From 4e2e4667defde4616c36f594fb7bff8659935031 Mon Sep 17 00:00:00 2001
From: AlanCoding <arominger@ansible.com>
Date: Mon, 16 May 2016 13:09:14 -0400
Subject: [PATCH] test for activity stream selective access

---
 .../tests/functional/api/test_activity_streams.py | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/awx/main/tests/functional/api/test_activity_streams.py b/awx/main/tests/functional/api/test_activity_streams.py
index 97aae7da3e..2a85a86a5b 100644
--- a/awx/main/tests/functional/api/test_activity_streams.py
+++ b/awx/main/tests/functional/api/test_activity_streams.py
@@ -97,3 +97,18 @@ def test_stream_access_cant_change(activity_stream_entry, organization, rando):
     assert not access.can_add(activity_stream_entry)
     assert not access.can_change(activity_stream_entry, {'organization': None})
     assert not access.can_delete(activity_stream_entry)
+
+@pytest.mark.django_db
+@pytest.mark.activity_stream_access
+@pytest.mark.skipif(not getattr(settings, 'ACTIVITY_STREAM_ENABLED', True), reason="Activity stream not enabled")
+@mock.patch('awx.api.views.feature_enabled', new=mock_feature_enabled)
+def test_stream_queryset(activity_stream_entry, organization, rando, user_project):
+    # user_project and its owner has no relationship to the user rando
+    rando_access = ActivityStreamAccess(rando)
+    queryset = rando_access.get_queryset()
+
+    # Rando can see that he was appointed organization admin
+    assert queryset.filter(organization__pk=organization.pk, operation='associate')
+
+    # Rando can not see anything related to the project
+    assert not queryset.filter(project__pk=user_project.pk)