Make CredentialType conditionally editable/readonly.

* CredentialTypes should not be editable *or* deletable if they're "managed_by_tower". * CredentialTypes should not be deletable if they're in use by one or more Credentials. * CredentialType.inputs should not be editable if they're in use by one or more Credentials. see: #6077
2026-03-23 11:55:04 -02:30 · 2017-05-08 11:09:52 -04:00
parent 6728bb2315
commit 1568fddde1
4 changed files with 58 additions and 11 deletions
--- a/awx/api/views.py
+++ b/awx/api/views.py
@@ -1504,6 +1504,12 @@ class CredentialTypeDetail(RetrieveUpdateDestroyAPIView):
    new_in_320 = True
    new_in_api_v2 = True

+    def destroy(self, request, *args, **kwargs):
+        instance = self.get_object()
+        if instance.managed_by_tower or instance.credentials.exists():
+            raise PermissionDenied(detail=_("Credential types that are in use cannot be deleted."))
+        return super(CredentialTypeDetail, self).destroy(request, *args, **kwargs)
+

 class CredentialList(ListCreateAPIView):