External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-05-06 08:57:35 -02:30
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #2416 from AlanCoding/2409_inv_update_permission

Browse Source 
Require admin role to edit inventory
This commit is contained in:
Alan Rominger
2016-06-16 13:02:45 -04:00
committed by GitHub
parent de4f053212 81c3ae4470
commit c15b5f54f8
1 changed files with 1 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
awx/main/access.py
View File

@@ -354,15 +354,7 @@ class InventoryAccess(BaseAccess):
@check_superuser @check_superuser
def can_change(self, obj, data): def can_change(self, obj, data):
# Verify that the user has access to the new organization if moving an return self.can_admin(obj, data)
# inventory to a new organization.
org_pk = get_pk_from_dict(data, 'organization')
if obj and org_pk and obj.organization.pk != org_pk:
org = get_object_or_400(Organization, pk=org_pk)
if self.user not in org.admin_role:
return False
# Otherwise, just check for write permission.
return self.user in obj.update_role
@check_superuser @check_superuser
def can_admin(self, obj, data): def can_admin(self, obj, data):