From b5ca6b891b20801dd18bfb204efa069480b4e7e9 Mon Sep 17 00:00:00 2001 From: Wayne Witzel III Date: Fri, 18 Mar 2016 10:28:38 -0400 Subject: [PATCH] Implements issue #1061, allow org admins (or higher) job delete --- awx/main/access.py | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/awx/main/access.py b/awx/main/access.py index 9d67dd5295..6a5c4c10ca 100644 --- a/awx/main/access.py +++ b/awx/main/access.py @@ -883,7 +883,10 @@ class JobAccess(BaseAccess): return obj.status == 'new' and self.can_read(obj) and self.can_add(data) def can_delete(self, obj): - return self.can_read(obj) + # Allow org admins and superusers to delete jobs + if self.user.is_superuser: + return True + return obj.inventory.accessible_by(self.user, ALL_PERMISSIONS) def can_start(self, obj): self.check_license()