From 17d18f6648f32a49e4bb84ab3d410a9526938234 Mon Sep 17 00:00:00 2001
From: Luke Sneeringer <luke@sneeringer.com>
Date: Wed, 20 May 2015 21:28:48 -0400
Subject: [PATCH] Differentiate multi orgs, system tracking.

---
 awx/api/license.py | 10 +++++++++-
 awx/api/views.py   | 48 ++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 57 insertions(+), 1 deletion(-)

diff --git a/awx/api/license.py b/awx/api/license.py
index df1757965e..acdc508614 100644
--- a/awx/api/license.py
+++ b/awx/api/license.py
@@ -23,4 +23,12 @@ def feature_enabled(name):
     """Return True if the requested feature is enabled, False otherwise.
     If the feature does not exist, raise KeyError.
     """
-    return get_license()['features'][name]
+    license = get_license()
+
+    # Sanity check: If there is no license, the feature is considered
+    # to be off.
+    if 'features' not in license:
+        return False
+
+    # Return the correct feature flag.
+    return get_license()['features'].get(name, False)
diff --git a/awx/api/views.py b/awx/api/views.py
index 29ff59d5b4..4258128dd1 100644
--- a/awx/api/views.py
+++ b/awx/api/views.py
@@ -50,6 +50,7 @@ from awx.api.utils.decorators import paginated
 from awx.api.filters import MongoFilterBackend
 from awx.api.generics import get_view_name
 from awx.api.generics import * # noqa
+from awx.api.license import feature_enabled, LicenseForbids
 from awx.main.models import * # noqa
 from awx.main.utils import * # noqa
 from awx.api.permissions import * # noqa
@@ -562,6 +563,16 @@ class OrganizationActivityStreamList(SubListAPIView):
     relationship = 'activitystream_set'
     new_in_145 = True
 
+    def get(self, request, *args, **kwargs):
+        # Sanity check: Does this license allow activity streams?
+        # If not, forbid this request.
+        if not feature_enabled('activity_stream'):
+            raise LicenseForbids('Your license does not allow use of '
+                                 'the activity stream.')
+
+        # Okay, let it through.
+        return super(type(self), self).get(request, *args, **kwargs)
+
 class TeamList(ListCreateAPIView):
 
     model = Team
@@ -621,6 +632,16 @@ class TeamActivityStreamList(SubListAPIView):
     relationship = 'activitystream_set'
     new_in_145 = True
 
+    def get(self, request, *args, **kwargs):
+        # Sanity check: Does this license allow activity streams?
+        # If not, forbid this request.
+        if not feature_enabled('activity_stream'):
+            raise LicenseForbids('Your license does not allow use of '
+                                 'the activity stream.')
+
+        # Okay, let it through.
+        return super(type(self), self).get(request, *args, **kwargs)
+
     def get_queryset(self):
         parent = self.get_parent_object()
         self.check_parent_access(parent)
@@ -963,6 +984,11 @@ class InventorySingleFactView(MongoAPIView):
     filter_backends = (MongoFilterBackend,)
 
     def get(self, request, *args, **kwargs):
+        # Sanity check: Does the license allow system tracking?
+        if not feature_enabled('system_tracking'):
+            raise LicenseForbids('Your license does not permit use '
+                                 'of system tracking.')
+
         fact_key = request.QUERY_PARAMS.get("fact_key", None)
         fact_value = request.QUERY_PARAMS.get("fact_value", None)
         datetime_spec = request.QUERY_PARAMS.get("timestamp", None)
@@ -1087,6 +1113,11 @@ class HostSingleFactView(MongoAPIView):
     filter_backends = (MongoFilterBackend,)
 
     def get(self, request, *args, **kwargs):
+        # Sanity check: Does the license allow system tracking?
+        if not feature_enabled('system_tracking'):
+            raise LicenseForbids('Your license does not permit use '
+                                 'of system tracking.')
+
         fact_key = request.QUERY_PARAMS.get("fact_key", None)
         fact_value = request.QUERY_PARAMS.get("fact_value", None)
         datetime_spec = request.QUERY_PARAMS.get("timestamp", None)
@@ -1107,6 +1138,11 @@ class HostFactCompareView(MongoAPIView):
     filter_backends = (MongoFilterBackend,)
 
     def get(self, request, *args, **kwargs):
+        # Sanity check: Does the license allow system tracking?
+        if not feature_enabled('system_tracking'):
+            raise LicenseForbids('Your license does not permit use '
+                                 'of system tracking.')
+
         datetime_spec = request.QUERY_PARAMS.get('datetime', None)
         module_spec = request.QUERY_PARAMS.get('module', "ansible")
         datetime_actual = dateutil.parser.parse(datetime_spec) if datetime_spec is not None else now()
@@ -1265,6 +1301,11 @@ class GroupSingleFactView(MongoAPIView):
     filter_backends = (MongoFilterBackend,)
 
     def get(self, request, *args, **kwargs):
+        # Sanity check: Does the license allow system tracking?
+        if not feature_enabled('system_tracking'):
+            raise LicenseForbids('Your license does not permit use '
+                                 'of system tracking.')
+
         fact_key = request.QUERY_PARAMS.get("fact_key", None)
         fact_value = request.QUERY_PARAMS.get("fact_value", None)
         datetime_spec = request.QUERY_PARAMS.get("timestamp", None)
@@ -1647,6 +1688,13 @@ class JobTemplateSurveySpec(GenericAPIView):
 
     def post(self, request, *args, **kwargs):
         obj = self.get_object()
+
+        # Sanity check: Are surveys available on this license?
+        # If not, do not allow them to be used.
+        if not feature_enabled('surveys'):
+            raise LicenseForbids('Your license does not allow '
+                                 'adding surveys.')
+
         if not request.user.can_access(self.model, 'change', obj, None):
             raise PermissionDenied()
         try: