diff --git a/awx/api/serializers.py b/awx/api/serializers.py index 2d2e38a8f5..f492b06ee9 100644 --- a/awx/api/serializers.py +++ b/awx/api/serializers.py @@ -330,6 +330,12 @@ class BaseSerializer(serializers.ModelSerializer): } if len(roles) > 0: summary_fields['object_roles'] = roles + if hasattr(obj, 'get_can_edit'): + request = self.context.get('request', None) + if request and request.user is not None: + summary_fields['can_edit'] = obj.get_can_edit(request.user) + elif hasattr(obj, 'can_edit'): + summary_fields['can_edit'] = obj.can_edit return summary_fields def get_created(self, obj): diff --git a/awx/api/views.py b/awx/api/views.py index 39db4cd23c..e2ae7bfe3f 100644 --- a/awx/api/views.py +++ b/awx/api/views.py @@ -1521,6 +1521,24 @@ class InventoryList(ListCreateAPIView): qs = qs.select_related('admin_role', 'read_role', 'update_role', 'use_role', 'adhoc_role') return qs + def list(self, request, *args, **kwargs): + queryset = self.filter_queryset(self.get_queryset()) + + page = self.paginate_queryset(queryset) + readable_ids = [obj.id for obj in page] + editable_ids = Inventory.accessible_objects(request.user, 'admin_role').filter(pk__in=readable_ids).values_list('pk', flat=True) + for obj in page: + if obj.pk in editable_ids: + obj.can_edit = True + else: + obj.can_edit = False + if page is not None: + serializer = self.get_serializer(page, many=True) + return self.get_paginated_response(serializer.data) + + serializer = self.get_serializer(queryset, many=True) + return Response(serializer.data) + class InventoryDetail(RetrieveUpdateDestroyAPIView): model = Inventory diff --git a/awx/main/models/projects.py b/awx/main/models/projects.py index 93c4a42e36..d68f3db3ae 100644 --- a/awx/main/models/projects.py +++ b/awx/main/models/projects.py @@ -105,6 +105,9 @@ class ProjectOptions(models.Model): on_delete=models.SET_NULL, ) + def get_can_edit(self, user): + return user in self.admin_role + def clean_scm_type(self): return self.scm_type or ''