External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-02-28 08:18:43 -03:30
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #16 from sean-m-sullivan/approval_role

Browse Source 
update to approval role
This commit is contained in:
Sean Sullivan
2020-10-17 00:10:00 -05:00
committed by GitHub
parent 0393d537de 82bb8033ec
commit 6c1f688bf1
3 changed files with 34 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
awx_collection/plugins/modules/tower_role.py
View File

@@ -34,7 +34,7 @@ options:
description: description:
- The role type to grant/revoke. - The role type to grant/revoke.
required: True required: True
choices: ["admin", "read", "member", "execute", "adhoc", "update", "use", "auditor", "project_admin", "inventory_admin", "credential_admin", choices: ["admin", "read", "member", "execute", "adhoc", "update", "use", "approval", "auditor", "project_admin", "inventory_admin", "credential_admin",
"workflow_admin", "notification_admin", "job_template_admin"] "workflow_admin", "notification_admin", "job_template_admin"]
type: str type: str
target_team: target_team:
@@ -147,7 +147,7 @@ def main():
argument_spec = dict( argument_spec = dict(
user=dict(), user=dict(),
team=dict(), team=dict(),
role=dict(choices=["admin", "read", "member", "execute", "adhoc", "update", "use", "auditor", "project_admin", "inventory_admin", "credential_admin", role=dict(choices=["admin", "read", "member", "execute", "adhoc", "update", "use", "approval", "auditor", "project_admin", "inventory_admin", "credential_admin",
"workflow_admin", "notification_admin", "job_template_admin"], required=True), "workflow_admin", "notification_admin", "job_template_admin"], required=True),
target_team=dict(), target_team=dict(),
inventory=dict(), inventory=dict(),

20
awx_collection/test/awx/test_role.py
View File

@@ -48,6 +48,26 @@ def test_grant_workflow_permission(run_module, admin_user, organization, state):
else: else:
assert rando not in wfjt.execute_role assert rando not in wfjt.execute_role
@pytest.mark.django_db
@pytest.mark.parametrize('state', ('present', 'absent'))
def test_grant_workflow_approval_permission(run_module, admin_user, organization, state):
wfjt = WorkflowJobTemplate.objects.create(organization=organization, name='foo-workflow')
rando = User.objects.create(username='rando')
if state == 'absent':
wfjt.execute_role.members.add(rando)
result = run_module('tower_role', {
'user': rando.username,
'workflow': wfjt.name,
'role': 'approval',
'state': state
}, admin_user)
assert not result.get('failed', False), result.get('msg', result)
if state == 'present':
assert rando in wfjt.approval_role
else:
assert rando not in wfjt.approval_role
@pytest.mark.django_db @pytest.mark.django_db
def test_invalid_role(run_module, admin_user, project): def test_invalid_role(run_module, admin_user, project):

12
awx_collection/tests/integration/targets/tower_role/tasks/main.yml
View File

@@ -96,6 +96,18 @@
that: that:
- "result is not changed" - "result is not changed"
- name: Add Joe to workflow approve role
tower_role:
user: "{{ username }}"
role: approval
workflow: test-role-workflow
state: present
register: result
- assert:
that:
- "result is changed"
always: always:
- name: Delete a User - name: Delete a User
tower_user: tower_user: