Start of projects (+teams/credentials/permissions) tests.

lib/main/models/__init__.py

@@ -542,6 +542,8 @@ class Project(CommonModel):
         return False
 
 
+
+
 class Permission(CommonModelNameNotUnique):
     '''
     A permission allows a user, project, or team to be able to use an inventory source.

lib/main/tests/__init__.py

@@ -19,5 +19,6 @@
 from lib.main.tests.organizations import OrganizationsTest
 from lib.main.tests.users import UsersTest
 from lib.main.tests.inventory import InventoryTest
+from lib.main.tests.projects import ProjectsTest
 from lib.main.tests.commands import AcomInventoryTest
 from lib.main.tests.tasks import RunLaunchJobTest

lib/main/views.py

@@ -146,6 +146,30 @@ class OrganizationsTagsList(BaseSubList):
             raise PermissionDenied()
         return Tag.objects.filter(organization_by_tag__in = [ organization ])
 
+class ProjectsList(BaseList):
+
+    model = Project
+    serializer_class = ProjectSerializer
+    permission_classes = (CustomRbac,)
+
+    # I can see a project if
+    #   I am a superuser
+    #   I am an admin of the organization that contains the project
+    #   I am a member of a team that also contains the project
+   
+    def _get_queryset(self):
+        ''' I can see organizations when I am a superuser, or I am an admin or user in that organization '''
+        base = Project.objects
+        if self.request.user.is_superuser:
+            return base.all()
+        my_teams = Team.objects.filter(users__in = [ self.request.user])
+        my_orgs  = Organization.objects.filter(admins__in = [ self.request.user ])
+        return base.filter(
+            teams__in = my_teams
+        ).distinct() | base.filter(
+            organizations__in = my_orgs
+        ).distinct()
+
 class ProjectsDetail(BaseDetail):
 
     model = Project