diff --git a/awx/api/urls/job_template.py b/awx/api/urls/job_template.py index 18305984bf..77252eb7e3 100644 --- a/awx/api/urls/job_template.py +++ b/awx/api/urls/job_template.py @@ -3,7 +3,6 @@ from django.conf.urls import include, url -from awx.main.models import JobTemplate from awx.api.views import ( JobTemplateList, JobTemplateDetail, @@ -46,7 +45,7 @@ urls = [ url(r'^(?P[0-9]+)/object_roles/$', JobTemplateObjectRolesList.as_view(), name='job_template_object_roles_list'), url(r'^(?P[0-9]+)/labels/$', JobTemplateLabelList.as_view(), name='job_template_label_list'), url(r'^(?P[0-9]+)/copy/$', JobTemplateCopy.as_view(), name='job_template_copy'), - url(r'^(?P[0-9]+)/', include('awx.api.urls.webhooks'), {'model_kwarg': 'job_templates', 'model': JobTemplate}), + url(r'^(?P[0-9]+)/', include('awx.api.urls.webhooks'), {'model_kwarg': 'job_templates'}), ] __all__ = ['urls'] diff --git a/awx/api/urls/workflow_job_template.py b/awx/api/urls/workflow_job_template.py index 6d8608e6c1..b9deda499a 100644 --- a/awx/api/urls/workflow_job_template.py +++ b/awx/api/urls/workflow_job_template.py @@ -3,7 +3,6 @@ from django.conf.urls import include, url -from awx.main.models import WorkflowJobTemplate from awx.api.views import ( WorkflowJobTemplateList, WorkflowJobTemplateDetail, @@ -45,7 +44,7 @@ urls = [ url(r'^(?P[0-9]+)/access_list/$', WorkflowJobTemplateAccessList.as_view(), name='workflow_job_template_access_list'), url(r'^(?P[0-9]+)/object_roles/$', WorkflowJobTemplateObjectRolesList.as_view(), name='workflow_job_template_object_roles_list'), url(r'^(?P[0-9]+)/labels/$', WorkflowJobTemplateLabelList.as_view(), name='workflow_job_template_label_list'), - url(r'^(?P[0-9]+)/', include('awx.api.urls.webhooks'), {'model_kwarg': 'workflow_job_templates', 'model': WorkflowJobTemplate}), + url(r'^(?P[0-9]+)/', include('awx.api.urls.webhooks'), {'model_kwarg': 'workflow_job_templates'}), ] __all__ = ['urls'] diff --git a/awx/api/views/webhooks.py b/awx/api/views/webhooks.py index e9a7c7bbd3..25fb4b56bb 100644 --- a/awx/api/views/webhooks.py +++ b/awx/api/views/webhooks.py @@ -11,6 +11,7 @@ from rest_framework.response import Response from awx.api import serializers from awx.api.generics import APIView, GenericAPIView from awx.api.permissions import WebhookKeyPermission +from awx.main.models import JobTemplate, WorkflowJobTemplate # NOTE: The model class attribute for these views must be added # dynamically when including urls/webhooks.py @@ -20,6 +21,15 @@ class WebhookKeyView(GenericAPIView): serializer_class = serializers.EmptySerializer permission_classes = (WebhookKeyPermission,) + def get_queryset(self): + qs_models = { + 'job_templates': JobTemplate, + 'workflow_job_templates': WorkflowJobTemplate, + } + self.model = qs_models.get(self.kwargs['model_kwarg']) + + return super().get_queryset() + def get(self, request, *args, **kwargs): obj = self.get_object() @@ -41,7 +51,15 @@ class WebhookReceiverBase(APIView): return super().dispatch(*args, **kwargs) def get_queryset(self): - return self.model.objects.filter(webhook_service=self.service) + qs_models = { + 'job_templates': JobTemplate, + 'workflow_job_templates': WorkflowJobTemplate, + } + model = qs_models.get(self.kwargs['model_kwarg']) + if model is None: + raise PermissionDenied + + return model.objects.filter(webhook_service=self.service) def get_object(self): queryset = self.get_queryset()