mirror of
https://github.com/ansible/awx.git
synced 2026-02-21 05:00:07 -03:30
renaming Credential.owner_role -> Credential.admin_role
This commit is contained in:
Wayne Witzel III
@@ -1645,11 +1645,11 @@ class CredentialSerializer(BaseSerializer):
|
|||||||
owner_teams = reverse('api:credential_owner_teams_list', args=(obj.pk,)),
|
owner_teams = reverse('api:credential_owner_teams_list', args=(obj.pk,)),
|
||||||
))
|
))
|
||||||
|
|
||||||
parents = obj.owner_role.parents.exclude(object_id__isnull=True)
|
parents = obj.admin_role.parents.exclude(object_id__isnull=True)
|
||||||
if parents.count() > 0:
|
if parents.count() > 0:
|
||||||
res.update({parents[0].content_type.name:parents[0].content_object.get_absolute_url()})
|
res.update({parents[0].content_type.name:parents[0].content_object.get_absolute_url()})
|
||||||
elif obj.owner_role.members.count() > 0:
|
elif obj.admin_role.members.count() > 0:
|
||||||
user = obj.owner_role.members.first()
|
user = obj.admin_role.members.first()
|
||||||
res.update({'user': reverse('api:user_detail', args=(user.pk,))})
|
res.update({'user': reverse('api:user_detail', args=(user.pk,))})
|
||||||
|
|
||||||
return res
|
return res
|
||||||
@@ -1658,7 +1658,7 @@ class CredentialSerializer(BaseSerializer):
|
|||||||
summary_dict = super(CredentialSerializer, self).get_summary_fields(obj)
|
summary_dict = super(CredentialSerializer, self).get_summary_fields(obj)
|
||||||
summary_dict['owners'] = []
|
summary_dict['owners'] = []
|
||||||
|
|
||||||
for user in obj.owner_role.members.all():
|
for user in obj.admin_role.members.all():
|
||||||
summary_dict['owners'].append({
|
summary_dict['owners'].append({
|
||||||
'id': user.pk,
|
'id': user.pk,
|
||||||
'type': 'user',
|
'type': 'user',
|
||||||
@@ -1667,7 +1667,7 @@ class CredentialSerializer(BaseSerializer):
|
|||||||
'url': reverse('api:user_detail', args=(user.pk,)),
|
'url': reverse('api:user_detail', args=(user.pk,)),
|
||||||
})
|
})
|
||||||
|
|
||||||
for parent in obj.owner_role.parents.exclude(object_id__isnull=True).all():
|
for parent in obj.admin_role.parents.exclude(object_id__isnull=True).all():
|
||||||
summary_dict['owners'].append({
|
summary_dict['owners'].append({
|
||||||
'id': parent.content_object.pk,
|
'id': parent.content_object.pk,
|
||||||
'type': camelcase_to_underscore(parent.content_object.__class__.__name__),
|
'type': camelcase_to_underscore(parent.content_object.__class__.__name__),
|
||||||
@@ -1721,9 +1721,9 @@ class CredentialSerializerCreate(CredentialSerializer):
|
|||||||
team = validated_data.pop('team', None)
|
team = validated_data.pop('team', None)
|
||||||
credential = super(CredentialSerializerCreate, self).create(validated_data)
|
credential = super(CredentialSerializerCreate, self).create(validated_data)
|
||||||
if user:
|
if user:
|
||||||
credential.owner_role.members.add(user)
|
credential.admin_role.members.add(user)
|
||||||
if team:
|
if team:
|
||||||
credential.owner_role.parents.add(team.member_role)
|
credential.admin_role.parents.add(team.member_role)
|
||||||
return credential
|
return credential
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
@@ -1332,7 +1332,7 @@ class CredentialOwnerUsersList(SubListAPIView):
|
|||||||
model = User
|
model = User
|
||||||
serializer_class = UserSerializer
|
serializer_class = UserSerializer
|
||||||
parent_model = Credential
|
parent_model = Credential
|
||||||
relationship = 'owner_role.members'
|
relationship = 'admin_role.members'
|
||||||
new_in_300 = True
|
new_in_300 = True
|
||||||
|
|
||||||
|
|
||||||
@@ -1349,7 +1349,7 @@ class CredentialOwnerTeamsList(SubListAPIView):
|
|||||||
raise PermissionDenied()
|
raise PermissionDenied()
|
||||||
|
|
||||||
content_type = ContentType.objects.get_for_model(self.model)
|
content_type = ContentType.objects.get_for_model(self.model)
|
||||||
teams = [c.content_object.pk for c in credential.owner_role.parents.filter(content_type=content_type)]
|
teams = [c.content_object.pk for c in credential.admin_role.parents.filter(content_type=content_type)]
|
||||||
|
|
||||||
return self.model.objects.filter(pk__in=teams)
|
return self.model.objects.filter(pk__in=teams)
|
||||||
|
|
||||||
@@ -1382,7 +1382,7 @@ class TeamCredentialsList(SubListCreateAPIView):
|
|||||||
self.check_parent_access(team)
|
self.check_parent_access(team)
|
||||||
|
|
||||||
visible_creds = Credential.accessible_objects(self.request.user, 'read_role')
|
visible_creds = Credential.accessible_objects(self.request.user, 'read_role')
|
||||||
team_creds = Credential.objects.filter(owner_role__parents=team.member_role)
|
team_creds = Credential.objects.filter(admin_role__parents=team.member_role)
|
||||||
return team_creds & visible_creds
|
return team_creds & visible_creds
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
@@ -613,7 +613,7 @@ class CredentialAccess(BaseAccess):
|
|||||||
if self.user in obj.organization.admin_role:
|
if self.user in obj.organization.admin_role:
|
||||||
return True
|
return True
|
||||||
|
|
||||||
return self.user in obj.owner_role
|
return self.user in obj.admin_role
|
||||||
|
|
||||||
def can_delete(self, obj):
|
def can_delete(self, obj):
|
||||||
# Unassociated credentials may be marked deleted by anyone, though we
|
# Unassociated credentials may be marked deleted by anyone, though we
|
||||||
|
|||||||
@@ -33,7 +33,7 @@ class Command(BaseCommand):
|
|||||||
c = Credential.objects.create(name='Demo Credential',
|
c = Credential.objects.create(name='Demo Credential',
|
||||||
username=superuser.username,
|
username=superuser.username,
|
||||||
created_by=superuser)
|
created_by=superuser)
|
||||||
c.owner_role.members.add(superuser)
|
c.admin_role.members.add(superuser)
|
||||||
i = Inventory.objects.create(name='Demo Inventory',
|
i = Inventory.objects.create(name='Demo Inventory',
|
||||||
organization=o,
|
organization=o,
|
||||||
created_by=superuser)
|
created_by=superuser)
|
||||||
|
|||||||
@@ -143,18 +143,18 @@ class Migration(migrations.Migration):
|
|||||||
),
|
),
|
||||||
migrations.AddField(
|
migrations.AddField(
|
||||||
model_name='credential',
|
model_name='credential',
|
||||||
name='owner_role',
|
name='admin_role',
|
||||||
field=awx.main.fields.ImplicitRoleField(related_name='+', parent_role=[b'singleton:system_administrator'], to='main.Role', null=b'True'),
|
field=awx.main.fields.ImplicitRoleField(related_name='+', parent_role=[b'singleton:system_administrator'], to='main.Role', null=b'True'),
|
||||||
),
|
),
|
||||||
migrations.AddField(
|
migrations.AddField(
|
||||||
model_name='credential',
|
model_name='credential',
|
||||||
name='use_role',
|
name='use_role',
|
||||||
field=awx.main.fields.ImplicitRoleField(related_name='+', parent_role=[b'owner_role'], to='main.Role', null=b'True'),
|
field=awx.main.fields.ImplicitRoleField(related_name='+', parent_role=[b'admin_role'], to='main.Role', null=b'True'),
|
||||||
),
|
),
|
||||||
migrations.AddField(
|
migrations.AddField(
|
||||||
model_name='credential',
|
model_name='credential',
|
||||||
name='read_role',
|
name='read_role',
|
||||||
field=awx.main.fields.ImplicitRoleField(related_name='+', parent_role=[b'singleton:system_auditor', b'use_role', b'owner_role'], to='main.Role', null=b'True'),
|
field=awx.main.fields.ImplicitRoleField(related_name='+', parent_role=[b'singleton:system_auditor', b'use_role', b'admin_role'], to='main.Role', null=b'True'),
|
||||||
),
|
),
|
||||||
migrations.AddField(
|
migrations.AddField(
|
||||||
model_name='custominventoryscript',
|
model_name='custominventoryscript',
|
||||||
|
|||||||
@@ -15,7 +15,7 @@ class Migration(migrations.Migration):
|
|||||||
migrations.AlterField(
|
migrations.AlterField(
|
||||||
model_name='credential',
|
model_name='credential',
|
||||||
name='use_role',
|
name='use_role',
|
||||||
field=awx.main.fields.ImplicitRoleField(related_name='+', parent_role=[b'organization.admin_role', b'owner_role'], to='main.Role', null=b'True'),
|
field=awx.main.fields.ImplicitRoleField(related_name='+', parent_role=[b'organization.admin_role', b'admin_role'], to='main.Role', null=b'True'),
|
||||||
),
|
),
|
||||||
migrations.AlterField(
|
migrations.AlterField(
|
||||||
model_name='team',
|
model_name='team',
|
||||||
|
|||||||
@@ -20,7 +20,7 @@ class Migration(migrations.Migration):
|
|||||||
migrations.AlterField(
|
migrations.AlterField(
|
||||||
model_name='credential',
|
model_name='credential',
|
||||||
name='read_role',
|
name='read_role',
|
||||||
field=awx.main.fields.ImplicitRoleField(related_name='+', parent_role=[b'singleton:system_auditor', b'use_role', b'owner_role', b'organization.auditor_role'], to='main.Role', null=b'True'),
|
field=awx.main.fields.ImplicitRoleField(related_name='+', parent_role=[b'singleton:system_auditor', b'use_role', b'admin_role', b'organization.auditor_role'], to='main.Role', null=b'True'),
|
||||||
),
|
),
|
||||||
migrations.RunPython(migration_utils.set_current_apps_for_migrations),
|
migrations.RunPython(migration_utils.set_current_apps_for_migrations),
|
||||||
migrations.RunPython(rbac.rebuild_role_hierarchy),
|
migrations.RunPython(rbac.rebuild_role_hierarchy),
|
||||||
|
|||||||
@@ -164,7 +164,7 @@ def _discover_credentials(instances, cred, orgfunc):
|
|||||||
cred.organization = None
|
cred.organization = None
|
||||||
cred.save()
|
cred.save()
|
||||||
|
|
||||||
cred.owner_role, cred.use_role = None, None
|
cred.admin_role, cred.use_role = None, None
|
||||||
|
|
||||||
for i in orgs[org]:
|
for i in orgs[org]:
|
||||||
i.credential = cred
|
i.credential = cred
|
||||||
@@ -198,11 +198,11 @@ def migrate_credential(apps, schema_editor):
|
|||||||
logger.info(smart_text(u"added Credential(name={}, kind={}, host={}) at organization level".format(cred.name, cred.kind, cred.host)))
|
logger.info(smart_text(u"added Credential(name={}, kind={}, host={}) at organization level".format(cred.name, cred.kind, cred.host)))
|
||||||
|
|
||||||
if cred.deprecated_team is not None:
|
if cred.deprecated_team is not None:
|
||||||
cred.deprecated_team.member_role.children.add(cred.owner_role)
|
cred.deprecated_team.member_role.children.add(cred.admin_role)
|
||||||
cred.save()
|
cred.save()
|
||||||
logger.info(smart_text(u"added Credential(name={}, kind={}, host={}) at user level".format(cred.name, cred.kind, cred.host)))
|
logger.info(smart_text(u"added Credential(name={}, kind={}, host={}) at user level".format(cred.name, cred.kind, cred.host)))
|
||||||
elif cred.deprecated_user is not None:
|
elif cred.deprecated_user is not None:
|
||||||
cred.owner_role.members.add(cred.deprecated_user)
|
cred.admin_role.members.add(cred.deprecated_user)
|
||||||
cred.save()
|
cred.save()
|
||||||
logger.info(smart_text(u"added Credential(name={}, kind={}, host={}) at user level".format(cred.name, cred.kind, cred.host, )))
|
logger.info(smart_text(u"added Credential(name={}, kind={}, host={}) at user level".format(cred.name, cred.kind, cred.host, )))
|
||||||
else:
|
else:
|
||||||
|
|||||||
@@ -212,7 +212,7 @@ class Credential(PasswordFieldsModel, CommonModelNameNotUnique, ResourceMixin):
|
|||||||
default='',
|
default='',
|
||||||
help_text=_('Tenant identifier for this credential'),
|
help_text=_('Tenant identifier for this credential'),
|
||||||
)
|
)
|
||||||
owner_role = ImplicitRoleField(
|
admin_role = ImplicitRoleField(
|
||||||
parent_role=[
|
parent_role=[
|
||||||
'singleton:' + ROLE_SINGLETON_SYSTEM_ADMINISTRATOR,
|
'singleton:' + ROLE_SINGLETON_SYSTEM_ADMINISTRATOR,
|
||||||
],
|
],
|
||||||
@@ -220,14 +220,14 @@ class Credential(PasswordFieldsModel, CommonModelNameNotUnique, ResourceMixin):
|
|||||||
use_role = ImplicitRoleField(
|
use_role = ImplicitRoleField(
|
||||||
parent_role=[
|
parent_role=[
|
||||||
'organization.admin_role',
|
'organization.admin_role',
|
||||||
'owner_role',
|
'admin_role',
|
||||||
]
|
]
|
||||||
)
|
)
|
||||||
read_role = ImplicitRoleField(parent_role=[
|
read_role = ImplicitRoleField(parent_role=[
|
||||||
'singleton:' + ROLE_SINGLETON_SYSTEM_AUDITOR,
|
'singleton:' + ROLE_SINGLETON_SYSTEM_AUDITOR,
|
||||||
'organization.auditor_role',
|
'organization.auditor_role',
|
||||||
'use_role',
|
'use_role',
|
||||||
'owner_role',
|
'admin_role',
|
||||||
])
|
])
|
||||||
|
|
||||||
@property
|
@property
|
||||||
|
|||||||
@@ -40,7 +40,6 @@ role_names = {
|
|||||||
'auditor_role' : 'Auditor',
|
'auditor_role' : 'Auditor',
|
||||||
'execute_role' : 'Execute',
|
'execute_role' : 'Execute',
|
||||||
'member_role' : 'Member',
|
'member_role' : 'Member',
|
||||||
'owner_role' : 'Owner',
|
|
||||||
'read_role' : 'Read',
|
'read_role' : 'Read',
|
||||||
'update_role' : 'Update',
|
'update_role' : 'Update',
|
||||||
'use_role' : 'Use',
|
'use_role' : 'Use',
|
||||||
@@ -54,7 +53,6 @@ role_descriptions = {
|
|||||||
'auditor_role' : 'Can view all settings for the %s',
|
'auditor_role' : 'Can view all settings for the %s',
|
||||||
'execute_role' : 'May run the job template',
|
'execute_role' : 'May run the job template',
|
||||||
'member_role' : 'User is a member of the %s',
|
'member_role' : 'User is a member of the %s',
|
||||||
'owner_role' : 'Owns and can manage all aspects of this %s',
|
|
||||||
'read_role' : 'May view settings for the %s',
|
'read_role' : 'May view settings for the %s',
|
||||||
'update_role' : 'May update project or inventory or group using the configured source update system',
|
'update_role' : 'May update project or inventory or group using the configured source update system',
|
||||||
'use_role' : 'Can use the %s in a job template',
|
'use_role' : 'Can use the %s in a job template',
|
||||||
|
|||||||
@@ -387,7 +387,7 @@ class BaseTestMixin(QueueTestMixin, MockCommonlySlowTestMixin):
|
|||||||
user = opts['user']
|
user = opts['user']
|
||||||
del opts['user']
|
del opts['user']
|
||||||
cred = Credential.objects.create(**opts)
|
cred = Credential.objects.create(**opts)
|
||||||
cred.owner_role.members.add(user)
|
cred.admin_role.members.add(user)
|
||||||
return cred
|
return cred
|
||||||
|
|
||||||
def setup_instances(self):
|
def setup_instances(self):
|
||||||
|
|||||||
@@ -159,7 +159,7 @@ def machine_credential():
|
|||||||
|
|
||||||
@pytest.fixture
|
@pytest.fixture
|
||||||
def org_credential(organization, credential):
|
def org_credential(organization, credential):
|
||||||
credential.owner_role.parents.add(organization.admin_role)
|
credential.admin_role.parents.add(organization.admin_role)
|
||||||
return credential
|
return credential
|
||||||
|
|
||||||
@pytest.fixture
|
@pytest.fixture
|
||||||
|
|||||||
@@ -16,7 +16,7 @@ def test_credential_migration_user(credential, user, permissions):
|
|||||||
|
|
||||||
rbac.migrate_credential(apps, None)
|
rbac.migrate_credential(apps, None)
|
||||||
|
|
||||||
assert u in credential.owner_role
|
assert u in credential.admin_role
|
||||||
|
|
||||||
@pytest.mark.django_db
|
@pytest.mark.django_db
|
||||||
def test_two_teams_same_cred_name(organization_factory):
|
def test_two_teams_same_cred_name(organization_factory):
|
||||||
@@ -28,8 +28,8 @@ def test_two_teams_same_cred_name(organization_factory):
|
|||||||
|
|
||||||
rbac.migrate_credential(apps, None)
|
rbac.migrate_credential(apps, None)
|
||||||
|
|
||||||
assert objects.teams.team1.member_role in cred1.owner_role.parents.all()
|
assert objects.teams.team1.member_role in cred1.admin_role.parents.all()
|
||||||
assert objects.teams.team2.member_role in cred2.owner_role.parents.all()
|
assert objects.teams.team2.member_role in cred2.admin_role.parents.all()
|
||||||
|
|
||||||
@pytest.mark.django_db
|
@pytest.mark.django_db
|
||||||
def test_credential_use_role(credential, user, permissions):
|
def test_credential_use_role(credential, user, permissions):
|
||||||
@@ -46,14 +46,14 @@ def test_credential_migration_team_member(credential, team, user, permissions):
|
|||||||
|
|
||||||
|
|
||||||
# No permissions pre-migration (this happens automatically so we patch this)
|
# No permissions pre-migration (this happens automatically so we patch this)
|
||||||
team.admin_role.children.remove(credential.owner_role)
|
team.admin_role.children.remove(credential.admin_role)
|
||||||
team.member_role.children.remove(credential.use_role)
|
team.member_role.children.remove(credential.use_role)
|
||||||
assert u not in credential.owner_role
|
assert u not in credential.admin_role
|
||||||
|
|
||||||
rbac.migrate_credential(apps, None)
|
rbac.migrate_credential(apps, None)
|
||||||
|
|
||||||
# Admin permissions post migration
|
# Admin permissions post migration
|
||||||
assert u in credential.owner_role
|
assert u in credential.admin_role
|
||||||
|
|
||||||
@pytest.mark.django_db
|
@pytest.mark.django_db
|
||||||
def test_credential_migration_team_admin(credential, team, user, permissions):
|
def test_credential_migration_team_admin(credential, team, user, permissions):
|
||||||
@@ -104,7 +104,7 @@ def test_credential_access_admin(user, team, credential):
|
|||||||
# credential is now part of a team
|
# credential is now part of a team
|
||||||
# that is part of an organization
|
# that is part of an organization
|
||||||
# that I am an admin for
|
# that I am an admin for
|
||||||
credential.owner_role.parents.add(team.admin_role)
|
credential.admin_role.parents.add(team.admin_role)
|
||||||
credential.save()
|
credential.save()
|
||||||
|
|
||||||
cred = Credential.objects.create(kind='aws', name='test-cred')
|
cred = Credential.objects.create(kind='aws', name='test-cred')
|
||||||
|
|||||||
@@ -205,9 +205,9 @@ def test_job_template_access_org_admin(jt_objects, rando):
|
|||||||
jt_objects.inventory.organization.admin_role.members.add(rando)
|
jt_objects.inventory.organization.admin_role.members.add(rando)
|
||||||
# Assign organization permission in the same way the create view does
|
# Assign organization permission in the same way the create view does
|
||||||
organization = jt_objects.inventory.organization
|
organization = jt_objects.inventory.organization
|
||||||
jt_objects.credential.owner_role.parents.add(organization.admin_role)
|
jt_objects.credential.admin_role.parents.add(organization.admin_role)
|
||||||
jt_objects.cloud_credential.owner_role.parents.add(organization.admin_role)
|
jt_objects.cloud_credential.admin_role.parents.add(organization.admin_role)
|
||||||
jt_objects.network_credential.owner_role.parents.add(organization.admin_role)
|
jt_objects.network_credential.admin_role.parents.add(organization.admin_role)
|
||||||
|
|
||||||
proj_pk = jt_objects.project.pk
|
proj_pk = jt_objects.project.pk
|
||||||
assert access.can_add(dict(inventory=jt_objects.inventory.pk, project=proj_pk))
|
assert access.can_add(dict(inventory=jt_objects.inventory.pk, project=proj_pk))
|
||||||
|
|||||||
@@ -269,14 +269,14 @@ class BaseJobTestMixin(BaseTestMixin):
|
|||||||
password=TEST_SSH_KEY_DATA,
|
password=TEST_SSH_KEY_DATA,
|
||||||
created_by=self.user_sue,
|
created_by=self.user_sue,
|
||||||
)
|
)
|
||||||
self.cred_sue.owner_role.members.add(self.user_sue)
|
self.cred_sue.admin_role.members.add(self.user_sue)
|
||||||
|
|
||||||
self.cred_sue_ask = Credential.objects.create(
|
self.cred_sue_ask = Credential.objects.create(
|
||||||
username='sue',
|
username='sue',
|
||||||
password='ASK',
|
password='ASK',
|
||||||
created_by=self.user_sue,
|
created_by=self.user_sue,
|
||||||
)
|
)
|
||||||
self.cred_sue_ask.owner_role.members.add(self.user_sue)
|
self.cred_sue_ask.admin_role.members.add(self.user_sue)
|
||||||
|
|
||||||
self.cred_sue_ask_many = Credential.objects.create(
|
self.cred_sue_ask_many = Credential.objects.create(
|
||||||
username='sue',
|
username='sue',
|
||||||
@@ -288,7 +288,7 @@ class BaseJobTestMixin(BaseTestMixin):
|
|||||||
ssh_key_unlock='ASK',
|
ssh_key_unlock='ASK',
|
||||||
created_by=self.user_sue,
|
created_by=self.user_sue,
|
||||||
)
|
)
|
||||||
self.cred_sue_ask_many.owner_role.members.add(self.user_sue)
|
self.cred_sue_ask_many.admin_role.members.add(self.user_sue)
|
||||||
|
|
||||||
self.cred_bob = Credential.objects.create(
|
self.cred_bob = Credential.objects.create(
|
||||||
username='bob',
|
username='bob',
|
||||||
@@ -384,7 +384,7 @@ class BaseJobTestMixin(BaseTestMixin):
|
|||||||
password='Heading0',
|
password='Heading0',
|
||||||
created_by = self.user_sue,
|
created_by = self.user_sue,
|
||||||
)
|
)
|
||||||
self.team_ops_north.member_role.children.add(self.cred_ops_north.owner_role)
|
self.team_ops_north.member_role.children.add(self.cred_ops_north.admin_role)
|
||||||
|
|
||||||
self.cred_ops_test = Credential.objects.create(
|
self.cred_ops_test = Credential.objects.create(
|
||||||
username='testers',
|
username='testers',
|
||||||
|
|||||||
@@ -1434,7 +1434,7 @@ class InventoryUpdatesTest(BaseTransactionTest):
|
|||||||
credential = Credential.objects.create(kind='aws',
|
credential = Credential.objects.create(kind='aws',
|
||||||
username=source_username,
|
username=source_username,
|
||||||
password=source_password)
|
password=source_password)
|
||||||
credential.owner_role.members.add(self.super_django_user)
|
credential.admin_role.members.add(self.super_django_user)
|
||||||
# Set parent group name to one that might be created by the sync.
|
# Set parent group name to one that might be created by the sync.
|
||||||
group = self.group
|
group = self.group
|
||||||
group.name = 'ec2'
|
group.name = 'ec2'
|
||||||
@@ -1521,7 +1521,7 @@ class InventoryUpdatesTest(BaseTransactionTest):
|
|||||||
username=source_username,
|
username=source_username,
|
||||||
password=source_password,
|
password=source_password,
|
||||||
security_token=source_token)
|
security_token=source_token)
|
||||||
credential.owner_role.members.add(self.super_django_user)
|
credential.admin_role.members.add(self.super_django_user)
|
||||||
# Set parent group name to one that might be created by the sync.
|
# Set parent group name to one that might be created by the sync.
|
||||||
group = self.group
|
group = self.group
|
||||||
group.name = 'ec2'
|
group.name = 'ec2'
|
||||||
@@ -1543,7 +1543,7 @@ class InventoryUpdatesTest(BaseTransactionTest):
|
|||||||
username=source_username,
|
username=source_username,
|
||||||
password=source_password,
|
password=source_password,
|
||||||
security_token="BADTOKEN")
|
security_token="BADTOKEN")
|
||||||
credential.owner_role.members.add(self.super_django_user)
|
credential.admin_role.members.add(self.super_django_user)
|
||||||
|
|
||||||
# Set parent group name to one that might be created by the sync.
|
# Set parent group name to one that might be created by the sync.
|
||||||
group = self.group
|
group = self.group
|
||||||
@@ -1578,7 +1578,7 @@ class InventoryUpdatesTest(BaseTransactionTest):
|
|||||||
credential = Credential.objects.create(kind='aws',
|
credential = Credential.objects.create(kind='aws',
|
||||||
username=source_username,
|
username=source_username,
|
||||||
password=source_password)
|
password=source_password)
|
||||||
credential.owner_role.members.add(self.super_django_user)
|
credential.admin_role.members.add(self.super_django_user)
|
||||||
group = self.group
|
group = self.group
|
||||||
group.name = 'AWS Inventory'
|
group.name = 'AWS Inventory'
|
||||||
group.save()
|
group.save()
|
||||||
@@ -1706,7 +1706,7 @@ class InventoryUpdatesTest(BaseTransactionTest):
|
|||||||
credential = Credential.objects.create(kind='rax',
|
credential = Credential.objects.create(kind='rax',
|
||||||
username=source_username,
|
username=source_username,
|
||||||
password=source_password)
|
password=source_password)
|
||||||
credential.owner_role.members.add(self.super_django_user)
|
credential.admin_role.members.add(self.super_django_user)
|
||||||
# Set parent group name to one that might be created by the sync.
|
# Set parent group name to one that might be created by the sync.
|
||||||
group = self.group
|
group = self.group
|
||||||
group.name = 'DFW'
|
group.name = 'DFW'
|
||||||
@@ -1759,7 +1759,7 @@ class InventoryUpdatesTest(BaseTransactionTest):
|
|||||||
username=source_username,
|
username=source_username,
|
||||||
password=source_password,
|
password=source_password,
|
||||||
host=source_host)
|
host=source_host)
|
||||||
credential.owner_role.members.add(self.super_django_user)
|
credential.admin_role.members.add(self.super_django_user)
|
||||||
inventory_source = self.update_inventory_source(self.group,
|
inventory_source = self.update_inventory_source(self.group,
|
||||||
source='vmware', credential=credential)
|
source='vmware', credential=credential)
|
||||||
# Check first without instance_id set (to import by name only).
|
# Check first without instance_id set (to import by name only).
|
||||||
|
|||||||
@@ -506,7 +506,7 @@ class ProjectUpdatesTest(BaseTransactionTest):
|
|||||||
u = kw['user']
|
u = kw['user']
|
||||||
del kw['user']
|
del kw['user']
|
||||||
credential = Credential.objects.create(**kw)
|
credential = Credential.objects.create(**kw)
|
||||||
credential.owner_role.members.add(u)
|
credential.admin_role.members.add(u)
|
||||||
kwargs['credential'] = credential
|
kwargs['credential'] = credential
|
||||||
project = Project.objects.create(**kwargs)
|
project = Project.objects.create(**kwargs)
|
||||||
project_path = project.get_project_path(check_if_exists=False)
|
project_path = project.get_project_path(check_if_exists=False)
|
||||||
@@ -1418,7 +1418,7 @@ class ProjectUpdatesTest(BaseTransactionTest):
|
|||||||
inventory=self.inventory)
|
inventory=self.inventory)
|
||||||
self.group.hosts.add(self.host)
|
self.group.hosts.add(self.host)
|
||||||
self.credential = Credential.objects.create(name='test-creds')
|
self.credential = Credential.objects.create(name='test-creds')
|
||||||
self.credential.owner_role.members.add(self.super_django_user)
|
self.credential.admin_role.members.add(self.super_django_user)
|
||||||
self.project = self.create_project(
|
self.project = self.create_project(
|
||||||
name='my public git project over https',
|
name='my public git project over https',
|
||||||
scm_type='git',
|
scm_type='git',
|
||||||
@@ -1454,7 +1454,7 @@ class ProjectUpdatesTest(BaseTransactionTest):
|
|||||||
inventory=self.inventory)
|
inventory=self.inventory)
|
||||||
self.group.hosts.add(self.host)
|
self.group.hosts.add(self.host)
|
||||||
self.credential = Credential.objects.create(name='test-creds')
|
self.credential = Credential.objects.create(name='test-creds')
|
||||||
self.credential.owner_role.members.add(self.super_django_user)
|
self.credential.admin_role.members.add(self.super_django_user)
|
||||||
self.project = self.create_project(
|
self.project = self.create_project(
|
||||||
name='my private git project over https',
|
name='my private git project over https',
|
||||||
scm_type='git',
|
scm_type='git',
|
||||||
|
|||||||
@@ -62,7 +62,7 @@ class ScheduleTest(BaseTest):
|
|||||||
self.organizations[1].member_role.members.add(self.diff_org_user)
|
self.organizations[1].member_role.members.add(self.diff_org_user)
|
||||||
|
|
||||||
self.cloud_source = Credential.objects.create(kind='awx', username='Dummy', password='Dummy')
|
self.cloud_source = Credential.objects.create(kind='awx', username='Dummy', password='Dummy')
|
||||||
self.cloud_source.owner_role.members.add(self.super_django_user)
|
self.cloud_source.admin_role.members.add(self.super_django_user)
|
||||||
|
|
||||||
self.first_inventory = Inventory.objects.create(name='test_inventory', description='for org 0', organization=self.organizations[0])
|
self.first_inventory = Inventory.objects.create(name='test_inventory', description='for org 0', organization=self.organizations[0])
|
||||||
self.first_inventory.hosts.create(name='host_1')
|
self.first_inventory.hosts.create(name='host_1')
|
||||||
|
|||||||
@@ -283,7 +283,7 @@ class RunJobTest(BaseJobExecutionTest):
|
|||||||
user = opts['user']
|
user = opts['user']
|
||||||
del opts['user']
|
del opts['user']
|
||||||
self.cloud_credential = Credential.objects.create(**opts)
|
self.cloud_credential = Credential.objects.create(**opts)
|
||||||
self.cloud_credential.owner_role.members.add(user)
|
self.cloud_credential.admin_role.members.add(user)
|
||||||
return self.cloud_credential
|
return self.cloud_credential
|
||||||
|
|
||||||
def create_test_project(self, playbook_content, role_playbooks=None):
|
def create_test_project(self, playbook_content, role_playbooks=None):
|
||||||
|
|||||||
@@ -216,7 +216,7 @@ try:
|
|||||||
sys.stdout.flush()
|
sys.stdout.flush()
|
||||||
credential_id = ids['credential']
|
credential_id = ids['credential']
|
||||||
credential = Credential.objects.create(name='%s Credential %d User %d' % (prefix, credential_id, user_idx))
|
credential = Credential.objects.create(name='%s Credential %d User %d' % (prefix, credential_id, user_idx))
|
||||||
credential.owner_role.members.add(user)
|
credential.admin_role.members.add(user)
|
||||||
credentials.append(credential)
|
credentials.append(credential)
|
||||||
user_idx += 1
|
user_idx += 1
|
||||||
print('')
|
print('')
|
||||||
@@ -232,7 +232,7 @@ try:
|
|||||||
sys.stdout.flush()
|
sys.stdout.flush()
|
||||||
credential_id = ids['credential']
|
credential_id = ids['credential']
|
||||||
credential = Credential.objects.create(name='%s Credential %d team %d' % (prefix, credential_id, team_idx))
|
credential = Credential.objects.create(name='%s Credential %d team %d' % (prefix, credential_id, team_idx))
|
||||||
credential.owner_role.parents.add(team.member_role)
|
credential.admin_role.parents.add(team.member_role)
|
||||||
credentials.append(credential)
|
credentials.append(credential)
|
||||||
team_idx += 1
|
team_idx += 1
|
||||||
print('')
|
print('')
|
||||||
|
|||||||
Reference in New Issue
Block a user