Merge remote-tracking branch 'tower/test_stable-2.6' into merge_26_2

awx_collection/tests/integration/targets/credential/tasks/main.yml

@@ -775,6 +775,33 @@
       - "result is changed"
   when: insights_found
 
+- name: Create a valid Insights token credential
+  credential:
+    name: "{{ insights_cred_name2 }}"
+    organization: Default
+    state: present
+    credential_type: Insights
+    inputs:
+      client_id: joe
+      client_secret: secret
+  register: result
+
+- assert:
+    that:
+      - "result is changed"
+
+- name: Delete an Insights token credential
+  credential:
+    name: "{{ insights_cred_name2 }}"
+    organization: Default
+    state: absent
+    credential_type: Insights
+  register: result
+
+- assert:
+    that:
+      - "result is changed"
+
 - name: Create a valid Tower-to-Tower credential
   credential:
     name: "{{ tower_cred_name1 }}"

awx_collection/tests/integration/targets/params/tasks/main.yml

@@ -4,7 +4,7 @@
     name: "Demo Inventory"
     organization: Default
     aap_hostname: https://foohostbar.invalid
-  ignore_errors: yes
+  ignore_errors: true
   register: result
 
 - assert:

awx_collection/tests/integration/targets/schedule_rrule/tasks/main.yml

@@ -7,10 +7,16 @@
   ansible.builtin.set_fact:
     plugin_name: "{{ controller_meta.prefix }}.schedule_rrule"
 
+<<<<<<< HEAD
 - name: Lookup with too many parameters (should fail)
   ansible.builtin.set_fact:
     _rrule: "{{ query(plugin_name, days_of_week=[1, 2], days_of_month=[15]) }}"
   register: result_too_many_params
+=======
+- name: Test too many params (failure from validation of terms)
+  ansible.builtin.debug:
+    msg: "{{ lookup(plugin_name | string, 'none', 'weekly', start_date='2020-4-16 03:45:07') }}"
+>>>>>>> tower/test_stable-2.6
   ignore_errors: true
 
 - name: Assert proper error is reported for too many parameters
@@ -21,8 +27,12 @@
 
 - name: Attempt invalid schedule_rrule lookup with bad frequency
   ansible.builtin.debug:
+<<<<<<< HEAD
     msg: "{{ lookup(plugin_name, 'john', start_date='2020-04-16 03:45:07') }}"
   register: result_bad_freq
+=======
+    msg: "{{ lookup(plugin_name, 'john', start_date='2020-4-16 03:45:07') }}"
+>>>>>>> tower/test_stable-2.6
   ignore_errors: true
 
 - name: Assert proper error is reported for bad frequency
@@ -34,7 +44,10 @@
 - name: Test an invalid start date
   ansible.builtin.debug:
     msg: "{{ lookup(plugin_name, 'none', start_date='invalid') }}"
+<<<<<<< HEAD
   register: result_bad_date
+=======
+>>>>>>> tower/test_stable-2.6
   ignore_errors: true
 
 - name: Assert plugin error message for invalid start date
@@ -46,7 +59,11 @@
 - name: Test end_on as count (generic success case)
   ansible.builtin.debug:
     msg: "{{ lookup(plugin_name, 'minute', start_date='2020-4-16 03:45:07', end_on='2') }}"
+<<<<<<< HEAD
   register: result_success
+=======
+  register: result
+>>>>>>> tower/test_stable-2.6
 
 - name: Assert successful rrule generation
   ansible.builtin.assert:

awx_collection/tests/integration/targets/token/tasks/main.yml

@@ -0,0 +1,154 @@
+---
+- name: Generate a test ID
+  set_fact:
+    test_id: "{{ lookup('password', '/dev/null chars=ascii_letters length=16') }}"
+  when: test_id is not defined
+
+- name: Generate names
+  set_fact:
+    token_description: "AWX-Collection-tests-token-description-{{ test_id }}"
+
+- name: Try to use a token as a dict which is missing the token parameter
+  job_list:
+    controller_oauthtoken:
+      not_token: "This has no token entry"
+  register: results
+  ignore_errors: true
+
+- assert:
+    that:
+      - results is failed
+      - '"The provided dict in aap_token did not properly contain the token entry" == results.msg'
+
+- name: Try to use a token as a list
+  job_list:
+    controller_oauthtoken:
+      - dummy_token
+  register: results
+  ignore_errors: true
+
+- assert:
+    that:
+      - results is failed
+      - '"The provided aap_token type was not valid (list). Valid options are str or dict." == results.msg'
+
+- name: Try to delete a token with no existing_token or existing_token_id
+  token:
+    state: absent
+  register: results
+  ignore_errors: true
+
+- assert:
+    that:
+      - results is failed
+      # We don't assert a message here because it's handled by ansible
+
+- name: Try to delete a token with both existing_token or existing_token_id
+  token:
+    existing_token:
+      id: 1234
+    existing_token_id: 1234
+    state: absent
+  register: results
+  ignore_errors: true
+
+- assert:
+    that:
+      - results is failed
+      # We don't assert a message here because it's handled by ansible
+
+
+- block:
+    - name: Create a Token
+      token:
+        description: '{{ token_description }}'
+        scope: "write"
+        state: present
+      register: new_token
+
+    - name: Validate our token works by token
+      job_list:
+        controller_oauthtoken: "{{ controller_token.token }}"
+      register: job_list
+
+    - name: Validate our token works by object
+      job_list:
+        controller_oauthtoken: "{{ controller_token }}"
+      register: job_list
+
+  always:
+    - name: Delete our Token with our own token
+      token:
+        existing_token: "{{ controller_token }}"
+        controller_oauthtoken: "{{ controller_token }}"
+        state: absent
+      when: controller_token is defined
+      register: results
+
+    - assert:
+        that:
+          - results is changed or results is skipped
+
+- block:
+    - name: Create a second token
+      token:
+        description: '{{ token_description }}'
+        scope: "write"
+        state: present
+      register: results
+
+    - assert:
+        that:
+          - results is changed
+
+  always:
+    - name: Delete the second Token with our own token
+      token:
+        existing_token_id: "{{ controller_token['id'] }}"
+        controller_oauthtoken: "{{ controller_token }}"
+        state: absent
+      when: controller_token is defined
+      register: results
+
+    - assert:
+        that:
+          - results is changed or resuslts is skipped
+
+- block:
+    - name: Create a less privileged token (read)
+      token:
+        description: '{{ token_description }}'
+        scope: "read"
+        state: present
+      register: read_only_token
+
+    - debug:
+        msg: "{{read_only_token}}"
+
+    - name: Exercise the aap_token parameter with the new token.
+      job_list:
+        aap_token: "{{ read_only_token.ansible_facts.controller_token.token }}"
+
+    - name: Ensure the new token is being used and not the default token for the tests.
+      token:
+        aap_token: "{{ read_only_token.ansible_facts.controller_token.token }}"
+        scope: "write"
+        state: present
+      ignore_errors: true
+      register: result
+
+    - assert:
+        that:
+          - "'You don\\'t have permission to POST' in result.msg"
+
+  always:
+    - name: Delete the less privileged token
+      token:
+        existing_token_id: "{{ read_only_token['id'] }}"
+        state: absent
+      when: read_only_token is defined
+      register: result
+
+    - assert:
+        that:
+          - result is changed