Filter out a users own Admin Role from their roles list

As per a UI request, we don't want to show the implicitly defined 'admin_role' roles that get created for every user so they can manage themselves. These roles exist for every user, and the only members of those roles are the users themselves, so it's a pretty boring role. We also don't want to allow for anyone to be removed from their own admin role, so hiding this is probably a good thing all around to avoid confusion and clutter. Fixes #1689
2026-01-17 12:41:19 -03:30 · 2016-05-03 13:52:34 -04:00 · 2016-05-03 13:52:34 -04:00 · 1f49b475bd
commit 1f49b475bd
parent e237648f4c
1 changed files with 5 additions and 1 deletions
--- a/awx/api/views.py
+++ b/awx/api/views.py
@ -30,6 +30,8 @@ from django.views.decorators.csrf import csrf_exempt
 from django.template.loader import render_to_string
 from django.core.servers.basehttp import FileWrapper
 from django.http import HttpResponse
+from django.contrib.contenttypes.models import ContentType
+

 # Django REST Framework
 from rest_framework.exceptions import PermissionDenied, ParseError
@ -1100,7 +1102,9 @@ class UserRolesList(SubListCreateAttachDetachAPIView):
        u = get_object_or_404(User, pk=self.kwargs['pk'])
        if not self.request.user.can_access(User, 'read', u):
            raise PermissionDenied()
-        return Role.filter_visible_roles(self.request.user, u.roles.all())
+        content_type = ContentType.objects.get_for_model(User)
+        return Role.filter_visible_roles(self.request.user, u.roles.all()) \
+                   .exclude(content_type=content_type, object_id=u.id)

    def post(self, request, *args, **kwargs):
        # Forbid implicit role creation here