Merge pull request #3238 from jangsutsr/3088_make_admin_visible_to_oprhaned_users

Make system admin and system auditor visible to oprhaned users.
2026-02-27 07:56:06 -03:30 · 2016-09-29 09:42:05 -04:00
parent bcc9d3a3ac 89cbceeab8
commit cf39f28d62
3 changed files with 24 additions and 2 deletions
--- a/awx/api/views.py
+++ b/awx/api/views.py
@@ -3759,7 +3759,16 @@ class RoleList(ListAPIView):
    new_in_300 = True

    def get_queryset(self):
-        return Role.visible_roles(self.request.user)
+        result = Role.visible_roles(self.request.user)
+        # Sanity check: is the requesting user an orphaned non-admin/auditor? 
+        # if yes, make system admin/auditor mandatorily visible.
+        if not self.request.user.organizations.exists() and\
+           not self.request.user.is_superuser and\
+           not self.request.user.is_system_auditor:
+            mandatories = ('system_administrator', 'system_auditor')
+            super_qs = Role.objects.filter(singleton_name__in=mandatories)
+            result = result | super_qs
+        return result


 class RoleDetail(RetrieveAPIView):