External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-01-17 20:51:21 -03:30
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #2313 from wwitzel3/release_3.0.0

Browse Source 
Fixing Credential access issue
This commit is contained in:
Alan Rominger 2016-06-10 10:51:05 -04:00 committed by GitHub
commit 41e231852a
1 changed files with 7 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
awx/main/access.py
View File

@ -586,19 +586,21 @@ class CredentialAccess(BaseAccess):
if organization_pk:
organization_obj = get_object_or_400(Organization, pk=organization_pk)
return check_user_access(self.user, Organization, 'change', organization_obj, None)
return False
@check_superuser
def can_use(self, obj):
return self.user in obj.use_role
@check_superuser
def can_change(self, obj, data):
if self.user in obj.owner_role:
return True
return self.can_add(data)
if data is not None:
keys = data.keys()
if 'user' in keys or 'team' in keys or 'organization' in keys:
if not self.can_add(data):
return False
return self.user in obj.owner_role
def can_delete(self, obj):
# Unassociated credentials may be marked deleted by anyone, though we