External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-02-28 00:08:44 -03:30
Code Issues Packages Projects Releases Wiki Activity

Fixing CredentialList post access check

Browse Source
This commit is contained in:
Wayne Witzel III
2016-04-26 14:36:22 -04:00
parent 077db7931f
commit 2b589228d3
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
awx/api/views.py
View File

@@ -1225,7 +1225,7 @@ class CredentialList(ListCreateAPIView):
organization = Organization.objects.get(pk=request.data['organization']) organization = Organization.objects.get(pk=request.data['organization'])
obj = organization obj = organization
if self.request.user not in obj.admin_role: if not self.request.user.can_access(type(obj), 'admin', obj, request.data):
raise PermissionDenied() raise PermissionDenied()
ret = super(CredentialList, self).post(request, *args, **kwargs) ret = super(CredentialList, self).post(request, *args, **kwargs)