zware/awx
1
0
Fork 0
mirror of https://github.com/ZwareBear/awx.git synced 2026-05-03 21:31:56 -05:00
Code Issues Packages Projects Releases Wiki Activity

More work in progress on AC-132.

Browse Source
This commit is contained in:
Chris Church
2013-08-26 02:28:37 -04:00
parent e594296c9b
commit ee3ba2c0e1
18 changed files with 418 additions and 61 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
awx/main/access.py
View File

@@ -601,6 +601,33 @@ class ProjectAccess(BaseAccess):
def can_delete(self, obj):
return self.can_change(obj, None)
class ProjectUpdateAccess(BaseAccess):
'''
I can see project updates when I can see the project.
I can change/delete when:
- I am a superuser.
- I am an admin in an organization associated with the project.
- I created it (for now?).
'''
model = ProjectUpdate
def get_queryset(self):
qs = ProjectUpdate.objects.filter(active=True).distinct()
qs = qs.select_related('created_by', 'project')
#if self.user.is_superuser:
return qs
#allowed = [PERM_INVENTORY_DEPLOY, PERM_INVENTORY_CHECK]
#return qs.filter(
# Q(created_by=self.user) |
# Q(organizations__admins__in=[self.user]) |
# Q(organizations__users__in=[self.user]) |
# Q(teams__users__in=[self.user]) |
# Q(permissions__user=self.user, permissions__permission_type__in=allowed) |
# Q(permissions__team__users__in=[self.user], permissions__permission_type__in=allowed)
#)
class PermissionAccess(BaseAccess):
'''
I can see a permission when:
@@ -944,6 +971,7 @@ register_access(Group, GroupAccess)
register_access(Credential, CredentialAccess)
register_access(Team, TeamAccess)
register_access(Project, ProjectAccess)
register_access(ProjectUpdate, ProjectUpdateAccess)
register_access(Permission, PermissionAccess)
register_access(JobTemplate, JobTemplateAccess)
register_access(Job, JobAccess)