Fix groups endpoint viewable only by admin (#696)

awcrosby · web-flow · commit 8934c3ce755f · 2021-03-23T15:19:30.000-04:00
pulpcore 3.10.0 introduced queryset_filtering_required_permission attribute to GroupViewSet with a permission not used by galaxy_ng. Currently it can not be overridden simply by setting to None, so the attribute is removed from the subclass. Issue: AAH-453
diff --git a/CHANGES/453.bugfix b/CHANGES/453.bugfix
@@ -0,0 +1 @@
+Fix groups endpoint viewable only by admin
diff --git a/galaxy_ng/app/api/ui/viewsets/group.py b/galaxy_ng/app/api/ui/viewsets/group.py
@@ -29,6 +29,12 @@ class GroupViewSet(LocalSettingsMixin, viewsets.GroupViewSet):
     filterset_class = GroupFilter
     permission_classes = [access_policy.GroupAccessPolicy]
 
+    # TODO(awcrosby): replace this by setting attribute to None
+    # after https://pulp.plan.io/issues/8438 is resolved
+    def _remove_attr(self):
+        raise AttributeError
+    queryset_filtering_required_permission = property(_remove_attr)
+
     @transaction.atomic
     def create(self, request, *args, **kwargs):
         name = request.data['name']

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	`+Fix groups endpoint viewable only by admin`