From 6a131f70f0893e51f5f4f7619a2a09e36b2694e7 Mon Sep 17 00:00:00 2001
From: Jeff Bradberry <jeff.bradberry@gmail.com>
Date: Thu, 13 Jan 2022 14:13:17 -0500
Subject: [PATCH 1/3] Require System Admin or Auditor permissions to access the
 mesh visualizer

---
 awx/api/views/mesh_visualizer.py | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/awx/api/views/mesh_visualizer.py b/awx/api/views/mesh_visualizer.py
index 517f8762fb..741239cbfa 100644
--- a/awx/api/views/mesh_visualizer.py
+++ b/awx/api/views/mesh_visualizer.py
@@ -1,17 +1,19 @@
 # Copyright (c) 2018 Red Hat, Inc.
 # All Rights Reserved.
 
-from awx.main.models import InstanceLink, Instance
 from django.utils.translation import ugettext_lazy as _
 
 from awx.api.generics import APIView, Response
-
+from awx.api.permissions import IsSystemAdminOrAuditor
 from awx.api.serializers import InstanceLinkSerializer, InstanceNodeSerializer
+from awx.main.models import InstanceLink, Instance
 
 
 class MeshVisualizer(APIView):
 
     name = _("Mesh Visualizer")
+    permission_classes = (IsSystemAdminOrAuditor,)
+    swagger_topic = "System Configuration"
 
     def get(self, request, format=None):
 

From dea5fd1a9df010e4e61b7ced7cf6077db932be8b Mon Sep 17 00:00:00 2001
From: Jeff Bradberry <jeff.bradberry@gmail.com>
Date: Thu, 13 Jan 2022 14:44:50 -0500
Subject: [PATCH 2/3] Fix a problem with IsSystemAdminOrAuditor for anonymous
 users

It was raising an error, but should really show the message about not
being authenticated.
---
 awx/api/permissions.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/awx/api/permissions.py b/awx/api/permissions.py
index a951928626..bd6328495b 100644
--- a/awx/api/permissions.py
+++ b/awx/api/permissions.py
@@ -243,7 +243,7 @@ class IsSystemAdminOrAuditor(permissions.BasePermission):
     """
 
     def has_permission(self, request, view):
-        if not request.user:
+        if not (request.user and request.user.is_authenticated):
             return False
         if request.method == 'GET':
             return request.user.is_superuser or request.user.is_system_auditor

From 8c33d0ecbd3507e6bf8c406fb1403b82d0f1959e Mon Sep 17 00:00:00 2001
From: Jeff Bradberry <jeff.bradberry@gmail.com>
Date: Thu, 13 Jan 2022 15:01:54 -0500
Subject: [PATCH 3/3] Add the mesh_visualizer resource to awxkit

---
 awx/api/views/root.py                      |  2 +-
 awxkit/awxkit/api/pages/mesh_visualizer.py | 11 +++++++++++
 awxkit/awxkit/api/resources.py             |  1 +
 awxkit/awxkit/cli/resource.py              |  2 +-
 4 files changed, 14 insertions(+), 2 deletions(-)
 create mode 100644 awxkit/awxkit/api/pages/mesh_visualizer.py

diff --git a/awx/api/views/root.py b/awx/api/views/root.py
index 763576cb2f..1f8680a34d 100644
--- a/awx/api/views/root.py
+++ b/awx/api/views/root.py
@@ -123,7 +123,7 @@ class ApiVersionRootView(APIView):
         data['workflow_approvals'] = reverse('api:workflow_approval_list', request=request)
         data['workflow_job_template_nodes'] = reverse('api:workflow_job_template_node_list', request=request)
         data['workflow_job_nodes'] = reverse('api:workflow_job_node_list', request=request)
-        data['mesh_visualizer_view'] = reverse('api:mesh_visualizer_view', request=request)
+        data['mesh_visualizer'] = reverse('api:mesh_visualizer_view', request=request)
         return Response(data)
 
 
diff --git a/awxkit/awxkit/api/pages/mesh_visualizer.py b/awxkit/awxkit/api/pages/mesh_visualizer.py
new file mode 100644
index 0000000000..c5dad782d1
--- /dev/null
+++ b/awxkit/awxkit/api/pages/mesh_visualizer.py
@@ -0,0 +1,11 @@
+from awxkit.api.resources import resources
+from . import base
+from . import page
+
+
+class MeshVisualizer(base.Base):
+
+    pass
+
+
+page.register_page(resources.mesh_visualizer, MeshVisualizer)
diff --git a/awxkit/awxkit/api/resources.py b/awxkit/awxkit/api/resources.py
index 3868eb733d..69222f075f 100644
--- a/awxkit/awxkit/api/resources.py
+++ b/awxkit/awxkit/api/resources.py
@@ -116,6 +116,7 @@ class Resources(object):
     _labels = 'labels/'
     _me = 'me/'
     _metrics = 'metrics/'
+    _mesh_visualizer = 'mesh_visualizer/'
     _notification = r'notifications/\d+/'
     _notification_template = r'notification_templates/\d+/'
     _notification_template_any = r'\w+/\d+/notification_templates_any/\d+/'
diff --git a/awxkit/awxkit/cli/resource.py b/awxkit/awxkit/cli/resource.py
index b4b8a8e2ae..8459e803e4 100644
--- a/awxkit/awxkit/cli/resource.py
+++ b/awxkit/awxkit/cli/resource.py
@@ -11,7 +11,7 @@ from awxkit.cli.format import FORMATTERS, format_response, add_authentication_ar
 from awxkit.cli.utils import CustomRegistryMeta, cprint
 
 
-CONTROL_RESOURCES = ['ping', 'config', 'me', 'metrics']
+CONTROL_RESOURCES = ['ping', 'config', 'me', 'metrics', 'mesh_visualizer']
 
 DEPRECATED_RESOURCES = {
     'ad_hoc_commands': 'ad_hoc',