mirror of
https://github.com/ansible/awx.git
synced 2026-07-02 20:08:02 -02:30
Remove insights_credential from inventory
This commit is contained in:
committed by
Shane McDonald
parent
0947d30682
commit
1e68519c99
@@ -867,13 +867,11 @@ class InventoryAccess(BaseAccess):
|
||||
# If no data is specified, just checking for generic add permission?
|
||||
if not data:
|
||||
return Organization.accessible_objects(self.user, 'inventory_admin_role').exists()
|
||||
return self.check_related('organization', Organization, data, role_field='inventory_admin_role') and self.check_related(
|
||||
'insights_credential', Credential, data, role_field='use_role'
|
||||
)
|
||||
return self.check_related('organization', Organization, data, role_field='inventory_admin_role')
|
||||
|
||||
@check_superuser
|
||||
def can_change(self, obj, data):
|
||||
return self.can_admin(obj, data) and self.check_related('insights_credential', Credential, data, obj=obj, role_field='use_role')
|
||||
return self.can_admin(obj, data)
|
||||
|
||||
@check_superuser
|
||||
def can_admin(self, obj, data):
|
||||
|
||||
@@ -0,0 +1,17 @@
|
||||
# Generated by Django 2.2.16 on 2021-06-16 21:00
|
||||
|
||||
from django.db import migrations
|
||||
|
||||
|
||||
class Migration(migrations.Migration):
|
||||
|
||||
dependencies = [
|
||||
('main', '0148_unifiedjob_receptor_unit_id'),
|
||||
]
|
||||
|
||||
operations = [
|
||||
migrations.RemoveField(
|
||||
model_name='inventory',
|
||||
name='insights_credential',
|
||||
),
|
||||
]
|
||||
@@ -165,15 +165,6 @@ class Inventory(CommonModelNameNotUnique, ResourceMixin, RelatedJobsMixin):
|
||||
'admin_role',
|
||||
]
|
||||
)
|
||||
insights_credential = models.ForeignKey(
|
||||
'Credential',
|
||||
related_name='insights_inventories',
|
||||
help_text=_('Credentials to be used by hosts belonging to this inventory when accessing Red Hat Insights API.'),
|
||||
on_delete=models.SET_NULL,
|
||||
blank=True,
|
||||
null=True,
|
||||
default=None,
|
||||
)
|
||||
pending_deletion = models.BooleanField(
|
||||
default=False,
|
||||
editable=False,
|
||||
@@ -368,13 +359,6 @@ class Inventory(CommonModelNameNotUnique, ResourceMixin, RelatedJobsMixin):
|
||||
group_pks = self.groups.values_list('pk', flat=True)
|
||||
return self.groups.exclude(parents__pk__in=group_pks).distinct()
|
||||
|
||||
def clean_insights_credential(self):
|
||||
if self.kind == 'smart' and self.insights_credential:
|
||||
raise ValidationError(_("Assignment not allowed for Smart Inventory"))
|
||||
if self.insights_credential and self.insights_credential.credential_type.kind != 'insights':
|
||||
raise ValidationError(_("Credential kind must be 'insights'."))
|
||||
return self.insights_credential
|
||||
|
||||
@transaction.atomic
|
||||
def schedule_deletion(self, user_id=None):
|
||||
from awx.main.tasks import delete_inventory
|
||||
|
||||
@@ -5,7 +5,7 @@ import pytest
|
||||
|
||||
from django.utils.encoding import smart_str
|
||||
|
||||
from awx.main.models import AdHocCommand, Credential, CredentialType, Job, JobTemplate, Inventory, InventorySource, Project, WorkflowJobNode
|
||||
from awx.main.models import AdHocCommand, Credential, CredentialType, Job, JobTemplate, InventorySource, Project, WorkflowJobNode
|
||||
from awx.main.utils import decrypt_field
|
||||
from awx.api.versioning import reverse
|
||||
|
||||
@@ -857,7 +857,6 @@ def test_field_removal(put, organization, admin, credentialtype_ssh):
|
||||
'relation, related_obj',
|
||||
[
|
||||
['ad_hoc_commands', AdHocCommand()],
|
||||
['insights_inventories', Inventory()],
|
||||
['unifiedjobs', Job()],
|
||||
['unifiedjobtemplates', JobTemplate()],
|
||||
['unifiedjobtemplates', InventorySource(source='ec2')],
|
||||
|
||||
@@ -592,23 +592,3 @@ class TestControlledBySCM:
|
||||
rando,
|
||||
expect=403,
|
||||
)
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
class TestInsightsCredential:
|
||||
def test_insights_credential(self, patch, insights_inventory, admin_user, insights_credential):
|
||||
patch(insights_inventory.get_absolute_url(), {'insights_credential': insights_credential.id}, admin_user, expect=200)
|
||||
|
||||
def test_insights_credential_protection(self, post, patch, insights_inventory, alice, insights_credential):
|
||||
insights_inventory.organization.admin_role.members.add(alice)
|
||||
insights_inventory.admin_role.members.add(alice)
|
||||
post(
|
||||
reverse('api:inventory_list'),
|
||||
{"name": "test", "organization": insights_inventory.organization.id, "insights_credential": insights_credential.id},
|
||||
alice,
|
||||
expect=403,
|
||||
)
|
||||
patch(insights_inventory.get_absolute_url(), {'insights_credential': insights_credential.id}, alice, expect=403)
|
||||
|
||||
def test_non_insights_credential(self, patch, insights_inventory, admin_user, scm_credential):
|
||||
patch(insights_inventory.get_absolute_url(), {'insights_credential': scm_credential.id}, admin_user, expect=400)
|
||||
|
||||
@@ -1,15 +1,11 @@
|
||||
import pytest
|
||||
from unittest import mock
|
||||
import json
|
||||
|
||||
from django.core.exceptions import ValidationError
|
||||
|
||||
from awx.main.models import (
|
||||
UnifiedJob,
|
||||
InventoryUpdate,
|
||||
Inventory,
|
||||
Credential,
|
||||
CredentialType,
|
||||
InventorySource,
|
||||
)
|
||||
|
||||
@@ -39,42 +35,6 @@ def test__build_job_explanation():
|
||||
)
|
||||
|
||||
|
||||
def test_valid_clean_insights_credential():
|
||||
cred_type = CredentialType.defaults['insights']()
|
||||
insights_cred = Credential(credential_type=cred_type)
|
||||
inv = Inventory(insights_credential=insights_cred)
|
||||
|
||||
inv.clean_insights_credential()
|
||||
|
||||
|
||||
def test_invalid_clean_insights_credential():
|
||||
cred_type = CredentialType.defaults['scm']()
|
||||
cred = Credential(credential_type=cred_type)
|
||||
inv = Inventory(insights_credential=cred)
|
||||
|
||||
with pytest.raises(ValidationError) as e:
|
||||
inv.clean_insights_credential()
|
||||
|
||||
assert json.dumps(str(e.value)) == json.dumps(str([u"Credential kind must be 'insights'."]))
|
||||
|
||||
|
||||
def test_valid_kind_clean_insights_credential():
|
||||
inv = Inventory(kind='smart')
|
||||
|
||||
inv.clean_insights_credential()
|
||||
|
||||
|
||||
def test_invalid_kind_clean_insights_credential():
|
||||
cred_type = CredentialType.defaults['insights']()
|
||||
insights_cred = Credential(credential_type=cred_type)
|
||||
inv = Inventory(kind='smart', insights_credential=insights_cred)
|
||||
|
||||
with pytest.raises(ValidationError) as e:
|
||||
inv.clean_insights_credential()
|
||||
|
||||
assert json.dumps(str(e.value)) == json.dumps(str([u'Assignment not allowed for Smart Inventory']))
|
||||
|
||||
|
||||
class TestControlledBySCM:
|
||||
def test_clean_source_path_valid(self):
|
||||
inv_src = InventorySource(source_path='/not_real/', source='scm')
|
||||
|
||||
Reference in New Issue
Block a user