From 6a4a87db4b184f9a06f3c29c6f4008f332269129 Mon Sep 17 00:00:00 2001
From: Dave Augustus <95467821+dave-augustus@users.noreply.github.com>
Date: Tue, 19 Apr 2022 16:00:39 +0530
Subject: [PATCH] Editor users are able to delete objects for an org (#6924)

* Editor users are able to delete objects for an org

Signed-off-by: Pappu Kumar <pappu.kumar@progress.com>

* PR Comment

Signed-off-by: Pappu Kumar <pappu.kumar@progress.com>
---
 .../automate-ui/src/app/helpers/auth/regex.ts |  5 ++++-
 .../http/http-client-auth.interceptor.ts      | 19 +++++++++++++++++--
 2 files changed, 21 insertions(+), 3 deletions(-)

diff --git a/components/automate-ui/src/app/helpers/auth/regex.ts b/components/automate-ui/src/app/helpers/auth/regex.ts
index 998f1391e5b..dba94d65343 100644
--- a/components/automate-ui/src/app/helpers/auth/regex.ts
+++ b/components/automate-ui/src/app/helpers/auth/regex.ts
@@ -40,7 +40,10 @@ export class Regex {
     VALID_VERSION: /^(0|[1-9]\d*)(\.(0|[1-9]\d*)){0,2}$/,
 
     // Allow valid header input for Custom webhook
-    VALID_HEADER: /([a-zA-Z]):([a-zA-Z])[^\r\n]/
+    VALID_HEADER: /([a-zA-Z]):([a-zA-Z])[^\r\n]/,
+
+    //Allow A to Z and a to z and 0 to 9
+    VALID_URL: /^[0-9a-zA-Z]+$/
   };
 
 }
diff --git a/components/automate-ui/src/app/services/http/http-client-auth.interceptor.ts b/components/automate-ui/src/app/services/http/http-client-auth.interceptor.ts
index cdfd3c58060..1e1c3b67f77 100644
--- a/components/automate-ui/src/app/services/http/http-client-auth.interceptor.ts
+++ b/components/automate-ui/src/app/services/http/http-client-auth.interceptor.ts
@@ -15,6 +15,8 @@ import { ChefSessionService } from 'app/services/chef-session/chef-session.servi
 import * as selectors from 'app/services/projects-filter/projects-filter.selectors';
 import { ProjectsFilterOption } from '../projects-filter/projects-filter.reducer';
 
+import { Regex } from 'app/helpers/auth/regex';
+
 export const InterceptorSkipHeader = 'Skip-Interceptor';
 
 @Injectable()
@@ -51,8 +53,21 @@ export class HttpClientAuthInterceptor implements HttpInterceptor {
     const filtered = request.params.get('unfiltered') !== 'true';
     const params = request.params.delete('unfiltered');
 
-    if (this.projects && filtered) {
-      headers = headers.set('projects', this.projects);
+    if (request.url.includes('/orgs/')) {
+      let checkInfraOrgsURL= false;
+      let url = request.url;
+      let serverID = url.split('/')[5];
+      let orgID = url.split('/')[7];
+      let newHeader = serverID + '_' + orgID;
+      if(url.includes('/infra/servers/') && Regex.patterns.VALID_URL.test(serverID)) {
+        checkInfraOrgsURL= true;
+      }
+      if(checkInfraOrgsURL)
+        headers = headers.set('projects', newHeader);
+    } else {
+      if (this.projects && filtered) {
+        headers = headers.set('projects', this.projects);
+      }
     }
 
     return this.chefSession.token_provider.pipe(