Merge branch 'release_2.4.0' into devel

* release_2.4.0: (24 commits) CheckAccess for related fields for teams Don't save the instance in set_actor if the user is invalid fixed related values not populating in teams ui update to more performant and 2.7.9 SSL-friendlier version of pywinrm added dm.xmlsec.bindin license stop waiting after summary fields are grabbed Remove social auth user fields settings that don't have any effect. fixed social authd user license issue Remove cedric-vincent proot repo Updating changelogs and readme Fix typo in AnonymousUser Fix an issue reauthing as a social auth user fixed organization rest call from happening fixed messing up add user form w social auth pw hide earlier Update response object nesting for pendo service update requirements.txt README hide un and pw fields when user is social auth based add pyrad to requirements.txt added appdirs add django-radius license ...
2026-05-13 20:37:39 -02:30 · 2015-11-23 12:19:37 -05:00
parent 9bed8376ba 9c435080ac
commit e646715773
24 changed files with 574 additions and 91 deletions
--- a/awx/main/middleware.py
+++ b/awx/main/middleware.py
@@ -5,7 +5,7 @@ import logging
 import threading
 import uuid

-from django.contrib.auth.models import User
+from django.contrib.auth.models import User, AnonymousUser
 from django.db.models.signals import post_save
 from django.db import IntegrityError
 from django.http import HttpResponseRedirect
@@ -62,8 +62,11 @@ class ActivityStreamMiddleware(threading.local):
    def set_actor(self, user, sender, instance, **kwargs):
        if sender == ActivityStream:
            if isinstance(user, User) and instance.actor is None:
-                instance.actor = user
-                instance.save(update_fields=['actor'])
+                user = User.objects.filter(id=user.id)
+                if user.exists():
+                    user = user[0]
+                    instance.actor = user
+                    instance.save(update_fields=['actor'])
            else:
                if instance.id not in self.instance_ids:
                    self.instance_ids.append(instance.id)
--- a/awx/settings/local_settings.py.docker_compose
+++ b/awx/settings/local_settings.py.docker_compose
@@ -577,17 +577,12 @@ SOCIAL_AUTH_TEAM_MAP = {
 #SOCIAL_AUTH_GITHUB_TEAM_TEAM_MAP = {}
 #SOCIAL_AUTH_SAML_TEAM_MAP = {}

-# Uncomment one or more of the lines below to prevent new user accounts from
-# being created for the selected social auth providers.  Only users who have
+# Uncomment the line below (i.e. set SOCIAL_AUTH_USER_FIELDS to an empty list)
+# to prevent new user accounts from being created.  Only users who have
 # previously logged in using social auth or have a user account with a matching
 # email address will be able to login.

 #SOCIAL_AUTH_USER_FIELDS = []
-#SOCIAL_AUTH_GOOGLE_OAUTH2_USER_FIELDS = []
-#SOCIAL_AUTH_GITHUB_USER_FIELDS = []
-#SOCIAL_AUTH_GITHUB_ORG_USER_FIELDS = []
-#SOCIAL_AUTH_GITHUB_TEAM_USER_FIELDS = []
-#SOCIAL_AUTH_SAML_USER_FIELDS = []

 # It is also possible to add custom functions to the social auth pipeline for
 # more advanced organization and team mapping.  Use at your own risk.
--- a/awx/settings/local_settings.py.example
+++ b/awx/settings/local_settings.py.example
@@ -575,17 +575,12 @@ SOCIAL_AUTH_TEAM_MAP = {
 #SOCIAL_AUTH_GITHUB_TEAM_TEAM_MAP = {}
 #SOCIAL_AUTH_SAML_TEAM_MAP = {}

-# Uncomment one or more of the lines below to prevent new user accounts from
-# being created for the selected social auth providers.  Only users who have
+# Uncomment the line below (i.e. set SOCIAL_AUTH_USER_FIELDS to an empty list)
+# to prevent new user accounts from being created.  Only users who have
 # previously logged in using social auth or have a user account with a matching
 # email address will be able to login.

 #SOCIAL_AUTH_USER_FIELDS = []
-#SOCIAL_AUTH_GOOGLE_OAUTH2_USER_FIELDS = []
-#SOCIAL_AUTH_GITHUB_USER_FIELDS = []
-#SOCIAL_AUTH_GITHUB_ORG_USER_FIELDS = []
-#SOCIAL_AUTH_GITHUB_TEAM_USER_FIELDS = []
-#SOCIAL_AUTH_SAML_USER_FIELDS = []

 # It is also possible to add custom functions to the social auth pipeline for
 # more advanced organization and team mapping.  Use at your own risk.
--- a/awx/ui/client/src/controllers/Teams.js
+++ b/awx/ui/client/src/controllers/Teams.js
@@ -3,7 +3,7 @@
 *
 * All Rights Reserved
 *************************************************/
- 
+
 /**
 * @ngdoc function
 * @name controllers.function:Teams
@@ -227,34 +227,6 @@ export function TeamsEdit($scope, $rootScope, $compile, $location, $log, $routeP

    $scope.PermissionAddAllowed = false;

-    // Retrieve each related set and any lookups
-    if ($scope.teamLoadedRemove) {
-        $scope.teamLoadedRemove();
-    }
-    $scope.teamLoadedRemove = $scope.$on('teamLoaded', function () {
-        CheckAccess({ scope: $scope });
-        if ($scope.organization_url) {
-            Rest.setUrl($scope.organization_url);
-            Rest.get()
-                .success(function (data) {
-                    $scope.organization_name = data.name;
-                    master.organization_name = data.name;
-                    Wait('stop');
-                })
-                .error(function (data, status) {
-                    ProcessErrors($scope, data, status, null, { hdr: 'Error!', msg: 'Failed to retrieve organization: ' +
-                        $scope.orgnization_url + '. GET status: ' + status });
-                });
-            for (var set in relatedSets) {
-                $scope.search(relatedSets[set].iterator);
-            }
-        } else {
-            $scope.organization_name = "";
-            master.organization_name = "";
-            Wait('stop');
-        }
-    });
-
    // Retrieve each related set and any lookups
    if ($scope.loadTeamRemove) {
        $scope.loadTeamRemove();
@@ -307,11 +279,20 @@ export function TeamsEdit($scope, $rootScope, $compile, $location, $log, $routeP
                });

                $scope.organization_url = data.related.organization;
-                $scope.$emit('teamLoaded');
+                $scope.organization_name = data.summary_fields.organization.name;
+                master.organization_name = data.summary_fields.organization.name;
+
+                // get related object values and populate
+                for (var relatedValues in relatedSets) {
+                    $scope.search(relatedSets[relatedValues].iterator);
+                }
+                CheckAccess({ scope: $scope }); //Does the user have access to add/edit Permissions?
+                Wait('stop');
            })
            .error(function (data, status) {
                ProcessErrors($scope, data, status, form, { hdr: 'Error!', msg: 'Failed to retrieve team: ' + $routeParams.team_id +
                    '. GET status: ' + status });
+                Wait('stop');
            });
    });

--- a/awx/ui/client/src/controllers/Users.js
+++ b/awx/ui/client/src/controllers/Users.js
@@ -119,6 +119,7 @@ export function UsersAdd($scope, $rootScope, $compile, $location, $log, $routePa
    $scope.ldap_user = false;
    $scope.not_ldap_user = !$scope.ldap_user;
    $scope.ldap_dn = null;
+    $scope.socialAuthUser = false;

    generator.reset();

@@ -307,6 +308,7 @@ export function UsersEdit($scope, $rootScope, $compile, $location, $log, $routeP
                $scope.ldap_user = (data.ldap_dn !== null && data.ldap_dn !== undefined && data.ldap_dn !== '') ? true : false;
                $scope.not_ldap_user = !$scope.ldap_user;
                master.ldap_user = $scope.ldap_user;
+                $scope.socialAuthUser = (data.auth.length > 0) ? true : false;

                // Initialize related search functions. Doing it here to make sure relatedSets object is populated.
                RelatedSearchInit({
--- a/awx/ui/client/src/forms/Users.js
+++ b/awx/ui/client/src/forms/Users.js
@@ -84,7 +84,7 @@ export default
                    label: 'Password',
                    type: 'sensitive',
                    hasShowInputButton: true,
-                    ngShow: 'ldap_user == false',
+                    ngShow: 'ldap_user == false && socialAuthUser === false',
                    addRequired: true,
                    editRequired: false,
                    ngChange: "clearPWConfirm('password_confirm')",
@@ -95,7 +95,7 @@ export default
                    label: 'Confirm Password',
                    type: 'sensitive',
                    hasShowInputButton: true,
-                    ngShow: 'ldap_user == false',
+                    ngShow: 'ldap_user == false && socialAuthUser === false',
                    addRequired: true,
                    editRequired: false,
                    awPassMatch: true,
--- a/awx/ui/client/src/helpers/License.js
+++ b/awx/ui/client/src/helpers/License.js
@@ -23,11 +23,11 @@ export default
    'FormGenerator', 'ParseHelper', 'ModalDialog', 'VariablesHelper', 'LicenseFormDefinition'])


-    .factory('CheckLicense', ['$rootScope', '$compile', 'CreateDialog', 'Store',
+    .factory('CheckLicense', ['$q', '$rootScope', '$compile', 'CreateDialog', 'Store',
    'LicenseUpdateForm', 'GenerateForm', 'TextareaResize', 'ToJSON', 'GetBasePath',
    'Rest', 'ProcessErrors', 'Alert', 'IsAdmin', '$location', 'pendoService',
    'Authorization', 'Wait',
-    function($rootScope, $compile, CreateDialog, Store, LicenseUpdateForm, GenerateForm,
+    function($q, $rootScope, $compile, CreateDialog, Store, LicenseUpdateForm, GenerateForm,
        TextareaResize, ToJSON, GetBasePath, Rest, ProcessErrors, Alert, IsAdmin, $location,
        pendoService, Authorization, Wait) {
        return {
@@ -201,27 +201,49 @@ export default

            test: function() {
                var license = Store('license'),
-                    notify = this.shouldNotify(license),
                    self = this,
                    scope;

-                self.scope = $rootScope.$new();
-                scope = self.scope;
+                var getLicense = function() {
+                    var deferred = $q.defer();

-                if (license && typeof license === 'object' && Object.keys(license).length > 0) {
-                    if (license.tested) {
-                        return true;
+                    if (license === null) {
+                        Rest.setUrl(GetBasePath('config'));
+                        return Rest.get()
+                            .then(function (data) {
+                                license = data.data.license_info;
+                                deferred.resolve();
+                                return deferred.promise;
+                            }, function () {
+                                deferred.resolve();
+                                return deferred.promise;
+                            });
+                    } else {
+                        deferred.resolve(license);
+                        return deferred.promise;
                    }
-                    license.tested = true;
-                    Store('license',license);  //update with tested flag
                }

-                // Don't do anything when the license is valid
-                if (!notify) {
-                    return true; // if the license is valid it would exit 'test' here, otherwise it moves on to making the modal for the license
-                }
+                var promise = getLicense();
+                promise.then(function() {
+                    self.scope = $rootScope.$new();
+                    scope = self.scope;

-                $location.path('/license');
+                    if (license && typeof license === 'object' && Object.keys(license).length > 0) {
+                        if (license.tested) {
+                            return true;
+                        }
+                        license.tested = true;
+                        Store('license',license);  //update with tested flag
+                    }
+
+                    // Don't do anything when the license is valid
+                    if (!self.shouldNotify(license)) {
+                        return true; // if the license is valid it would exit 'test' here, otherwise it moves on to making the modal for the license
+                    }
+
+                    $location.path('/license');
+                });
            },

            GetLicense: function(callback, inScope) {
--- a/awx/ui/client/src/login/authenticationServices/pendo.service.js
+++ b/awx/ui/client/src/login/authenticationServices/pendo.service.js
@@ -100,8 +100,10 @@ export default
                    Rest.setUrl(url);
                    var promise = Rest.get();
                    promise.then(function (response) {
-                        config = response.license_info;
-                        config.analytics_status = response.analytics_status;
+                        config = response.data.license_info;
+                        config.analytics_status = response.data.analytics_status;
+                        config.version = response.data.version;
+                        config.ansible_version = response.data.ansible_version;
                        if(config.analytics_status === 'detailed' || config.analytics_status === 'anonymous'){
                            $pendolytics.bootstrap();
                            deferred.resolve(config);