External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-05-06 08:57:35 -02:30
Code Issues Packages Projects Releases Wiki Activity

Add tests for job template launch with invalid/inactive credential, fix bug that allowed an inactive credential to be passed if the job template already had an active credential.

Browse Source
This commit is contained in:
Chris Church
2015-04-26 12:28:39 -04:00
parent 2093b3db7a
commit 0d4c1a4245
2 changed files with 27 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
awx/api/serializers.py
View File

@@ -1706,21 +1706,22 @@ class JobLaunchSerializer(BaseSerializer):
read_only_fields = ('ask_variables_on_launch',) read_only_fields = ('ask_variables_on_launch',)
write_only_fields = ('credential','extra_vars',) write_only_fields = ('credential','extra_vars',)
def cred_valid(self, obj):
if obj.credential is not None:
return obj.credential.active
return False
def get_credential_needed_to_start(self, obj): def get_credential_needed_to_start(self, obj):
if obj: return not (obj and obj.credential and obj.credential.active)
return not self.cred_valid(obj)
return True
def get_survey_enabled(self, obj): def get_survey_enabled(self, obj):
if obj: if obj:
return obj.survey_enabled and 'spec' in obj.survey_spec return obj.survey_enabled and 'spec' in obj.survey_spec
return False return False
def validate_credential(self, attrs, source):
obj = self.context.get('obj')
credential = attrs.get(source, None) or (obj and obj.credential)
if not credential or not credential.active:
raise serializers.ValidationError('Credential not provided')
attrs[source] = credential
return attrs
def validate_extra_vars(self, attrs, source): def validate_extra_vars(self, attrs, source):
extra_vars = attrs.get(source, {}) extra_vars = attrs.get(source, {})
if not extra_vars: if not extra_vars:
@@ -1746,8 +1747,6 @@ class JobLaunchSerializer(BaseSerializer):
def validate(self, attrs): def validate(self, attrs):
obj = self.context.get('obj') obj = self.context.get('obj')
if not self.cred_valid(obj) and (attrs.get('credential', None) is None and attrs.get('credential_id', None) is None):
raise serializers.ValidationError(dict(errors=["Credential not provided"]))
if obj.job_type != PERM_INVENTORY_SCAN and (obj.project is None or not obj.project.active): if obj.job_type != PERM_INVENTORY_SCAN and (obj.project is None or not obj.project.active):
raise serializers.ValidationError(dict(errors=["Job Template Project is missing or undefined"])) raise serializers.ValidationError(dict(errors=["Job Template Project is missing or undefined"]))
if obj.inventory is None or not obj.inventory.active: if obj.inventory is None or not obj.inventory.active:

25
awx/main/tests/jobs/jobs_monolithic.py
View File

@@ -492,9 +492,14 @@ class JobTemplateTest(BaseJobTestMixin, django.test.TestCase):
j = Job.objects.get(pk=response['job']) j = Job.objects.get(pk=response['job'])
self.assertTrue(j.status == 'new') self.assertTrue(j.status == 'new')
# Can't launch a job template without a credential defined # Can't launch a job template without a credential defined (or if we
# pass an invalid/inactive credential value).
with self.current_user(self.user_sue): with self.current_user(self.user_sue):
response = self.post(no_launch_url, {}, expect=400) response = self.post(no_launch_url, {}, expect=400)
response = self.post(no_launch_url, {'credential': 0}, expect=400)
response = self.post(no_launch_url, {'credential': 'one'}, expect=400)
self.cred_doug.mark_inactive()
response = self.post(no_launch_url, {'credential': self.cred_doug.pk}, expect=400)
# Job Templates without projects can not be launched # Job Templates without projects can not be launched
with self.current_user(self.user_sue): with self.current_user(self.user_sue):
@@ -503,9 +508,9 @@ class JobTemplateTest(BaseJobTestMixin, django.test.TestCase):
jt = JobTemplate.objects.get(pk=response['id']) jt = JobTemplate.objects.get(pk=response['id'])
jt.project = None jt.project = None
jt.save() jt.save()
launch_url = reverse('api:job_template_launch', launch_url2 = reverse('api:job_template_launch',
args=(response['id'],)) args=(response['id'],))
self.post(launch_url, {}, expect=400) self.post(launch_url2, {}, expect=400)
# Job Templates without inventory can not be launched # Job Templates without inventory can not be launched
with self.current_user(self.user_sue): with self.current_user(self.user_sue):
@@ -514,9 +519,15 @@ class JobTemplateTest(BaseJobTestMixin, django.test.TestCase):
jt = JobTemplate.objects.get(pk=response['id']) jt = JobTemplate.objects.get(pk=response['id'])
jt.inventory = None jt.inventory = None
jt.save() jt.save()
launch_url = reverse('api:job_template_launch', launch_url3 = reverse('api:job_template_launch',
args=(response['id'],)) args=(response['id'],))
self.post(launch_url, {}, expect=400) self.post(launch_url3, {}, expect=400)
# Job Templates with deleted credentials cannot be launched.
self.cred_sue.mark_inactive()
with self.current_user(self.user_sue):
response = self.post(launch_url, {}, expect=400)
class JobTest(BaseJobTestMixin, django.test.TestCase): class JobTest(BaseJobTestMixin, django.test.TestCase):