External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-04-07 02:59:21 -02:30
Code Issues Packages Projects Releases Wiki Activity

Prevent deleting organizations on basic licenses

Browse Source 
Plus unit tests
This commit is contained in:
Matthew Jones
2015-10-12 14:51:36 -04:00
parent 4c14827f46
commit 46aa6dfabb
3 changed files with 24 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
awx/main/access.py
View File

@@ -262,6 +262,7 @@ class OrganizationAccess(BaseAccess):
self.user in obj.admins.all()) self.user in obj.admins.all())
def can_delete(self, obj): def can_delete(self, obj):
self.check_license(feature='multiple_organizations')
return self.can_change(obj, None) return self.can_change(obj, None)
class InventoryAccess(BaseAccess): class InventoryAccess(BaseAccess):

14
awx/main/tests/base.py
View File

@@ -192,6 +192,20 @@ class BaseTestMixin(QueueTestMixin, MockCommonlySlowTestMixin):
self._temp_paths.append(license_path) self._temp_paths.append(license_path)
os.environ['AWX_LICENSE_FILE'] = license_path os.environ['AWX_LICENSE_FILE'] = license_path
def create_basic_license_file(self, instance_count=100, license_date=int(time.time() + 3600)):
writer = LicenseWriter(
company_name='AWX',
contact_name='AWX Admin',
contact_email='awx@example.com',
license_date=license_date,
instance_count=instance_count,
license_type='basic')
handle, license_path = tempfile.mkstemp(suffix='.json')
os.close(handle)
writer.write_file(license_path)
self._temp_paths.append(license_path)
os.environ['AWX_LICENSE_FILE'] = license_path
def create_expired_license_file(self, instance_count=1000, grace_period=False): def create_expired_license_file(self, instance_count=1000, grace_period=False):
license_date = time.time() - 1 license_date = time.time() - 1
if not grace_period: if not grace_period:

9
awx/main/tests/organizations.py
View File

@@ -267,6 +267,11 @@ class OrganizationsTest(BaseTest):
# look at what we got back from the post, make sure we added an org # look at what we got back from the post, make sure we added an org
last_org = Organization.objects.order_by('-pk')[0] last_org = Organization.objects.order_by('-pk')[0]
self.assertTrue(data1['url'].endswith("/%d/" % last_org.pk)) self.assertTrue(data1['url'].endswith("/%d/" % last_org.pk))
# Test that not even super users can create an organization with a basic license
self.create_basic_license_file()
cant_org = dict(name='silly user org', description='4815162342')
self.post(self.collection(), cant_org, expect=402, auth=self.get_super_credentials())
def test_post_item_subobjects_projects(self): def test_post_item_subobjects_projects(self):
@@ -437,6 +442,10 @@ class OrganizationsTest(BaseTest):
# also check that DELETE on the collection doesn't work # also check that DELETE on the collection doesn't work
self.delete(self.collection(), expect=405, auth=self.get_super_credentials()) self.delete(self.collection(), expect=405, auth=self.get_super_credentials())
# Test that not even super users can delete an organization with a basic license
self.create_basic_license_file()
self.delete(urls[2], expect=402, auth=self.get_super_credentials())
def test_invalid_post_data(self): def test_invalid_post_data(self):
url = reverse('api:organization_list') url = reverse('api:organization_list')
# API should gracefully handle data of an invalid type. # API should gracefully handle data of an invalid type.