Right now some validations/permissions checking and exception handling about OS-level access to playbooks/inventories is being performed in the plugin itself (basically checking if a user account Errbot is running under has access there).
This is kind of inefficient since nothing prevents a user from running RQ worker using a different (more secure) user account.
All the validations and Ansible command construction/call should be moved to a separate function and this function should be enqueued instead of directly enqueueing subprocess.check_output()
Right now some validations/permissions checking and exception handling about OS-level access to playbooks/inventories is being performed in the plugin itself (basically checking if a user account Errbot is running under has access there).
This is kind of inefficient since nothing prevents a user from running RQ worker using a different (more secure) user account.
All the validations and Ansible command construction/call should be moved to a separate function and this function should be enqueued instead of directly enqueueing
subprocess.check_output()