External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-03-16 08:27:29 -02:30
Code Issues Packages Projects Releases Wiki Activity

Test that you can't post to an audit trail collection (ever), and a switch to control postability to sub lists.

Browse Source
This commit is contained in:
Michael DeHaan
2013-03-23 16:50:25 -04:00
parent cd214bc95d
commit 1213f2a981
3 changed files with 26 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
lib/main/views.py
View File

@@ -42,20 +42,32 @@ class OrganizationsDetail(BaseDetail):
serializer_class = OrganizationSerializer
permission_classes = (CustomRbac,)
class OrganizationsAuditTrailList(BaseList):
class OrganizationsAuditTrailList(BaseSubList):
model = AuditTrail
serializer_class = AuditTrailSerializer
permission_classes = (CustomRbac,)
parent_model = Organization
relationship = 'audit_trail'
postable = False
def _get_queryset(self):
''' to list tags in the organization, I must be a superuser or org admin '''
organization = Organization.objects.get(pk=self.kwargs['pk'])
if not (self.request.user.is_superuser or self.request.user in organization.admins.all()):
# FIXME: use: organization.can_user_administrate(self.request.user)
raise PermissionDenied()
return AuditTrail.objects.filter(audit_trail_by_tag__in = [ organization ])
class OrganizationsUsersList(BaseSubList):
model = User
serializer_class = UserSerializer
permission_classes = (CustomRbac,)
parent_model = Organization
relationship = 'users'
postable = True
def _get_queryset(self):
''' to list users in the organization, I must be a superuser or org admin '''
@@ -69,9 +81,9 @@ class OrganizationsAdminsList(BaseSubList):
model = User
serializer_class = UserSerializer
permission_classes = (CustomRbac,)
parent_model = Organization
relationship = 'admins'
postable = True
def _get_queryset(self):
''' to list admins in the organization, I must be a superuser or org admin '''
@@ -85,9 +97,9 @@ class OrganizationsProjectsList(BaseSubList):
model = Project
serializer_class = ProjectSerializer
permission_classes = (CustomRbac,)
parent_model = Organization # for sub list
relationship = 'projects' # " "
postable = True
def _get_queryset(self):
''' to list projects in the organization, I must be a superuser or org admin '''
@@ -101,9 +113,9 @@ class OrganizationsTagsList(BaseSubList):
model = Tag
serializer_class = TagSerializer
permission_classes = (CustomRbac,)
parent_model = Organization # for sub list
relationship = 'tags' # " "
postable = True
def _get_queryset(self):
''' to list tags in the organization, I must be a superuser or org admin '''