zware/awx
1
0
Fork 0
mirror of https://github.com/ZwareBear/awx.git synced 2026-04-06 16:11:49 -05:00
Code Issues Packages Projects Releases Wiki Activity
17,595 Commits 35 Branches 71 Tags
da2fa14bf717bdbaf6768824d9d2a6db13182bb9
Commit Graph

609 Commits

Author SHA1 Message Date
AlanCoding
1466e5c343 flake8 errors in access.py due to an upgrade 2018-05-24 10:17:55 -04:00
Ryan Petrello
357a735e56 fix a bug that prevented JT admins from editing diff mode 
see: https://github.com/ansible/tower/issues/801
 2018-05-14 16:01:36 -04:00
Ryan Petrello
5b55e3cb2b fix a bug that prevented JT admins from editing custom virtualenvs 
see: https://github.com/ansible/tower/issues/1754
 2018-05-14 14:12:22 -04:00
AlanCoding
ec1e94376c correctly check credential permission on WFJT copy 2018-05-03 07:42:59 -04:00
Alan Rominger
b62dfa3e49 Merge pull request #1658 from AlanCoding/check_wfjt_creds 
Check WFJT credentials fix
 2018-05-02 13:52:30 -04:00
AlanCoding
902b1af417 fix access check for wfjt node copy 2018-05-02 13:24:57 -04:00
AlanCoding
652f837622 update access check to plural creds 2018-05-02 11:37:38 -04:00
Chris Meyers
a2901a47ee Merge pull request #1410 from chrismeyersfsu/fix-revert_tower_special_group 
send all tower work to a user-hidden queue
 2018-04-20 14:21:50 -04:00
chris meyers
a56771c8f0 send all tower work to a user-hidden queue 
* Before, we had a special group, tower, that ran any async work that
tower needed done. This allowed users fine grain control over which
nodes did background work. However, this granularity was too complicated
for users. So now, all tower system work goes to a special non-user
exposed celery queue. Tower remains the fallback instance group to
execute jobs on. The tower group will be created upon install and
protected from deletion.
 2018-04-20 13:04:36 -04:00
AlanCoding
6cb237d5d9 fix event querysets for non superusers 2018-04-20 11:44:52 -04:00
Christian Adams
d08790a5b4 Merge pull request #1420 from rooftopcellist/act_stream_access 
Act stream access
 2018-04-19 11:51:33 -04:00
adamscmRH
b6fcfd43b1 Fix app activity stream permissions 2018-04-19 11:19:19 -04:00
AlanCoding
13c483e463 avoid server error adding job 2018-04-18 08:27:08 -04:00
AlanCoding
4995ee7a60 remove admin_role for users 2018-04-12 13:18:49 -04:00
AlanCoding
12979260bb include new org roles in permissions fix 2018-04-06 12:03:43 -04:00
AlanCoding
a344ceda0e User editing permission changes 
Only allow administrative action for a user
who is a system admin or auditor if the
the requesting-user is a system admin.

Previously a user could be edited if the
requesting-user was an admin of ANY of the
orgs the user was member of.
This is changed to require admin permission
to ALL orgs the user is member of.

As a special-case, allow org admins to add
a user as a member to their organization if
the following conditions are met:
- the user is not member of any other orgs
- the org admin has permissions to all of
  the roles the user has
 2018-04-06 09:51:08 -04:00
Alan Rominger
ab277e816a Merge pull request #1242 from AlanCoding/copy_scripts 
Remove shortcut for custom scripts copy
 2018-04-05 08:45:15 -04:00
AlanCoding
133cca1446 fix WFJT user_capabilities special-case 2018-04-05 08:04:18 -04:00
AlanCoding
6e1e7d8426 remove shortcut for custom scripts copy 2018-04-04 14:35:28 -04:00
Christian Adams
2b7ad578d5 Merge pull request #1121 from rooftopcellist/organization_based_permission 
Organization based permission
 2018-04-04 10:39:40 -04:00
adamscmRH
53139b109e clean up application logic 2018-04-04 10:22:49 -04:00
AlanCoding
8a7f00bdf7 fix bug where role name was given incorrectly 2018-04-03 13:39:16 -04:00
adamscmRH
9ef1fce5e1 add tests & correct auditor permissions 2018-04-03 11:03:50 -04:00
adamscmRH
e9a128138a add org-app endpoint & permissions 2018-04-03 08:58:53 -04:00
adamscmRH
a7625b8747 add organization to app model 2018-04-03 08:58:53 -04:00
Wayne Witzel III
067ead35ac Extend test and fix to include the admin_role 2018-04-02 15:39:01 -04:00
Wayne Witzel III
ea7a0b2f58 Fixes RBAC issue, ensures can admin of sub_obj when needed 2018-04-02 14:10:14 -04:00
AlanCoding
d8f37e799b hide launch button for invalid JTs 2018-04-02 11:58:02 -04:00
AlanCoding
894eeee979 inventory source can_change rm credential check 2018-03-26 09:45:45 -04:00
Chris Meyers
ddf000e8e7 Merge pull request #1643 from chrismeyersfsu/fix-tower_special_group 
do not allow tower group delete or name change
 2018-03-22 08:06:03 -04:00
chris meyers
305ef6fa7e do not allow tower group delete or name change 
* DO allow policy changes and other attribute changes
 2018-03-22 08:05:06 -04:00
AlanCoding
4f1f578fde make user_capabilities False for read tokens 2018-03-21 13:14:14 -04:00
Wayne Witzel III
d7f26f417d Reword help text for manage org auth 2018-03-20 07:31:08 -04:00
Wayne Witzel III
d5564e8d81 Fix user capabilities when MANAGE_ORGANIZATION_AUTH is disabled 2018-03-19 15:16:54 -04:00
Wayne Witzel III
a9da494904 switch to single toggle and change name 2018-03-19 14:45:52 -04:00
Wayne Witzel III
771108e298 Protect team assignment for the roles access point 2018-03-19 12:10:13 -04:00
Wayne Witzel III
33ac8a9668 System wide toggle for org admin user/team abilities 2018-03-19 11:24:36 -04:00
Chris Meyers
2640ef8b1c Merge pull request #1536 from chrismeyersfsu/fix-protect_instance_groups 
prevent instance group delete if running jobs
 2018-03-15 14:57:45 -04:00
chris meyers
5d5d8152c5 prevent instance group delete if running jobs 
* related to https://github.com/ansible/ansible-tower/issues/7936
 2018-03-15 14:25:49 -04:00
AlanCoding
5170fb80dc fix bugs with UJT optimizations 2018-03-14 08:19:53 -04:00
AlanCoding
ce9234df0f Revamp user_capabilities with new copy fields 
Add copy fields corresponding to new server-side copying

Refactor the way user_capabilities are delivered
 - move the prefetch definition from views to serializer
 - store temporary mapping in serializer context
 - use serializer backlinks to denote polymorphic prefetch model exclusions
 2018-02-26 12:13:41 -05:00
Christian Adams
9493b72f29 Merge pull request #904 from ansible/oauth_n_session 
Implement session-based  and OAuth 2 authentications
 2018-02-26 12:12:38 -05:00
adamscmRH
30b473b0df remove default app creation 2018-02-24 21:34:07 -05:00
adamscmRH
2911dec324 fixes app token endpoint 2018-02-23 11:06:53 -05:00
adamscmRH
310f37dd37 clears authtoken & add PAT 2018-02-22 15:18:12 -05:00
Aaron Tan
1c2621cd60 Implement session-based and OAuth 2 authentications 
Relates #21. Please see acceptance docs for feature details.

Signed-off-by: Aaron Tan <jangsutsr@gmail.com>
 2018-02-22 15:18:12 -05:00
Ryan Petrello
35f629d42c Revert "changes to license compliance" 
This reverts commit 218dfb680e.
 2018-02-22 15:02:33 -05:00
AlanCoding
9c4d89f512 use the m2m field for inventory source creds 2018-02-20 12:34:56 -05:00
Wayne Witzel III
2c71a27630 Merge pull request #1123 from wwitzel3/new-permissions 
New RBAC Roles
 2018-02-15 16:56:03 -05:00
Wayne Witzel III
30a5617825 Address PR feedback 2018-02-14 22:53:33 +00:00