Update UI: Use resource roles rather than obsolete group roles

In a fix to fix a privilege-escalation bug, the `…/group/roles`
endpoint was entirely removed and replaced with the less error-prone
`…/resource/…/roles` endpoint. This commit updates the code to use the
new endpoint's data as appropriate.

We also fix typos in some url_for routing arguments.

1 files changed, 9 insertions, 9 deletions

diff --git a/gn2/wqflask/templates/oauth2/view-resource.html b/gn2/wqflask/templates/oauth2/view-resource.html
index d17f1ddf..6ae5af56 100644
--- a/gn2/wqflask/templates/oauth2/view-resource.html
+++ b/gn2/wqflask/templates/oauth2/view-resource.html
@@ -309,8 +309,8 @@
 
     <div class="row">
       <h3>Assign</h3>
-      {%if group_roles_error is defined%}
-      {{display_error("Group Roles", group_roles_error)}}
+      {%if resource_roles_error is defined%}
+      {{display_error("Resource Roles", resource_roles_error)}}
       {%elif users_error is defined%}
       {{display_error("Users", users_error)}}
       {%else%}
@@ -320,13 +320,13 @@
 	    method="POST" autocomplete="off">
 	<input type="hidden" name="resource_id" value="{{resource_id}}" />
 	<div class="form-group">
-	  <label for="group_role_id" class="form-label">Role</label>
-	  <select class="form-control" name="group_role_id"
-		  id="group_role_id" required="required">
-	    <option value="">Select role</option>
-	    {%for grole in group_roles%}
-	    <option value="{{grole.group_role_id}}">
-	      {{grole.role.role_name}}
+	  <label for="role_id" class="form-label">Role</label>
+	  <select class="form-control" name="role_id"
+		  id="role_id" required="required">
+	    <option value="">Select role</option>>
+	    {%for rrole in resource_roles%}
+	    <option value="{{rrole.role_id}}">
+	      {{rrole.role_name}}
 	    </option>
 	    {%endfor%}
 	  </select>