External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-01-22 15:08:03 -03:30
Code Issues Packages Projects Releases Wiki Activity

update api view/serializers for new role names

Browse Source
This commit is contained in:
Wayne Witzel III 2016-05-13 11:56:47 -04:00
parent da12da2a05
commit 599902da47
5 changed files with 13 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
awx/api/views.py
View File

@ -818,7 +818,7 @@ class TeamList(ListCreateAPIView):
def get_queryset(self):
qs = Team.accessible_objects(self.request.user, 'read_role').order_by()
qs = qs.select_related('admin_role', 'auditor_role', 'member_role', 'organization')
qs = qs.select_related('admin_role', 'read_role', 'member_role', 'organization')
return qs
class TeamDetail(RetrieveUpdateDestroyAPIView):
@ -865,7 +865,7 @@ class TeamProjectsList(SubListAPIView):
def get_queryset(self):
team = self.get_parent_object()
self.check_parent_access(team)
team_qs = Project.objects.filter(Q(member_role__parents=team.member_role) | Q(admin_role__parents=team.member_role)).distinct()
team_qs = Project.objects.filter(Q(use_role__parents=team.member_role) | Q(admin_role__parents=team.member_role)).distinct()
user_qs = Project.accessible_objects(self.request.user, 'read_role').distinct()
return team_qs & user_qs
@ -913,9 +913,8 @@ class ProjectList(ListCreateAPIView):
projects_qs = projects_qs.select_related(
'organization',
'admin_role',
'auditor_role',
'member_role',
'scm_update_role',
'use_role',
'update_role',
)
return projects_qs
@ -1422,7 +1421,7 @@ class InventoryList(ListCreateAPIView):
def get_queryset(self):
qs = Inventory.accessible_objects(self.request.user, 'read_role')
qs = qs.select_related('admin_role', 'auditor_role', 'update_role', 'execute_role')
qs = qs.select_related('admin_role', 'read_role', 'update_role', 'execute_role')
return qs
class InventoryDetail(RetrieveUpdateDestroyAPIView):

4
awx/main/models/rbac.py
View File

@ -42,7 +42,6 @@ role_names = {
'member_role' : 'Member',
'owner_role' : 'Owner',
'read_role' : 'Read',
'scm_update_role' : 'SCM Update',
'update_role' : 'Update',
'use_role' : 'Use',
}
@ -57,8 +56,7 @@ role_descriptions = {
'member_role' : 'User is a member of the %s',
'owner_role' : 'Owns and can manage all aspects of this %s',
'read_role' : 'May view settings for the %s',
'scm_update_role' : 'May update the project from the configured source control management system',
'update_role' : 'May update the inventory or group using the cloud source update system',
'update_role' : 'May update project or inventory or group using the configured source update system',
'use_role' : 'Can use the %s in a job template',
}

2
awx/main/tests/old/ad_hoc.py
View File

@ -491,7 +491,7 @@ class AdHocCommandApiTest(BaseAdHocCommandTest):
# Explicitly give nobody user read permission on the inventory.
nobody_roles_list_url = reverse('api:user_roles_list', args=(self.nobody_django_user.pk,))
with self.current_user('admin'):
response = self.post(nobody_roles_list_url, {"id": self.inventory.auditor_role.id}, expect=204)
response = self.post(nobody_roles_list_url, {"id": self.inventory.read_role.id}, expect=204)
with self.current_user('nobody'):
self.run_test_ad_hoc_command(credential=other_cred.pk, expect=403)
self.check_get_list(url, 'other', qs)

10
awx/main/tests/old/inventory.py
View File

@ -59,7 +59,7 @@ class InventoryTest(BaseTest):
# create a permission here on the 'other' user so they have edit access on the org
# we may add another permission type later.
self.inventory_b.auditor_role.members.add(self.other_django_user)
self.inventory_b.read_role.members.add(self.other_django_user)
def tearDown(self):
super(InventoryTest, self).tearDown()
@ -267,14 +267,14 @@ class InventoryTest(BaseTest):
temp_inv = temp_org.inventories.create(name='Delete Org Inventory')
temp_inv.groups.create(name='Delete Org Inventory Group')
temp_inv.auditor_role.members.add(self.other_django_user)
temp_inv.read_role.members.add(self.other_django_user)
reverse('api:organization_detail', args=(temp_org.pk,))
inventory_detail = reverse('api:inventory_detail', args=(temp_inv.pk,))
auditor_role_users_list = reverse('api:role_users_list', args=(temp_inv.auditor_role.pk,))
read_role_users_list = reverse('api:role_users_list', args=(temp_inv.read_role.pk,))
self.get(inventory_detail, expect=200, auth=self.get_other_credentials())
self.post(auditor_role_users_list, data={'disassociate': True, "id": self.other_django_user.id}, expect=204, auth=self.get_super_credentials())
self.post(read_role_users_list, data={'disassociate': True, "id": self.other_django_user.id}, expect=204, auth=self.get_super_credentials())
self.get(inventory_detail, expect=403, auth=self.get_other_credentials())
def test_create_inventory_script(self):
@ -1474,7 +1474,7 @@ class InventoryUpdatesTest(BaseTransactionTest):
# to see the inventory source and update view, but not start an update.
user_roles_list_url = reverse('api:user_roles_list', args=(self.other_django_user.pk,))
with self.current_user(self.super_django_user):
self.post(user_roles_list_url, {"id": self.inventory.auditor_role.id}, expect=204)
self.post(user_roles_list_url, {"id": self.inventory.read_role.id}, expect=204)
with self.current_user(self.other_django_user):
self.get(inv_src_url, expect=200)
response = self.get(inv_src_update_url, expect=200)

2
awx/main/tests/old/schedules.py
View File

@ -71,7 +71,7 @@ class ScheduleTest(BaseTest):
self.first_inventory_source.source = 'ec2'
self.first_inventory_source.save()
self.first_inventory.auditor_role.members.add(self.other_django_user)
self.first_inventory.read_role.members.add(self.other_django_user)
self.second_inventory = Inventory.objects.create(name='test_inventory_2', description='for org 0', organization=self.organizations[0])
self.second_inventory.hosts.create(name='host_2')