From 04dd1352c98be863c33f331a10d3a8dd35e189ef Mon Sep 17 00:00:00 2001 From: Ryan Petrello Date: Fri, 27 Mar 2020 14:40:49 -0400 Subject: [PATCH] prevent ws group subscription if not specified in the valid format --- awx/main/consumers.py | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/awx/main/consumers.py b/awx/main/consumers.py index 00ffcadbd8..41d60ad1c4 100644 --- a/awx/main/consumers.py +++ b/awx/main/consumers.py @@ -170,11 +170,9 @@ class EventConsumer(AsyncJsonWebsocketConsumer): continue new_groups.add(name) else: - if group_name == settings.BROADCAST_WEBSOCKET_GROUP_NAME: - logger.warn("Non-priveleged client asked to join broadcast group!") - return - - new_groups.add(group_name) + await self.send_json({"error": "access denied to channel"}) + logger.error(f"groups must be a list, not {groups}") + return old_groups = current_groups - new_groups for group_name in old_groups: