diff --git a/awx/main/tests/unit/api/test_serializers.py b/awx/main/tests/unit/api/test_serializers.py index 01c60adcc4..a8fb25d005 100644 --- a/awx/main/tests/unit/api/test_serializers.py +++ b/awx/main/tests/unit/api/test_serializers.py @@ -147,8 +147,7 @@ class TestJobSerializerGetRelated(GetRelatedMixin): assert related['job_template'] == '/api/v1/%s/%d/' % ('job_templates', job.job_template.pk) @mock.patch('awx.api.serializers.BaseSerializer.to_representation', lambda self,obj: { - 'extra_vars': obj.extra_vars -}) + 'extra_vars': obj.extra_vars}) class TestJobSerializerSubstitution(): def test_survey_password_hide(self, mocker): diff --git a/awx/main/tests/unit/models/test_job_template_unit.py b/awx/main/tests/unit/models/test_job_template_unit.py index ff9f2c6e67..a25cce6f6c 100644 --- a/awx/main/tests/unit/models/test_job_template_unit.py +++ b/awx/main/tests/unit/models/test_job_template_unit.py @@ -1,5 +1,4 @@ import pytest -import json def test_missing_project_error(job_template_factory): @@ -39,11 +38,3 @@ def test_inventory_credential_contradictions(job_template_factory): def test_survey_password_list(job_with_secret_key_unit): """Verify that survey_password_variables method gives a list of survey passwords""" assert job_with_secret_key_unit.job_template.survey_password_variables() == ['secret_key', 'SSN'] - -@pytest.mark.survey -def test_job_redacted_extra_vars(job_with_secret_key_unit): - """Verify that this method redacts vars marked as passwords in a survey""" - assert json.loads(job_with_secret_key_unit.display_extra_vars()) == { - 'submitter_email': 'foobar@redhat.com', - 'secret_key': '$encrypted$', - 'SSN': '$encrypted$'} diff --git a/awx/main/tests/unit/models/test_job_unit.py b/awx/main/tests/unit/models/test_job_unit.py index 6b6946b136..a1791c59d5 100644 --- a/awx/main/tests/unit/models/test_job_unit.py +++ b/awx/main/tests/unit/models/test_job_unit.py @@ -1,23 +1,39 @@ +import pytest import json from awx.main.tasks import RunJob -def test_job_safe_args_redacted_passwords(job_with_secret_key_unit): +@pytest.fixture +def job(mocker): + return mocker.MagicMock(**{ + 'display_extra_vars.return_value': '{\"secret_key\": \"$encrypted$\"}', + 'extra_vars_dict': {"secret_key": "my_password"}, + 'pk': 1, 'job_template.pk': 1, 'job_template.name': '', + 'created_by.pk': 1, 'created_by.username': 'admin', + 'launch_type': 'manual'}) + +@pytest.mark.survey +def test_job_redacted_extra_vars(job_with_secret_key_unit): + """Verify that this method redacts vars marked as passwords in a survey""" + assert json.loads(job_with_secret_key_unit.display_extra_vars()) == { + 'submitter_email': 'foobar@redhat.com', + 'secret_key': '$encrypted$', + 'SSN': '$encrypted$'} + +def test_job_safe_args_redacted_passwords(job): """Verify that safe_args hides passwords in the job extra_vars""" kwargs = {'ansible_version': '2.1'} run_job = RunJob() - safe_args = run_job.build_safe_args(job_with_secret_key_unit, **kwargs) + safe_args = run_job.build_safe_args(job, **kwargs) ev_index = safe_args.index('-e') + 1 extra_vars = json.loads(safe_args[ev_index]) assert extra_vars['secret_key'] == '$encrypted$' - assert extra_vars['submitter_email'] == 'foobar@redhat.com' -def test_job_args_unredacted_passwords(job_with_secret_key_unit): +def test_job_args_unredacted_passwords(job): kwargs = {'ansible_version': '2.1'} run_job = RunJob() - args = run_job.build_args(job_with_secret_key_unit, **kwargs) + args = run_job.build_args(job, **kwargs) ev_index = args.index('-e') + 1 extra_vars = json.loads(args[ev_index]) - assert extra_vars['secret_key'] == '6kQngg3h8lgiSTvIEb21' - assert extra_vars['submitter_email'] == 'foobar@redhat.com' + assert extra_vars['secret_key'] == 'my_password'