External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-03-19 01:47:31 -02:30
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #4551 from rebeccahhh/devel

Browse Source 
Remove extra warning when using garbage credentials

Reviewed-by: https://github.com/apps/softwarefactory-project-zuul
This commit is contained in:
softwarefactory-project-zuul[bot]
2019-08-22 14:18:30 +00:00
committed by GitHub
parent 4a45a7e9c3 fb71b2699f
commit 045578ce22
2 changed files with 39 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
awx/main/fields.py
View File

@@ -691,10 +691,12 @@ class CredentialInputField(JSONSchemaField):
if model_instance.has_encrypted_ssh_key_data and not value.get('ssh_key_unlock'): if model_instance.has_encrypted_ssh_key_data and not value.get('ssh_key_unlock'):
errors['ssh_key_unlock'] = [_('must be set when SSH key is encrypted.')] errors['ssh_key_unlock'] = [_('must be set when SSH key is encrypted.')]
if all([ if all([
model_instance.inputs.get('ssh_key_data'), model_instance.inputs.get('ssh_key_data'),
value.get('ssh_key_unlock'), value.get('ssh_key_unlock'),
not model_instance.has_encrypted_ssh_key_data not model_instance.has_encrypted_ssh_key_data,
'ssh_key_data' not in errors
]): ]):
errors['ssh_key_unlock'] = [_('should not be set when SSH key is not encrypted.')] errors['ssh_key_unlock'] = [_('should not be set when SSH key is not encrypted.')]

36
awx/main/tests/functional/api/test_credential.py
View File

@@ -1360,6 +1360,42 @@ def test_ssh_unlock_with_prior_value(put, organization, admin, credentialtype_ss
assert decrypt_field(cred, 'ssh_key_unlock') == 'new-unlock' assert decrypt_field(cred, 'ssh_key_unlock') == 'new-unlock'
@pytest.mark.django_db
@pytest.mark.parametrize('version, params', [
['v2', {
'name': 'Best credential ever',
'credential_type': 1,
'inputs': {
'username': 'oscar',
'ssh_key_data': 'invalid-key',
'ssh_key_unlock': 'unchecked-unlock',
}
}]
])
def test_ssh_bad_key_unlock_not_checked(put, organization, admin, credentialtype_ssh, version, params):
cred = Credential(
credential_type=credentialtype_ssh,
name='Best credential ever',
organization=organization,
inputs={
'username': u'oscar',
'ssh_key_data': 'invalid-key',
'ssh_key_unlock': 'unchecked-unlock',
}
)
cred.save()
params['organization'] = organization.id
response = put(
reverse('api:credential_detail', kwargs={'version': version, 'pk': cred.pk}),
params,
admin
)
assert response.status_code == 400
assert response.data['inputs']['ssh_key_data'] == ['Invalid certificate or key: invalid-key...']
assert 'ssh_key_unlock' not in response.data['inputs']
# #
# test secret encryption/decryption # test secret encryption/decryption
# #