mirror of
https://github.com/ansible/awx.git
synced 2024-11-02 09:51:09 +03:00
add can_read method to JobAccess
This commit is contained in:
parent
d9ac461bb8
commit
9a44dc4ba0
@ -1168,6 +1168,22 @@ class JobAccess(BaseAccess):
|
|||||||
Q(inventory__organization__in=org_access_qs) |
|
Q(inventory__organization__in=org_access_qs) |
|
||||||
Q(project__organization__in=org_access_qs)).distinct()
|
Q(project__organization__in=org_access_qs)).distinct()
|
||||||
|
|
||||||
|
def org_access(self, obj):
|
||||||
|
"""
|
||||||
|
Via the organization of a related resource, user has a claim to org_admin access of this job
|
||||||
|
"""
|
||||||
|
if obj.inventory and obj.inventory.organization and self.user in obj.inventory.organization.admin_role:
|
||||||
|
return True
|
||||||
|
elif obj.project and obj.project.organization and self.user in obj.project.organization.admin_role:
|
||||||
|
return True
|
||||||
|
return False
|
||||||
|
|
||||||
|
@check_superuser
|
||||||
|
def can_read(self, obj):
|
||||||
|
if obj.job_template and self.user in obj.job_template.read_role:
|
||||||
|
return True
|
||||||
|
return self.org_access(obj)
|
||||||
|
|
||||||
def can_add(self, data):
|
def can_add(self, data):
|
||||||
if not data: # So the browseable API will work
|
if not data: # So the browseable API will work
|
||||||
return True
|
return True
|
||||||
@ -1196,12 +1212,7 @@ class JobAccess(BaseAccess):
|
|||||||
|
|
||||||
@check_superuser
|
@check_superuser
|
||||||
def can_delete(self, obj):
|
def can_delete(self, obj):
|
||||||
if obj.inventory is not None and self.user in obj.inventory.organization.admin_role:
|
return self.org_access(obj)
|
||||||
return True
|
|
||||||
if (obj.project is not None and obj.project.organization is not None and
|
|
||||||
self.user in obj.project.organization.admin_role):
|
|
||||||
return True
|
|
||||||
return False
|
|
||||||
|
|
||||||
def can_start(self, obj, validate_license=True):
|
def can_start(self, obj, validate_license=True):
|
||||||
if validate_license:
|
if validate_license:
|
||||||
|
Loading…
Reference in New Issue
Block a user