From 667fce5012b2520e33fbb4f4a1bcd602a933d0eb Mon Sep 17 00:00:00 2001 From: beeankha Date: Fri, 16 Aug 2019 16:00:18 -0400 Subject: [PATCH] Fix flake8 errors, update doc strings, ... ... and return full object details when doing a POST to create new approval nodes. --- awx/api/urls/workflow_approval.py | 2 -- awx/api/views/__init__.py | 20 +++++++------------ awx/main/access.py | 33 ++++++++++++++++++------------- awx/main/models/workflow.py | 4 +--- 4 files changed, 27 insertions(+), 32 deletions(-) diff --git a/awx/api/urls/workflow_approval.py b/awx/api/urls/workflow_approval.py index 682111b8da..dc58da1d3a 100644 --- a/awx/api/urls/workflow_approval.py +++ b/awx/api/urls/workflow_approval.py @@ -8,7 +8,6 @@ from awx.api.views import ( WorkflowApprovalDetail, WorkflowApprovalApprove, WorkflowApprovalDeny, - WorkflowApprovalNotificationsList, ) @@ -17,7 +16,6 @@ urls = [ url(r'^(?P[0-9]+)/$', WorkflowApprovalDetail.as_view(), name='workflow_approval_detail'), url(r'^(?P[0-9]+)/approve/$', WorkflowApprovalApprove.as_view(), name='workflow_approval_approve'), url(r'^(?P[0-9]+)/deny/$', WorkflowApprovalDeny.as_view(), name='workflow_approval_deny'), - url(r'^(?P[0-9]+)/notifications/$', WorkflowApprovalNotificationsList.as_view(), name='workflow_approval_notifications_list'), ] __all__ = ['urls'] diff --git a/awx/api/views/__init__.py b/awx/api/views/__init__.py index fd1a36c0e4..cde1ccc6bc 100644 --- a/awx/api/views/__init__.py +++ b/awx/api/views/__init__.py @@ -3018,12 +3018,16 @@ class WorkflowJobTemplateNodeCreateApproval(RetrieveAPIView): serializer_class = serializers.WorkflowJobTemplateNodeCreateApprovalSerializer def post(self, request, *args, **kwargs): - serializer = self.get_serializer(data=request.data) + obj = self.get_object() + serializer = self.get_serializer(instance=obj, data=request.data) if not serializer.is_valid(): return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST) - obj = self.get_object() approval_template = obj.create_approval_template(**serializer.validated_data) - return Response(data={'id':approval_template.pk}, status=status.HTTP_200_OK) + data = serializers.WorkflowApprovalTemplateSerializer( + approval_template, + context=self.get_serializer_context() + ).data + return Response(data, status=status.HTTP_200_OK) def check_permissions(self, request): obj = self.get_object().workflow_job_template @@ -4487,13 +4491,3 @@ class WorkflowApprovalDeny(RetrieveAPIView): return Response("This workflow step has already been approved or denied.", status=status.HTTP_400_BAD_REQUEST) obj.deny(request) return Response(status=status.HTTP_204_NO_CONTENT) - - -# Placeholder code for approval notification support -class WorkflowApprovalNotificationsList(SubListAPIView): - - model = models.Notification - serializer_class = serializers.NotificationSerializer - parent_model = models.WorkflowApproval - relationship = 'notifications' - search_fields = ('subject', 'notification_type', 'body',) diff --git a/awx/main/access.py b/awx/main/access.py index d39ab65b49..7533db162e 100644 --- a/awx/main/access.py +++ b/awx/main/access.py @@ -134,7 +134,7 @@ def check_user_access_with_errors(user, model_class, action, *args, **kwargs): access_instance = access_class(user, save_messages=True) access_method = getattr(access_instance, 'can_%s' % action, None) result = access_method(*args, **kwargs) - logger.error('%s.%s %r returned %r', access_instance.__class__.__name__, + logger.debug('%s.%s %r returned %r', access_instance.__class__.__name__, access_method.__name__, args, result) return (result, access_instance.messages) @@ -2781,10 +2781,15 @@ class RoleAccess(BaseAccess): class WorkflowApprovalAccess(BaseAccess): ''' - I can approve workflows when: - - I'm authenticated - I can create when: - - I'm a superuser: + A user can create an approval template if they are a superuser, an org admin + of the org connected to the workflow, or if they are assigned as admins to + the workflow. + + A user can approve a workflow when they are: + - a superuser + - a workflow admin + - an organization admin + - any user who has explicitly been assigned the "approver" role ''' model = WorkflowApproval @@ -2810,10 +2815,15 @@ class WorkflowApprovalAccess(BaseAccess): class WorkflowApprovalTemplateAccess(BaseAccess): ''' - I can create approval nodes when: - - - I can approve workflows when: - - + A user can create an approval template if they are a superuser, an org admin + of the org connected to the workflow, or if they are assigned as admins to + the workflow. + + A user can approve a workflow when they are: + - a superuser + - a workflow admin + - an organization admin + - any user who has explicitly been assigned the "approver" role ''' model = WorkflowApprovalTemplate @@ -2821,11 +2831,6 @@ class WorkflowApprovalTemplateAccess(BaseAccess): @check_superuser def can_add(self, data): - ''' - A user can create an approval template if they are a superuser, an org admin - of the org connected to the workflow, or if they are assigned as admins to - the workflow. - ''' if data is None: # Hide direct creation in API browser return False else: diff --git a/awx/main/models/workflow.py b/awx/main/models/workflow.py index 840a556262..99c76ff77f 100644 --- a/awx/main/models/workflow.py +++ b/awx/main/models/workflow.py @@ -2,7 +2,6 @@ # All Rights Reserved. # Python -import json import logging # Django @@ -32,11 +31,10 @@ from awx.main.models.mixins import ( RelatedJobsMixin, ) from awx.main.models.jobs import LaunchTimeConfigBase, LaunchTimeConfig, JobTemplate -from awx.main.models.activity_stream import ActivityStream from awx.main.models.credential import Credential from awx.main.redact import REPLACE_STR from awx.main.fields import JSONField -from awx.main.utils import model_to_dict, schedule_task_manager +from awx.main.utils import schedule_task_manager from copy import copy