From b903726ddba0637fdd6f2fba32f534f8ffede0c5 Mon Sep 17 00:00:00 2001 From: Wayne Witzel III Date: Thu, 4 Feb 2016 16:53:06 -0500 Subject: [PATCH] updated organization rbac tests --- awx/main/tests/functional/conftest.py | 12 ++++ .../functional/test_rbac_organization.py | 68 ++++++++----------- 2 files changed, 40 insertions(+), 40 deletions(-) diff --git a/awx/main/tests/functional/conftest.py b/awx/main/tests/functional/conftest.py index 98d31528ce..22dd64c894 100644 --- a/awx/main/tests/functional/conftest.py +++ b/awx/main/tests/functional/conftest.py @@ -1,6 +1,18 @@ import pytest from awx.main.models.organization import Organization +from django.contrib.auth.models import User + +@pytest.fixture +def user(): + def u(name, is_superuser=False): + try: + user = User.objects.get(username=name) + except User.DoesNotExist: + user = User(username=name, is_superuser=is_superuser, password=name) + user.save() + return user + return u @pytest.fixture def organization(): diff --git a/awx/main/tests/functional/test_rbac_organization.py b/awx/main/tests/functional/test_rbac_organization.py index 1e4c90e936..669eb105a3 100644 --- a/awx/main/tests/functional/test_rbac_organization.py +++ b/awx/main/tests/functional/test_rbac_organization.py @@ -1,51 +1,39 @@ import pytest from awx.main.access import OrganizationAccess -from django.contrib.auth.models import User - -def make_user(name, admin=False): - try: - user = User.objects.get(username=name) - except User.DoesNotExist: - user = User(username=name, is_superuser=admin, password=name) - user.save() - return user @pytest.mark.django_db -@pytest.mark.parametrize("username,admin", [ - ("admin", True), - ("user", False), -]) -def test_organization_migration(organization, permissions, username, admin): - user = make_user(username, admin) - if admin: - organization.admins.add(user) - else: - organization.users.add(user) +def test_organization_migration_admin(organization, permissions, user): + u = user('admin', True) + organization.admins.add(u) migrated_users = organization.migrate_to_rbac() assert len(migrated_users) == 1 - assert migrated_users[0] == user - - if admin: - assert organization.accessible_by(user, permissions['admin']) == True - else: - assert organization.accessible_by(user, permissions['auditor']) == True + assert organization.accessible_by(u, permissions['admin']) == True @pytest.mark.django_db -@pytest.mark.parametrize("username,admin", [ - ("admin", True), - ("user-admin", False), - ("user", False) -]) -def test_organization_access(organization, username, admin): - user = make_user(username, admin) - access = OrganizationAccess(user) - if admin: - assert access.can_change(organization, None) == True - elif username == "user-admin": - organization.admins.add(user) - assert access.can_change(organization, None) == True - else: - assert access.can_change(organization, None) == False +def test_organization_migration_user(organization, permissions, user): + u = user('user', False) + organization.users.add(u) + migrated_users = organization.migrate_to_rbac() + assert len(migrated_users) == 1 + assert organization.accessible_by(u, permissions['auditor']) == True + +@pytest.mark.django_db +def test_organization_access_superuser(organization, user): + access = OrganizationAccess(user('admin', True)) + assert access.can_change(organization, None) == True + +@pytest.mark.django_db +def test_organization_access_admin(organization, user): + u = user('admin', False) + organization.admins.add(u) + + access = OrganizationAccess(u) + assert access.can_change(organization, None) == True + +@pytest.mark.django_db +def test_organization_access_user(organization, user): + access = OrganizationAccess(user('user', False)) + assert access.can_change(organization, None) == False