External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-04-10 20:49:24 -02:30
Code Issues Packages Projects Releases Wiki Activity

SCM inventory acceptance and bug updates

Browse Source 
* fixed a problem where the SCM last revision was not getting reset
* change the 400 editing error to just reset the last revision
* handle `source_vars` in the same way as custom scripts
* block unallowed `source_vars` in the validator
* hide POST in OPTIONS for inventory source sublist if not allowed
This commit is contained in:
AlanCoding
2017-05-11 10:07:14 -04:00
parent 55c2f5a2d6
commit 97ca6bc897
10 changed files with 136 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
awx/main/access.py
View File

@@ -376,8 +376,6 @@ class BaseAccess(object):
return access_method(obj)
elif method in ['start']:
return self.can_start(obj, validate_license=False)
elif method in ['add']: # 2 args with data
return self.can_add({})
elif method in ['attach', 'unattach']: # parent/sub-object call
access_method = getattr(self, "can_%s" % method)
if type(parent_obj) == Team:
@@ -739,21 +737,25 @@ class InventorySourceAccess(BaseAccess):
else:
return False
@check_superuser
def can_add(self, data):
if not data or 'inventory' not in data:
return False
if not self.check_related('source_project', Project, data, role_field='admin_role'):
if not self.check_related('source_project', Project, data, role_field='use_role'):
return False
# Checks for admin or change permission on inventory.
return self.check_related('inventory', Inventory, data)
return (
self.check_related('inventory', Inventory, data) and
not InventorySource.objects.filter(
inventory=data.get('inventory'),
update_on_project_update=True, source='scm').exists())
def can_change(self, obj, data):
# Checks for admin or change permission on group.
if obj and obj.inventory:
return (
self.user.can_access(Inventory, 'change', obj.inventory, None) and
self.check_related('credential', Credential, data, obj=obj, role_field='use_role')
self.check_related('credential', Credential, data, obj=obj, role_field='use_role') and
self.check_related('source_project', Project, data, obj=obj, role_field='use_role')
)
# Can't change inventory sources attached to only the inventory, since
# these are created automatically from the management command.