External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-05-14 04:47:44 -02:30
Code Issues Packages Projects Releases Wiki Activity

fixing broken test cases

Browse Source
This commit is contained in:
Wayne Witzel III
2016-05-25 10:50:31 -04:00
parent 2052f93792
commit 1189ce033a
2 changed files with 45 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

51
awx/main/tests/functional/test_projects.py
View File

@@ -9,6 +9,19 @@ from awx.main.models import Project
# #
# Project listing and visibility tests # Project listing and visibility tests
# #
@pytest.fixture
def team_project_list(organization_factory):
objects = organization_factory('org-test',
superusers=['admin'],
users=['team1:alice', 'team2:bob'],
teams=['team1', 'team2'],
projects=['pteam1', 'pteam2', 'pshared'],
roles=['team1.member_role:pteam1.admin_role',
'team2.member_role:pteam2.admin_role',
'team1.member_role:pshared.admin_role',
'team2.member_role:pshared.admin_role'])
return objects
@pytest.mark.django_db @pytest.mark.django_db
def test_user_project_list(get, organization_factory): def test_user_project_list(get, organization_factory):
@@ -39,28 +52,12 @@ def test_user_project_list(get, organization_factory):
assert get(reverse('api:user_projects_list', args=(objects.superusers.admin.pk,)), objects.users.alice).data['count'] == 2 assert get(reverse('api:user_projects_list', args=(objects.superusers.admin.pk,)), objects.users.alice).data['count'] == 2
def setup_test_team_project_list(project_factory, team_factory, admin, alice, bob):
team1 = team_factory('team1')
team2 = team_factory('team2')
team1_project = project_factory('team1 project')
team1_project.admin_role.parents.add(team1.member_role)
team2_project = project_factory('team2 project')
team2_project.admin_role.parents.add(team2.member_role)
shared_project = project_factory('shared project')
shared_project.admin_role.parents.add(team1.member_role)
shared_project.admin_role.parents.add(team2.member_role)
team1.member_role.members.add(alice)
team2.member_role.members.add(bob)
return team1, team2
@pytest.mark.django_db @pytest.mark.django_db
def test_team_project_list(get, project_factory, team_factory, admin, alice, bob): def test_team_project_list(get, team_project_list):
'List of projects a team has access to, filtered by projects you can also see' objects = team_project_list
team1, team2 = setup_test_team_project_list(project_factory, team_factory, admin, alice, bob)
team1, team2 = objects.teams.team1, objects.teams.team2
alice, bob, admin = objects.users.alice, objects.users.bob, objects.superusers.admin
# admins can see all projects on a team # admins can see all projects on a team
assert get(reverse('api:team_projects_list', args=(team1.pk,)), admin).data['count'] == 2 assert get(reverse('api:team_projects_list', args=(team1.pk,)), admin).data['count'] == 2
@@ -94,17 +91,11 @@ def test_team_project_list(get, project_factory, team_factory, admin, alice, bob
assert get(reverse('api:user_projects_list', args=(admin.pk,)), alice).data['count'] == 2 assert get(reverse('api:user_projects_list', args=(admin.pk,)), alice).data['count'] == 2
@pytest.mark.django_db @pytest.mark.django_db
def test_team_project_list_fail1(get, project_factory, team_factory, admin, alice, bob): def test_team_project_list_fail1(get, team_project_list):
# alice should not be able to see team2 projects because she doesn't have access to team2 objects = team_project_list
team1, team2 = setup_test_team_project_list(project_factory, team_factory, admin, alice, bob) res = get(reverse('api:team_projects_list', args=(objects.teams.team2.pk,)), objects.users.alice)
res = get(reverse('api:team_projects_list', args=(team2.pk,)), alice)
assert res.status_code == 403 assert res.status_code == 403
@pytest.mark.django_db
def test_team_project_list_fail2(get, project_factory, team_factory, admin, alice, bob):
team1, team2 = setup_test_team_project_list(project_factory, team_factory, admin, alice, bob)
# alice should not be able to see bob
@pytest.mark.parametrize("u,expected_status_code", [ @pytest.mark.parametrize("u,expected_status_code", [
('rando', 403), ('rando', 403),
('org_member', 403), ('org_member', 403),

39
awx/main/tests/functional/test_rbac_notifications.py
View File

@@ -25,35 +25,44 @@ def test_notification_template_get_queryset_orgadmin(notification_template, user
assert access.get_queryset().count() == 1 assert access.get_queryset().count() == 1
@pytest.mark.django_db @pytest.mark.django_db
def test_notification_template_access_superuser(notification_template, user, notification_template_factory): def test_notification_template_access_superuser(notification_template_factory):
access = NotificationTemplateAccess(user('admin', True)) nf_objects = notification_template_factory('test-orphaned', organization='test', superusers=['admin'])
assert access.can_read(notification_template) admin = nf_objects.superusers.admin
assert access.can_change(notification_template, None) nf = nf_objects.notification_template
assert access.can_delete(notification_template)
nf = notification_template_factory("test-orphaned") access = NotificationTemplateAccess(admin)
assert access.can_read(nf)
assert access.can_change(nf, None)
assert access.can_delete(nf)
nf.organization = None nf.organization = None
nf.save() nf.save()
assert access.can_read(nf) assert access.can_read(nf)
assert access.can_change(nf, None) assert access.can_change(nf, None)
assert access.can_delete(nf) assert access.can_delete(nf)
@pytest.mark.django_db @pytest.mark.django_db
def test_notification_template_access_admin(notification_template, user, organization_factory, notification_template_factory): def test_notification_template_access_admin(organization_factory, notification_template_factory):
adm = user('admin', False) other_objects = organization_factory('other')
other_org = organization_factory('other') present_objects = organization_factory('present',
present_org = organization_factory('present') users=['admin'],
notification_template.organization.admin_role.members.add(adm) notification_templates=['test-notification'],
present_org.admin_role.members.add(adm) roles=['present.admin_role:admin'])
access = NotificationTemplateAccess(user('admin', False)) notification_template = present_objects.notification_templates.test_notification
other_org = other_objects.organization
present_org = present_objects.organization
admin = present_objects.users.admin
access = NotificationTemplateAccess(admin)
assert not access.can_change(notification_template, {'organization': other_org.id}) assert not access.can_change(notification_template, {'organization': other_org.id})
assert access.can_read(notification_template) assert access.can_read(notification_template)
assert access.can_change(notification_template, None) assert access.can_change(notification_template, None)
assert access.can_change(notification_template, {'organization': present_org.id}) assert access.can_change(notification_template, {'organization': present_org.id})
assert access.can_delete(notification_template) assert access.can_delete(notification_template)
nf = notification_template_factory("test-orphaned") nf = notification_template_factory("test-orphaned")
nf.organization = None
nf.save()
assert not access.can_read(nf) assert not access.can_read(nf)
assert not access.can_change(nf, None) assert not access.can_change(nf, None)
assert not access.can_delete(nf) assert not access.can_delete(nf)