External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-03-18 17:37:30 -02:30
Code Issues Packages Projects Releases Wiki Activity

More is_system_auditor checks in views.py

Browse Source
This commit is contained in:
Akita Noek
2016-07-11 14:28:26 -04:00
parent 134b60dbed
commit 6de5cceb8f
1 changed files with 3 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
awx/api/views.py
View File

@@ -1401,7 +1401,7 @@ class OrganizationCredentialList(SubListCreateAPIView):
user_visible = Credential.accessible_objects(self.request.user, 'read_role').all() user_visible = Credential.accessible_objects(self.request.user, 'read_role').all()
org_set = Credential.accessible_objects(organization.admin_role, 'read_role').all() org_set = Credential.accessible_objects(organization.admin_role, 'read_role').all()
if self.request.user.is_superuser: if self.request.user.is_superuser or self.request.user.is_system_auditor:
return org_set return org_set
return org_set & user_visible return org_set & user_visible
@@ -2591,7 +2591,7 @@ class SystemJobTemplateList(ListAPIView):
serializer_class = SystemJobTemplateSerializer serializer_class = SystemJobTemplateSerializer
def get(self, request, *args, **kwargs): def get(self, request, *args, **kwargs):
if not request.user.is_superuser: if not request.user.is_superuser and not request.user.is_system_auditor:
raise PermissionDenied("Superuser privileges needed.") raise PermissionDenied("Superuser privileges needed.")
return super(SystemJobTemplateList, self).get(request, *args, **kwargs) return super(SystemJobTemplateList, self).get(request, *args, **kwargs)
@@ -3321,7 +3321,7 @@ class SystemJobList(ListCreateAPIView):
serializer_class = SystemJobListSerializer serializer_class = SystemJobListSerializer
def get(self, request, *args, **kwargs): def get(self, request, *args, **kwargs):
if not request.user.is_superuser: if not request.user.is_superuser and not request.user.is_system_auditor:
raise PermissionDenied("Superuser privileges needed.") raise PermissionDenied("Superuser privileges needed.")
return super(SystemJobList, self).get(request, *args, **kwargs) return super(SystemJobList, self).get(request, *args, **kwargs)
@@ -3625,8 +3625,6 @@ class RoleList(ListAPIView):
new_in_300 = True new_in_300 = True
def get_queryset(self): def get_queryset(self):
if self.request.user.is_superuser:
return Role.objects.all()
return Role.visible_roles(self.request.user) return Role.visible_roles(self.request.user)