From ee8ef617ca094d5191026f4f807e2cd453336ae6 Mon Sep 17 00:00:00 2001
From: Michael Abashian <mabashian@ansible.com>
Date: Thu, 23 Jun 2016 12:21:18 -0400
Subject: [PATCH] Added error message under field when user attempts to create
 a gce/azure credential with an encrypted key

---
 awx/ui/client/src/helpers/Credentials.js | 18 ++++++++++++++----
 1 file changed, 14 insertions(+), 4 deletions(-)

diff --git a/awx/ui/client/src/helpers/Credentials.js b/awx/ui/client/src/helpers/Credentials.js
index 426b14656b..6babce9284 100644
--- a/awx/ui/client/src/helpers/Credentials.js
+++ b/awx/ui/client/src/helpers/Credentials.js
@@ -73,6 +73,7 @@ angular.module('CredentialsHelper', ['Utilities'])
                  scope.passwordLabel = 'Password (API Key)';
                  scope.projectPopOver = "<p>The project value</p>";
                  scope.hostPopOver = "<p>The host value</p>";
+                 scope.ssh_key_data_api_error = '';
                  if (!Empty(scope.kind)) {
                      // Apply kind specific settings
                      switch (scope.kind.value) {
@@ -296,10 +297,19 @@ angular.module('CredentialsHelper', ['Utilities'])
                      })
                      .error(function (data, status) {
                          Wait('stop');
-                         ProcessErrors(scope, data, status, form, {
-                             hdr: 'Error!',
-                             msg: 'Failed to create new Credential. POST status: ' + status
-                         });
+                         // TODO: hopefully this conditional error handling will to away in a future version of tower.  The reason why we cannot
+                         // simply pass this error to ProcessErrors is because it will actually match the form element 'ssh_key_unlock' and show
+                         // the error there.  The ssh_key_unlock field is not shown when the kind of credential is gce/azure and as a result the
+                         // error is never shown.  In the future, the API will hopefully either behave or respond differently.
+                         if(status && status === 400 && data && data.ssh_key_unlock && (scope.kind.value === 'gce' || scope.kind.value === 'azure')) {
+                             scope.ssh_key_data_api_error = "Encrypted credentials are not supported.";
+                         }
+                         else {
+                             ProcessErrors(scope, data, status, form, {
+                                 hdr: 'Error!',
+                                 msg: 'Failed to create new Credential. POST status: ' + status
+                             });
+                         }
                      });
                  } else {
                      url = GetBasePath('credentials') + scope.id + '/';