Fix serializers of unified_jobs & ad_hoc_commands to avoid special exceptions

awx/api/serializers.py

@@ -375,7 +375,10 @@ class BaseSerializer(serializers.ModelSerializer):
                                         isinstance(obj, Project)):
                     continue
 
-                fkval = getattr(obj, fk, None)
+                try:
+                    fkval = getattr(obj, fk, None)
+                except ObjectDoesNotExist:
+                    continue
                 if fkval is None:
                     continue
                 if fkval == obj:
@@ -3430,10 +3433,10 @@ class AdHocCommandSerializer(UnifiedJobSerializer):
 
     def get_related(self, obj):
         res = super(AdHocCommandSerializer, self).get_related(obj)
-        if obj.inventory:
+        if obj.inventory_id:
-            res['inventory'] = self.reverse('api:inventory_detail', kwargs={'pk': obj.inventory.pk})
+            res['inventory'] = self.reverse('api:inventory_detail', kwargs={'pk': obj.inventory_id})
-        if obj.credential:
+        if obj.credential_id:
-            res['credential'] = self.reverse('api:credential_detail', kwargs={'pk': obj.credential.pk})
+            res['credential'] = self.reverse('api:credential_detail', kwargs={'pk': obj.credential_id})
         res.update(dict(
             events  = self.reverse('api:ad_hoc_command_ad_hoc_command_events_list', kwargs={'pk': obj.pk}),
             activity_stream = self.reverse('api:ad_hoc_command_activity_stream_list', kwargs={'pk': obj.pk}),
@@ -3445,9 +3448,9 @@ class AdHocCommandSerializer(UnifiedJobSerializer):
 
     def to_representation(self, obj):
         ret = super(AdHocCommandSerializer, self).to_representation(obj)
-        if 'inventory' in ret and not obj.inventory:
+        if 'inventory' in ret and not obj.inventory_id:
             ret['inventory'] = None
-        if 'credential' in ret and not obj.credential:
+        if 'credential' in ret and not obj.credential_id:
             ret['credential'] = None
         # For the UI, only module_name is returned for name, instead of the
         # longer module name + module_args format.

awx/main/access.py

@@ -391,21 +391,24 @@ class BaseAccess(object):
         return user_capabilities
 
     def get_method_capability(self, method, obj, parent_obj):
-        if method in ['change']: # 3 args
+        try:
-            return self.can_change(obj, {})
+            if method in ['change']: # 3 args
-        elif method in ['delete', 'run_ad_hoc_commands', 'copy']:
+                return self.can_change(obj, {})
-            access_method = getattr(self, "can_%s" % method)
+            elif method in ['delete', 'run_ad_hoc_commands', 'copy']:
-            return access_method(obj)
+                access_method = getattr(self, "can_%s" % method)
-        elif method in ['start']:
+                return access_method(obj)
-            return self.can_start(obj, validate_license=False)
+            elif method in ['start']:
-        elif method in ['attach', 'unattach']: # parent/sub-object call
+                return self.can_start(obj, validate_license=False)
-            access_method = getattr(self, "can_%s" % method)
+            elif method in ['attach', 'unattach']: # parent/sub-object call
-            if type(parent_obj) == Team:
+                access_method = getattr(self, "can_%s" % method)
-                relationship = 'parents'
+                if type(parent_obj) == Team:
-                parent_obj = parent_obj.member_role
+                    relationship = 'parents'
-            else:
+                    parent_obj = parent_obj.member_role
-                relationship = 'members'
+                else:
-            return access_method(obj, parent_obj, relationship, skip_sub_obj_read_check=True, data={})
+                    relationship = 'members'
+                return access_method(obj, parent_obj, relationship, skip_sub_obj_read_check=True, data={})
+        except (ParseError, ObjectDoesNotExist):
+            return False
         return False