External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-05-08 01:47:35 -02:30
Code Issues Packages Projects Releases Wiki Activity

more organization of access method preprocessing

Browse Source
This commit is contained in:
AlanCoding
2016-08-29 16:57:30 -04:00
parent 23791cb91e
commit 381e8aacdd
2 changed files with 33 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
awx/main/access.py
View File

@@ -222,6 +222,7 @@ class BaseAccess(object):
def get_user_capabilities(self, obj, method_list=['edit', 'delete']): def get_user_capabilities(self, obj, method_list=['edit', 'delete']):
user_capabilities = {} user_capabilities = {}
# TODO: pull data from the custom cache, which won't be exactly like this
# if hasattr(obj, 'get_can_edit'): # if hasattr(obj, 'get_can_edit'):
# user_capabilities['change'] = obj.get_can_edit(self.user) # user_capabilities['change'] = obj.get_can_edit(self.user)
# elif hasattr(obj, 'can_edit'): # elif hasattr(obj, 'can_edit'):
@@ -242,31 +243,35 @@ class BaseAccess(object):
elif display_method == 'schedule' and 'edit' in user_capabilities: elif display_method == 'schedule' and 'edit' in user_capabilities:
user_capabilities['schedule'] = user_capabilities['edit'] user_capabilities['schedule'] = user_capabilities['edit']
continue continue
elif display_method == 'delete' and not isinstance(obj, User):
user_capabilities['delete'] = user_capabilities['edit']
continue
else: else:
method = display_method method = display_method
# Build the fields used for the calculation # Preprocessing before the access method is called
data = None data = None
sub_obj = None sub_obj = None
if method == 'add': if method == 'add':
data = {} data = {}
try: if isinstance(obj, (Group, Host)):
if isinstance(obj, (Group, Host)): if method == 'start':
if method == 'start': if obj.inventory_source:
if obj.inventory_source: obj = obj.inventory_source
obj = obj.inventory_source
else:
user_capabilities[method] = False
continue
else: else:
obj = obj.inventory user_capabilities[method] = False
if isinstance(obj, JobTemplate): continue
data = {'reference_obj': obj} else:
obj = obj.inventory
if isinstance(obj, JobTemplate):
data = {'reference_obj': obj}
if data is not None: # 3 args try:
if method in ['change', 'start', 'delete']: # 3 args
user_capabilities[display_method] = self.user.can_access(type(obj), method, obj, data) user_capabilities[display_method] = self.user.can_access(type(obj), method, obj, data)
else: # 2 args elif method == 'add': # 2 args
user_capabilities[display_method] = self.user.can_access(type(obj), method, obj) user_capabilities[display_method] = self.user.can_access(type(obj), method, obj)

14
awx/main/tests/functional/api/test_adding_options.py Normal file
View File

@@ -0,0 +1,14 @@
import pytest
from django.core.urlresolvers import reverse
@pytest.fixture
def test_inventory_group_add(inventory, alice, bob, options):
inventory.admin_role.add(alice)
response = options(reverse('api:inventory_detail', args=[inventory.pk]), alice)
print ' resp: ' + str(response.data)
assert 'POST' in response.data
inventory.read_role.add(bob)