show activity stream entry for system auditor association

2026-05-06 08:57:35 -02:30 · 2018-12-03 14:08:23 -05:00
parent 15ef095366
commit 9c71204435
8 changed files with 92 additions and 40 deletions
--- a/awx/api/serializers.py
+++ b/awx/api/serializers.py
@@ -893,7 +893,7 @@ class UserSerializer(BaseSerializer):

    def get_validation_exclusions(self, obj=None):
        ret = super(UserSerializer, self).get_validation_exclusions(obj)
-        ret.append('password')
+        ret.extend(['password', 'is_system_auditor'])
        return ret

    def validate_password(self, value):
@@ -937,14 +937,20 @@ class UserSerializer(BaseSerializer):

    def create(self, validated_data):
        new_password = validated_data.pop('password', None)
+        is_system_auditor = validated_data.pop('is_system_auditor', None)
        obj = super(UserSerializer, self).create(validated_data)
        self._update_password(obj, new_password)
+        if is_system_auditor is not None:
+            obj.is_system_auditor = is_system_auditor
        return obj

    def update(self, obj, validated_data):
        new_password = validated_data.pop('password', None)
+        is_system_auditor = validated_data.pop('is_system_auditor', None)
        obj = super(UserSerializer, self).update(obj, validated_data)
        self._update_password(obj, new_password)
+        if is_system_auditor is not None:
+            obj.is_system_auditor = is_system_auditor
        return obj

    def get_related(self, obj):
@@ -996,6 +1002,16 @@ class UserSerializer(BaseSerializer):
        return self._validate_ldap_managed_field(value, 'is_superuser')


+class UserActivityStreamSerializer(UserSerializer):
+    """Changes to system auditor status are shown as separate entries,
+    so by excluding it from fields here we avoid duplication, which
+    would carry some unintended consequences.
+    """
+    class Meta:
+        model = User
+        fields = ('*', '-is_system_auditor')
+
+
 class BaseOAuth2TokenSerializer(BaseSerializer):

    refresh_token = serializers.SerializerMethodField()
--- a/awx/api/views/init.py
+++ b/awx/api/views/init.py
@@ -922,21 +922,6 @@ class UserList(ListCreateAPIView):
    serializer_class = serializers.UserSerializer
    permission_classes = (UserPermission,)

-    def post(self, request, *args, **kwargs):
-        ret = super(UserList, self).post( request, *args, **kwargs)
-        try:
-            if request.data.get('is_system_auditor', False):
-                # This is a faux-field that just maps to checking the system
-                # auditor role member list.. unfortunately this means we can't
-                # set it on creation, and thus needs to be set here.
-                user = models.User.objects.get(id=ret.data['id'])
-                user.is_system_auditor = request.data['is_system_auditor']
-                ret.data['is_system_auditor'] = request.data['is_system_auditor']
-        except AttributeError as exc:
-            print(exc)
-            pass
-        return ret
-

 class UserMeList(ListAPIView):