External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-01-12 02:19:58 -03:30
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1700 from wwitzel3/issue-1429

Browse Source 
Fixing CredentialList post access check
This commit is contained in:
Wayne Witzel III 2016-04-27 09:10:26 -04:00
commit d418a09bfc
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
awx/api/views.py
View File

@ -1240,7 +1240,7 @@ class CredentialList(ListCreateAPIView):
organization = Organization.objects.get(pk=request.data['organization'])
obj = organization
if self.request.user not in obj.admin_role:
if not self.request.user.can_access(type(obj), 'change', obj, request.data):
raise PermissionDenied()
ret = super(CredentialList, self).post(request, *args, **kwargs)