diff --git a/app/docker/views/containers/create/createContainerController.js b/app/docker/views/containers/create/createContainerController.js index 47bed8e49..38fb33813 100644 --- a/app/docker/views/containers/create/createContainerController.js +++ b/app/docker/views/containers/create/createContainerController.js @@ -742,9 +742,17 @@ angular.module('portainer.docker').controller('CreateContainerController', [ Container.get({ id: $transition$.params().from }) .$promise.then(function success(d) { var fromContainer = new ContainerDetailsViewModel(d); - if (fromContainer.ResourceControl && fromContainer.ResourceControl.Public) { - $scope.formValues.AccessControlData.AccessControlEnabled = false; + if (fromContainer.ResourceControl) { + if (fromContainer.ResourceControl.Public) { + $scope.formValues.AccessControlData.AccessControlEnabled = false; + } + + // When the container is create by duplicate/edit, the access permission + // shouldn't be copied + fromContainer.ResourceControl.UserAccesses = []; + fromContainer.ResourceControl.TeamAccesses = []; } + $scope.fromContainer = fromContainer; $scope.state.mode = 'duplicate'; $scope.config = ContainerHelper.configFromContainer(fromContainer.Model); diff --git a/app/react/portainer/access-control/EditDetails/EditDetails.tsx b/app/react/portainer/access-control/EditDetails/EditDetails.tsx index 0bb725286..1f9720953 100644 --- a/app/react/portainer/access-control/EditDetails/EditDetails.tsx +++ b/app/react/portainer/access-control/EditDetails/EditDetails.tsx @@ -109,6 +109,12 @@ export function EditDetails({ if (ownership === ResourceControlOwnership.RESTRICTED) { authorizedUsers = []; authorizedTeams = []; + // Non admin team leaders/members under only one team can + // automatically grant the resource access to all members + // under the team + if (!isAdmin && teams && teams.length === 1) { + authorizedTeams = teams.map((team) => team.Id); + } } handleChange({ ownership, authorizedTeams, authorizedUsers });