WebUI: Fix changing category on HBAC/Sudo/etc Rule pages

No object can be added to a rule when object category is 'all'.
So while editing rule there is needed to save actual category value
before adding related objects.

Ticket: https://pagure.io/freeipa/issue/7961

Signed-off-by: Serhii Tsymbaliuk <stsymbal@redhat.com>
Reviewed-By: Armando Neto <abiagion@redhat.com>

install/ui/src/freeipa/association.js

@@ -668,6 +668,7 @@ IPA.association_table_widget = function (spec) {
                 dialog.get_selected_values(),
                 function(data) {
                     that.refresh();
+                    that.facet.refresh();
                     dialog.close();
 
                     var succeeded = IPA.get_succeeded(data);
@@ -676,6 +677,7 @@ IPA.association_table_widget = function (spec) {
                 },
                 function() {
                     that.refresh();
+                    that.facet.refresh();
                     dialog.close();
                 }
             );

install/ui/src/freeipa/rule.js

@@ -35,6 +35,14 @@ IPA.rule_details_widget = function(spec) {
 
     spec = spec || {};
 
+    // Link association table with category option.
+    for (var i=0; i<spec.widgets.length; i++) {
+        var widget = spec.widgets[i];
+        if (widget.$type == 'rule_association_table') {
+            widget.category_name = spec.radio_name;
+        }
+    }
+
     var that = IPA.composite_widget(spec);
 
     that.radio_name = spec.radio_name;
@@ -126,6 +134,7 @@ IPA.rule_association_table_widget = function(spec) {
     var that = IPA.association_table_widget(spec);
 
     that.external = spec.external;
+    that.category_name = spec.category_name;
 
     that.setup_column = function(column, div, record) {
         var suppress_link = false;
@@ -177,6 +186,47 @@ IPA.rule_association_table_widget = function(spec) {
         });
     };
 
+    that.add = function(values, on_success, on_error) {
+
+        var pkey = that.facet.get_pkey();
+
+        var batch = rpc.batch_command({
+            name: 'add_association',
+            on_success: on_success,
+            on_error: on_error
+        });
+
+        if (that.category_name) {
+            var category_field = that.facet.get_field(that.category_name);
+
+            // Save category option if the field value is changed.
+            if (category_field.dirty) {
+                var options = {};
+                options[that.category_name] = category_field.value[0];
+
+                command = rpc.command({
+                    entity: that.entity.name,
+                    method: 'mod',
+                    args: [pkey],
+                    options: options
+                });
+                batch.add_command(command);
+            }
+        }
+
+        var command = rpc.command({
+            entity: that.entity.name,
+            method: that.add_method,
+            args: [pkey]
+        });
+
+        that.join_additional_option(command);
+        that.handle_entity_option(command, values);
+        batch.add_command(command);
+
+        batch.execute();
+    };
+
     return that;
 };
 

ipatests/test_webui/test_selinuxusermap.py

@@ -53,6 +53,7 @@ INVALID_MLS = ("invalid 'selinuxuser': Invalid MLS value, must match {}, "
 HBAC_DEL_ERR = ('{} cannot be deleted because SELinux User Map {} requires '
                 'it')
 HBAC_MEMBER_ERR = 'HBAC rule and local members cannot both be set'
+BATCH_ERR = 'Some operations failed.'
 
 
 @pytest.mark.tier1
@@ -185,7 +186,7 @@ class test_selinuxusermap(UI_driver):
         self.navigate_to_record(selinuxmap.PKEY, entity=selinuxmap.ENTITY)
         self.add_table_associations('memberuser_user', ['admin'],
                                     negative=True)
-        self.assert_last_error_dialog(HBAC_MEMBER_ERR)
+        self.assert_last_error_dialog(BATCH_ERR)
         self.close_all_dialogs()
 
         # test adding HBAC rule together with user (should FAIL)