External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-05-08 18:07:36 -02:30
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #2010 from AlanCoding/1999_see_your_own_JT_30

Browse Source 
Automatically add JT creator to admin_role
This commit is contained in:
Alan Rominger
2016-05-26 12:32:27 -04:00
parent 6011b32ff4 f695caf1ac
commit 95ccdecf13
2 changed files with 33 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
awx/api/views.py
View File

@@ -2212,6 +2212,13 @@ class JobTemplateList(ListCreateAPIView):
serializer_class = JobTemplateSerializer serializer_class = JobTemplateSerializer
always_allow_superuser = False always_allow_superuser = False
def post(self, request, *args, **kwargs):
ret = super(JobTemplateList, self).post(request, *args, **kwargs)
if ret.status_code == 201:
job_template = JobTemplate.objects.get(id=ret.data['id'])
job_template.admin_role.members.add(request.user)
return ret
class JobTemplateDetail(RetrieveUpdateDestroyAPIView): class JobTemplateDetail(RetrieveUpdateDestroyAPIView):
model = JobTemplate model = JobTemplate

26
awx/main/tests/functional/test_rbac_job_templates.py
View File

@@ -7,8 +7,11 @@ from awx.main.access import (
) )
from awx.main.migrations import _rbac as rbac from awx.main.migrations import _rbac as rbac
from awx.main.models import Permission from awx.main.models import Permission
from awx.main.models.jobs import JobTemplate
from django.apps import apps from django.apps import apps
from django.core.urlresolvers import reverse
@pytest.mark.django_db @pytest.mark.django_db
def test_job_template_migration_check(credential, deploy_jobtemplate, check_jobtemplate, user): def test_job_template_migration_check(credential, deploy_jobtemplate, check_jobtemplate, user):
@@ -155,3 +158,26 @@ def test_job_template_access_superuser(check_license, user, deploy_jobtemplate):
# THEN all access checks should pass # THEN all access checks should pass
assert access.can_read(deploy_jobtemplate) assert access.can_read(deploy_jobtemplate)
assert access.can_add({}) assert access.can_add({})
@pytest.mark.django_db
@pytest.mark.job_permissions
def test_job_template_creator_access(project, rando, post):
project.admin_role.members.add(rando)
with mock.patch(
'awx.main.models.projects.ProjectOptions.playbooks',
new_callable=mock.PropertyMock(return_value=['helloworld.yml'])):
response = post(reverse('api:job_template_list', args=[]), dict(
name='newly-created-jt',
job_type='run',
ask_inventory_on_launch=True,
ask_credential_on_launch=True,
project=project.pk,
playbook='helloworld.yml'
), rando)
assert response.status_code == 201
jt_pk = response.data['id']
jt_obj = JobTemplate.objects.get(pk=jt_pk)
# Creating a JT should place the creator in the admin role
assert rando in jt_obj.admin_role