External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-01-12 10:30:03 -03:30
Code Issues Packages Projects Releases Wiki Activity

Make sure that validation of managed EEs makes sense

Browse Source 
- missing fields in a patch request should be ignored
- compare the organization pks, if present
This commit is contained in:
Jeff Bradberry 2021-06-24 16:55:36 -04:00 committed by Shane McDonald
parent 9992bf03b0
commit d5deedc822
No known key found for this signature in database
GPG Key ID: 6F374AF6E9EB9374
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
awx/api/views/__init__.py
View File

@ -710,8 +710,12 @@ class ExecutionEnvironmentDetail(RetrieveUpdateDestroyAPIView):
fields_to_check = ['name', 'description', 'organization', 'image', 'credential']
if instance.managed and request.user.can_access(models.ExecutionEnvironment, 'change', instance):
for field in fields_to_check:
if kwargs.get('partial') and field not in request.data:
continue
left = getattr(instance, field, None)
right = request.data.get(field, None)
if hasattr(left, 'id'):
left = left.id
right = request.data.get(field)
if left != right:
raise PermissionDenied(_("Only the 'pull' field can be edited for managed execution environments."))
return super().update(request, *args, **kwargs)