Organization on JT as read-only field

Set JT.organization with value from its project Remove validation requiring JT.organization Undo some of the additional org definitions in tests Revert some tests no longer needed for feature exclude workflow approvals from unified organization field revert awxkit changes for providing organization Roll back additional JT creation permission requirement Fix up more issues by persisting organization field when project is removed Restrict project org editing, logging, and testing Grant removed inventory org admin permissions in migration Add special validate_unique for job templates this deals with enforcing name-organization uniqueness Add back in special message where config is unknown when receiving 403 on job relaunch Fix logical and performance bugs with data migration within JT.inventory.organization make-permission-explicit migration remove nested loops so we do .iterator() on JT queryset in reverse migration, carefully remove execute role on JT held by org admins of inventory organization, as well as the execute_role holders Use current state of Role model in logic, with 1 notable exception that is used to filter on ancestors the ancestor and descentent relationship in the migration model is not reliable output of this is saved as an integer list to avoid future compatibility errors make the parents rebuilding logic skip over irrelevant models this is the largest performance gain for small resource numbers
2026-03-18 17:37:30 -02:30 · 2020-01-21 11:12:08 -05:00
parent daa9282790
commit 7d0b207571
31 changed files with 517 additions and 226 deletions
--- a/awx/main/tests/functional/api/test_job.py
+++ b/awx/main/tests/functional/api/test_job.py
@@ -53,7 +53,7 @@ def test_job_relaunch_permission_denied_response(
    # Job has prompted extra_credential, launch denied w/ message
    job.launch_config.credentials.add(net_credential)
    r = post(reverse('api:job_relaunch', kwargs={'pk':job.pk}), {}, jt_user, expect=403)
-    assert 'launched with prompted fields which you do not have access to' in r.data['detail']
+    assert 'launched with prompted fields you do not have access to' in r.data['detail']


@pytest.mark.django_db
@@ -73,7 +73,6 @@ def test_job_relaunch_prompts_not_accepted_response(
    # Job has prompted extra_credential, launch denied w/ message
    job.launch_config.credentials.add(net_credential)
    r = post(reverse('api:job_relaunch', kwargs={'pk':job.pk}), {}, jt_user, expect=403)
-    assert 'no longer accepts the prompts provided for this job' in r.data['detail']


@pytest.mark.django_db
@@ -220,8 +219,7 @@ def test_block_unprocessed_events(delete, admin_user, mocker):
 def test_block_related_unprocessed_events(mocker, organization, project, delete, admin_user):
    job_template = JobTemplate.objects.create(
        project=project,
-        playbook='helloworld.yml',
-        organization=organization
+        playbook='helloworld.yml'
    )
    time_of_finish = parse("Thu Feb 23 14:17:24 2012 -0500")
    Job.objects.create(
@@ -230,7 +228,7 @@ def test_block_related_unprocessed_events(mocker, organization, project, delete,
        finished=time_of_finish,
        job_template=job_template,
        project=project,
-        organization=organization
+        organization=project.organization
    )
    view = RelatedJobsPreventDeleteMixin()
    time_of_request = time_of_finish + relativedelta(seconds=2)