From 81c3ae44704e42fd2c1dad4d2775e7ccdf92cd90 Mon Sep 17 00:00:00 2001
From: AlanCoding <arominger@ansible.com>
Date: Wed, 15 Jun 2016 08:17:00 -0400
Subject: [PATCH] change inventory can_change to require admin role

---
 awx/main/access.py | 10 +---------
 1 file changed, 1 insertion(+), 9 deletions(-)

diff --git a/awx/main/access.py b/awx/main/access.py
index 16ca67a79a..49e4b4158a 100644
--- a/awx/main/access.py
+++ b/awx/main/access.py
@@ -354,15 +354,7 @@ class InventoryAccess(BaseAccess):
 
     @check_superuser
     def can_change(self, obj, data):
-        # Verify that the user has access to the new organization if moving an
-        # inventory to a new organization.
-        org_pk = get_pk_from_dict(data, 'organization')
-        if obj and org_pk and obj.organization.pk != org_pk:
-            org = get_object_or_400(Organization, pk=org_pk)
-            if self.user not in org.admin_role:
-                return False
-        # Otherwise, just check for write permission.
-        return self.user in obj.update_role
+        return self.can_admin(obj, data)
 
     @check_superuser
     def can_admin(self, obj, data):