mirror of
https://github.com/ansible/awx.git
synced 2024-10-30 13:55:31 +03:00
Switch to using a permission class for the webhook secret key view
This view is now behaving as expected for superuser, org admin, JT admin, JT exec, and org member roles.
This commit is contained in:
parent
747a2283d6
commit
7973a18103
@ -249,3 +249,8 @@ class InstanceGroupTowerPermission(ModelAccessPermission):
|
||||
if request.method == 'DELETE' and obj.name == "tower":
|
||||
return False
|
||||
return super(InstanceGroupTowerPermission, self).has_object_permission(request, view, obj)
|
||||
|
||||
|
||||
class WebhookKeyPermission(permissions.BasePermission):
|
||||
def has_object_permission(self, request, view, obj):
|
||||
return request.user.can_access(view.model, 'admin', obj, request.data)
|
||||
|
@ -10,11 +10,13 @@ from rest_framework.response import Response
|
||||
|
||||
from awx.api import serializers
|
||||
from awx.api.generics import APIView, GenericAPIView
|
||||
from awx.api.permissions import WebhookKeyPermission
|
||||
from awx.main.models import JobTemplate, WorkflowJobTemplate
|
||||
|
||||
|
||||
class WebhookKeyView(GenericAPIView):
|
||||
serializer_class = serializers.EmptySerializer
|
||||
permission_classes = (WebhookKeyPermission,)
|
||||
|
||||
@property
|
||||
def model(self):
|
||||
@ -32,10 +34,6 @@ class WebhookKeyView(GenericAPIView):
|
||||
# Provide a fallback do-nothing queryset so that get_object() has something to work with.
|
||||
return JobTemplate.objects.none()
|
||||
|
||||
def check_object_permissions(self, request, obj):
|
||||
if not request.user.can_access(self.model, 'admin', obj, request.data):
|
||||
raise PermissionDenied
|
||||
|
||||
def get(self, request, *args, **kwargs):
|
||||
obj = self.get_object()
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user