External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-04-19 00:40:18 -02:30
Code Issues Packages Projects Releases Wiki Activity

Restrict edit permissions on the Organization.max_hosts field to superusers

Browse Source
This commit is contained in:
Jeff Bradberry
2019-02-20 10:50:28 -05:00
parent 3312ebcb05
commit 97cc467ae1
2 changed files with 38 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
awx/api/serializers.py
View File

@@ -1265,6 +1265,20 @@ class OrganizationSerializer(BaseSerializer):
summary_dict['related_field_counts'] = counts_dict[obj.id]
return summary_dict
def validate(self, attrs):
obj = self.instance
view = self.context['view']
obj_limit = getattr(obj, 'max_hosts', None)
api_limit = attrs.get('max_hosts')
if not view.request.user.is_superuser:
if api_limit is not None and api_limit != obj_limit:
# Only allow superusers to edit the max_hosts field
raise serializers.ValidationError(_('Cannot change max_hosts.'))
return super(OrganizationSerializer, self).validate(attrs)
class ProjectOptionsSerializer(BaseSerializer):