Remove insights_credential from inventory

This commit is contained in:
Bill Nottingham
2021-06-16 16:47:42 -04:00
committed by Shane McDonald
parent 0947d30682
commit 1e68519c99
26 changed files with 38 additions and 267 deletions

View File

@@ -867,13 +867,11 @@ class InventoryAccess(BaseAccess):
# If no data is specified, just checking for generic add permission?
if not data:
return Organization.accessible_objects(self.user, 'inventory_admin_role').exists()
return self.check_related('organization', Organization, data, role_field='inventory_admin_role') and self.check_related(
'insights_credential', Credential, data, role_field='use_role'
)
return self.check_related('organization', Organization, data, role_field='inventory_admin_role')
@check_superuser
def can_change(self, obj, data):
return self.can_admin(obj, data) and self.check_related('insights_credential', Credential, data, obj=obj, role_field='use_role')
return self.can_admin(obj, data)
@check_superuser
def can_admin(self, obj, data):

View File

@@ -0,0 +1,17 @@
# Generated by Django 2.2.16 on 2021-06-16 21:00
from django.db import migrations
class Migration(migrations.Migration):
dependencies = [
('main', '0148_unifiedjob_receptor_unit_id'),
]
operations = [
migrations.RemoveField(
model_name='inventory',
name='insights_credential',
),
]

View File

@@ -165,15 +165,6 @@ class Inventory(CommonModelNameNotUnique, ResourceMixin, RelatedJobsMixin):
'admin_role',
]
)
insights_credential = models.ForeignKey(
'Credential',
related_name='insights_inventories',
help_text=_('Credentials to be used by hosts belonging to this inventory when accessing Red Hat Insights API.'),
on_delete=models.SET_NULL,
blank=True,
null=True,
default=None,
)
pending_deletion = models.BooleanField(
default=False,
editable=False,
@@ -368,13 +359,6 @@ class Inventory(CommonModelNameNotUnique, ResourceMixin, RelatedJobsMixin):
group_pks = self.groups.values_list('pk', flat=True)
return self.groups.exclude(parents__pk__in=group_pks).distinct()
def clean_insights_credential(self):
if self.kind == 'smart' and self.insights_credential:
raise ValidationError(_("Assignment not allowed for Smart Inventory"))
if self.insights_credential and self.insights_credential.credential_type.kind != 'insights':
raise ValidationError(_("Credential kind must be 'insights'."))
return self.insights_credential
@transaction.atomic
def schedule_deletion(self, user_id=None):
from awx.main.tasks import delete_inventory

View File

@@ -5,7 +5,7 @@ import pytest
from django.utils.encoding import smart_str
from awx.main.models import AdHocCommand, Credential, CredentialType, Job, JobTemplate, Inventory, InventorySource, Project, WorkflowJobNode
from awx.main.models import AdHocCommand, Credential, CredentialType, Job, JobTemplate, InventorySource, Project, WorkflowJobNode
from awx.main.utils import decrypt_field
from awx.api.versioning import reverse
@@ -857,7 +857,6 @@ def test_field_removal(put, organization, admin, credentialtype_ssh):
'relation, related_obj',
[
['ad_hoc_commands', AdHocCommand()],
['insights_inventories', Inventory()],
['unifiedjobs', Job()],
['unifiedjobtemplates', JobTemplate()],
['unifiedjobtemplates', InventorySource(source='ec2')],

View File

@@ -592,23 +592,3 @@ class TestControlledBySCM:
rando,
expect=403,
)
@pytest.mark.django_db
class TestInsightsCredential:
def test_insights_credential(self, patch, insights_inventory, admin_user, insights_credential):
patch(insights_inventory.get_absolute_url(), {'insights_credential': insights_credential.id}, admin_user, expect=200)
def test_insights_credential_protection(self, post, patch, insights_inventory, alice, insights_credential):
insights_inventory.organization.admin_role.members.add(alice)
insights_inventory.admin_role.members.add(alice)
post(
reverse('api:inventory_list'),
{"name": "test", "organization": insights_inventory.organization.id, "insights_credential": insights_credential.id},
alice,
expect=403,
)
patch(insights_inventory.get_absolute_url(), {'insights_credential': insights_credential.id}, alice, expect=403)
def test_non_insights_credential(self, patch, insights_inventory, admin_user, scm_credential):
patch(insights_inventory.get_absolute_url(), {'insights_credential': scm_credential.id}, admin_user, expect=400)

View File

@@ -1,15 +1,11 @@
import pytest
from unittest import mock
import json
from django.core.exceptions import ValidationError
from awx.main.models import (
UnifiedJob,
InventoryUpdate,
Inventory,
Credential,
CredentialType,
InventorySource,
)
@@ -39,42 +35,6 @@ def test__build_job_explanation():
)
def test_valid_clean_insights_credential():
cred_type = CredentialType.defaults['insights']()
insights_cred = Credential(credential_type=cred_type)
inv = Inventory(insights_credential=insights_cred)
inv.clean_insights_credential()
def test_invalid_clean_insights_credential():
cred_type = CredentialType.defaults['scm']()
cred = Credential(credential_type=cred_type)
inv = Inventory(insights_credential=cred)
with pytest.raises(ValidationError) as e:
inv.clean_insights_credential()
assert json.dumps(str(e.value)) == json.dumps(str([u"Credential kind must be 'insights'."]))
def test_valid_kind_clean_insights_credential():
inv = Inventory(kind='smart')
inv.clean_insights_credential()
def test_invalid_kind_clean_insights_credential():
cred_type = CredentialType.defaults['insights']()
insights_cred = Credential(credential_type=cred_type)
inv = Inventory(kind='smart', insights_credential=insights_cred)
with pytest.raises(ValidationError) as e:
inv.clean_insights_credential()
assert json.dumps(str(e.value)) == json.dumps(str([u'Assignment not allowed for Smart Inventory']))
class TestControlledBySCM:
def test_clean_source_path_valid(self):
inv_src = InventorySource(source_path='/not_real/', source='scm')