External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-03-25 21:05:03 -02:30
Code Issues Packages Projects Releases Wiki Activity

enforce Organization ownership of Galaxy credentials

Browse Source
This commit is contained in:
Ryan Petrello
2020-08-04 17:29:44 -04:00
parent 25a9a9c3ba
commit 1b4dd7c783
1 changed files with 19 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
awx/api/serializers.py
View File

@@ -2611,6 +2611,17 @@ class CredentialSerializer(BaseSerializer):
ret.remove(field) ret.remove(field)
return ret return ret
def validate_organization(self, org):
if (
self.instance and
self.instance.credential_type.kind == 'galaxy' and
org is None
):
raise serializers.ValidationError(_(
"Galaxy credentials must be owned by an Organization."
))
return org
def validate_credential_type(self, credential_type): def validate_credential_type(self, credential_type):
if self.instance and credential_type.pk != self.instance.credential_type.pk: if self.instance and credential_type.pk != self.instance.credential_type.pk:
for related_objects in ( for related_objects in (
@@ -2675,6 +2686,14 @@ class CredentialSerializerCreate(CredentialSerializer):
if attrs.get('team'): if attrs.get('team'):
attrs['organization'] = attrs['team'].organization attrs['organization'] = attrs['team'].organization
if (
attrs['credential_type'].kind == 'galaxy' and
list(owner_fields) != ['organization']
):
raise serializers.ValidationError({"organization": _(
"Galaxy credentials must be owned by an Organization."
)})
return super(CredentialSerializerCreate, self).validate(attrs) return super(CredentialSerializerCreate, self).validate(attrs)
def create(self, validated_data): def create(self, validated_data):