External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-05-12 03:47:36 -02:30
Code Issues Packages Projects Releases Wiki Activity

AWX Collections for DAB RBAC

Browse Source 
Adds new modules for CRUD operations on the
following endpoints:

- api/v2/role_definitions
- api/v2/role_user_assignments
- api/v2/role_team_assignments

Note: assignment is Create or Delete only

Additional changes:
- Currently DAB endpoints do not have "type"
field on the resource list items. So this modifies
the create_or_update_if_needed to allow manually
specifying item type.

Signed-off-by: Seth Foster <fosterbseth@gmail.com>
This commit is contained in:
Seth Foster
2024-04-02 15:26:07 -04:00
committed by Alan Rominger
parent 389a729b75
commit 3bb559dd09
13 changed files with 807 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
awx_collection/tests/integration/targets/role_definition/tasks/main.yml Normal file
View File

@@ -0,0 +1,30 @@
---
- name: Create Role Definition
role_definition:
name: test_view_jt
permissions:
- awx.view_jobtemplate
- awx.execute_jobtemplate
content_type: awx.jobtemplate
description: role definition to launch job
state: present
register: result
- assert:
that:
- result is changed
- name: Delete Role Definition
role_definition:
name: test_view_jt
permissions:
- awx.view_jobtemplate
- awx.execute_jobtemplate
content_type: awx.jobtemplate
description: role definition to launch job
state: absent
register: result
- assert:
that:
- result is changed

62
awx_collection/tests/integration/targets/role_team_assignment/tasks/main.yml Normal file
View File

@@ -0,0 +1,62 @@
---
- name: Create Team
team:
name: All Stars
organization: Default
- name: Create Job Template
job_template:
name: Demo Job Template
job_type: run
inventory: Demo Inventory
project: Demo Project
playbook: hello_world.yml
register: job_template
- name: Create Role Definition
role_definition:
name: test_view_jt
permissions:
- awx.view_jobtemplate
- awx.execute_jobtemplate
content_type: awx.jobtemplate
description: role definition to launch job
- name: Create Role Team Assignment
role_team_assignment:
role_definition: test_view_jt
team: All Stars
object_id: "{{ job_template.id }}"
register: result
- assert:
that:
- result is changed
- name: Delete Role Team Assigment
role_team_assignment:
role_definition: test_view_jt
team: All Stars
object_id: "{{ job_template.id }}"
state: absent
register: result
- assert:
that:
- result is changed
- name: Create Role Definition
role_definition:
name: test_view_jt
permissions:
- awx.view_jobtemplate
- awx.execute_jobtemplate
content_type: awx.jobtemplate
description: role definition to launch job
state: absent
- name: Delete Team
team:
name: All Stars
organization: Default
state: absent

63
awx_collection/tests/integration/targets/role_user_assignment/tasks/main.yml Normal file
View File

@@ -0,0 +1,63 @@
---
- name: Create User
user:
username: testing_user
first_name: testing
last_name: user
password: password
- name: Create Job Template
job_template:
name: Demo Job Template
job_type: run
inventory: Demo Inventory
project: Demo Project
playbook: hello_world.yml
register: job_template
- name: Create Role Definition
role_definition:
name: test_view_jt
permissions:
- awx.view_jobtemplate
- awx.execute_jobtemplate
content_type: awx.jobtemplate
description: role definition to launch job
- name: Create Role User Assignment
role_user_assignment:
role_definition: test_view_jt
user: testing_user
object_id: "{{ job_template.id }}"
register: result
- assert:
that:
- result is changed
- name: Delete Role User Assigment
role_user_assignment:
role_definition: test_view_jt
user: testing_user
object_id: "{{ job_template.id }}"
state: absent
register: result
- assert:
that:
- result is changed
- name: Create Role Definition
role_definition:
name: test_view_jt
permissions:
- awx.view_jobtemplate
- awx.execute_jobtemplate
content_type: awx.jobtemplate
description: role definition to launch job
state: absent
- name: Delete User
user:
username: testing_user
state: absent