1
0
mirror of https://github.com/ansible/awx.git synced 2024-10-31 15:21:13 +03:00

Check /api/v1/me to determine if user can perform create/update/delete on Permissions.

This commit is contained in:
chouseknecht 2013-06-27 04:51:23 -04:00
parent 0277a2177c
commit 652f7ceb7b
7 changed files with 101 additions and 43 deletions

View File

@ -58,7 +58,8 @@ angular.module('ansible', [
'ChildrenHelper',
'EventsHelper',
'ProjectPathHelper',
'md5Helper'
'md5Helper',
'AccessHelper'
])
.config(['$routeProvider', function($routeProvider) {
$routeProvider.

View File

@ -20,17 +20,20 @@ function PermissionsList ($scope, $rootScope, $location, $log, $routeParams, Res
scope.search(list.iterator);
LoadBreadCrumbs();
scope.addPermission = function() {
$location.path($location.path() + '/add');
if (checkAccess()) {
$location.path($location.path() + '/add');
}
}
scope.editPermission = function(id) {
$location.path($location.path() + '/' + id);
if (checkAccess()) {
$location.path($location.path() + '/' + id);
}
}
scope.deletePermission = function(id, name) {
var action = function() {
var url = GetBasePath('base') + 'permissions/' + id + '/';
Rest.setUrl(url);
@ -45,11 +48,13 @@ function PermissionsList ($scope, $rootScope, $location, $log, $routeParams, Res
{ hdr: 'Error!', msg: 'Call to ' + url + ' failed. DELETE returned status: ' + status });
});
};
Prompt({ hdr: 'Delete',
body: 'Are you sure you want to delete ' + name + '?',
action: action
});
if (checkAccess()) {
Prompt({ hdr: 'Delete',
body: 'Are you sure you want to delete ' + name + '?',
action: action
});
}
}
}

View File

@ -220,7 +220,7 @@ TeamsAdd.$inject = [ '$scope', '$rootScope', '$compile', '$location', '$log', '$
function TeamsEdit ($scope, $rootScope, $compile, $location, $log, $routeParams, TeamForm,
GenerateForm, Rest, Alert, ProcessErrors, LoadBreadCrumbs, RelatedSearchInit,
RelatedPaginateInit, ReturnToCaller, ClearScope, TeamLookUpOrganizationInit, Prompt,
GetBasePath)
GetBasePath, CheckAccess)
{
ClearScope('htmlTemplate'); //Garbage collection. Don't leave behind any listeners/watchers from the prior
//scope.
@ -318,7 +318,9 @@ function TeamsEdit ($scope, $rootScope, $compile, $location, $log, $routeParams,
scope.add = function(set) {
$rootScope.flashMessage = null;
if (set == 'permissions') {
$location.path('/' + base + '/' + $routeParams.team_id + '/' + set + '/add');
if (CheckAccess()) {
$location.path('/' + base + '/' + $routeParams.team_id + '/' + set + '/add');
}
}
else {
$location.path('/' + base + '/' + $routeParams.team_id + '/' + set);
@ -329,7 +331,9 @@ function TeamsEdit ($scope, $rootScope, $compile, $location, $log, $routeParams,
scope.edit = function(set, id, name) {
$rootScope.flashMessage = null;
if (set == 'permissions') {
$location.path('/' + base + '/' + $routeParams.team_id + '/' + set + '/' + id);
if (CheckAccess()) {
$location.path('/' + base + '/' + $routeParams.team_id + '/' + set + '/' + id);
}
}
else {
$location.path('/' + set + '/' + id);
@ -343,18 +347,20 @@ function TeamsEdit ($scope, $rootScope, $compile, $location, $log, $routeParams,
var action = function() {
var url;
if (set == 'permissions') {
url = GetBasePath('base') + 'permissions/' + itm_id + '/';
Rest.setUrl(url);
Rest.destroy()
.success( function(data, status, headers, config) {
$('#prompt-modal').modal('hide');
scope.search(form.related[set].iterator);
})
.error( function(data, status, headers, config) {
$('#prompt-modal').modal('hide');
ProcessErrors(scope, data, status, null,
{ hdr: 'Error!', msg: 'Call to ' + url + ' failed. DELETE returned status: ' + status });
});
if (CheckAccess()) {
url = GetBasePath('base') + 'permissions/' + itm_id + '/';
Rest.setUrl(url);
Rest.destroy()
.success( function(data, status, headers, config) {
$('#prompt-modal').modal('hide');
scope.search(form.related[set].iterator);
})
.error( function(data, status, headers, config) {
$('#prompt-modal').modal('hide');
ProcessErrors(scope, data, status, null,
{ hdr: 'Error!', msg: 'Call to ' + url + ' failed. DELETE returned status: ' + status });
});
}
}
else {
var url = defaultUrl + $routeParams.team_id + '/' + set + '/';
@ -383,6 +389,6 @@ function TeamsEdit ($scope, $rootScope, $compile, $location, $log, $routeParams,
TeamsEdit.$inject = [ '$scope', '$rootScope', '$compile', '$location', '$log', '$routeParams', 'TeamForm',
'GenerateForm', 'Rest', 'Alert', 'ProcessErrors', 'LoadBreadCrumbs', 'RelatedSearchInit',
'RelatedPaginateInit', 'ReturnToCaller', 'ClearScope', 'TeamLookUpOrganizationInit', 'Prompt',
'GetBasePath'
'GetBasePath', 'CheckAccess'
];

View File

@ -137,7 +137,8 @@ function UsersList ($scope, $rootScope, $location, $log, $routeParams, Rest,
}
UsersList.$inject = [ '$scope', '$rootScope', '$location', '$log', '$routeParams', 'Rest', 'Alert', 'UserList', 'GenerateList',
'LoadBreadCrumbs', 'Prompt', 'SearchInit', 'PaginateInit', 'ReturnToCaller', 'ClearScope', 'ProcessErrors' ];
'LoadBreadCrumbs', 'Prompt', 'SearchInit', 'PaginateInit', 'ReturnToCaller', 'ClearScope', 'ProcessErrors'
];
function UsersAdd ($scope, $rootScope, $compile, $location, $log, $routeParams, UserForm,
@ -224,7 +225,7 @@ UsersAdd.$inject = [ '$scope', '$rootScope', '$compile', '$location', '$log', '$
function UsersEdit ($scope, $rootScope, $compile, $location, $log, $routeParams, UserForm,
GenerateForm, Rest, Alert, ProcessErrors, LoadBreadCrumbs, RelatedSearchInit,
RelatedPaginateInit, ReturnToCaller, ClearScope, GetBasePath, Prompt)
RelatedPaginateInit, ReturnToCaller, ClearScope, GetBasePath, Prompt, CheckAccess)
{
ClearScope('htmlTemplate'); //Garbage collection. Don't leave behind any listeners/watchers from the prior
//scope.
@ -320,7 +321,9 @@ function UsersEdit ($scope, $rootScope, $compile, $location, $log, $routeParams,
scope.add = function(set) {
$rootScope.flashMessage = null;
if (set == 'permissions') {
$location.path('/' + base + '/' + $routeParams.user_id + '/' + set + '/add');
if (CheckAccess()) {
$location.path('/' + base + '/' + $routeParams.user_id + '/' + set + '/add');
}
}
else {
$location.path('/' + base + '/' + $routeParams.user_id + '/' + set);
@ -331,7 +334,9 @@ function UsersEdit ($scope, $rootScope, $compile, $location, $log, $routeParams,
scope.edit = function(set, id, name) {
$rootScope.flashMessage = null;
if (set == 'permissions') {
$location.path('/users/' + $routeParams.user_id + '/permissions/' + id);
if (CheckAccess()) {
$location.path('/users/' + $routeParams.user_id + '/permissions/' + id);
}
}
else {
$location.path('/' + set + '/' + id);
@ -345,18 +350,20 @@ function UsersEdit ($scope, $rootScope, $compile, $location, $log, $routeParams,
var action = function() {
var url;
if (set == 'permissions') {
url = GetBasePath('base') + 'permissions/' + itm_id + '/';
Rest.setUrl(url);
Rest.destroy()
.success( function(data, status, headers, config) {
$('#prompt-modal').modal('hide');
scope.search(form.related[set].iterator);
})
.error( function(data, status, headers, config) {
$('#prompt-modal').modal('hide');
ProcessErrors(scope, data, status, null,
if (CheckAccess()) {
url = GetBasePath('base') + 'permissions/' + itm_id + '/';
Rest.setUrl(url);
Rest.destroy()
.success( function(data, status, headers, config) {
$('#prompt-modal').modal('hide');
scope.search(form.related[set].iterator);
})
.error( function(data, status, headers, config) {
$('#prompt-modal').modal('hide');
ProcessErrors(scope, data, status, null,
{ hdr: 'Error!', msg: 'Call to ' + url + ' failed. DELETE returned status: ' + status });
});
});
}
}
else {
url = defaultUrl + $routeParams.user_id + '/' + set + '/';
@ -384,5 +391,5 @@ function UsersEdit ($scope, $rootScope, $compile, $location, $log, $routeParams,
UsersEdit.$inject = [ '$scope', '$rootScope', '$compile', '$location', '$log', '$routeParams', 'UserForm',
'GenerateForm', 'Rest', 'Alert', 'ProcessErrors', 'LoadBreadCrumbs', 'RelatedSearchInit',
'RelatedPaginateInit', 'ReturnToCaller', 'ClearScope', 'GetBasePath', 'Prompt'];
'RelatedPaginateInit', 'ReturnToCaller', 'ClearScope', 'GetBasePath', 'Prompt', 'CheckAccess'];

View File

@ -0,0 +1,36 @@
/*********************************************
* Copyright (c) 2013 AnsibleWorks, Inc.
*
*/
angular.module('AccessHelper', ['RestServices', 'Utilities'])
.factory('CheckAccess', ['$rootScope', 'Alert', 'Rest', 'GetBasePath','ProcessErrors', 'Alert',
function($rootScope, Alert, Rest, GetBasePath, ProcessErrors, Prompt) {
return function(params) {
var me = $rootScope.current_user;
var access = false;
if (me.is_superuser) {
access = true;
}
else {
if (me.related.admin_of_organizations) {
Rest.setUrl(me.related.admin_of_organizations);
Rest.get()
.success( function(data, status, headers, config) {
if (data.results.length > 0) {
access = true;
}
})
.error( function(data, status, headers, config) {
ProcessErrors(scope, data, status, null,
{ hdr: 'Error!', msg: 'Call to ' + me.related.admin_of_organizations +
' failed. DELETE returned status: ' + status });
});
}
}
if (!access) {
Alert('Access Denied', 'You do not have access to this function. Please contact your system administrator.');
}
return access;
}
}]);

View File

@ -6,7 +6,9 @@
<h3>Ansible Login</h3>
</div>
<div class="modal-body">
<div class="alert alert-warning alert-block" ng-show="(sessionExpired == true)">Your session timed out due to inactivity. Please sign in again. Session timeout is set to: {{ sessionTimeout }} minutes.</div>
<div style="padding-bottom: 20px;" class="alert alert-warning alert-block" ng-show="(sessionExpired == true)">
Your session timed out due to inactivity. Please sign in again.
</div>
<form id="login-form" name="loginForm" class="form-horizontal" novalidate>
<div class="control-group">
<label class="control-label">Username:</label>

View File

@ -81,6 +81,7 @@
<script src="{{ STATIC_URL }}js/helpers/Children.js"></script>
<script src="{{ STATIC_URL }}js/helpers/ProjectPath.js"></script>
<script src="{{ STATIC_URL }}js/helpers/md5.js"></script>
<script src="{{ STATIC_URL }}js/helpers/Access.js"></script>
<script src="{{ STATIC_URL }}lib/ansible/directives.js"></script>
<script src="{{ STATIC_URL }}lib/ansible/filters.js"></script>
<script src="{{ STATIC_URL }}lib/ansible/api-loader.js"></script>