, ToggleNotification, i18n, CredentialTypes, + OrgAdminLookup) { var form = ProjectsForm(), defaultUrl = GetBasePath('projects') + $stateParams.project_id + '/', @@ -141,6 +142,11 @@ export default ['$scope', '$rootScope', '$stateParams', 'ProjectsForm', 'Rest', $scope.scm_type_class = "btn-disabled"; } + OrgAdminLookup.checkForAdminAccess({organization: data.organization}) + .then(function(canEditOrg){ + $scope.canEditOrg = canEditOrg; + }); + $scope.project_obj = data; $scope.name = data.name; $scope.$emit('projectLoaded'); diff --git a/awx/ui/client/src/teams/edit/teams-edit.controller.js b/awx/ui/client/src/teams/edit/teams-edit.controller.js index d8b557817c..77166dfad5 100644 --- a/awx/ui/client/src/teams/edit/teams-edit.controller.js +++ b/awx/ui/client/src/teams/edit/teams-edit.controller.js @@ -5,9 +5,9 @@ *************************************************/ export default ['$scope', '$rootScope', '$stateParams', 'TeamForm', 'Rest', - 'ProcessErrors', 'GetBasePath', 'Wait', '$state', + 'ProcessErrors', 'GetBasePath', 'Wait', '$state', 'OrgAdminLookup', function($scope, $rootScope, $stateParams, TeamForm, Rest, ProcessErrors, - GetBasePath, Wait, $state) { + GetBasePath, Wait, $state, OrgAdminLookup) { var form = TeamForm, id = $stateParams.team_id, @@ -23,6 +23,11 @@ export default ['$scope', '$rootScope', '$stateParams', 'TeamForm', 'Rest', setScopeFields(data); $scope.organization_name = data.summary_fields.organization.name; + OrgAdminLookup.checkForAdminAccess({organization: data.organization}) + .then(function(canEditOrg){ + $scope.canEditOrg = canEditOrg; + }); + $scope.team_obj = data; Wait('stop'); });