External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-02-24 22:46:01 -03:30
Code Issues Packages Projects Releases Wiki Activity

disallow ask_at_runtime fields for custom credential types

Browse Source
This commit is contained in:
Ryan Petrello
2017-05-02 10:35:32 -04:00
parent bc20fa24f3
commit 61b3f7afb7
2 changed files with 36 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
awx/api/serializers.py
View File

@@ -1823,6 +1823,13 @@ class CredentialTypeSerializer(BaseSerializer):
fields = ('*', 'kind', 'name', 'managed_by_tower', 'inputs', fields = ('*', 'kind', 'name', 'managed_by_tower', 'inputs',
'injectors') 'injectors')
def validate(self, attrs):
fields = attrs.get('inputs', {}).get('fields', [])
for field in fields:
if field.get('ask_at_runtime', False):
raise serializers.ValidationError({"detail": _("'ask_at_runtime' is not supported for custom credentials.")})
return super(CredentialTypeSerializer, self).validate(attrs)
# TODO: remove when API v1 is removed # TODO: remove when API v1 is removed
@six.add_metaclass(BaseSerializerMetaclass) @six.add_metaclass(BaseSerializerMetaclass)

35
awx/main/tests/functional/api/test_credential_type.py
View File

@@ -110,8 +110,7 @@ def test_create_with_valid_inputs(get, post, admin):
'id': 'api_token', 'id': 'api_token',
'label': 'API Token', 'label': 'API Token',
'type': 'string', 'type': 'string',
'secret': True, 'secret': True
'ask_at_runtime': True
}] }]
}, },
'injectors': {} 'injectors': {}
@@ -124,7 +123,6 @@ def test_create_with_valid_inputs(get, post, admin):
assert len(fields) == 1 assert len(fields) == 1
assert fields[0]['id'] == 'api_token' assert fields[0]['id'] == 'api_token'
assert fields[0]['label'] == 'API Token' assert fields[0]['label'] == 'API Token'
assert fields[0]['ask_at_runtime'] is True
assert fields[0]['secret'] is True assert fields[0]['secret'] is True
assert fields[0]['type'] == 'string' assert fields[0]['type'] == 'string'
@@ -142,7 +140,8 @@ def test_create_with_invalid_inputs_xfail(post, admin):
@pytest.mark.django_db @pytest.mark.django_db
def test_create_with_valid_injectors(get, post, admin): def test_ask_at_runtime_xfail(get, post, admin):
# ask_at_runtime is only supported by the built-in SSH and Vault types
response = post(reverse('api:credential_type_list'), { response = post(reverse('api:credential_type_list'), {
'kind': 'cloud', 'kind': 'cloud',
'name': 'MyCloud', 'name': 'MyCloud',
@@ -161,6 +160,31 @@ def test_create_with_valid_injectors(get, post, admin):
} }
} }
}, admin) }, admin)
assert response.status_code == 400
response = get(reverse('api:credential_type_list'), admin)
assert response.data['count'] == 0
@pytest.mark.django_db
def test_create_with_valid_injectors(get, post, admin):
response = post(reverse('api:credential_type_list'), {
'kind': 'cloud',
'name': 'MyCloud',
'inputs': {
'fields': [{
'id': 'api_token',
'label': 'API Token',
'type': 'string',
'secret': True
}]
},
'injectors': {
'env': {
'ANSIBLE_MY_CLOUD_TOKEN': '{{api_token}}'
}
}
}, admin)
assert response.status_code == 201 assert response.status_code == 201
response = get(reverse('api:credential_type_list'), admin) response = get(reverse('api:credential_type_list'), admin)
@@ -193,8 +217,7 @@ def test_create_with_undefined_template_variable_xfail(post, admin):
'id': 'api_token', 'id': 'api_token',
'label': 'API Token', 'label': 'API Token',
'type': 'string', 'type': 'string',
'secret': True, 'secret': True
'ask_at_runtime': True
}] }]
}, },
'injectors': { 'injectors': {