Prevent unprivileged users from deleting inventory sources

awx/main/tests/functional/test_rbac_inventory.py

@@ -93,6 +93,20 @@ def test_inventory_update_org_admin(inventory_update, org_admin):
     assert access.can_delete(inventory_update)
 
 
+@pytest.mark.parametrize("role_field,allowed", [
+    (None, False),
+    ('admin_role', True),
+    ('update_role', False),
+    ('adhoc_role', False),
+    ('use_role', False)
+])
+@pytest.mark.django_db
+def test_inventory_source_delete(inventory_source, alice, role_field, allowed):
+    if role_field:
+        getattr(inventory_source.inventory, role_field).members.add(alice)
+    assert allowed == InventorySourceAccess(alice).can_delete(inventory_source), '{} test failed'.format(role_field)
+
+
 # See companion test in tests/functional/api/test_inventory.py::test_inventory_update_access_called
 @pytest.mark.parametrize("role_field,allowed", [
     (None, False),