External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-01-15 03:40:42 -03:30
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #3851 from AlanCoding/ig_distinct

Browse Source 
Remove duplicates from IG list

Reviewed-by: https://github.com/softwarefactory-project-zuul[bot]
This commit is contained in:
softwarefactory-project-zuul[bot] 2019-07-26 16:45:06 +00:00 committed by GitHub
commit 0ef97c497f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 13 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
awx/main/access.py
View File

@ -538,7 +538,7 @@ class InstanceGroupAccess(BaseAccess):
def filtered_queryset(self):
return InstanceGroup.objects.filter(
organization__in=Organization.accessible_pk_qs(self.user, 'admin_role'))
organization__in=Organization.accessible_pk_qs(self.user, 'admin_role')).distinct()
def can_add(self, data):
return self.user.is_superuser

15
awx/main/tests/functional/test_rbac_instance_groups.py
View File

@ -6,6 +6,7 @@ from awx.main.access import (
InventoryAccess,
JobTemplateAccess,
)
from awx.main.models import Organization
@pytest.mark.django_db
@ -36,6 +37,16 @@ def test_ig_normal_user_associability(organization, default_instance_group, user
assert not access.can_attach(organization, default_instance_group, 'instance_groups', None)
@pytest.mark.django_db
def test_access_via_two_organizations(rando, default_instance_group):
for org_name in ['org1', 'org2']:
org = Organization.objects.create(name=org_name)
org.instance_groups.add(default_instance_group)
org.admin_role.members.add(rando)
access = InstanceGroupAccess(rando)
assert list(access.get_queryset()) == [default_instance_group]
@pytest.mark.django_db
def test_ig_associability(organization, default_instance_group, admin, system_auditor, org_admin, org_member, job_template_factory):
admin_access = OrganizationAccess(admin)
@ -53,7 +64,7 @@ def test_ig_associability(organization, default_instance_group, admin, system_au
assert not oadmin_access.can_unattach(organization, default_instance_group, 'instance_groups', None)
assert not auditor_access.can_unattach(organization, default_instance_group, 'instance_groups', None)
assert not omember_access.can_unattach(organization, default_instance_group, 'instance_groups', None)
objects = job_template_factory('jt', organization=organization, project='p',
inventory='i', credential='c')
admin_access = InventoryAccess(admin)
@ -75,5 +86,3 @@ def test_ig_associability(organization, default_instance_group, admin, system_au
assert oadmin_access.can_attach(objects.job_template, default_instance_group, 'instance_groups', None)
assert not auditor_access.can_attach(objects.job_template, default_instance_group, 'instance_groups', None)
assert not omember_access.can_attach(objects.job_template, default_instance_group, 'instance_groups', None)