External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-05-16 13:57:39 -02:30
Code Issues Packages Projects Releases Wiki Activity

remove shortcut for custom scripts copy

Browse Source
This commit is contained in:
AlanCoding
2018-04-04 14:35:28 -04:00
parent c2446beb6e
commit 6e1e7d8426
2 changed files with 22 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
awx/main/access.py
View File

@@ -395,7 +395,7 @@ class BaseAccess(object):
elif display_method == 'delete' and not isinstance(obj, (User, UnifiedJob, CustomInventoryScript)): elif display_method == 'delete' and not isinstance(obj, (User, UnifiedJob, CustomInventoryScript)):
user_capabilities['delete'] = user_capabilities['edit'] user_capabilities['delete'] = user_capabilities['edit']
continue continue
elif display_method == 'copy' and isinstance(obj, (Group, Host, CustomInventoryScript)): elif display_method == 'copy' and isinstance(obj, (Group, Host)):
user_capabilities['copy'] = user_capabilities['edit'] user_capabilities['copy'] = user_capabilities['edit']
continue continue

27
awx/main/tests/functional/test_rbac_inventory.py
View File

@@ -32,25 +32,40 @@ def test_custom_inv_script_access(organization, user):
assert ou in custom_inv.admin_role assert ou in custom_inv.admin_role
@pytest.mark.django_db @pytest.fixture
def test_modify_inv_script_foreign_org_admin(org_admin, organization, organization_factory, project): def custom_inv(organization):
custom_inv = CustomInventoryScript.objects.create(name='test', script='test', description='test', return CustomInventoryScript.objects.create(
organization=organization) name='test', script='test', description='test', organization=organization)
@pytest.mark.django_db
def test_modify_inv_script_foreign_org_admin(
org_admin, organization, organization_factory, project, custom_inv):
other_org = organization_factory('not-my-org').organization other_org = organization_factory('not-my-org').organization
access = CustomInventoryScriptAccess(org_admin) access = CustomInventoryScriptAccess(org_admin)
assert not access.can_change(custom_inv, {'organization': other_org.pk, 'name': 'new-project'}) assert not access.can_change(custom_inv, {'organization': other_org.pk, 'name': 'new-project'})
@pytest.mark.django_db @pytest.mark.django_db
def test_org_member_inventory_script_permissions(org_member, organization): def test_org_member_inventory_script_permissions(org_member, organization, custom_inv):
custom_inv = CustomInventoryScript.objects.create(name='test', script='test', organization=organization)
access = CustomInventoryScriptAccess(org_member) access = CustomInventoryScriptAccess(org_member)
assert access.can_read(custom_inv) assert access.can_read(custom_inv)
assert not access.can_delete(custom_inv) assert not access.can_delete(custom_inv)
assert not access.can_change(custom_inv, {'name': 'ed-test'}) assert not access.can_change(custom_inv, {'name': 'ed-test'})
@pytest.mark.django_db
def test_copy_only_admin(org_member, organization, custom_inv):
custom_inv.admin_role.members.add(org_member)
access = CustomInventoryScriptAccess(org_member)
assert not access.can_copy(custom_inv)
assert access.get_user_capabilities(custom_inv, method_list=['edit', 'delete', 'copy']) == {
'edit': True,
'delete': True,
'copy': False
}
@pytest.mark.django_db @pytest.mark.django_db
@pytest.mark.parametrize("role", ["admin_role", "inventory_admin_role"]) @pytest.mark.parametrize("role", ["admin_role", "inventory_admin_role"])
def test_access_admin(role, organization, inventory, user): def test_access_admin(role, organization, inventory, user):