External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-04-10 20:49:24 -02:30
Code Issues Packages Projects Releases Wiki Activity

change inventory can_change to require admin role

Browse Source
This commit is contained in:
AlanCoding
2016-06-15 08:17:00 -04:00
parent 716ae49947
commit 81c3ae4470
1 changed files with 1 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
awx/main/access.py
View File

@@ -354,15 +354,7 @@ class InventoryAccess(BaseAccess):
@check_superuser @check_superuser
def can_change(self, obj, data): def can_change(self, obj, data):
# Verify that the user has access to the new organization if moving an return self.can_admin(obj, data)
# inventory to a new organization.
org_pk = get_pk_from_dict(data, 'organization')
if obj and org_pk and obj.organization.pk != org_pk:
org = get_object_or_400(Organization, pk=org_pk)
if self.user not in org.admin_role:
return False
# Otherwise, just check for write permission.
return self.user in obj.update_role
@check_superuser @check_superuser
def can_admin(self, obj, data): def can_admin(self, obj, data):