External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-03-20 02:17:37 -02:30
Code Issues Packages Projects Releases Wiki Activity

Some testing and bug fixes for scan job templates

Browse Source
This commit is contained in:
Matthew Jones
2015-03-06 11:00:28 -05:00
parent 987a898380
commit 3d46a4ce37
2 changed files with 23 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
awx/main/access.py
View File

@@ -928,9 +928,9 @@ class JobTemplateAccess(BaseAccess):
project_pk = get_pk_from_dict(data, 'project') project_pk = get_pk_from_dict(data, 'project')
if 'job_type' in data and data['job_type'] == PERM_INVENTORY_SCAN: if 'job_type' in data and data['job_type'] == PERM_INVENTORY_SCAN:
if not project_pk and self.user.can_access(Organization, 'change', inventory.organization, None): if not project_pk and self.user.can_access(Organization, 'change', inventory[0].organization, None):
return True return True
elif not self.user.can_access(Organization, "change", inventory.organization, None): elif not self.user.can_access(Organization, "change", inventory[0].organization, None):
return False return False
# If the user has admin access to the project (as an org admin), should # If the user has admin access to the project (as an org admin), should
# be able to proceed without additional checks. # be able to proceed without additional checks.

21
awx/main/tests/jobs/jobs_monolithic.py
View File

@@ -423,6 +423,27 @@ class JobTemplateTest(BaseJobTestMixin, django.test.TestCase):
# FIXME: Check other credentials and optional fields. # FIXME: Check other credentials and optional fields.
def test_post_scan_job_template(self):
url = reverse('api:job_template_list')
data = dict(
name = 'scan job template 1',
job_type = PERM_INVENTORY_SCAN,
inventory = self.inv_eng.pk,
)
# Regular users, even those who have access to the inv and cred can't create scan jobs templates
with self.current_user(self.user_doug):
data['credential'] = self.cred_doug.pk
response = self.post(url, data, expect=403)
# Org admins can create scan job templates in their org
with self.current_user(self.user_chuck):
data['credential'] = self.cred_chuck.pk
response = self.post(url, data, expect=201)
detail_url = reverse('api:job_template_detail',
args=(response['id'],))
# Non Org Admins don't have permission to access it though
with self.current_user(self.user_doug):
self.get(detail_url, expect=403)
def test_launch_job_template(self): def test_launch_job_template(self):
url = reverse('api:job_template_list') url = reverse('api:job_template_list')
data = dict( data = dict(