Turn off permissions check bypassing for admins when hitting the execution environment list and detail views.

2026-05-13 04:17:36 -02:30 · 2021-02-22 17:07:43 -05:00
parent 5b2adc89cf
commit b417fc3803
2 changed files with 3 additions and 4 deletions
--- a/awx/main/access.py
+++ b/awx/main/access.py
@@ -1329,13 +1329,10 @@ class ExecutionEnvironmentAccess(BaseAccess):
            Q(organization__isnull=True)
        ).distinct()

+    @check_superuser
    def can_add(self, data):
        if not data:  # So the browseable API will work
            return Organization.accessible_objects(self.user, 'execution_environment_admin_role').exists()
-        if obj.managed_by_tower:
-            raise PermissionDenied
-        if self.user.is_superuser:
-            return True
        return self.check_related('organization', Organization, data, mandatory=True,
                                  role_field='execution_environment_admin_role')