From 902b1af417232e3ba6c750e981e2371a19888862 Mon Sep 17 00:00:00 2001
From: AlanCoding <arominge@redhat.com>
Date: Wed, 2 May 2018 13:24:57 -0400
Subject: [PATCH] fix access check for wfjt node copy

---
 awx/main/access.py | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/awx/main/access.py b/awx/main/access.py
index ef2577d695..ac257a64ba 100644
--- a/awx/main/access.py
+++ b/awx/main/access.py
@@ -1814,13 +1814,14 @@ class WorkflowJobTemplateAccess(BaseAccess):
             missing_credentials = []
             missing_inventories = []
             qs = obj.workflow_job_template_nodes
-            qs = qs.prefetch_related('unified_job_template', 'inventory__use_role', 'credential__use_role')
+            qs = qs.prefetch_related('unified_job_template', 'inventory__use_role', 'credentials__use_role')
             for node in qs.all():
                 node_errors = {}
                 if node.inventory and self.user not in node.inventory.use_role:
                     missing_inventories.append(node.inventory.name)
-                if node.credential and self.user not in node.credential.use_role:
-                    missing_credentials.append(node.credential.name)
+                for cred in node.credentials.all():
+                    if self.user not in cred.use_role:
+                        missing_credentials.append(node.credential.name)
                 ujt = node.unified_job_template
                 if ujt and not self.user.can_access(UnifiedJobTemplate, 'start', ujt, validate_license=False):
                     missing_ujt.append(ujt.name)