Merge pull request #1121 from rooftopcellist/organization_based_permission

Organization based permission

awx/main/tests/functional/api/test_oauth.py

@@ -19,44 +19,42 @@ def test_personal_access_token_creation(oauth_application, post, alice):
             oauth_application.client_id, oauth_application.client_secret
         ]))
     )
-
     resp_json = resp._container[0]
     assert 'access_token' in resp_json
     assert 'scope' in resp_json
     assert 'refresh_token' in resp_json
-    
+
 
 @pytest.mark.django_db
-def test_oauth_application_create(admin, post):
+def test_oauth_application_create(admin, organization, post):
     response = post(
         reverse('api:o_auth2_application_list'), {
             'name': 'test app',
-            'user': admin.pk,
+            'organization': organization.pk,
             'client_type': 'confidential',
             'authorization_grant_type': 'password',
         }, admin, expect=201
     )
     assert 'modified' in response.data
     assert 'updated' not in response.data
-    assert 'user' in response.data['related']
     created_app = Application.objects.get(client_id=response.data['client_id'])
     assert created_app.name == 'test app'
-    assert created_app.user == admin
     assert created_app.skip_authorization is False
     assert created_app.redirect_uris == ''
     assert created_app.client_type == 'confidential'
     assert created_app.authorization_grant_type == 'password'
+    assert created_app.organization == organization
 
 
 @pytest.mark.django_db
-def test_oauth_application_update(oauth_application, patch, admin, alice):
+def test_oauth_application_update(oauth_application, organization, patch, admin, alice):
     patch(
         reverse('api:o_auth2_application_detail', kwargs={'pk': oauth_application.pk}), {
             'name': 'Test app with immutable grant type and user',
+            'organization': organization.pk,
             'redirect_uris': 'http://localhost/api/',
             'authorization_grant_type': 'implicit',
             'skip_authorization': True,
-            'user': alice.pk,
         }, admin, expect=200
     )
     updated_app = Application.objects.get(client_id=oauth_application.client_id)
@@ -64,7 +62,7 @@ def test_oauth_application_update(oauth_application, patch, admin, alice):
     assert updated_app.redirect_uris == 'http://localhost/api/'
     assert updated_app.skip_authorization is True
     assert updated_app.authorization_grant_type == 'password'
-    assert updated_app.user == admin
+    assert updated_app.organization == organization
 
 
 @pytest.mark.django_db

awx/main/tests/functional/api/test_organizations.py

@@ -131,7 +131,7 @@ def test_organization_inventory_list(organization, inventory_factory, get, alice
     assert get(reverse('api:organization_inventories_list', kwargs={'pk': organization.id}), user=alice).data['count'] == 2
     assert get(reverse('api:organization_inventories_list', kwargs={'pk': organization.id}), user=bob).data['count'] == 1
     get(reverse('api:organization_inventories_list', kwargs={'pk': organization.id}), user=rando, expect=403)
-
+    
 
 @pytest.mark.django_db
 @mock.patch('awx.api.views.feature_enabled', lambda feature: True)