External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-02-13 17:24:45 -03:30
Code Issues Packages Projects Releases Wiki Activity

Added rbac tests and migrations for Organization

Browse Source
This commit is contained in:
Wayne Witzel III
2016-02-02 14:47:46 -05:00
committed by Akita Noek
parent 932b6a4c82
commit 896ecab031
6 changed files with 56 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
Makefile
View File

@@ -363,7 +363,7 @@ test_unit:
# Run all API unit tests with coverage enabled. # Run all API unit tests with coverage enabled.
test_coverage: test_coverage:
py.test --cov=awx --cov-report=xml --junitxml=./reports/junit.xml awx/main/tests awx/api/tests awx/fact/tests py.test --create-db --cov=awx --cov-report=xml --junitxml=./reports/junit.xml awx/main/tests awx/api/tests awx/fact/tests
# Output test coverage as HTML (into htmlcov directory). # Output test coverage as HTML (into htmlcov directory).
coverage_html: coverage_html:

2
awx/main/models/mixins.py
View File

@@ -133,7 +133,7 @@ class ResourceMixin(models.Model):
) )
row = cursor.fetchone() row = cursor.fetchone()
if row: if row:
return dict(zip([x.name for x in cursor.description], row)) return dict(zip([x[0] for x in cursor.description], row))
return None return None
def accessible_by(self, user, permissions): def accessible_by(self, user, permissions):

2
awx/main/models/organization.py
View File

@@ -83,7 +83,7 @@ class Organization(CommonModel, ResourceMixin):
migrated_users.append(admin) migrated_users.append(admin)
for user in self.users.all(): for user in self.users.all():
self.auditor_role.members.add(user) self.auditor_role.members.add(user)
migrated_user.append(user) migrated_users.append(user)
return migrated_users return migrated_users

18
awx/main/tests/functional/conftest.py Normal file
View File

@@ -0,0 +1,18 @@
import pytest
from awx.main.models.organization import Organization
@pytest.fixture
def organization():
return Organization.objects.create(name="test-org", description="test-org-desc")
@pytest.fixture
def permissions():
return {
'admin':{'create':True, 'read':True, 'write':True,
'update':True, 'delete':True, 'scm_update':True, 'execute':True, 'use':True,},
'auditor':{'read':True, 'create':False, 'write':False,
'update':False, 'delete':False, 'scm_update':False, 'execute':False, 'use':False,},
}

46
awx/main/tests/functional/test_rbac_migrations.py
View File

@@ -1,29 +1,51 @@
import pytest import pytest
from awx.main.models.organization import Organization from awx.main.access import OrganizationAccess
from django.contrib.auth.models import User from django.contrib.auth.models import User
def make_user(name, admin=False): def make_user(name, admin=False):
email = '%s@example.org' % name try:
if admin == True: user = User.objects.get(username=name)
return User.objects.create_superuser(name, email, name) except User.DoesNotExist:
else: user = User(username=name, is_superuser=admin, password=name)
return User.objects.create_user(name, email, name) user.save()
return user
@pytest.fixture
def organization():
return Organization.objects.create(name="test-org", description="test-org-desc")
@pytest.mark.django_db @pytest.mark.django_db
@pytest.mark.parametrize("username,admin", [ @pytest.mark.parametrize("username,admin", [
("admin", True), ("admin", True),
("user", False), ("user", False),
]) ])
def test_organization_migration(organization, username, admin): def test_organization_migration(organization, permissions, username, admin):
user = make_user(username, admin) user = make_user(username, admin)
organization.admins.add(user) if admin:
organization.admins.add(user)
else:
organization.users.add(user)
migrated_users = organization.migrate_to_rbac() migrated_users = organization.migrate_to_rbac()
assert len(migrated_users) == 1 assert len(migrated_users) == 1
assert migrated_users[0] == user assert migrated_users[0] == user
if admin:
assert organization.accessible_by(user, permissions['admin']) == True
else:
assert organization.accessible_by(user, permissions['auditor']) == True
@pytest.mark.django_db
@pytest.mark.parametrize("username,admin", [
("admin", True),
("user-admin", False),
("user", False)
])
def test_organization_access(organization, username, admin):
user = make_user(username, admin)
access = OrganizationAccess(user)
if admin:
assert access.can_change(organization, None) == True
elif username == "user-admin":
organization.admins.add(user)
assert access.can_change(organization, None) == True
else:
assert access.can_change(organization, None) == False

2
pytest.ini
View File

@@ -3,4 +3,4 @@ DJANGO_SETTINGS_MODULE = awx.settings.development
python_paths = awx/lib/site-packages python_paths = awx/lib/site-packages
site_dirs = awx/lib/site-packages site_dirs = awx/lib/site-packages
python_files = *.py python_files = *.py
addopts = --create-db addopts = --reuse-db