diff --git a/awx/api/generics.py b/awx/api/generics.py index e17d8b7a06..0f29ef7ca1 100644 --- a/awx/api/generics.py +++ b/awx/api/generics.py @@ -227,7 +227,10 @@ class APIView(views.APIView): if type(response.data) is dict: msg_data['error'] = response.data.get('error', response.status_text) elif type(response.data) is list: - msg_data['error'] = ", ".join(list(map(lambda x: x.get('error', response.status_text), response.data))) + if len(response.data) > 0 and isinstance(response.data[0], str): + msg_data['error'] = str(response.data[0]) + else: + msg_data['error'] = ", ".join(list(map(lambda x: x.get('error', response.status_text), response.data))) else: msg_data['error'] = response.status_text diff --git a/awx/main/tests/functional/dab_rbac/test_dab_rbac_api.py b/awx/main/tests/functional/dab_rbac/test_dab_rbac_api.py index 66df98b07a..4d2f91129e 100644 --- a/awx/main/tests/functional/dab_rbac/test_dab_rbac_api.py +++ b/awx/main/tests/functional/dab_rbac/test_dab_rbac_api.py @@ -2,6 +2,7 @@ import pytest from django.contrib.contenttypes.models import ContentType from django.urls import reverse as django_reverse +from django.test.utils import override_settings from awx.api.versioning import reverse from awx.main.models import JobTemplate, Inventory, Organization @@ -118,3 +119,12 @@ def test_workflow_creation_permissions(setup_managed_roles, organization, workfl org_wf_rd.give_permission(rando, organization) assert access.can_add({'name': 'foo-flow', 'organization': organization.pk}) + + +@pytest.mark.django_db +@override_settings(ALLOW_LOCAL_RESOURCE_MANAGEMENT=False) +def test_team_member_role_not_assignable(team, rando, post, admin_user, setup_managed_roles): + member_rd = RoleDefinition.objects.get(name='Organization Member') + url = django_reverse('roleuserassignment-list') + r = post(url, data={'object_id': team.id, 'role_definition': member_rd.id, 'user': rando.id}, user=admin_user, expect=400) + assert 'Not managed locally' in str(r.data)