mirror of
https://github.com/ansible/awx.git
synced 2026-02-16 18:50:04 -03:30
Merge pull request #5512 from AlanCoding/inv_src_qs
Add InventorySource back into schedule queryset
This commit is contained in:
@@ -1966,8 +1966,11 @@ class ScheduleAccess(BaseAccess):
|
|||||||
if self.user.is_superuser or self.user.is_system_auditor:
|
if self.user.is_superuser or self.user.is_system_auditor:
|
||||||
return qs.all()
|
return qs.all()
|
||||||
|
|
||||||
unified_qs = UnifiedJobTemplate.accessible_pk_qs(self.user, 'read_role')
|
unified_pk_qs = UnifiedJobTemplate.accessible_pk_qs(self.user, 'read_role')
|
||||||
return qs.filter(unified_job_template__id__in=unified_qs)
|
inv_src_qs = InventorySource.objects.filter(inventory_id=Inventory._accessible_pk_qs(Inventory, self.user, 'read_role'))
|
||||||
|
return qs.filter(
|
||||||
|
Q(unified_job_template_id__in=unified_pk_qs) |
|
||||||
|
Q(unified_job_template_id__in=inv_src_qs.values_list('pk', flat=True)))
|
||||||
|
|
||||||
@check_superuser
|
@check_superuser
|
||||||
def can_read(self, obj):
|
def can_read(self, obj):
|
||||||
|
|||||||
@@ -5,13 +5,15 @@ from awx.main.models import (
|
|||||||
Permission,
|
Permission,
|
||||||
Host,
|
Host,
|
||||||
CustomInventoryScript,
|
CustomInventoryScript,
|
||||||
|
Schedule
|
||||||
)
|
)
|
||||||
from awx.main.access import (
|
from awx.main.access import (
|
||||||
InventoryAccess,
|
InventoryAccess,
|
||||||
InventorySourceAccess,
|
InventorySourceAccess,
|
||||||
HostAccess,
|
HostAccess,
|
||||||
InventoryUpdateAccess,
|
InventoryUpdateAccess,
|
||||||
CustomInventoryScriptAccess
|
CustomInventoryScriptAccess,
|
||||||
|
ScheduleAccess
|
||||||
)
|
)
|
||||||
from django.apps import apps
|
from django.apps import apps
|
||||||
|
|
||||||
@@ -277,3 +279,14 @@ def test_inventory_source_credential_check(rando, inventory_source, credential):
|
|||||||
inventory_source.group.inventory.admin_role.members.add(rando)
|
inventory_source.group.inventory.admin_role.members.add(rando)
|
||||||
access = InventorySourceAccess(rando)
|
access = InventorySourceAccess(rando)
|
||||||
assert not access.can_change(inventory_source, {'credential': credential})
|
assert not access.can_change(inventory_source, {'credential': credential})
|
||||||
|
|
||||||
|
|
||||||
|
@pytest.mark.django_db
|
||||||
|
def test_inventory_source_org_admin_schedule_access(org_admin, inventory_source):
|
||||||
|
schedule = Schedule.objects.create(
|
||||||
|
unified_job_template=inventory_source,
|
||||||
|
rrule='DTSTART:20151117T050000Z RRULE:FREQ=DAILY;INTERVAL=1;COUNT=1')
|
||||||
|
access = ScheduleAccess(org_admin)
|
||||||
|
assert access.get_queryset()
|
||||||
|
assert access.can_read(schedule)
|
||||||
|
assert access.can_change(schedule, {'rrule': 'DTSTART:20151117T050000Z RRULE:FREQ=DAILY;INTERVAL=1;COUNT=2'})
|
||||||
|
|||||||
Reference in New Issue
Block a user