External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-03-18 17:37:30 -02:30
Code Issues Packages Projects Releases Wiki Activity

allow relaunching other user jobs with public vars

Browse Source
This commit is contained in:
AlanCoding
2019-04-29 20:38:36 -04:00
parent aaeb2d6fb9
commit 5720601a2e
4 changed files with 44 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
awx/main/tests/functional/api/test_job.py
View File

@@ -58,7 +58,7 @@ def test_job_relaunch_permission_denied_response(
@pytest.mark.django_db
def test_job_relaunch_permission_denied_response_other_user(get, post, inventory, project, alice, bob):
def test_job_relaunch_permission_denied_response_other_user(get, post, inventory, project, alice, bob, survey_spec_factory):
'''
Asserts custom permission denied message corresponding to
awx/main/tests/functional/test_rbac_job.py::TestJobRelaunchAccess::test_other_user_prompts
@@ -66,18 +66,26 @@ def test_job_relaunch_permission_denied_response_other_user(get, post, inventory
jt = JobTemplate.objects.create(
name='testjt', inventory=inventory, project=project,
ask_credential_on_launch=True,
ask_variables_on_launch=True)
ask_variables_on_launch=True,
survey_spec=survey_spec_factory([{'variable': 'secret_key', 'default': '6kQngg3h8lgiSTvIEb21', 'type': 'password'}]),
survey_enabled=True
)
jt.execute_role.members.add(alice, bob)
with impersonate(bob):
job = jt.create_unified_job(extra_vars={'job_var': 'foo2'})
job = jt.create_unified_job(extra_vars={'job_var': 'foo2', 'secret_key': 'sk4t3Rb01'})
# User capability is shown for this
r = get(job.get_absolute_url(), alice, expect=200)
assert r.data['summary_fields']['user_capabilities']['start']
# Job has prompted data, launch denied w/ message
r = post(reverse('api:job_relaunch', kwargs={'pk':job.pk}), {}, alice, expect=403)
assert 'Job was launched with prompts provided by another user' in r.data['detail']
r = post(
url=reverse('api:job_relaunch', kwargs={'pk':job.pk}),
data={},
user=alice,
expect=403
)
assert 'Job was launched with secret prompts provided by another user' in r.data['detail']
@pytest.mark.django_db