External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-06-24 08:07:47 -02:30
Code Issues Packages Projects Releases Wiki Activity

Generalize can_delete solution, use devel DAB (#15009)

Browse Source 
* Generalize can_delete solution, use devel DAB

* Fix bug where model was used instead of model_name

* Linter fixes
This commit is contained in:
Alan Rominger
2024-03-19 13:29:34 -04:00
parent 733478ee19
commit 2f3c9122fd
4 changed files with 8 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
awx/main/access.py
View File

@@ -23,6 +23,7 @@ from awx.main.models.oauth import OAuth2Application, OAuth2AccessToken
# django-ansible-base
from ansible_base.lib.utils.validation import to_python_boolean
from ansible_base.rbac.models import RoleEvaluation
from ansible_base.rbac import permission_registry
# AWX
from awx.main.utils import (
@@ -264,7 +265,11 @@ class BaseAccess(object):
return self.can_change(obj, data)
def can_delete(self, obj):
return self.user.has_obj_perm(obj, 'delete')
if self.user.is_superuser:
return True
if obj._meta.model_name in [cls._meta.model_name for cls in permission_registry.all_registered_models]:
return self.user.has_obj_perm(obj, 'delete')
return False
def can_copy(self, obj):
return self.can_add({'reference_obj': obj})
@@ -2940,9 +2945,6 @@ class WorkflowApprovalAccess(BaseAccess):
if (obj.workflow_job_template and self.user in obj.workflow_job_template.approval_role) or self.user.is_superuser:
return True
def can_delete(self, obj):
return self.user.is_superuser # Not really supposed to be done
class WorkflowApprovalTemplateAccess(BaseAccess):
"""