External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-05-20 23:37:39 -02:30
Code Issues Packages Projects Releases Wiki Activity

tests for saving survey passwords to job

Browse Source
This commit is contained in:
AlanCoding
2016-08-08 13:06:07 -04:00
parent 9f3d9fa78a
commit 6559118f40
7 changed files with 50 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
awx/main/migrations/_save_password_keys.py
View File

@@ -1,8 +1,10 @@
def survey_password_variables(survey_spec): def survey_password_variables(survey_spec):
vars = [] vars = []
# Get variables that are type password # Get variables that are type password
if 'spec' not in survey_spec:
return vars
for survey_element in survey_spec['spec']: for survey_element in survey_spec['spec']:
if survey_element['type'] == 'password': if 'type' in survey_element and survey_element['type'] == 'password':
vars.append(survey_element['variable']) vars.append(survey_element['variable'])
return vars return vars

10
awx/main/tests/conftest.py
View File

@@ -26,16 +26,16 @@ def survey_spec_factory():
return create_survey_spec return create_survey_spec
@pytest.fixture @pytest.fixture
def job_with_secret_key_factory(job_template_factory): def job_template_with_survey_passwords_factory(job_template_factory):
def rf(persisted): def rf(persisted):
"Returns job with linked JT survey with password survey questions" "Returns job with linked JT survey with password survey questions"
objects = job_template_factory('jt', organization='org1', survey=[ objects = job_template_factory('jt', organization='org1', survey=[
{'variable': 'submitter_email', 'type': 'text', 'default': 'foobar@redhat.com'}, {'variable': 'submitter_email', 'type': 'text', 'default': 'foobar@redhat.com'},
{'variable': 'secret_key', 'default': '6kQngg3h8lgiSTvIEb21', 'type': 'password'}, {'variable': 'secret_key', 'default': '6kQngg3h8lgiSTvIEb21', 'type': 'password'},
{'variable': 'SSN', 'type': 'password'}], jobs=[1], persisted=persisted) {'variable': 'SSN', 'type': 'password'}], persisted=persisted)
return objects.jobs[1] return objects.job_template
return rf return rf
@pytest.fixture @pytest.fixture
def job_with_secret_key_unit(job_with_secret_key_factory): def job_template_with_survey_passwords_unit(job_template_with_survey_passwords_factory):
return job_with_secret_key_factory(persisted=False) return job_template_with_survey_passwords_factory(persisted=False)

21
awx/main/tests/functional/api/test_job_template.py
View File

@@ -3,12 +3,14 @@ import mock
# AWX # AWX
from awx.api.serializers import JobTemplateSerializer, JobLaunchSerializer from awx.api.serializers import JobTemplateSerializer, JobLaunchSerializer
from awx.main.models.jobs import JobTemplate from awx.main.models.jobs import JobTemplate, Job
from awx.main.models.projects import ProjectOptions from awx.main.models.projects import ProjectOptions
from awx.main.migrations import _save_password_keys as save_password_keys
# Django # Django
from django.test.client import RequestFactory from django.test.client import RequestFactory
from django.core.urlresolvers import reverse from django.core.urlresolvers import reverse
from django.apps import apps
@property @property
def project_playbooks(self): def project_playbooks(self):
@@ -348,3 +350,20 @@ def test_disallow_template_delete_on_running_job(job_template_factory, delete, a
objects.job_template.create_unified_job() objects.job_template.create_unified_job()
delete_response = delete(reverse('api:job_template_detail', args=[objects.job_template.pk]), user=admin_user) delete_response = delete(reverse('api:job_template_detail', args=[objects.job_template.pk]), user=admin_user)
assert delete_response.status_code == 409 assert delete_response.status_code == 409
@pytest.mark.django_db
def test_save_survey_passwords_to_job(job_template_with_survey_passwords):
"""Test that when a new job is created, the survey_passwords field is
given all of the passwords that exist in the JT survey"""
job = job_template_with_survey_passwords.create_unified_job()
assert job.survey_passwords == {'SSN': '$encrypted$', 'secret_key': '$encrypted$'}
@pytest.mark.django_db
def test_save_survey_passwords_on_migration(job_template_with_survey_passwords):
"""Test that when upgrading to 3.0.2, the jobs connected to a JT that has
a survey with passwords in it, the survey passwords get saved to the
job survey_passwords field."""
Job.objects.create(job_template=job_template_with_survey_passwords)
save_password_keys.migrate_survey_passwords(apps, None)
job = job_template_with_survey_passwords.jobs.all()[0]
assert job.survey_passwords == {'SSN': '$encrypted$', 'secret_key': '$encrypted$'}

3
awx/main/tests/functional/api/test_survey_spec.py
View File

@@ -193,7 +193,8 @@ def test_launch_with_non_empty_survey_spec_no_license(job_template_factory, post
@pytest.mark.django_db @pytest.mark.django_db
@pytest.mark.survey @pytest.mark.survey
def test_redact_survey_passwords_in_activity_stream(job_with_secret_key): def test_redact_survey_passwords_in_activity_stream(job_template_with_survey_passwords):
job_template_with_survey_passwords.create_unified_job()
AS_record = ActivityStream.objects.filter(object1='job').all()[0] AS_record = ActivityStream.objects.filter(object1='job').all()[0]
changes_dict = json.loads(AS_record.changes) changes_dict = json.loads(AS_record.changes)
extra_vars = json.loads(changes_dict['extra_vars']) extra_vars = json.loads(changes_dict['extra_vars'])

4
awx/main/tests/functional/conftest.py
View File

@@ -206,8 +206,8 @@ def notification(notification_template):
subject='email subject') subject='email subject')
@pytest.fixture @pytest.fixture
def job_with_secret_key(job_with_secret_key_factory): def job_template_with_survey_passwords(job_template_with_survey_passwords_factory):
return job_with_secret_key_factory(persisted=True) return job_template_with_survey_passwords_factory(persisted=True)
@pytest.fixture @pytest.fixture
def admin(user): def admin(user):

7
awx/main/tests/unit/models/test_job_template_unit.py
View File

@@ -35,6 +35,7 @@ def test_inventory_credential_contradictions(job_template_factory):
assert 'credential' in validation_errors assert 'credential' in validation_errors
@pytest.mark.survey @pytest.mark.survey
def test_survey_password_list(job_with_secret_key_unit): def test_job_template_survey_password_redaction(job_template_with_survey_passwords_unit):
"""Verify that survey_password_variables method gives a list of survey passwords""" """Tests the JobTemplate model's funciton to redact passwords from
assert job_with_secret_key_unit.job_template.survey_password_variables() == ['secret_key', 'SSN'] extra_vars - used when creating a new job"""
assert job_template_with_survey_passwords_unit.survey_password_variables() == ['secret_key', 'SSN']

17
awx/main/tests/unit/models/test_job_unit.py
View File

@@ -2,6 +2,7 @@ import pytest
import json import json
from awx.main.tasks import RunJob from awx.main.tasks import RunJob
from awx.main.models import Job
@pytest.fixture @pytest.fixture
@@ -14,9 +15,19 @@ def job(mocker):
'launch_type': 'manual'}) 'launch_type': 'manual'})
@pytest.mark.survey @pytest.mark.survey
def test_job_redacted_extra_vars(job_with_secret_key_unit): def test_job_survey_password_redaction():
"""Verify that this method redacts vars marked as passwords in a survey""" """Tests the Job model's funciton to redact passwords from
assert json.loads(job_with_secret_key_unit.display_extra_vars()) == { extra_vars - used when displaying job information"""
job = Job(
name="test-job-with-passwords",
extra_vars=json.dumps({
'submitter_email': 'foobar@redhat.com',
'secret_key': '6kQngg3h8lgiSTvIEb21',
'SSN': '123-45-6789'}),
survey_passwords={
'secret_key': '$encrypted$',
'SSN': '$encrypted$'})
assert json.loads(job.display_extra_vars()) == {
'submitter_email': 'foobar@redhat.com', 'submitter_email': 'foobar@redhat.com',
'secret_key': '$encrypted$', 'secret_key': '$encrypted$',
'SSN': '$encrypted$'} 'SSN': '$encrypted$'}