External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-01-20 14:11:24 -03:30
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1835 from AlanCoding/network_ui_admin

Browse Source 
Restrict network_ui to inventory admins
This commit is contained in:
Ryan Petrello 2018-05-23 15:25:55 -04:00 committed by GitHub
commit 1564f62c2a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 13 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
awx/network_ui/consumers.py
View File

@ -3,6 +3,7 @@ import channels
from channels.auth import channel_session_user, channel_session_user_from_http
from awx.network_ui.models import Topology, Device, Link, Client, Interface
from awx.network_ui.models import TopologyInventory
from awx.main.models.inventory import Inventory
import urlparse
from django.db.models import Q
from collections import defaultdict
@ -217,6 +218,18 @@ def ws_connect(message):
data = urlparse.parse_qs(message.content['query_string'])
inventory_id = parse_inventory_id(data)
try:
inventory = Inventory.objects.get(id=inventory_id)
except Inventory.DoesNotExist:
logger.error("User {} attempted connecting inventory_id {} that does not exist.".format(
message.user.id, inventory_id)
)
message.reply_channel.send({"close": True})
if message.user not in inventory.admin_role:
logger.warn("User {} attempted connecting to inventory_id {} without permission.".format(
message.user.id, inventory_id
))
message.reply_channel.send({"close": True})
topology_ids = list(TopologyInventory.objects.filter(inventory_id=inventory_id).values_list('pk', flat=True))
topology_id = None
if len(topology_ids) > 0: