Changed the become_method field into one that takes arbitrary input

related #2630 Signed-off-by: Jeff Bradberry <jeff.bradberry@gmail.com>
2026-01-13 02:50:02 -03:30 · 2019-01-28 14:49:59 -05:00 · 2019-01-28 14:49:59 -05:00 · 0ecd6542bf
commit 0ecd6542bf
parent 155c214df0
5 changed files with 10 additions and 22 deletions
--- a/awx/api/serializers.py
+++ b/awx/api/serializers.py
@ -5,7 +5,6 @@
 import copy
 import json
 import logging
-import operator
 import re
 import urllib.parse
 from collections import OrderedDict
@ -45,7 +44,6 @@ from awx.main.constants import (
    ANSI_SGR_PATTERN,
    ACTIVE_STATES,
    CENSOR_VALUE,
-    CHOICES_PRIVILEGE_ESCALATION_METHODS,
 )
 from awx.main.models import * # noqa
 from awx.main.models.base import NEW_JOB_TYPE_CHOICES
@ -2499,8 +2497,7 @@ class CredentialTypeSerializer(BaseSerializer):
                if 'help_text' in field:
                    field['help_text'] = _(field['help_text'])
                if field['type'] == 'become_method':
-                    field.pop('type')
-                    field['choices'] = list(map(operator.itemgetter(0), CHOICES_PRIVILEGE_ESCALATION_METHODS))
+                    field['type'] = 'string'
        return value

    def filter_field_metadata(self, fields, method):
--- a/awx/main/fields.py
+++ b/awx/main/fields.py
@ -4,7 +4,6 @@
 # Python
 import copy
 import json
-import operator
 import re
 import urllib.parse

@ -45,7 +44,7 @@ from awx.main.utils.filters import SmartFilter
 from awx.main.utils.encryption import encrypt_value, decrypt_value, get_encryption_key
 from awx.main.validators import validate_ssh_private_key
 from awx.main.models.rbac import batch_role_ancestor_rebuilding, Role
-from awx.main.constants import CHOICES_PRIVILEGE_ESCALATION_METHODS, ENV_BLACKLIST
+from awx.main.constants import ENV_BLACKLIST
 from awx.main import utils


@ -512,8 +511,7 @@ class CredentialInputField(JSONSchemaField):
        for field in model_instance.credential_type.inputs.get('fields', []):
            field = field.copy()
            if field['type'] == 'become_method':
-                field.pop('type')
-                field['choices'] = list(map(operator.itemgetter(0), CHOICES_PRIVILEGE_ESCALATION_METHODS))
+                field['type'] = 'string'
            properties[field['id']] = field
            if field.get('choices', []):
                field['enum'] = list(field['choices'])[:]
@ -725,9 +723,6 @@ class CredentialTypeInputField(JSONSchemaField):
                        code='invalid',
                        params={'value': value},
                    )
-                else:
-                    field.pop('type')
-                    field['choices'] = CHOICES_PRIVILEGE_ESCALATION_METHODS

            for key in ('choices', 'multiline', 'format', 'secret',):
                if key in field and field['type'] != 'string':
--- a/awx/main/models/credential/init.py
+++ b/awx/main/models/credential/init.py
@ -32,7 +32,6 @@ from awx.main.models.rbac import (
    ROLE_SINGLETON_SYSTEM_AUDITOR,
 )
 from awx.main.utils import encrypt_field
-from awx.main.constants import CHOICES_PRIVILEGE_ESCALATION_METHODS
 from . import injectors as builtin_injectors

 __all__ = ['Credential', 'CredentialType', 'V1Credential', 'build_safe_env']
@ -163,7 +162,6 @@ class V1Credential(object):
            max_length=32,
            blank=True,
            default='',
-            choices=CHOICES_PRIVILEGE_ESCALATION_METHODS,
            help_text=_('Privilege escalation method.')
        ),
        'become_username': models.CharField(
--- a/awx/main/tests/functional/test_credential.py
+++ b/awx/main/tests/functional/test_credential.py
@ -1,13 +1,11 @@
 # Copyright (c) 2017 Ansible by Red Hat
 # All Rights Reserved.

-import itertools
-
 import pytest
 from django.core.exceptions import ValidationError

 from awx.main.utils import decrypt_field
-from awx.main.models import Credential, CredentialType, V1Credential
+from awx.main.models import Credential, CredentialType

 from rest_framework import serializers

@ -206,10 +204,11 @@ def test_vault_validation(organization, inputs, valid):


@pytest.mark.django_db
-@pytest.mark.parametrize('become_method, valid', list(zip(
-    dict(V1Credential.FIELDS['become_method'].choices).keys(),
-    itertools.repeat(True)
-)) + [('invalid-choice', False)])
+@pytest.mark.parametrize('become_method, valid', [
+    ('', True),
+    ('sudo', True),
+    ('custom-plugin', True),
+])
 def test_choices_validity(become_method, valid, organization):
    inputs = {'become_method': become_method}
    cred_type = CredentialType.defaults['ssh']()
--- a/awx/ui/client/src/credentials/credentials.form.js
+++ b/awx/ui/client/src/credentials/credentials.form.js
@ -278,10 +278,9 @@ export default ['i18n', function(i18n) {
                "become_method": {
                    label: i18n._("Privilege Escalation"),
                    // hintText: "If your playbooks use privilege escalation (\"sudo: true\", \"su: true\", etc), you can specify the username to become, and the password to use here.",
-                    type: 'select',
+                    type: 'text',
                    ngShow: "kind.value == 'ssh'",
                    dataTitle: i18n._('Privilege Escalation'),
-                    ngOptions: 'become.label for become in become_options track by become.value',
                    awPopOver: "<p>" + i18n.sprintf(i18n._("Specify a method for %s operations. " +
                    "This is equivalent to specifying the %s parameter, where %s could be "+
                    "%s"), "'become'", "<code>--become-method=BECOME_METHOD</code>", "<code>BECOME_METHOD</code>", "<code>sudo | su | pbrun | pfexec | runas</code>") + " <br>" + i18n.sprintf(i18n._("(defaults to %s)"), "<code>sudo</code>") + "</p>",