From 9422e87f00595adf4a16d25ce738d90ca2cebbc3 Mon Sep 17 00:00:00 2001
From: AlanCoding <arominge@redhat.com>
Date: Thu, 5 Jan 2017 15:42:08 -0500
Subject: [PATCH] simplify schedule execute_role editing rule

---
 awx/main/access.py | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/awx/main/access.py b/awx/main/access.py
index 117ed853ce..2026e8589d 100644
--- a/awx/main/access.py
+++ b/awx/main/access.py
@@ -1918,10 +1918,10 @@ class ScheduleAccess(BaseAccess):
     def can_change(self, obj, data):
         if self.check_related('unified_job_template', UnifiedJobTemplate, data, obj=obj, mandatory=True):
             return True
-        if ('unified_job_template' in data and data['unified_job_template'] != obj.pk) or obj.created_by_id != self.user.id:
-            return False
         # Users with execute role can modify the schedules they created
-        return self.check_related('unified_job_template', UnifiedJobTemplate, data, obj=obj, role_field='execute_role')
+        return (
+            obj.created_by == self.user and
+            self.check_related('unified_job_template', UnifiedJobTemplate, data, obj=obj, role_field='execute_role', mandatory=True))
 
 
     def can_delete(self, obj):