External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-03-23 03:45:01 -02:30
Code Issues Packages Projects Releases Wiki Activity

unit test related field checks, finialize scenarios

Browse Source
This commit is contained in:
AlanCoding
2016-11-05 13:45:07 -04:00
parent 2ddda56f09
commit 2279e1e8dc
3 changed files with 118 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

89
awx/main/tests/unit/test_access.py
View File

@@ -3,6 +3,7 @@ import mock
from django.contrib.auth.models import User
from django.forms.models import model_to_dict
from rest_framework.exceptions import ParseError
from awx.main.access import (
BaseAccess,
@@ -16,6 +17,90 @@ from awx.conf.license import LicenseForbids
from awx.main.models import Credential, Inventory, Project, Role, Organization, Instance
@pytest.fixture
def user_unit():
return User(username='rando', password='raginrando', email='rando@redhat.com')
class TestRelatedFieldAccess:
@pytest.fixture
def good_role(self, mocker):
return mocker.MagicMock(__contains__=lambda self, user: True)
@pytest.fixture
def bad_role(self, mocker):
return mocker.MagicMock(__contains__=lambda self, user: False)
@pytest.fixture
def resource_good(self, mocker, good_role):
return mocker.MagicMock(related=mocker.MagicMock(admin_role=good_role),
admin_role=good_role)
@pytest.fixture
def resource_bad(self, mocker, bad_role):
return mocker.MagicMock(related=mocker.MagicMock(admin_role=bad_role),
admin_role=bad_role)
@pytest.fixture
def access(self, user_unit):
return BaseAccess(user_unit)
def test_new_optional_fail(self, access, resource_bad, mocker):
"""
User tries to create a new resource, but lacks permission
to the related resource they provided
"""
data = {'related': resource_bad}
assert not access.check_related('related', mocker.MagicMock, data)
def test_new_with_bad_data(self, access, resource_bad, mocker):
data = {'related': 3.1415}
with pytest.raises(ParseError):
access.check_related('related', mocker.MagicMock, data)
def test_new_mandatory_fail(self, access, resource_bad, mocker):
access.user.is_superuser = False
assert not access.check_related(
'related', mocker.MagicMock, {}, mandatory=True)
assert not access.check_related(
'related', mocker.MagicMock, {'resource': None}, mandatory=True)
def test_existing_no_op(self, access, resource_bad, mocker):
"""
User edits a resource, but does not change related field
lack of access to related field does not block action
"""
data = {'related': resource_bad.related}
assert access.check_related(
'related', mocker.MagicMock, data, obj=resource_bad)
def test_existing_required_access(self, access, resource_bad, mocker):
assert not access.check_related(
'related', mocker.MagicMock, {}, obj=resource_bad, mandatory=True)
def test_existing_no_access_to_current(
self, access, resource_good, bad_role, mocker):
"""
User gives a valid related resource (like organization), but does
not have access to _existing_ related resource, so deny action
"""
resource_good.admin_role = bad_role
data = {'related': resource_good.related}
assert access.check_related(
'related', mocker.MagicMock, data, obj=resource_good)
def test_existing_no_access_to_new(
self, access, resource_good, bad_role, mocker):
resource_good.related.admin_role = bad_role
data = {'related': resource_good.related}
assert access.check_related(
'related', mocker.MagicMock, data, obj=resource_good)
def test_existing_not_allowed_to_remove(self, access, resource_bad, mocker):
data = {'related': None}
assert not access.check_related(
'related', mocker.MagicMock, data, obj=resource_bad)
@pytest.fixture
def job_template_with_ids(job_template_factory):
# Create non-persisted objects with IDs to send to job_template_factory
@@ -31,10 +116,6 @@ def job_template_with_ids(job_template_factory):
persisted=False)
return jt_objects.job_template
@pytest.fixture
def user_unit():
return User(username='rando', password='raginrando', email='rando@redhat.com')
def test_superuser(mocker):
user = mocker.MagicMock(spec=User, id=1, is_superuser=True)
access = BaseAccess(user)