super-user requests to HostDetail go through rbac

2026-02-20 04:30:05 -03:30 · 2017-01-27 10:38:36 -05:00
parent 6aaf6a3150
commit ef3a3b3b2f
2 changed files with 1 additions and 23 deletions
--- a/awx/api/permissions.py
+++ b/awx/api/permissions.py
@@ -16,8 +16,7 @@ from awx.main.utils import get_object_or_400
 logger = logging.getLogger('awx.api.permissions')

 __all__ = ['ModelAccessPermission', 'JobTemplateCallbackPermission',
-           'TaskPermission', 'ProjectUpdatePermission', 'UserPermission',
-           'HostPermission',]
+           'TaskPermission', 'ProjectUpdatePermission', 'UserPermission',]


 class ModelAccessPermission(permissions.BasePermission):
@@ -209,23 +208,3 @@ class UserPermission(ModelAccessPermission):
        raise PermissionDenied()


-class HostPermission(ModelAccessPermission):
-    '''
-    Allow super super for all operations that don't add or update data.
-    Allow the request to flow through access.py so that even a super-user can't 
-    violate the license host count restriction.
-    '''
-
-    def check_options_permissions(self, request, view, obj=None):
-        view.always_allow_superuser = True
-        return super(HostPermission, self).check_options_permissions(request, view, obj)
-
-    def check_head_permissions(self, request, view, obj=None):
-        view.always_allow_superuser = True
-        return super(HostPermission, self).check_head_permissions(request, view, obj)
-
-    def check_get_permissions(self, request, view, obj=None):
-        view.always_allow_superuser = True
-        return super(HostPermission, self).check_get_permissions(request, view, obj)
-
-