fix bug where JT admins could not edit spec

2026-06-25 08:28:03 -02:30 · 2017-10-18 09:52:32 -04:00
parent 6347db56c5
commit 098a407e25
4 changed files with 55 additions and 24 deletions
--- a/awx/api/permissions.py
+++ b/awx/api/permissions.py
@@ -52,14 +52,18 @@ class ModelAccessPermission(permissions.BasePermission):
                if not check_user_access(request.user, view.model, 'add', {view.parent_key: parent_obj}):
                    return False
            return True
-        elif getattr(view, 'is_job_start', False):
+        elif hasattr(view, 'obj_permission_type'):
+            # Generic object-centric view permission check without object not needed
            if not obj:
                return True
-            return check_user_access(request.user, view.model, 'start', obj)
-        elif getattr(view, 'is_job_cancel', False):
-            if not obj:
-                return True
-            return check_user_access(request.user, view.model, 'cancel', obj)
+            # Permission check that happens when get_object() is called
+            extra_kwargs = {}
+            if view.obj_permission_type == 'admin':
+                extra_kwargs['data'] = {}
+            return check_user_access(
+                request.user, view.model, view.obj_permission_type, obj,
+                **extra_kwargs
+            )
        else:
            if obj:
                return True