External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-01-13 11:00:03 -03:30
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #6245 from AlanCoding/alan_rockin_ramparts

Browse Source 
Introduce view to allow associations but no creations
This commit is contained in:
Alan Rominger 2017-05-11 14:10:22 -04:00 committed by GitHub
commit bdde87f7f5
3 changed files with 43 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
awx/api/generics.py
View File

@ -41,7 +41,8 @@ __all__ = ['APIView', 'GenericAPIView', 'ListAPIView', 'SimpleListAPIView',
'SubDetailAPIView',
'ResourceAccessList',
'ParentMixin',
'DeleteLastUnattachLabelMixin',]
'DeleteLastUnattachLabelMixin',
'SubListAttachDetachAPIView',]
logger = logging.getLogger('awx.api.generics')
analytics_logger = logging.getLogger('awx.analytics.performance')
@ -553,6 +554,21 @@ class SubListCreateAttachDetachAPIView(SubListCreateAPIView):
return self.attach(request, *args, **kwargs)
class SubListAttachDetachAPIView(SubListCreateAttachDetachAPIView):
'''
Derived version of SubListCreateAttachDetachAPIView that prohibits creation
'''
def post(self, request, *args, **kwargs):
sub_id = request.data.get('id', None)
if not sub_id:
return Response(
dict(msg=_("{} 'id' field is missing.".format(
self.model._meta.verbose_name.title()))),
status=status.HTTP_400_BAD_REQUEST)
return super(SubListAttachDetachAPIView, self).post(request, *args, **kwargs)
class DeleteLastUnattachLabelMixin(object):
'''
Models for which you want the last instance to be deleted from the database

50
awx/api/views.py
View File

@ -988,7 +988,7 @@ class OrganizationNotificationTemplatesSuccessList(SubListCreateAttachDetachAPIV
new_in_300 = True
class OrganizationInstanceGroupsList(SubListCreateAttachDetachAPIView):
class OrganizationInstanceGroupsList(SubListAttachDetachAPIView):
model = InstanceGroup
serializer_class = InstanceGroupSerializer
@ -996,13 +996,6 @@ class OrganizationInstanceGroupsList(SubListCreateAttachDetachAPIView):
relationship = 'instance_groups'
new_in_320 = True
def post(self, request, *args, **kwargs):
sub_id = request.data.get('id', None)
if not sub_id:
return Response(dict(msg=_("Instance Group 'id' field is missing.")),
status=status.HTTP_400_BAD_REQUEST)
return super(OrganizationInstanceGroupsList, self).post(request, *args, **kwargs)
class OrganizationAccessList(ResourceAccessList):
@ -1049,7 +1042,7 @@ class TeamUsersList(BaseUsersList):
relationship = 'member_role.members'
class TeamRolesList(SubListCreateAttachDetachAPIView):
class TeamRolesList(SubListAttachDetachAPIView):
model = Role
serializer_class = RoleSerializerWithParentAccess
@ -1065,11 +1058,9 @@ class TeamRolesList(SubListCreateAttachDetachAPIView):
return Role.filter_visible_roles(self.request.user, team.member_role.children.all().exclude(pk=team.read_role.pk))
def post(self, request, *args, **kwargs):
# Forbid implicit role creation here
sub_id = request.data.get('id', None)
if not sub_id:
data = dict(msg=_("Role 'id' field is missing."))
return Response(data, status=status.HTTP_400_BAD_REQUEST)
return super(TeamRolesList, self).post(request)
role = get_object_or_400(Role, pk=sub_id)
org_content_type = ContentType.objects.get_for_model(Organization)
@ -1432,7 +1423,7 @@ class UserTeamsList(ListAPIView):
Q(member_role__members=u) | Q(admin_role__members=u)).distinct()
class UserRolesList(SubListCreateAttachDetachAPIView):
class UserRolesList(SubListAttachDetachAPIView):
model = Role
serializer_class = RoleSerializerWithParentAccess
@ -1452,11 +1443,9 @@ class UserRolesList(SubListCreateAttachDetachAPIView):
.exclude(content_type=content_type, object_id=u.id)
def post(self, request, *args, **kwargs):
# Forbid implicit role creation here
sub_id = request.data.get('id', None)
if not sub_id:
data = dict(msg=_("Role 'id' field is missing."))
return Response(data, status=status.HTTP_400_BAD_REQUEST)
return super(UserRolesList, self).post(request)
if sub_id == self.request.user.admin_role.pk:
raise PermissionDenied(_('You may not perform any action with your own admin_role.'))
@ -1847,20 +1836,13 @@ class InventoryActivityStreamList(ActivityStreamEnforcementMixin, SubListAPIView
return qs.filter(Q(inventory=parent) | Q(host__in=parent.hosts.all()) | Q(group__in=parent.groups.all()))
class InventoryInstanceGroupsList(SubListCreateAttachDetachAPIView):
class InventoryInstanceGroupsList(SubListAttachDetachAPIView):
model = InstanceGroup
serializer_class = InstanceGroupSerializer
parent_model = Inventory
relationship = 'instance_groups'
new_in_320 = True
def post(self, request, *args, **kwargs):
sub_id = request.data.get('id', None)
if not sub_id:
return Response(dict(msg=_("Instance Group 'id' field is missing.")),
status=status.HTTP_400_BAD_REQUEST)
return super(InventoryInstanceGroupsList, self).post(request, *args, **kwargs)
class InventoryAccessList(ResourceAccessList):
@ -3004,7 +2986,7 @@ class JobTemplateJobsList(SubListCreateAPIView):
parent_key = 'job_template'
class JobTemplateInstanceGroupsList(SubListCreateAttachDetachAPIView):
class JobTemplateInstanceGroupsList(SubListAttachDetachAPIView):
model = InstanceGroup
serializer_class = InstanceGroupSerializer
@ -3012,13 +2994,6 @@ class JobTemplateInstanceGroupsList(SubListCreateAttachDetachAPIView):
relationship = 'instance_groups'
new_in_320 = True
def post(self, request, *args, **kwargs):
sub_id = request.data.get('id', None)
if not sub_id:
return Response(dict(msg=_("Instance Group 'id' field is missing.")),
status=status.HTTP_400_BAD_REQUEST)
return super(JobTemplateInstanceGroupsList, self).post(request, *args, **kwargs)
class JobTemplateAccessList(ResourceAccessList):
@ -4345,7 +4320,7 @@ class RoleDetail(RetrieveAPIView):
new_in_300 = True
class RoleUsersList(SubListCreateAttachDetachAPIView):
class RoleUsersList(SubListAttachDetachAPIView):
model = User
serializer_class = UserSerializer
@ -4362,8 +4337,7 @@ class RoleUsersList(SubListCreateAttachDetachAPIView):
# Forbid implicit user creation here
sub_id = request.data.get('id', None)
if not sub_id:
data = dict(msg=_("User 'id' field is missing."))
return Response(data, status=status.HTTP_400_BAD_REQUEST)
return super(RoleUsersList, self).post(request)
user = get_object_or_400(User, pk=sub_id)
role = self.get_parent_object()
@ -4387,7 +4361,7 @@ class RoleUsersList(SubListCreateAttachDetachAPIView):
return super(RoleUsersList, self).post(request, *args, **kwargs)
class RoleTeamsList(SubListAPIView):
class RoleTeamsList(SubListAttachDetachAPIView):
model = Team
serializer_class = TeamSerializer
@ -4402,11 +4376,9 @@ class RoleTeamsList(SubListAPIView):
return Team.objects.filter(member_role__children=role)
def post(self, request, pk, *args, **kwargs):
# Forbid implicit team creation here
sub_id = request.data.get('id', None)
if not sub_id:
data = dict(msg=_("Team 'id' field is missing."))
return Response(data, status=status.HTTP_400_BAD_REQUEST)
return super(RoleTeamsList, self).post(request)
team = get_object_or_400(Team, pk=sub_id)
role = Role.objects.get(pk=self.kwargs['pk'])

16
awx/main/tests/unit/api/test_generics.py
View File

@ -11,7 +11,7 @@ from rest_framework.exceptions import PermissionDenied
# AWX
from awx.api.generics import (
ParentMixin,
SubListCreateAttachDetachAPIView,
SubListCreateAttachDetachAPIView, SubListAttachDetachAPIView,
DeleteLastUnattachLabelMixin,
ResourceAccessList
)
@ -140,6 +140,20 @@ class TestSubListCreateAttachDetachAPIView:
view.unattach_by_id.assert_not_called()
def test_attach_detatch_only(mocker):
mock_request = mocker.MagicMock()
mock_request.data = {'name': 'name for my new model'}
view = SubListAttachDetachAPIView()
view.model = mocker.MagicMock()
view.model._meta = mocker.MagicMock()
view.model._meta.verbose_name = "Foo Bar"
resp = view.post(mock_request)
assert 'Foo Bar' in resp.data['msg']
assert 'field is missing' in resp.data['msg']
class TestDeleteLastUnattachLabelMixin:
@mock.patch('__builtin__.super')
def test_unattach_ok(self, super, mocker):