diff --git a/awx/ui/client/src/controllers/Credentials.js b/awx/ui/client/src/controllers/Credentials.js index 1b951a568e..e8701a4383 100644 --- a/awx/ui/client/src/controllers/Credentials.js +++ b/awx/ui/client/src/controllers/Credentials.js @@ -132,7 +132,7 @@ CredentialsList.$inject = ['$scope', '$rootScope', '$location', '$log', export function CredentialsAdd($scope, $rootScope, $compile, $location, $log, $stateParams, CredentialForm, GenerateForm, Rest, Alert, ProcessErrors, ReturnToCaller, ClearScope, GenerateList, SearchInit, PaginateInit, - LookUpInit, UserList, TeamList, GetBasePath, GetChoices, Empty, KindChange, + LookUpInit, OrganizationList, GetBasePath, GetChoices, Empty, KindChange, OwnerChange, FormSave, $state, CreateSelect2) { ClearScope(); @@ -173,25 +173,53 @@ export function CredentialsAdd($scope, $rootScope, $compile, $location, $log, multiple: false }); + $scope.canShareCredential = false; + + if ($rootScope.current_user.is_superuser) { + $scope.canShareCredential = true; + } else { + Rest.setUrl(`/api/v1/users/${$rootScope.current_user.id}/admin_of_organizations`) + Rest.get() + .success(function(data) { + $scope.canShareCredential = (data.count) ? true : false; + }); + } + + + var orgUrl = ($rootScope.current_user.is_superuser) ? + GetBasePath("organizations") : + $rootScope.current_user.url + "admin_of_organizations?"; + + // TODO: create LookUpInit for organizations LookUpInit({ scope: $scope, + url: orgUrl, form: form, - current_item: (!Empty($stateParams.user_id)) ? $stateParams.user_id : null, - list: UserList, - field: 'user', + list: OrganizationList, + field: 'organization', input_type: 'radio', autopopulateLookup: false }); - LookUpInit({ - scope: $scope, - form: form, - current_item: (!Empty($stateParams.team_id)) ? $stateParams.team_id : null, - list: TeamList, - field: 'team', - input_type: 'radio', - autopopulateLookup: false - }); + // LookUpInit({ + // scope: $scope, + // form: form, + // current_item: (!Empty($stateParams.user_id)) ? $stateParams.user_id : null, + // list: UserList, + // field: 'user', + // input_type: 'radio', + // autopopulateLookup: false + // }); + // + // LookUpInit({ + // scope: $scope, + // form: form, + // current_item: (!Empty($stateParams.team_id)) ? $stateParams.team_id : null, + // list: TeamList, + // field: 'team', + // input_type: 'radio', + // autopopulateLookup: false + // }); if (!Empty($stateParams.user_id)) { // Get the username based on incoming route @@ -252,8 +280,8 @@ export function CredentialsAdd($scope, $rootScope, $compile, $location, $log, }; // Handle Owner change - $scope.ownerChange = function () { - OwnerChange({ scope: $scope }); + $scope.shareableChange = function () { + console.log("TODO: implement shareable change"); }; $scope.formCancel = function () { @@ -305,7 +333,7 @@ export function CredentialsAdd($scope, $rootScope, $compile, $location, $log, CredentialsAdd.$inject = ['$scope', '$rootScope', '$compile', '$location', '$log', '$stateParams', 'CredentialForm', 'GenerateForm', 'Rest', 'Alert', 'ProcessErrors', 'ReturnToCaller', 'ClearScope', 'generateList', - 'SearchInit', 'PaginateInit', 'LookUpInit', 'UserList', 'TeamList', + 'SearchInit', 'PaginateInit', 'LookUpInit', 'OrganizationList', 'GetBasePath', 'GetChoices', 'Empty', 'KindChange', 'OwnerChange', 'FormSave', '$state', 'CreateSelect2' ]; diff --git a/awx/ui/client/src/forms/Credentials.js b/awx/ui/client/src/forms/Credentials.js index 4b40179f54..51131430b7 100644 --- a/awx/ui/client/src/forms/Credentials.js +++ b/awx/ui/client/src/forms/Credentials.js @@ -40,47 +40,19 @@ export default addRequired: false, editRequired: false }, - owner: { - label: "Does this credential belong to a team or user?", - type: 'radio_group', - ngChange: "ownerChange()", - options: [{ - label: 'User', - value: 'user', - selected: true - }, { - label: 'Team', - value: 'team' - }], - awPopOver: "

A credential must be associated with either a user or a team. Choosing a user allows only the selected user access " + - "to the credential. Choosing a team shares the credential with all team members.

", - dataTitle: 'Owner', - dataPlacement: 'right', - dataContainer: "body" - }, - user: { - label: 'User that owns this credential', + organization: { + addRequired: false, + editRequired: false, + ngShow: 'canShareCredential', + label: 'Organization', type: 'lookup', - sourceModel: 'user', - sourceField: 'username', - ngClick: 'lookUpUser()', - ngShow: "owner == 'user'", - awRequiredWhen: { - variable: "user_required", - init: "false" - } - }, - team: { - label: 'Team that owns this credential', - type: 'lookup', - sourceModel: 'team', + sourceModel: 'organization', sourceField: 'name', - ngClick: 'lookUpTeam()', - ngShow: "owner == 'team'", - awRequiredWhen: { - variable: "team_required", - init: "false" - } + ngClick: 'lookUpOrganization()', + awPopOver: "

If no organization is given, the credential can only be used by the user that creates the credential. organization admins and system administrators can assign an organization so that roles can be assigned to users and teams in that organization.

", + dataTitle: 'Required ', + dataPlacement: 'bottom', + dataContainer: "body" }, kind: { label: 'Type', diff --git a/awx/ui/client/src/helpers/Credentials.js b/awx/ui/client/src/helpers/Credentials.js index 653ad6b4bf..7aa615f86d 100644 --- a/awx/ui/client/src/helpers/Credentials.js +++ b/awx/ui/client/src/helpers/Credentials.js @@ -193,8 +193,8 @@ angular.module('CredentialsHelper', ['Utilities']) } ]) -.factory('FormSave', ['Refresh', '$location', 'Alert', 'Rest', 'ProcessErrors', 'Empty', 'GetBasePath', 'CredentialForm', 'ReturnToCaller', 'Wait', - function (Refresh, $location, Alert, Rest, ProcessErrors, Empty, GetBasePath, CredentialForm, ReturnToCaller, Wait) { +.factory('FormSave', ['$rootScope', 'Refresh', '$location', 'Alert', 'Rest', 'ProcessErrors', 'Empty', 'GetBasePath', 'CredentialForm', 'ReturnToCaller', 'Wait', + function ($rootScope, Refresh, $location, Alert, Rest, ProcessErrors, Empty, GetBasePath, CredentialForm, ReturnToCaller, Wait) { return function (params) { var scope = params.scope, mode = params.mode, @@ -204,7 +204,9 @@ angular.module('CredentialsHelper', ['Utilities']) for (fld in form.fields) { if (fld !== 'access_key' && fld !== 'secret_key' && fld !== 'ssh_username' && fld !== 'ssh_password') { - if (scope[fld] === null) { + if (fld === "organization" && !scope[fld]) { + data["user"] = $rootScope.current_user.id; + } else if (scope[fld] === null) { data[fld] = ""; } else { data[fld] = scope[fld]; @@ -212,14 +214,6 @@ angular.module('CredentialsHelper', ['Utilities']) } } - if (!Empty(scope.team)) { - data.team = scope.team; - data.user = ""; - } else { - data.user = scope.user; - data.team = ""; - } - data.kind = scope.kind.value; if (scope.become_method === null) { data.become_method = ""; @@ -247,65 +241,59 @@ angular.module('CredentialsHelper', ['Utilities']) data.username = scope.subscription_id; } - if (Empty(data.team) && Empty(data.user)) { - Alert('Missing User or Team', 'You must provide either a User or a Team. If this credential will only be accessed by a specific ' + - 'user, select a User. To allow a team of users to access this credential, select a Team.', 'alert-danger'); + Wait('start'); + if (mode === 'add') { + url = GetBasePath("credentials"); + Rest.setUrl(url); + Rest.post(data) + .success(function (data) { + scope.addedItem = data.id; + + Refresh({ + scope: scope, + set: 'credentials', + iterator: 'credential', + url: url + }); + + Wait('stop'); + var base = $location.path().replace(/^\//, '').split('/')[0]; + if (base === 'credentials') { + ReturnToCaller(); + } + else { + ReturnToCaller(1); + } + }) + .error(function (data, status) { + Wait('stop'); + ProcessErrors(scope, data, status, form, { + hdr: 'Error!', + msg: 'Failed to create new Credential. POST status: ' + status + }); + }); } else { - Wait('start'); - if (mode === 'add') { - url = (!Empty(data.team)) ? GetBasePath('teams') + data.team + '/credentials/' : - GetBasePath('users') + data.user + '/credentials/'; - Rest.setUrl(url); - Rest.post(data) - .success(function (data) { - scope.addedItem = data.id; - - Refresh({ - scope: scope, - set: 'credentials', - iterator: 'credential', - url: url - }); - - Wait('stop'); - var base = $location.path().replace(/^\//, '').split('/')[0]; - if (base === 'credentials') { - ReturnToCaller(); - } - else { - ReturnToCaller(1); - } - }) - .error(function (data, status) { - Wait('stop'); - ProcessErrors(scope, data, status, form, { - hdr: 'Error!', - msg: 'Failed to create new Credential. POST status: ' + status - }); + url = GetBasePath('credentials') + scope.id + '/'; + Rest.setUrl(url); + Rest.put(data) + .success(function () { + Wait('stop'); + var base = $location.path().replace(/^\//, '').split('/')[0]; + if (base === 'credentials') { + ReturnToCaller(); + } + else { + ReturnToCaller(1); + } + }) + .error(function (data, status) { + Wait('stop'); + ProcessErrors(scope, data, status, form, { + hdr: 'Error!', + msg: 'Failed to update Credential. PUT status: ' + status }); - } else { - url = GetBasePath('credentials') + scope.id + '/'; - Rest.setUrl(url); - Rest.put(data) - .success(function () { - Wait('stop'); - var base = $location.path().replace(/^\//, '').split('/')[0]; - if (base === 'credentials') { - ReturnToCaller(); - } - else { - ReturnToCaller(1); - } - }) - .error(function (data, status) { - Wait('stop'); - ProcessErrors(scope, data, status, form, { - hdr: 'Error!', - msg: 'Failed to update Credential. PUT status: ' + status - }); - }); - } - } + }); + } }; } ]);