shaba/awx
1
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2024-10-31 23:51:09 +03:00
Code Releases Activity

use get_object_or_400 to fetch Role

Browse Source
This commit is contained in:
Wayne Witzel III 2016-07-29 11:19:43 -04:00
parent b127e74ae4
commit 9baa9594c7
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
awx/api/views.py
View File

@ -1210,7 +1210,7 @@ class UserRolesList(SubListCreateAttachDetachAPIView):
if sub_id == self.request.user.admin_role.pk:
raise PermissionDenied('You may not perform any action with your own admin_role.')
role = Role.objects.get(pk=sub_id)
role = get_object_or_400(Role, pk=sub_id)
user_content_type = ContentType.objects.get_for_model(User)
if role.content_type == user_content_type:
raise PermissionDenied('You may not change the membership of a users admin_role')