Moved access control from credential add view to access.py

as it should have always been. This messes up being able to post to api/v1/users/:n/credentials and api/v1/teams/:n/credentials without specifyign the user/team id in the post body, but looking at the old code it looks like this might have always been the case, so whatevs.. This fixes a old v new access.py test "failure", and is better anyways..
2026-03-17 00:47:29 -02:30 · 2016-04-29 17:27:14 -04:00
parent 1bf4fdbff1
commit 29b55fa04d
3 changed files with 25 additions and 10 deletions
--- a/awx/main/tests/functional/api/test_credential.py
+++ b/awx/main/tests/functional/api/test_credential.py
@@ -24,6 +24,7 @@ def test_create_user_credential_via_credentials_list(post, get, alice):
@pytest.mark.django_db
 def test_create_user_credential_via_user_credentials_list(post, get, alice):
    response = post(reverse('api:user_credentials_list', args=(alice.pk,)), {
+        'user': alice.pk,
        'name': 'Some name',
        'username': 'someusername',
    }, alice)
@@ -45,6 +46,7 @@ def test_create_user_credential_via_credentials_list_xfail(post, alice, bob):
@pytest.mark.django_db
 def test_create_user_credential_via_user_credentials_list_xfail(post, alice, bob):
    response = post(reverse('api:user_credentials_list', args=(bob.pk,)), {
+        'user': bob.pk,
        'name': 'Some name',
        'username': 'someusername'
    }, alice)
@@ -71,6 +73,7 @@ def test_create_team_credential(post, get, team, org_admin, team_member):
@pytest.mark.django_db
 def test_create_team_credential_via_team_credentials_list(post, get, team, org_admin, team_member):
    response = post(reverse('api:team_credentials_list', args=(team.pk,)), {
+        'team': team.pk,
        'name': 'Some name',
        'username': 'someusername',
    }, org_admin)