From f6fb46d99ed9db6470e2c08036bd78451e03c654 Mon Sep 17 00:00:00 2001 From: Lila Date: Thu, 12 May 2022 13:35:17 -0400 Subject: [PATCH] Prevent edit of vault ID once credential is created and added check to ensure user is actually trying to change vault id. --- awx/api/serializers.py | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/awx/api/serializers.py b/awx/api/serializers.py index f70e582c89..29a90c08c3 100644 --- a/awx/api/serializers.py +++ b/awx/api/serializers.py @@ -2664,6 +2664,13 @@ class CredentialSerializer(BaseSerializer): return credential_type + def validate_inputs(self, inputs): + if self.instance and self.instance.credential_type.kind == "vault": + if 'vault_id' in inputs and inputs['vault_id'] != self.instance.inputs['vault_id']: + raise ValidationError(_('We do not permit Vault IDs to be changed after they have been created.')) + + return inputs + class CredentialSerializerCreate(CredentialSerializer):