Set receptor log level to info (#13958)

This was making host sub-list views non-functional
  specifically for constructed and smart inventory
  views would always return 0 results before this fix

.github/workflows/ci.yml

@@ -3,7 +3,7 @@ name: CI
 env:
   LC_ALL: "C.UTF-8" # prevent ERROR: Ansible could not initialize the preferred locale: unsupported locale setting
   CI_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-  DEV_DOCKER_TAG_BASE: ghcr.io/${{ github.repository_owner }}
+  DEV_DOCKER_OWNER: ${{ github.repository_owner }}
   COMPOSE_TAG: ${{ github.base_ref || 'devel' }}
 on:
   pull_request:

Makefile

@@ -42,7 +42,10 @@ TACACS ?= false
 
 VENV_BASE ?= /var/lib/awx/venv
 
-DEV_DOCKER_TAG_BASE ?= ghcr.io/ansible
+DEV_DOCKER_OWNER ?= ansible
+# Docker will only accept lowercase, so github names like Paul need to be paul
+DEV_DOCKER_OWNER_LOWER = $(shell echo $(DEV_DOCKER_OWNER) | tr A-Z a-z)
+DEV_DOCKER_TAG_BASE ?= ghcr.io/$(DEV_DOCKER_OWNER_LOWER)
 DEVEL_IMAGE_NAME ?= $(DEV_DOCKER_TAG_BASE)/awx_devel:$(COMPOSE_TAG)
 
 RECEPTOR_IMAGE ?= quay.io/ansible/receptor:devel

awx/api/generics.py

@@ -522,14 +522,16 @@ class SubListAPIView(ParentMixin, ListAPIView):
     def get_queryset(self):
         parent = self.get_parent_object()
         self.check_parent_access(parent)
-        sublist_qs = self.get_sublist_queryset(parent)
         if not self.filter_read_permission:
-            return optimize_queryset(sublist_qs)
-        qs = self.request.user.get_queryset(self.model).distinct()
-        return qs & sublist_qs
+            return optimize_queryset(self.get_sublist_queryset(parent))
+        qs = self.request.user.get_queryset(self.model)
+        if hasattr(self, 'parent_key'):
+            # This is vastly preferable for ReverseForeignKey relationships
+            return qs.filter(**{self.parent_key: parent})
+        return qs.distinct() & self.get_sublist_queryset(parent).distinct()
 
     def get_sublist_queryset(self, parent):
-        return getattrd(parent, self.relationship).distinct()
+        return getattrd(parent, self.relationship)
 
 
 class DestroyAPIView(generics.DestroyAPIView):
@@ -578,15 +580,6 @@ class SubListCreateAPIView(SubListAPIView, ListCreateAPIView):
         d.update({'parent_key': getattr(self, 'parent_key', None)})
         return d
 
-    def get_queryset(self):
-        if hasattr(self, 'parent_key'):
-            # Prefer this filtering because ForeignKey allows us more assumptions
-            parent = self.get_parent_object()
-            self.check_parent_access(parent)
-            qs = self.request.user.get_queryset(self.model)
-            return qs.filter(**{self.parent_key: parent})
-        return super(SubListCreateAPIView, self).get_queryset()
-
     def create(self, request, *args, **kwargs):
         # If the object ID was not specified, it probably doesn't exist in the
         # DB yet. We want to see if we can create it.  The URL may choose to

awx/main/models/notifications.py

@@ -284,7 +284,7 @@ class JobNotificationMixin(object):
         'workflow_url',
         'scm_branch',
         'artifacts',
-        {'host_status_counts': ['skipped', 'ok', 'changed', 'failed', 'failures', 'dark' 'processed', 'rescued', 'ignored']},
+        {'host_status_counts': ['skipped', 'ok', 'changed', 'failed', 'failures', 'dark', 'processed', 'rescued', 'ignored']},
         {
             'summary_fields': [
                 {

awx/main/tasks/receptor.py

@@ -639,7 +639,7 @@ class AWXReceptorJob:
 #
 RECEPTOR_CONFIG_STARTER = (
     {'local-only': None},
-    {'log-level': 'debug'},
+    {'log-level': 'info'},
     {'node': {'firewallrules': [{'action': 'reject', 'tonode': settings.CLUSTER_HOST_ID, 'toservice': 'control'}]}},
     {'control-service': {'service': 'control', 'filename': '/var/run/receptor/receptor.sock', 'permissions': '0660'}},
     {'work-command': {'worktype': 'local', 'command': 'ansible-runner', 'params': 'worker', 'allowruntimeparams': True}},

awx/ui/src/components/LaunchButton/LaunchButton.js

@@ -43,6 +43,7 @@ function LaunchButton({ resource, children }) {
   const [surveyConfig, setSurveyConfig] = useState(null);
   const [labels, setLabels] = useState([]);
   const [isLaunching, setIsLaunching] = useState(false);
+  const [resourceCredentials, setResourceCredentials] = useState([]);
   const [error, setError] = useState(null);
 
   const handleLaunch = async () => {
@@ -83,6 +84,13 @@ function LaunchButton({ resource, children }) {
         setLabels(allLabels);
       }
 
+      if (launch.ask_credential_on_launch) {
+        const {
+          data: { results: templateCredentials },
+        } = await JobTemplatesAPI.readCredentials(resource.id);
+        setResourceCredentials(templateCredentials);
+      }
+
       if (canLaunchWithoutPrompt(launch)) {
         await launchWithParams({});
       } else {
@@ -208,6 +216,7 @@ function LaunchButton({ resource, children }) {
           labels={labels}
           onLaunch={launchWithParams}
           onCancel={() => setShowLaunchPrompt(false)}
+          resourceDefaultCredentials={resourceCredentials}
         />
       )}
     </>

awx/ui/src/components/LaunchButton/LaunchButton.test.js

@@ -47,6 +47,12 @@ describe('LaunchButton', () => {
         variables_needed_to_start: [],
       },
     });
+    JobTemplatesAPI.readCredentials.mockResolvedValue({
+      data: {
+        count: 0,
+        results: [],
+      },
+    });
   });
 
   afterEach(() => jest.clearAllMocks());

awx/ui/src/components/LaunchPrompt/LaunchPrompt.js

@@ -19,6 +19,7 @@ function PromptModalForm({
   labels,
   surveyConfig,
   instanceGroups,
+  resourceDefaultCredentials,
 }) {
   const { setFieldTouched, values } = useFormikContext();
   const [showDescription, setShowDescription] = useState(false);
@@ -35,9 +36,9 @@ function PromptModalForm({
     surveyConfig,
     resource,
     labels,
-    instanceGroups
+    instanceGroups,
+    resourceDefaultCredentials
   );
-
   const handleSubmit = async () => {
     const postValues = {};
     const setValue = (key, value) => {

awx/ui/src/components/LaunchPrompt/LaunchPrompt.test.js

@@ -69,6 +69,20 @@ describe('LaunchPrompt', () => {
         spec: [{ type: 'text', variable: 'foo' }],
       },
     });
+    JobTemplatesAPI.readCredentials.mockResolvedValue({
+      data: {
+        results: [
+          {
+            id: 5,
+            name: 'cred that prompts',
+            credential_type: 1,
+            inputs: {
+              password: 'ASK',
+            },
+          },
+        ],
+      },
+    });
     InstanceGroupsAPI.read.mockResolvedValue({
       data: {
         results: [
@@ -212,6 +226,16 @@ describe('LaunchPrompt', () => {
               ],
             },
           }}
+          resourceDefaultCredentials={[
+            {
+              id: 5,
+              name: 'cred that prompts',
+              credential_type: 1,
+              inputs: {
+                password: 'ASK',
+              },
+            },
+          ]}
           onLaunch={noop}
           onCancel={noop}
           surveyConfig={{
@@ -289,6 +313,16 @@ describe('LaunchPrompt', () => {
           resource={resource}
           onLaunch={noop}
           onCancel={noop}
+          resourceDefaultCredentials={[
+            {
+              id: 5,
+              name: 'cred that prompts',
+              credential_type: 1,
+              inputs: {
+                password: 'ASK',
+              },
+            },
+          ]}
         />
       );
     });

awx/ui/src/components/LaunchPrompt/steps/CredentialsStep.js

@@ -1,6 +1,6 @@
 import 'styled-components/macro';
 import React, { useState, useCallback, useEffect } from 'react';
-import { useHistory } from 'react-router-dom';
+import { useHistory, useLocation } from 'react-router-dom';
 
 import { t } from '@lingui/macro';
 import { useField } from 'formik';
@@ -8,7 +8,7 @@ import styled from 'styled-components';
 import { Alert, ToolbarItem } from '@patternfly/react-core';
 import { CredentialsAPI, CredentialTypesAPI } from 'api';
 import { getSearchableKeys } from 'components/PaginatedTable';
-import { getQSConfig, parseQueryString } from 'util/qs';
+import { getQSConfig, parseQueryString, updateQueryString } from 'util/qs';
 import useRequest from 'hooks/useRequest';
 import AnsibleSelect from '../../AnsibleSelect';
 import OptionsList from '../../OptionsList';
@@ -31,18 +31,18 @@ function CredentialsStep({
   allowCredentialsWithPasswords,
   defaultCredentials = [],
 }) {
+  const history = useHistory();
+  const location = useLocation();
   const [field, meta, helpers] = useField({
     name: 'credentials',
     validate: (val) =>
       credentialsValidator(
         allowCredentialsWithPasswords,
         val,
-        defaultCredentials
+        defaultCredentials ?? []
       ),
   });
   const [selectedType, setSelectedType] = useState(null);
-  const history = useHistory();
-
   const {
     result: types,
     error: typesError,
@@ -104,12 +104,32 @@ function CredentialsStep({
       credentialsValidator(
         allowCredentialsWithPasswords,
         field.value,
-        defaultCredentials
+        defaultCredentials ?? []
       )
     );
     /* eslint-disable-next-line react-hooks/exhaustive-deps */
   }, []);
 
+  const removeAllSearchTerms = (qsConfig) => {
+    const oldParams = parseQueryString(qsConfig, location.search);
+    Object.keys(oldParams).forEach((key) => {
+      oldParams[key] = null;
+    });
+    const defaultParams = {
+      ...oldParams,
+      page: 1,
+      page_size: 5,
+      order_by: 'name',
+    };
+    const qs = updateQueryString(qsConfig, location.search, defaultParams);
+    pushHistoryState(qs);
+  };
+
+  const pushHistoryState = (qs) => {
+    const { pathname } = history.location;
+    history.push(qs ? `${pathname}?${qs}` : pathname);
+  };
+
   if (isTypesLoading) {
     return <ContentLoading />;
   }
@@ -154,9 +174,7 @@ function CredentialsStep({
             value={selectedType && selectedType.id}
             onChange={(e, id) => {
               // Reset query params when the category of credentials is changed
-              history.replace({
-                search: '',
-              });
+              removeAllSearchTerms(QS_CONFIG);
               setSelectedType(types.find((o) => o.id === parseInt(id, 10)));
             }}
           />

awx/ui/src/components/LaunchPrompt/steps/CredentialsStep.test.js

@@ -168,7 +168,9 @@ describe('CredentialsStep', () => {
   test('should reset query params (credential.page) when selected credential type is changed', async () => {
     let wrapper;
     const history = createMemoryHistory({
-      initialEntries: ['?credential.page=2'],
+      initialEntries: [
+        '?credential.page=2&credential.page_size=5&credential.order_by=name',
+      ],
     });
     await act(async () => {
       wrapper = mountWithContexts(

awx/ui/src/components/LaunchPrompt/useLaunchSteps.js

@@ -46,7 +46,8 @@ export default function useLaunchSteps(
   surveyConfig,
   resource,
   labels,
-  instanceGroups
+  instanceGroups,
+  resourceDefaultCredentials
 ) {
   const [visited, setVisited] = useState({});
   const [isReady, setIsReady] = useState(false);
@@ -56,7 +57,7 @@ export default function useLaunchSteps(
     useCredentialsStep(
       launchConfig,
       resource,
-      resource.summary_fields.credentials || [],
+      resourceDefaultCredentials,
       true
     ),
     useCredentialPasswordsStep(

awx/ui/src/components/Schedule/ScheduleDetail/FrequencyDetails.js

@@ -122,6 +122,18 @@ function sortWeekday(a, b) {
 }
 
 function RunOnDetail({ type, options, prefix }) {
+  const weekdays = {
+    sunday: t`Sunday`,
+    monday: t`Monday`,
+    tuesday: t`Tuesday`,
+    wednesday: t`Wednesday`,
+    thursday: t`Thursday`,
+    friday: t`Friday`,
+    saturday: t`Saturday`,
+    day: t`day`,
+    weekday: t`weekday`,
+    weekendDay: t`weekend day`,
+  };
   if (type === 'month') {
     if (options.runOn === 'day') {
       return (
@@ -132,16 +144,16 @@ function RunOnDetail({ type, options, prefix }) {
         />
       );
     }
-    const dayOfWeek = options.runOnTheDay;
+    const dayOfWeek = weekdays[options.runOnTheDay];
     return (
       <Detail
         label={t`Run on`}
         value={
-          options.runOnDayNumber === -1 ? (
+          options.runOnTheOccurrence === -1 ? (
             t`The last ${dayOfWeek}`
           ) : (
             <SelectOrdinal
-              value={options.runOnDayNumber}
+              value={options.runOnTheOccurrence}
               one={`The first ${dayOfWeek}`}
               two={`The second ${dayOfWeek}`}
               _3={`The third ${dayOfWeek}`}
@@ -178,18 +190,6 @@ function RunOnDetail({ type, options, prefix }) {
         />
       );
     }
-    const weekdays = {
-      sunday: t`Sunday`,
-      monday: t`Monday`,
-      tuesday: t`Tuesday`,
-      wednesday: t`Wednesday`,
-      thursday: t`Thursday`,
-      friday: t`Friday`,
-      saturday: t`Saturday`,
-      day: t`day`,
-      weekday: t`weekday`,
-      weekendDay: t`weekend day`,
-    };
     const weekday = weekdays[options.runOnTheDay];
     const month = months[options.runOnTheMonth];
     return (

awx/ui/src/components/Schedule/ScheduleDetail/ScheduleDetail.js

@@ -11,7 +11,8 @@ import { JobTemplatesAPI, SchedulesAPI, WorkflowJobTemplatesAPI } from 'api';
 import { parseVariableField, jsonToYaml } from 'util/yaml';
 import { useConfig } from 'contexts/Config';
 import InstanceGroupLabels from 'components/InstanceGroupLabels';
-import parseRuleObj from '../shared/parseRuleObj';
+import parseRuleObj, { UnsupportedRRuleError } from '../shared/parseRuleObj';
+import UnsupportedRRuleAlert from '../shared/UnsupportedRRuleAlert';
 import FrequencyDetails from './FrequencyDetails';
 import AlertModal from '../../AlertModal';
 import { CardBody, CardActionsRow } from '../../Card';
@@ -182,8 +183,20 @@ function ScheduleDetail({ hasDaysToKeepField, schedule, surveyConfig }) {
     month: t`Month`,
     year: t`Year`,
   };
-  const { frequency, frequencyOptions, exceptionFrequency, exceptionOptions } =
-    parseRuleObj(schedule);
+  let rruleError;
+  let frequency = [];
+  let frequencyOptions = {};
+  let exceptionFrequency = [];
+  let exceptionOptions = {};
+  try {
+    ({ frequency, frequencyOptions, exceptionFrequency, exceptionOptions } =
+      parseRuleObj(schedule));
+  } catch (parseRuleError) {
+    if (parseRuleError instanceof UnsupportedRRuleError) {
+      rruleError = parseRuleError;
+    }
+  }
+
   const repeatFrequency = frequency.length
     ? frequency.map((f) => frequencies[f]).join(', ')
     : t`None (Run Once)`;
@@ -602,6 +615,7 @@ function ScheduleDetail({ hasDaysToKeepField, schedule, surveyConfig }) {
           </PromptDetailList>
         </>
       )}
+      {rruleError && <UnsupportedRRuleAlert schedule={schedule} />}
       <CardActionsRow>
         {summary_fields?.user_capabilities?.edit && (
           <Button

awx/ui/src/components/Schedule/ScheduleDetail/ScheduleDetail.test.js

@@ -587,4 +587,31 @@ describe('<ScheduleDetail />', () => {
       (el) => el.prop('isDisabled') === true
     );
   });
+  test('should display warning for unsupported recurrence rules ', async () => {
+    const unsupportedSchedule = {
+      ...schedule,
+      rrule:
+        'DTSTART:20221220T161500Z RRULE:FREQ=HOURLY;INTERVAL=1 EXRULE:FREQ=HOURLY;INTERVAL=1;BYDAY=TU;BYMONTHDAY=1,2,3,4,5,6,7 EXRULE:FREQ=HOURLY;INTERVAL=1;BYDAY=WE;BYMONTHDAY=2,3,4,5,6,7,8',
+    };
+    await act(async () => {
+      wrapper = mountWithContexts(
+        <Route
+          path="/templates/job_template/:id/schedules/:scheduleId"
+          component={() => <ScheduleDetail schedule={unsupportedSchedule} />}
+        />,
+        {
+          context: {
+            router: {
+              history,
+              route: {
+                location: history.location,
+                match: { params: { id: 1 } },
+              },
+            },
+          },
+        }
+      );
+    });
+    expect(wrapper.find('UnsupportedRRuleAlert').length).toBe(1);
+  });
 });

awx/ui/src/components/Schedule/shared/UnsupportedRRuleAlert.js

@@ -0,0 +1,32 @@
+import React from 'react';
+import styled from 'styled-components';
+import { t } from '@lingui/macro';
+import { Alert } from '@patternfly/react-core';
+
+const AlertWrapper = styled.div`
+  margin-top: var(--pf-global--spacer--lg);
+  margin-bottom: var(--pf-global--spacer--lg);
+`;
+const RulesTitle = styled.p`
+  margin-top: var(--pf-global--spacer--lg);
+  margin-bottom: var(--pf-global--spacer--lg);
+  font-weight: var(--pf-global--FontWeight--bold);
+`;
+
+export default function UnsupportedRRuleAlert({ schedule }) {
+  return (
+    <AlertWrapper>
+      <Alert
+        isInline
+        variant="danger"
+        ouiaId="schedule-warning"
+        title={t`This schedule uses complex rules that are not supported in the
+        UI.  Please use the API to manage this schedule.`}
+      />
+      <RulesTitle>{t`Schedule Rules`}:</RulesTitle>
+      <pre css="white-space: pre; font-family: var(--pf-global--FontFamily--monospace)">
+        {schedule.rrule.split(' ').join('\n')}
+      </pre>
+    </AlertWrapper>
+  );
+}

awx/ui/src/components/Schedule/shared/parseRuleObj.js

@@ -82,11 +82,7 @@ const frequencyTypes = {
 };
 
 function parseRrule(rruleString, schedule, values) {
-  const { frequency, options } = parseRule(
-    rruleString,
-    schedule,
-    values.exceptionFrequency
-  );
+  const { frequency, options } = parseRule(rruleString, schedule);
 
   if (values.frequencyOptions[frequency]) {
     throw new UnsupportedRRuleError(
@@ -105,11 +101,7 @@ function parseRrule(rruleString, schedule, values) {
 }
 
 function parseExRule(exruleString, schedule, values) {
-  const { frequency, options } = parseRule(
-    exruleString,
-    schedule,
-    values.exceptionFrequency
-  );
+  const { frequency, options } = parseRule(exruleString, schedule);
 
   if (values.exceptionOptions[frequency]) {
     throw new UnsupportedRRuleError(
@@ -129,7 +121,7 @@ function parseExRule(exruleString, schedule, values) {
   };
 }
 
-function parseRule(ruleString, schedule, frequencies) {
+function parseRule(ruleString, schedule) {
   const {
     origOptions: {
       bymonth,
@@ -178,9 +170,6 @@ function parseRule(ruleString, schedule, frequencies) {
     throw new Error(`Unexpected rrule frequency: ${freq}`);
   }
   const frequency = frequencyTypes[freq];
-  if (frequencies.includes(frequency)) {
-    throw new Error(`Duplicate frequency types not supported (${frequency})`);
-  }
 
   if (freq === RRule.WEEKLY && byweekday) {
     options.daysOfWeek = byweekday;

awx/ui/src/screens/Credential/CredentialEdit/CredentialEdit.js

@@ -91,6 +91,11 @@ function CredentialEdit({ credential }) {
             modifiedData.user = me.id;
           }
         }
+
+        if (credential.kind === 'vault' && !credential.inputs?.vault_id) {
+          delete modifiedData.inputs.vault_id;
+        }
+
         const [{ data }] = await Promise.all([
           CredentialsAPI.update(credId, modifiedData),
           ...destroyInputSources(),
@@ -100,7 +105,7 @@ function CredentialEdit({ credential }) {
 
         return data;
       },
-      [me, credId]
+      [me, credId, credential]
     )
   );
 

awx_collection/plugins/module_utils/controller_api.py

@@ -330,11 +330,6 @@ class ControllerAPIModule(ControllerModule):
         else:
             self.update_secrets = True
 
-    @staticmethod
-    def param_to_endpoint(name):
-        exceptions = {'inventory': 'inventories', 'target_team': 'teams', 'workflow': 'workflow_job_templates'}
-        return exceptions.get(name, '{0}s'.format(name))
-
     @staticmethod
     def get_name_field_from_endpoint(endpoint):
         return ControllerAPIModule.IDENTITY_FIELDS.get(endpoint, 'name')

awx_collection/plugins/modules/role.py

@@ -24,11 +24,23 @@ options:
     user:
       description:
         - User that receives the permissions specified by the role.
+        - Deprecated, use 'users'.
       type: str
+    users:
+      description:
+        - Users that receive the permissions specified by the role.
+      type: list
+      elements: str
     team:
       description:
         - Team that receives the permissions specified by the role.
+        - Deprecated, use 'teams'.
       type: str
+    teams:
+      description:
+        - Teams that receive the permissions specified by the role.
+      type: list
+      elements: str
     role:
       description:
         - The role type to grant/revoke.
@@ -161,7 +173,9 @@ def main():
 
     argument_spec = dict(
         user=dict(),
+        users=dict(type='list', elements='str'),
         team=dict(),
+        teams=dict(type='list', elements='str'),
         role=dict(
             choices=[
                 "admin",
@@ -219,9 +233,9 @@ def main():
         'projects': 'project',
         'target_teams': 'target_team',
         'workflows': 'workflow',
+        'users': 'user',
+        'teams': 'team',
     }
-    # Singular parameters
-    resource_param_keys = ('user', 'team', 'lookup_organization')
 
     resources = {}
     for resource_group, old_name in resource_list_param_keys.items():
@@ -229,9 +243,9 @@ def main():
             resources.setdefault(resource_group, []).extend(module.params.get(resource_group))
         if module.params.get(old_name) is not None:
             resources.setdefault(resource_group, []).append(module.params.get(old_name))
-    for resource_group in resource_param_keys:
-        if module.params.get(resource_group) is not None:
-            resources[resource_group] = module.params.get(resource_group)
+    if module.params.get('lookup_organization') is not None:
+        resources['lookup_organization'] = module.params.get('lookup_organization')
+
     # Change workflows and target_teams key to its endpoint name.
     if 'workflows' in resources:
         resources['workflow_job_templates'] = resources.pop('workflows')
@@ -248,28 +262,13 @@ def main():
     # separate actors from resources
     actor_data = {}
     missing_items = []
-    for key in ('user', 'team'):
-        if key in resources:
-            if key == 'user':
-                lookup_data_populated = {}
-            else:
-                lookup_data_populated = lookup_data
-            # Attempt to look up project based on the provided name or ID and lookup data
-            data = module.get_one('{0}s'.format(key), name_or_id=resources[key], data=lookup_data_populated)
-            if data is None:
-                module.fail_json(
-                    msg='Unable to find {0} with name: {1}'.format(key, resources[key]), changed=False
-                )
-            else:
-                actor_data[key] = module.get_one('{0}s'.format(key), name_or_id=resources[key], data=lookup_data_populated)
-                resources.pop(key)
     # Lookup Resources
     resource_data = {}
     for key, value in resources.items():
         for resource in value:
             # Attempt to look up project based on the provided name or ID and lookup data
             if key in resources:
-                if key == 'organizations':
+                if key == 'organizations' or key == 'users':
                     lookup_data_populated = {}
                 else:
                     lookup_data_populated = lookup_data
@@ -277,14 +276,18 @@ def main():
             if data is None:
                 missing_items.append(resource)
             else:
-                resource_data.setdefault(key, []).append(data)
+                if key == 'users' or key == 'teams':
+                    actor_data.setdefault(key, []).append(data)
+                else:
+                    resource_data.setdefault(key, []).append(data)
     if len(missing_items) > 0:
         module.fail_json(
             msg='There were {0} missing items, missing items: {1}'.format(len(missing_items), missing_items), changed=False
         )
+
     # build association agenda
     associations = {}
-    for actor_type, actor in actor_data.items():
+    for actor_type, actors in actor_data.items():
         for key, value in resource_data.items():
             for resource in value:
                 resource_roles = resource['summary_fields']['object_roles']
@@ -294,9 +297,10 @@ def main():
                         msg='Resource {0} has no role {1}, available roles: {2}'.format(resource['url'], role_field, available_roles), changed=False
                     )
                 role_data = resource_roles[role_field]
-                endpoint = '/roles/{0}/{1}/'.format(role_data['id'], module.param_to_endpoint(actor_type))
+                endpoint = '/roles/{0}/{1}/'.format(role_data['id'], actor_type)
                 associations.setdefault(endpoint, [])
-                associations[endpoint].append(actor['id'])
+                for actor in actors:
+                    associations[endpoint].append(actor['id'])
 
     # perform associations
     for association_endpoint, new_association_list in associations.items():

awx_collection/tests/integration/targets/role/tasks/main.yml

@@ -11,6 +11,8 @@
     jt1: "AWX-Collection-tests-role-jt1-{{ test_id }}"
     jt2: "AWX-Collection-tests-role-jt2-{{ test_id }}"
     wfjt_name: "AWX-Collection-tests-role-project-wfjt-{{ test_id }}"
+    team_name: "AWX-Collection-tests-team-team-{{ test_id }}"
+    team2_name: "AWX-Collection-tests-team-team-{{ test_id }}2"
 
 - block:
     - name: Create a User
@@ -27,6 +29,32 @@
         that:
           - "result is changed"
 
+    - name: Create a 2nd User
+      user:
+        first_name: Joe
+        last_name: User
+        username: "{{ username }}2"
+        password: "{{ 65535 | random | to_uuid }}"
+        email: joe@example.org
+        state: present
+      register: result
+
+    - assert:
+        that:
+          - "result is changed"
+
+    - name: Create teams
+      team:
+        name: "{{ item }}"
+        organization: Default
+      register: result
+      loop:
+        - "{{ team_name }}"
+        - "{{ team2_name }}"
+    - assert:
+        that:
+          - "result is changed"
+
     - name: Create a project
       project:
         name: "{{ project_name }}"
@@ -55,9 +83,14 @@
         that:
           - "result is changed"
 
-    - name: Add Joe to the update role of the default Project with lookup Organization
+    - name: Add Joe and teams to the update role of the default Project with lookup Organization
       role:
         user: "{{ username }}"
+        users:
+          - "{{ username }}2"
+        teams:
+          - "{{ team_name }}"
+          - "{{ team2_name }}"
         role: update
         lookup_organization: Default
         project: "Demo Project"
@@ -74,6 +107,11 @@
     - name: Add Joe to the new project by ID
       role:
         user: "{{ username }}"
+        users:
+          - "{{ username }}2"
+        teams:
+          - "{{ team_name }}"
+          - "{{ team2_name }}"
         role: update
         project: "{{ project_info['id'] }}"
         state: "{{ item }}"
@@ -89,6 +127,8 @@
     - name: Add Joe as execution admin to Default Org.
       role:
         user: "{{ username }}"
+        users:
+          - "{{ username }}2"
         role: execution_environment_admin
         organizations: Default
         state: "{{ item }}"
@@ -110,6 +150,8 @@
     - name: Add Joe to workflow execute role
       role:
         user: "{{ username }}"
+        users:
+          - "{{ username }}2"
         role: execute
         workflow: test-role-workflow
         job_templates:
@@ -125,6 +167,8 @@
     - name: Add Joe to nonexistant job template execute role
       role:
         user: "{{ username }}"
+        users:
+          - "{{ username }}2"
         role: execute
         workflow: test-role-workflow
         job_templates:
@@ -141,6 +185,8 @@
     - name: Add Joe to workflow execute role, no-op
       role:
         user: "{{ username }}"
+        users:
+          - "{{ username }}2"
         role: execute
         workflow: test-role-workflow
         state: present
@@ -153,6 +199,8 @@
     - name: Add Joe to workflow approve role
       role:
         user: "{{ username }}"
+        users:
+          - "{{ username }}2"
         role: approval
         workflow: test-role-workflow
         state: present
@@ -170,6 +218,23 @@
         state: absent
       register: result
 
+    - name: Delete a 2nd User
+      user:
+        username: "{{ username }}2"
+        email: joe@example.org
+        state: absent
+      register: result
+
+    - name: Delete teams
+      team:
+        name: "{{ item }}"
+        organization: Default
+        state: absent
+      register: result
+      loop:
+        - "{{ team_name }}"
+        - "{{ team2_name }}"
+
     - name: Delete job templates
       job_template:
         name: "{{ item }}"