Closed AlanCoding closed 2 months ago
sonarcloud[bot]
commented
2 months ago 
Quality Gate passedIssues
2 New issues
0 Accepted issues
Measures
0 Security Hotspots
86.7% Coverage on New Code
0.0% Duplication on New Code
AlanCoding
commented
2 months ago Retrospective:
The problem here is the creator roles. Permissions are an inter-connected system. If someone has "add" permission for a model, then after creating an object, they need the object-level admin role (or whatever role is configured for creators) after creation.
This means that we could only disable object-level roles created in the API, but they would still have to exist generally. This is an additional piece of information which would have to be communicated to clients, and increases confusion.
For overall system stability and sanity I am backing out of this approach. I may also close the issue as a won't-fix.
Fixes https://github.com/ansible/django-ansible-base/issues/424
~Enabling work for AAP-25268~