From b34adcb10d2c25f1091ed0923b030b5565e42e16 Mon Sep 17 00:00:00 2001 From: Ryan Petrello Date: Thu, 3 Aug 2017 16:37:49 -0400 Subject: [PATCH] add special case read-only support for isolated public/private keys We recently made AWX_ISOLATED_PRIVATE_KEY and AWX_ISOLATED_PUBLIC_KEY read-only so that they're not inadvertently modified and/or deleted (which would cause isolated task execution to break). Tower's notion of a read-only setting, though, is really more like "hard-coded in a .py file". What we really need is support for settings that are not user configurable/changeable, but that we still want to display to users from the DB. In leiu of a complicated change to `awx.conf.settings`, this change provides special support to these two settings so they behave in the manner we expect. see: https://github.com/ansible/ansible-tower/issues/7375 --- awx/conf/settings.py | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/awx/conf/settings.py b/awx/conf/settings.py index 57bd9b26fe..89bfa0660a 100644 --- a/awx/conf/settings.py +++ b/awx/conf/settings.py @@ -293,7 +293,12 @@ class SettingsWrapper(UserSettingsHolder): field = self.registry.get_setting_field(name) if value is empty: setting = None - if not field.read_only: + if not field.read_only or name in ( + # these two values are read-only - however - we *do* want + # to fetch their value from the database + 'AWX_ISOLATED_PRIVATE_KEY', + 'AWX_ISOLATED_PUBLIC_KEY', + ): setting = Setting.objects.filter(key=name, user__isnull=True).order_by('pk').first() if setting: if getattr(field, 'encrypted', False):