mirror of
https://github.com/ansible/awx.git
synced 2024-10-30 05:25:29 +03:00
Work on team credentials.
This commit is contained in:
parent
541445d60f
commit
c52f51162a
@ -322,9 +322,9 @@ class ProjectsTest(BaseTest):
|
||||
# can list credentials on a team
|
||||
self.get(team_creds, expect=401)
|
||||
self.get(team_creds, expect=401, auth=self.get_invalid_credentials())
|
||||
self.get(team_creds, expect=201, auth=self.get_super_credentials())
|
||||
self.get(team_creds, expect=201, auth=self.get_normal_credentials())
|
||||
self.get(team_creds, expect=201, auth=self.get_other_credentials())
|
||||
self.get(team_creds, expect=200, auth=self.get_super_credentials())
|
||||
self.get(team_creds, expect=200, auth=self.get_normal_credentials())
|
||||
self.get(team_creds, expect=403, auth=self.get_other_credentials())
|
||||
self.get(team_creds, expect=403, auth=self.get_nobody_credentials())
|
||||
|
||||
# can edit a credential
|
||||
|
@ -226,12 +226,13 @@ class TeamsCredentialsList(BaseSubList):
|
||||
|
||||
def _get_queryset(self):
|
||||
team = Team.objects.get(pk=self.kwargs['pk'])
|
||||
if not Team.can_user_read(self.request.user, team):
|
||||
raise PermissionDenied()
|
||||
if not Team.can_user_administrate(self.request.user, team):
|
||||
if not (self.request.user.is_superuser or self.request.user in team.users.all()):
|
||||
raise PermissionDenied()
|
||||
project_credentials = Credential.objects.filter(
|
||||
projects__team__users__in = [ user ]
|
||||
team = team
|
||||
)
|
||||
return user.credentials.distinct() | project_credentials.distinct()
|
||||
return project_credentials.distinct()
|
||||
|
||||
|
||||
class ProjectsList(BaseList):
|
||||
|
Loading…
Reference in New Issue
Block a user