External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-02-21 05:00:07 -03:30
Code Issues Packages Projects Releases Wiki Activity

Allow use of role_level filter in UJT list

Browse Source
This commit is contained in:
AlanCoding
2018-10-02 13:40:59 -04:00
committed by Marliana Lara
parent e225489f43
commit 4428dbf1ff
1 changed files with 5 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
awx/api/filters.py
View File

@@ -25,7 +25,6 @@ from rest_framework.filters import BaseFilterBackend
from awx.main.utils import get_type_for_model, to_python_boolean from awx.main.utils import get_type_for_model, to_python_boolean
from awx.main.utils.db import get_all_field_names from awx.main.utils.db import get_all_field_names
from awx.main.models.credential import CredentialType from awx.main.models.credential import CredentialType
from awx.main.models.rbac import RoleAncestorEntry
class V1CredentialFilterBackend(BaseFilterBackend): class V1CredentialFilterBackend(BaseFilterBackend):
@@ -347,12 +346,12 @@ class FieldLookupBackend(BaseFilterBackend):
else: else:
args.append(Q(**{k:v})) args.append(Q(**{k:v}))
for role_name in role_filters: for role_name in role_filters:
if not hasattr(queryset.model, 'accessible_pk_qs'):
raise ParseError(_(
'Cannot apply role_level filter to this list because its model '
'does not use roles for access control.'))
args.append( args.append(
Q(pk__in=RoleAncestorEntry.objects.filter( Q(pk__in=queryset.model.accessible_pk_qs(request.user, role_name))
ancestor__in=request.user.roles.all(),
content_type_id=ContentType.objects.get_for_model(queryset.model).id,
role_field=role_name
).values_list('object_id').distinct())
) )
if or_filters: if or_filters:
q = Q() q = Q()