External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-02-20 12:40:06 -03:30
Code Issues Packages Projects Releases Wiki Activity

Purge old super user check decorator in favor of using RBAC. Update

Browse Source 
unit tests
This commit is contained in:
Matthew Jones
2015-01-19 13:54:49 -05:00
parent 6cb7f911b7
commit 4ce0fc4eb4
4 changed files with 23 additions and 39 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
awx/main/access.py
View File

@@ -183,10 +183,16 @@ class UserAccess(BaseAccess):
).distinct()
def can_add(self, data):
if data is not None and 'is_superuser' in data:
if bool(data['is_superuser']) and not self.user.is_superuser:
return False
return bool(self.user.is_superuser or
self.user.admin_of_organizations.filter(active=True).exists())
def can_change(self, obj, data):
if data is not None and 'is_superuser' in data:
if bool(data['is_superuser']) and not self.user.is_superuser:
return False
# A user can be changed if they are themselves, or by org admins or
# superusers. Change permission implies changing only certain fields
# that a user should be able to edit for themselves.