Fix an auth issue in the browsable api

Trying to get the object could raise an unhandleable permission error if the user wasn't logged in for certain views
2026-03-06 19:21:06 -03:30 · 2016-11-10 11:45:24 -05:00
parent 5186e7d8b4
commit 1a3d452a2d
1 changed files with 5 additions and 2 deletions
--- a/awx/api/renderers.py
+++ b/awx/api/renderers.py
@@ -44,8 +44,11 @@ class BrowsableAPIRenderer(renderers.BrowsableAPIRenderer):
    def get_rendered_html_form(self, data, view, method, request):
        # Never show auto-generated form (only raw form).
        obj = getattr(view, 'object', None)
-        if obj is None and hasattr(view, 'get_object') and hasattr(view, 'retrieve'):
-            obj = view.get_object()
+        if obj is None and hasattr(view, 'get_object') and hasattr(view, 'retrieve'):# and view.check_permissions():
+            try:
+                obj = view.get_object()
+            except Exception:
+                obj = None
        with override_method(view, request, method) as request:
            if not self.show_form_for_method(view, method, request, obj):
                return