From 0c854dde43579e0f9f3d30bd13c0d9f7d011e221 Mon Sep 17 00:00:00 2001 From: jangsutsr Date: Mon, 15 Aug 2016 12:02:35 -0400 Subject: [PATCH] remove redundant permission checks in start views. --- awx/api/views.py | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/awx/api/views.py b/awx/api/views.py index af18e1154b..755b9176a5 100644 --- a/awx/api/views.py +++ b/awx/api/views.py @@ -2219,8 +2219,6 @@ class JobTemplateLaunch(RetrieveAPIView, GenericAPIView): def post(self, request, *args, **kwargs): obj = self.get_object() - if not request.user.can_access(self.model, 'start', obj): - raise PermissionDenied() if 'credential' not in request.data and 'credential_id' in request.data: request.data['credential'] = request.data['credential_id'] @@ -2606,8 +2604,6 @@ class SystemJobTemplateLaunch(GenericAPIView): def post(self, request, *args, **kwargs): obj = self.get_object() - if not request.user.can_access(self.model, 'start', obj): - raise PermissionDenied() new_job = obj.create_unified_job(**request.data) new_job.signal_start(**request.data) @@ -2714,8 +2710,6 @@ class JobStart(GenericAPIView): def post(self, request, *args, **kwargs): obj = self.get_object() - if not request.user.can_access(self.model, 'start', obj): - raise PermissionDenied() if obj.can_start: result = obj.signal_start(**request.data) if not result: @@ -2753,8 +2747,6 @@ class JobRelaunch(RetrieveAPIView, GenericAPIView): def post(self, request, *args, **kwargs): obj = self.get_object() - if not request.user.can_access(self.model, 'start', obj): - raise PermissionDenied() # Note: is_valid() may modify request.data # It will remove any key/value pair who's key is not in the 'passwords_needed_to_start' list @@ -3187,8 +3179,6 @@ class AdHocCommandRelaunch(GenericAPIView): def post(self, request, *args, **kwargs): obj = self.get_object() - if not request.user.can_access(self.model, 'start', obj): - raise PermissionDenied() # Re-validate ad hoc command against serializer to check if module is # still allowed.