shaba/awx
1
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2024-11-02 09:51:09 +03:00
Code Releases Activity

Merge pull request #1935 from anoek/1929

Browse Source 
Fix project update permissions
This commit is contained in:
Akita Noek 2016-05-17 10:15:20 -04:00
commit 3862d6d1be
2 changed files with 17 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
awx/api/permissions.py
View File

@ -19,7 +19,7 @@ from awx.main.utils import get_object_or_400
logger = logging.getLogger('awx.api.permissions')
__all__ = ['ModelAccessPermission', 'JobTemplateCallbackPermission',
'TaskPermission']
'TaskPermission', 'ProjectUpdatePermission']
class ModelAccessPermission(permissions.BasePermission):
'''
@ -190,3 +190,18 @@ class TaskPermission(ModelAccessPermission):
return bool(not obj or obj.pk == unified_job.pk)
else:
return False
class ProjectUpdatePermission(ModelAccessPermission):
'''
Permission check used by ProjectUpdateView to determine who can update projects
'''
def has_permission(self, request, view, obj=None):
if request.user.is_superuser:
return True
project = get_object_or_400(view.model, pk=view.kwargs['pk'])
if project and request.user in project.update_role:
return True
return False

1
awx/api/views.py
View File

@ -1029,6 +1029,7 @@ class ProjectUpdateView(RetrieveAPIView):
model = Project
serializer_class = ProjectUpdateViewSerializer
permission_classes = (ProjectUpdatePermission,)
new_in_13 = True
def post(self, request, *args, **kwargs):