delete user role on deletion of a user

2026-01-18 13:11:19 -03:30 · 2018-04-03 14:31:56 -04:00 · 2018-04-03 14:31:56 -04:00 · a52b22ffdf
commit a52b22ffdf
parent 8e51f61afa
2 changed files with 31 additions and 1 deletions
--- a/awx/main/signals.py
+++ b/awx/main/signals.py
@ -179,6 +179,13 @@ def create_user_role(instance, **kwargs):
        role.members.add(instance)


+def delete_user_role(instance, **kwargs):
+    if instance and instance.admin_role:
+        instance.admin_role.delete()
+    else:
+        logger.info(six.text_type("Could not delete the admin role for user {}").format(instance))
+
+
 def org_admin_edit_members(instance, action, model, reverse, pk_set, **kwargs):
    content_type = ContentType.objects.get_for_model(Organization)

@ -252,6 +259,7 @@ m2m_changed.connect(rbac_activity_stream, Role.members.through)
 m2m_changed.connect(rbac_activity_stream, Role.parents.through)
 post_save.connect(sync_superuser_status_to_rbac, sender=User)
 post_save.connect(create_user_role, sender=User)
+pre_delete.connect(delete_user_role, sender=User)
 pre_delete.connect(cleanup_detached_labels_on_deleted_parent, sender=UnifiedJob)
 pre_delete.connect(cleanup_detached_labels_on_deleted_parent, sender=UnifiedJobTemplate)

--- a/awx/main/tests/functional/test_rbac_user.py
+++ b/awx/main/tests/functional/test_rbac_user.py
@ -1,9 +1,10 @@
 import pytest

 from django.test import TransactionTestCase
+from django.contrib.contenttypes.models import ContentType

 from awx.main.access import UserAccess
-from awx.main.models import User, Organization, Inventory
+from awx.main.models import User, Organization, Inventory, Role


@pytest.mark.django_db
@ -102,6 +103,27 @@ def test_org_user_removed(user, organization):
    assert admin not in member.admin_role


+@pytest.mark.django_db
+def test_create_user_role(rando):
+    assert Role.objects.filter(
+        role_field='admin_role',
+        content_type=ContentType.objects.get_for_model(User),
+        object_id=rando.id
+    ).count() == 1
+    assert rando in rando.admin_role
+
+
+@pytest.mark.django_db
+def test_user_role_deleted(rando):
+    rando_id = rando.id
+    rando.delete()
+    assert not Role.objects.filter(
+        role_field='admin_role',
+        content_type=ContentType.objects.get_for_model(User),
+        object_id=rando_id
+    )
+
+
@pytest.mark.django_db
 def test_org_admin_create_sys_auditor(org_admin):
    access = UserAccess(org_admin)