1
0
mirror of https://github.com/ansible/awx.git synced 2024-10-31 15:21:13 +03:00

AC-302 Users with org admin privileges can now add/edit/delete permissions

This commit is contained in:
chouseknecht 2013-07-29 11:16:37 -04:00
parent b82a4f6cd4
commit 37e7eb83d6
5 changed files with 50 additions and 18 deletions

View File

@ -163,12 +163,15 @@ function TeamsEdit ($scope, $rootScope, $compile, $location, $log, $routeParams,
var master = {};
var id = $routeParams.team_id;
var relatedSets = {};
scope.PermissionAddAllowed = false;
// Retrieve each related set and any lookups
if (scope.teamLoadedRemove) {
scope.teamLoadedRemove();
}
scope.teamLoadedRemove = scope.$on('teamLoaded', function() {
CheckAccess({ scope: scope });
Rest.setUrl(scope['organization_url']);
Rest.get()
.success( function(data, status, headers, config) {
@ -177,7 +180,7 @@ function TeamsEdit ($scope, $rootScope, $compile, $location, $log, $routeParams,
})
.error( function(data, status, headers, config) {
ProcessErrors(scope, data, status, null,
{ hdr: 'Error!', msg: 'Failed to retrieve: ' + scope.orgnization_url + '. GET status: ' + status });
{ hdr: 'Error!', msg: 'Failed to retrieve organization: ' + scope.orgnization_url + '. GET status: ' + status });
});
for (var set in relatedSets) {
scope.search(relatedSets[set].iterator);
@ -253,9 +256,12 @@ function TeamsEdit ($scope, $rootScope, $compile, $location, $log, $routeParams,
scope.add = function(set) {
$rootScope.flashMessage = null;
if (set == 'permissions') {
if (CheckAccess()) {
if (scope.PermissionAddAllowed) {
$location.path('/' + base + '/' + $routeParams.team_id + '/' + set + '/add');
}
else {
Alert('Access Denied', 'You do not have access to this function. Please contact your system administrator.');
}
}
else {
$location.path('/' + base + '/' + $routeParams.team_id + '/' + set);
@ -266,9 +272,12 @@ function TeamsEdit ($scope, $rootScope, $compile, $location, $log, $routeParams,
scope.edit = function(set, id, name) {
$rootScope.flashMessage = null;
if (set == 'permissions') {
if (CheckAccess()) {
if (scope.PermissionAddAllowed) {
$location.path('/' + base + '/' + $routeParams.team_id + '/' + set + '/' + id);
}
}
else {
Alert('Access Denied', 'You do not have access to this function. Please contact your system administrator.');
}
}
else {
$location.path('/' + set + '/' + id);
@ -282,7 +291,7 @@ function TeamsEdit ($scope, $rootScope, $compile, $location, $log, $routeParams,
var action = function() {
var url;
if (set == 'permissions') {
if (CheckAccess()) {
if (scope.PermissionAddAllowed) {
url = GetBasePath('base') + 'permissions/' + itm_id + '/';
Rest.setUrl(url);
Rest.destroy()
@ -295,7 +304,10 @@ function TeamsEdit ($scope, $rootScope, $compile, $location, $log, $routeParams,
ProcessErrors(scope, data, status, null,
{ hdr: 'Error!', msg: 'Call to ' + url + ' failed. DELETE returned status: ' + status });
});
}
}
else {
Alert('Access Denied', 'You do not have access to this function. Please contact your system administrator.');
}
}
else {
var url = defaultUrl + $routeParams.team_id + '/' + set + '/';

View File

@ -182,11 +182,14 @@ function UsersEdit ($scope, $rootScope, $compile, $location, $log, $routeParams,
var id = $routeParams.user_id;
var relatedSets = {};
scope.PermissionAddAllowed = false;
// After the Organization is loaded, retrieve each related set
scope.$on('userLoaded', function() {
for (var set in relatedSets) {
scope.search(relatedSets[set].iterator);
}
CheckAccess({ scope: scope }); //Does the user have access add Permissions?
});
// Retrieve detail record and prepopulate the form
@ -263,9 +266,12 @@ function UsersEdit ($scope, $rootScope, $compile, $location, $log, $routeParams,
scope.add = function(set) {
$rootScope.flashMessage = null;
if (set == 'permissions') {
if (CheckAccess()) {
if (scope.PermissionAddAllowed) {
$location.path('/' + base + '/' + $routeParams.user_id + '/' + set + '/add');
}
else {
Alert('Access Denied', 'You do not have access to this function. Please contact your system administrator.');
}
}
else {
$location.path('/' + base + '/' + $routeParams.user_id + '/' + set);
@ -276,9 +282,12 @@ function UsersEdit ($scope, $rootScope, $compile, $location, $log, $routeParams,
scope.edit = function(set, id, name) {
$rootScope.flashMessage = null;
if (set == 'permissions') {
if (CheckAccess()) {
if (scope.PermissionAddAllowed) {
$location.path('/users/' + $routeParams.user_id + '/permissions/' + id);
}
else {
Alert('Access Denied', 'You do not have access to this function. Please contact your system administrator.');
}
}
else {
$location.path('/' + set + '/' + id);
@ -292,7 +301,7 @@ function UsersEdit ($scope, $rootScope, $compile, $location, $log, $routeParams,
var action = function() {
var url;
if (set == 'permissions') {
if (CheckAccess()) {
if (scope.PermissionAddAllowed) {
url = GetBasePath('base') + 'permissions/' + itm_id + '/';
Rest.setUrl(url);
Rest.destroy()
@ -305,7 +314,10 @@ function UsersEdit ($scope, $rootScope, $compile, $location, $log, $routeParams,
ProcessErrors(scope, data, status, null,
{ hdr: 'Error!', msg: 'Call to ' + url + ' failed. DELETE returned status: ' + status });
});
}
}
else {
Alert('Access Denied', 'You do not have access to this function. Please contact your system administrator.');
}
}
else {
url = defaultUrl + $routeParams.user_id + '/' + set + '/';

View File

@ -157,7 +157,8 @@ angular.module('UserFormDefinition', [])
ngClick: "add('permissions')",
icon: 'icon-plus',
label: 'Add',
awToolTip: 'Add a permission for this user'
awToolTip: 'Add a permission for this user',
ngShow: 'PermissionAddAllowed == true'
}
},

View File

@ -7,10 +7,13 @@ angular.module('AccessHelper', ['RestServices', 'Utilities', 'ngCookies'])
.factory('CheckAccess', ['$rootScope', 'Alert', 'Rest', 'GetBasePath','ProcessErrors',
function($rootScope, Alert, Rest, GetBasePath, ProcessErrors) {
return function(params) {
// set PermissionAddAllowed to true or false based on user access. admins and org admins are granted
// accesss.
var me = $rootScope.current_user;
var access = false;
var scope = params.scope;
if (me.is_superuser) {
access = true;
scope.PermissionAddAllowed = true;
}
else {
if (me.related.admin_of_organizations) {
@ -18,7 +21,10 @@ angular.module('AccessHelper', ['RestServices', 'Utilities', 'ngCookies'])
Rest.get()
.success( function(data, status, headers, config) {
if (data.results.length > 0) {
access = true;
scope.PermissionAddAllowed = true;
}
else {
scope.PermissionAddAllowed = false;
}
})
.error( function(data, status, headers, config) {
@ -28,10 +34,10 @@ angular.module('AccessHelper', ['RestServices', 'Utilities', 'ngCookies'])
});
}
}
if (!access) {
Alert('Access Denied', 'You do not have access to this function. Please contact your system administrator.');
}
return access;
//if (!access) {
// Alert('Access Denied', 'You do not have access to this function. Please contact your system administrator.');
//}
//return access;
}
}])

View File

@ -1036,6 +1036,7 @@ angular.module('FormGenerator', ['GeneratorHelpers', 'ngCookies'])
html += (form.related[itm].actions[act]['class']) ? form.related[itm].actions[act]['class'] : "btn-success";
html += "\" ";
html += this.attr(action,'ngClick');
html += (action['ngShow']) ? this.attr(action,'ngShow') : "";
html += (action.awToolTip) ? this.attr(action,'awToolTip') : "";
html += (action.awToolTip) ? "data-placement=\"right\" " : "";
html += "><i class=\"" + action.icon + "\"></i>";