mirror of
https://github.com/ansible/awx.git
synced 2024-11-02 09:51:09 +03:00
57 lines
1.9 KiB
Python
57 lines
1.9 KiB
Python
from django.http import HttpResponse
|
|
from django.views.decorators.csrf import csrf_exempt
|
|
from lib.main.models import *
|
|
from lib.main.serializers import *
|
|
from lib.main.rbac import *
|
|
from django.contrib.auth.models import AnonymousUser
|
|
from rest_framework import mixins
|
|
from rest_framework import generics
|
|
from rest_framework import permissions
|
|
import exceptions
|
|
|
|
class OrganizationsList(generics.ListCreateAPIView):
|
|
|
|
model = Organization
|
|
serializer_class = OrganizationSerializer
|
|
permission_classes = (CustomRbac,)
|
|
|
|
#def pre_save(self, obj):
|
|
# obj.owner = self.request.user
|
|
|
|
def get_queryset(self):
|
|
|
|
if self.request.user.is_superuser:
|
|
return Organization.objects.filter(active=True)
|
|
return Organization.objects.filter(active = True, admins__in = [ self.request.user.application_user ]).distinct() | \
|
|
Organization.objects.filter(active = True, users__in = [ self.request.user.application_user ]).distinct()
|
|
|
|
def list_permissions_check(self, request, obj=None):
|
|
if request.method == 'GET':
|
|
# everybody can call get, but it's filtered
|
|
return True
|
|
if request.method == 'POST':
|
|
# superusers have already been cleared, so deny regular users
|
|
return False
|
|
raise exceptions.NotImplementedError
|
|
|
|
|
|
class OrganizationsDetail(generics.RetrieveUpdateDestroyAPIView):
|
|
model = Organization
|
|
serializer_class = OrganizationSerializer
|
|
|
|
permission_classes = (CustomRbac,)
|
|
|
|
#def pre_save(self, obj):
|
|
# obj.owner = self.request.user
|
|
|
|
def item_permissions_check(self, request, obj):
|
|
admin = request.user.application_user in obj.admins.all()
|
|
user = request.user.application_user in obj.users.all()
|
|
if request.method == 'GET':
|
|
return admin or user
|
|
if request.method == 'PUT':
|
|
return admin
|
|
|
|
|
|
|