Merge branch 'devel' of https://github.com/ansible/ansible-tower into can_CRUD

2026-05-17 00:38:36 -05:00 · 2016-08-29 14:01:18 -04:00
parent 8f1e9bd20d f66fa6fb7c
commit 23791cb91e
17 changed files with 167 additions and 140 deletions
@@ -2263,8 +2263,6 @@ class JobTemplateLaunch(RetrieveAPIView, GenericAPIView):

    def post(self, request, *args, **kwargs):
        obj = self.get_object()
-        if not request.user.can_access(self.model, 'start', obj):
-            raise PermissionDenied()

        if 'credential' not in request.data and 'credential_id' in request.data:
            request.data['credential'] = request.data['credential_id']
@@ -2643,14 +2641,13 @@ class SystemJobTemplateLaunch(GenericAPIView):

    model = SystemJobTemplate
    serializer_class = EmptySerializer
+    is_job_start = True

    def get(self, request, *args, **kwargs):
        return Response({})

    def post(self, request, *args, **kwargs):
        obj = self.get_object()
-        if not request.user.can_access(self.model, 'start', obj):
-            raise PermissionDenied()

        new_job = obj.create_unified_job(**request.data)
        new_job.signal_start(**request.data)
@@ -2757,8 +2754,6 @@ class JobStart(GenericAPIView):

    def post(self, request, *args, **kwargs):
        obj = self.get_object()
-        if not request.user.can_access(self.model, 'start', obj):
-            raise PermissionDenied()
        if obj.can_start:
            result = obj.signal_start(**request.data)
            if not result:
@@ -2796,8 +2791,6 @@ class JobRelaunch(RetrieveAPIView, GenericAPIView):

    def post(self, request, *args, **kwargs):
        obj = self.get_object()
-        if not request.user.can_access(self.model, 'start', obj):
-            raise PermissionDenied()

        # Note: is_valid() may modify request.data
        # It will remove any key/value pair who's key is not in the 'passwords_needed_to_start' list
@@ -3243,8 +3236,6 @@ class AdHocCommandRelaunch(GenericAPIView):

    def post(self, request, *args, **kwargs):
        obj = self.get_object()
-        if not request.user.can_access(self.model, 'start', obj):
-            raise PermissionDenied()

        # Re-validate ad hoc command against serializer to check if module is
        # still allowed.