External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-01-11 18:09:57 -03:30
Code Issues Packages Projects Releases Wiki Activity

Make sure job starts follow rbac

Browse Source
This commit is contained in:
Matthew Jones 2014-08-06 11:47:03 -04:00
parent 91df59611d
commit bb485c99fe
2 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
awx/api/views.py
View File

@ -1529,6 +1529,8 @@ class JobStart(GenericAPIView):
def post(self, request, *args, **kwargs):
obj = self.get_object()
if not request.user.can_access(self.model, 'start', obj):
raise PermissionDenied()
if obj.can_start:
result = obj.signal_start(**request.DATA)
if not result:

2
awx/main/access.py
View File

@ -1008,7 +1008,7 @@ class JobAccess(BaseAccess):
dep_access = self.user.can_access(Inventory, 'read', obj.inventory) and \
self.user.can_access(Project, 'read', obj.project)
return self.can_read(obj) and obj.can_start and dep_access
return self.can_read(obj) and dep_access
def can_cancel(self, obj):
return self.can_read(obj) and obj.can_cancel