add credential owner endpoints

2026-01-13 19:10:07 -03:30 · 2016-06-09 13:34:32 -04:00 · 2016-06-09 13:34:32 -04:00 · ccc510110d
commit ccc510110d
parent 8319877a43
3 changed files with 49 additions and 2 deletions
--- a/awx/api/serializers.py
+++ b/awx/api/serializers.py
@ -1612,8 +1612,6 @@ class ResourceAccessListElementSerializer(UserSerializer):
        return ret


-
-
 class CredentialSerializer(BaseSerializer):

    # FIXME: may want to make some fields filtered based on user accessing
@ -1641,6 +1639,9 @@ class CredentialSerializer(BaseSerializer):
            activity_stream = reverse('api:credential_activity_stream_list', args=(obj.pk,)),
            access_list = reverse('api:credential_access_list', args=(obj.pk,)),
            object_roles = reverse('api:credential_object_roles_list', args=(obj.pk,)),
+            owner_users = reverse('api:credential_owner_users_list', args=(obj.pk,)),
+            owner_teams = reverse('api:credential_owner_teams_list', args=(obj.pk,)),
+            owner_organizations = reverse('api:credential_owner_organizations_list', args=(obj.pk,)),
        ))

        parents = obj.owner_role.parents.exclude(object_id__isnull=True)
--- a/awx/api/urls.py
+++ b/awx/api/urls.py
@ -166,6 +166,9 @@ credential_urls = patterns('awx.api.views',
    url(r'^(?P<pk>[0-9]+)/$',                           'credential_detail'),
    url(r'^(?P<pk>[0-9]+)/access_list/$',               'credential_access_list'),
    url(r'^(?P<pk>[0-9]+)/object_roles/$',              'credential_object_roles_list'),
+    url(r'^(?P<pk>[0-9]+)/owner/users/$',               'credential_owner_users_list'),
+    url(r'^(?P<pk>[0-9]+)/owner/teams/$',               'credential_owner_teams_list'),
+    url(r'^(?P<pk>[0-9]+)/owner/organizations/$',       'credential_owner_organizations_list'),
    # See also credentials resources on users/teams.
 )

--- a/awx/api/views.py
+++ b/awx/api/views.py
@ -1362,6 +1362,49 @@ class CredentialList(ListCreateAPIView):

        return ret

+
+class CredentialOwnerUsersList(SubListAPIView):
+    model = User
+    serializer_class = UserSerializer
+    parent_model = Credential
+    relationship = 'owner_role.members'
+    new_in_300 = True
+
+
+class CredentialOwnerTeamsList(SubListAPIView):
+    model = Team
+    serializer_class = TeamSerializer
+    parent_model = Credential
+    new_in_300 = True
+
+    def get_queryset(self):
+        credential = get_object_or_404(self.parent_model, pk=self.kwargs['pk'])
+        if not self.request.user.can_access(Credential, 'read', None):
+            raise PermissionDenied()
+
+        content_type = ContentType.objects.get_for_model(self.model)
+        teams = [c.content_object.pk for c in credential.owner_role.parents.filter(content_type=content_type).exclude(object_id__isnull=True)]
+
+        return self.model.objects.filter(pk__in=teams)
+
+
+class CredentialOwnerOrganizationsList(SubListAPIView):
+    model = Organization
+    serializer_class = OrganizationSerializer
+    parent_model = Credential
+    new_in_300 = True
+
+    def get_queryset(self):
+        credential = get_object_or_404(self.parent_model, pk=self.kwargs['pk'])
+        if not self.request.user.can_access(Credential, 'read', None):
+            raise PermissionDenied()
+
+        content_type = ContentType.objects.get_for_model(self.model)
+        orgs = [c.content_object.pk for c in credential.owner_role.parents.filter(content_type=content_type).exclude(object_id__isnull=True)]
+
+        return self.model.objects.filter(pk__in=orgs)
+
+
 class UserCredentialsList(CredentialList):

    model = Credential