External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-03-11 06:29:31 -02:30
Code Issues Packages Projects Releases Wiki Activity

Add Inventory Admin role

Browse Source
This commit is contained in:
Wayne Witzel III
2018-01-26 15:27:19 +00:00
parent e7e83afd00
commit 6c951aa883
3 changed files with 5 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
awx/main/access.py
View File

@@ -641,9 +641,9 @@ class InventoryAccess(BaseAccess):
def can_add(self, data): def can_add(self, data):
# If no data is specified, just checking for generic add permission? # If no data is specified, just checking for generic add permission?
if not data: if not data:
return Organization.accessible_objects(self.user, 'admin_role').exists() return Organization.accessible_objects(self.user, 'inventory_admin_role').exists()
return self.check_related('organization', Organization, data) return self.check_related('organization', Organization, data, role_field='inventory_admin_role')
@check_superuser @check_superuser
def can_change(self, obj, data): def can_change(self, obj, data):

2
awx/main/models/inventory.py
View File

@@ -132,7 +132,7 @@ class Inventory(CommonModelNameNotUnique, ResourceMixin):
blank=True, blank=True,
) )
admin_role = ImplicitRoleField( admin_role = ImplicitRoleField(
parent_role='organization.admin_role', parent_role='organization.inventory_admin_role',
) )
update_role = ImplicitRoleField( update_role = ImplicitRoleField(
parent_role='admin_role', parent_role='admin_role',

2
awx/main/models/rbac.py
View File

@@ -38,6 +38,7 @@ role_names = {
'adhoc_role' : _('Ad Hoc'), 'adhoc_role' : _('Ad Hoc'),
'admin_role' : _('Admin'), 'admin_role' : _('Admin'),
'project_admin_role' : _('Project Admin'), 'project_admin_role' : _('Project Admin'),
'inventory_admin_role' : _('Inventory Admin'),
'auditor_role' : _('Auditor'), 'auditor_role' : _('Auditor'),
'execute_role' : _('Execute'), 'execute_role' : _('Execute'),
'member_role' : _('Member'), 'member_role' : _('Member'),
@@ -52,6 +53,7 @@ role_descriptions = {
'adhoc_role' : _('May run ad hoc commands on an inventory'), 'adhoc_role' : _('May run ad hoc commands on an inventory'),
'admin_role' : _('Can manage all aspects of the %s'), 'admin_role' : _('Can manage all aspects of the %s'),
'project_admin_role' : _('Can manage all projects of the %s'), 'project_admin_role' : _('Can manage all projects of the %s'),
'inventory_admin_role' : _('Can manage all inventories of the %s'),
'auditor_role' : _('Can view all settings for the %s'), 'auditor_role' : _('Can view all settings for the %s'),
'execute_role' : _('May run the %s'), 'execute_role' : _('May run the %s'),
'member_role' : _('User is a member of the %s'), 'member_role' : _('User is a member of the %s'),