shaba/awx
1
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2024-11-02 01:21:21 +03:00
Code Releases Activity

make user_capabilities False for read tokens

Browse Source
This commit is contained in:
AlanCoding 2018-03-19 15:13:14 -04:00
parent 1a542c5e06
commit 4f1f578fde
No known key found for this signature in database
GPG Key ID: FD2C3C012A72926B
2 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
awx/main/access.py
View File

@ -341,7 +341,10 @@ class BaseAccess(object):
# Actions not possible for reason unrelated to RBAC # Actions not possible for reason unrelated to RBAC
# Cannot copy with validation errors, or update a manual group/project # Cannot copy with validation errors, or update a manual group/project
if display_method == 'copy' and isinstance(obj, JobTemplate): if 'write' not in getattr(self.user, 'oauth_scopes', ['write']):
user_capabilities[display_method] = False # Read tokens cannot take any actions
continue
elif display_method == 'copy' and isinstance(obj, JobTemplate):
if obj.validation_errors: if obj.validation_errors:
user_capabilities[display_method] = False user_capabilities[display_method] = False
continue continue

1
awx/main/tests/unit/api/serializers/conftest.py
View File

@ -39,6 +39,7 @@ def get_summary_fields_assert():
def get_summary_fields_mock_and_run(): def get_summary_fields_mock_and_run():
def fn(serializer_class, model_obj): def fn(serializer_class, model_obj):
serializer = serializer_class() serializer = serializer_class()
serializer.show_capabilities = []
serializer.context['view'] = mock.Mock(kwargs={}) serializer.context['view'] = mock.Mock(kwargs={})
return serializer.get_summary_fields(model_obj) return serializer.get_summary_fields(model_obj)
return fn return fn