mirror of
https://github.com/ansible/awx.git
synced 2026-01-16 20:30:46 -03:30
Refactor of JT related field checking
This commit is contained in:
AlanCoding
parent
1ec2c1b3b7
commit
cfd9d5d4f1
@ -1785,24 +1785,18 @@ class JobTemplateSerializer(UnifiedJobTemplateSerializer, JobOptionsSerializer):
|
||||
d['survey'] = dict(title=obj.survey_spec['name'], description=obj.survey_spec['description'])
|
||||
request = self.context.get('request', None)
|
||||
|
||||
# Conditions that would create a validation error if coppied
|
||||
validation_pass = True
|
||||
if obj.inventory is None and not obj.ask_inventory_on_launch:
|
||||
validation_pass = False
|
||||
if obj.credential is None and not obj.ask_credential_on_launch:
|
||||
validation_pass = False
|
||||
if obj.project is None and not obj.job_type != PERM_INVENTORY_SCAN:
|
||||
validation_pass = False
|
||||
# Check for conditions that would create a validation error if coppied
|
||||
validation_errors, resources_needed_to_start = obj.resource_validation_data()
|
||||
|
||||
if request is None or request.user is None:
|
||||
d['can_copy'] = False
|
||||
d['can_edit'] = False
|
||||
elif request.user.is_superuser:
|
||||
d['can_copy'] = validation_pass
|
||||
d['can_copy'] = not validation_errors
|
||||
d['can_edit'] = True
|
||||
else:
|
||||
jt_data = model_to_dict(obj)
|
||||
d['can_copy'] = validation_pass and request.user.can_access(JobTemplate, 'add', jt_data)
|
||||
d['can_copy'] = (not validation_errors) and request.user.can_access(JobTemplate, 'add', jt_data)
|
||||
d['can_edit'] = request.user.can_access(JobTemplate, 'change', obj, jt_data)
|
||||
|
||||
d['recent_jobs'] = self._recent_jobs(obj)
|
||||
@ -2268,12 +2262,14 @@ class JobLaunchSerializer(BaseSerializer):
|
||||
obj = self.context.get('obj')
|
||||
data = self.context.get('data')
|
||||
|
||||
for field in obj.resources_needed_to_start:
|
||||
if not (field in attrs and obj._ask_for_vars_dict().get(field, False)):
|
||||
errors[field] = "Job Template '%s' is missing or undefined." % field
|
||||
|
||||
if (not obj.ask_credential_on_launch) or (not attrs.get('credential', None)):
|
||||
credential = obj.credential
|
||||
else:
|
||||
credential = attrs.get('credential', None)
|
||||
if not credential:
|
||||
errors['credential'] = 'Credential not provided'
|
||||
|
||||
# fill passwords dict with request data passwords
|
||||
if credential and credential.passwords_needed:
|
||||
@ -2304,11 +2300,6 @@ class JobLaunchSerializer(BaseSerializer):
|
||||
if validation_errors:
|
||||
errors['variables_needed_to_start'] = validation_errors
|
||||
|
||||
if obj.job_type != PERM_INVENTORY_SCAN and (obj.project is None):
|
||||
errors['project'] = 'Job Template Project is missing or undefined.'
|
||||
if (obj.inventory is None) and not attrs.get('inventory', None):
|
||||
errors['inventory'] = 'Job Template Inventory is missing or undefined.'
|
||||
|
||||
# Special prohibited cases for scan jobs
|
||||
if 'job_type' in data and obj.ask_job_type_on_launch:
|
||||
if ((obj.job_type == PERM_INVENTORY_SCAN and not data['job_type'] == PERM_INVENTORY_SCAN) or
|
||||
|
||||
@ -242,15 +242,44 @@ class JobTemplate(UnifiedJobTemplate, JobOptions, ResourceMixin):
|
||||
'force_handlers', 'skip_tags', 'start_at_task', 'become_enabled',
|
||||
'labels',]
|
||||
|
||||
def resource_validation_data(self):
|
||||
'''
|
||||
Process consistency errors and need-for-launch related fields.
|
||||
'''
|
||||
resources_needed_to_start = []
|
||||
validation_errors = {}
|
||||
|
||||
# Inventory and Credential related checks
|
||||
if self.inventory is None:
|
||||
resources_needed_to_start.append('inventory')
|
||||
if not self.ask_inventory_on_launch:
|
||||
validation_errors['inventory'] = ["Job Template must provide 'inventory' or allow prompting for it.",]
|
||||
if self.credential is None:
|
||||
resources_needed_to_start.append('credential')
|
||||
if not self.ask_credential_on_launch:
|
||||
validation_errors['credential'] = ["Job Template must provide 'credential' or allow prompting for it.",]
|
||||
|
||||
# Job type dependent checks
|
||||
if self.job_type == 'scan':
|
||||
if self.inventory is None or self.ask_inventory_on_launch:
|
||||
validation_errors['inventory'] = ["Scan jobs must be assigned a fixed inventory.",]
|
||||
elif self.project is None:
|
||||
resources_needed_to_start.append('project')
|
||||
validation_errors['project'] = ["Job types 'run' and 'check' must have assigned a project.",]
|
||||
|
||||
return (validation_errors, resources_needed_to_start)
|
||||
|
||||
def clean(self):
|
||||
if self.job_type == 'scan' and (self.inventory is None or self.ask_inventory_on_launch):
|
||||
raise ValidationError({"inventory": ["Scan jobs must be assigned a fixed inventory.",]})
|
||||
if (not self.ask_inventory_on_launch) and self.inventory is None:
|
||||
raise ValidationError({"inventory": ["Job Template must provide 'inventory' or allow prompting for it.",]})
|
||||
if (not self.ask_credential_on_launch) and self.credential is None:
|
||||
raise ValidationError({"credential": ["Job Template must provide 'credential' or allow prompting for it.",]})
|
||||
validation_errors, resources_needed_to_start = self.resource_validation_data()
|
||||
if validation_errors:
|
||||
raise ValidationError(validation_errors)
|
||||
return super(JobTemplate, self).clean()
|
||||
|
||||
@property
|
||||
def resources_needed_to_start(self):
|
||||
validation_errors, resources_needed_to_start = self.resource_validation_data()
|
||||
return resources_needed_to_start
|
||||
|
||||
def create_job(self, **kwargs):
|
||||
'''
|
||||
Create a new job based on this template.
|
||||
@ -265,9 +294,9 @@ class JobTemplate(UnifiedJobTemplate, JobOptions, ResourceMixin):
|
||||
Return whether job template can be used to start a new job without
|
||||
requiring any user input.
|
||||
'''
|
||||
return bool(self.credential and not len(self.passwords_needed_to_start) and
|
||||
not len(self.variables_needed_to_start) and
|
||||
self.inventory)
|
||||
return ((not self.resources_needed_to_start) and
|
||||
(not self.passwords_needed_to_start) and
|
||||
(not self.variables_needed_to_start))
|
||||
|
||||
@property
|
||||
def variables_needed_to_start(self):
|
||||
|
||||
@ -178,7 +178,7 @@ def test_job_launch_fails_without_inventory(deploy_jobtemplate, post, user):
|
||||
args=[deploy_jobtemplate.pk]), {}, user('admin', True))
|
||||
|
||||
assert response.status_code == 400
|
||||
assert response.data['inventory'] == ['Job Template Inventory is missing or undefined.']
|
||||
assert response.data['inventory'] == ["Job Template 'inventory' is missing or undefined."]
|
||||
|
||||
@pytest.mark.django_db
|
||||
@pytest.mark.job_runtime_vars
|
||||
|
||||
@ -1,7 +1,27 @@
|
||||
import pytest
|
||||
import mock
|
||||
|
||||
# AWX
|
||||
from awx.api.serializers import JobTemplateSerializer
|
||||
from awx.main.models.jobs import JobTemplate
|
||||
|
||||
# Django
|
||||
from django.test.client import RequestFactory
|
||||
from django.core.urlresolvers import reverse
|
||||
|
||||
|
||||
@pytest.fixture
|
||||
def jt_copy_edit(project):
|
||||
return JobTemplate.objects.create(
|
||||
job_type='run',
|
||||
project=project,
|
||||
playbook='hello_world.yml',
|
||||
ask_inventory_on_launch=True,
|
||||
ask_credential_on_launch=True,
|
||||
name='copy-edit-job-template'
|
||||
)
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_job_template_role_user(post, organization_factory, job_template_factory):
|
||||
objects = organization_factory("org",
|
||||
@ -16,3 +36,184 @@ def test_job_template_role_user(post, organization_factory, job_template_factory
|
||||
url = reverse('api:user_roles_list', args=(objects.users.test.pk,))
|
||||
response = post(url, dict(id=jt_objects.job_template.execute_role.pk), objects.superusers.admin)
|
||||
assert response.status_code == 204
|
||||
|
||||
# Test protection against limited set of validation problems
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_bad_data_copy_edit(admin_user, project):
|
||||
"If a required resource (inventory here) was deleted, copying not allowed"
|
||||
|
||||
jt_res = JobTemplate.objects.create(
|
||||
job_type='run',
|
||||
project=project,
|
||||
inventory=None, ask_inventory_on_launch=False, # not allowed
|
||||
credential=None, ask_credential_on_launch=True,
|
||||
name='deploy-job-template'
|
||||
)
|
||||
serializer = JobTemplateSerializer(jt_res)
|
||||
request = RequestFactory().get('/api/v1/job_templates/12/')
|
||||
request.user = admin_user
|
||||
serializer.context['request'] = request
|
||||
response = serializer.to_representation(jt_res)
|
||||
assert not response['summary_fields']['can_copy']
|
||||
assert response['summary_fields']['can_edit']
|
||||
|
||||
# Tests for correspondence between view info and actual access
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_admin_copy_edit(jt_copy_edit, admin_user):
|
||||
"Absent a validation error, system admins can do everything"
|
||||
|
||||
# Serializer can_copy/can_edit fields
|
||||
serializer = JobTemplateSerializer(jt_copy_edit)
|
||||
request = RequestFactory().get('/api/v1/job_templates/12/')
|
||||
request.user = admin_user
|
||||
serializer.context['request'] = request
|
||||
response = serializer.to_representation(jt_copy_edit)
|
||||
assert response['summary_fields']['can_copy']
|
||||
assert response['summary_fields']['can_edit']
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_org_admin_copy_edit(jt_copy_edit, org_admin):
|
||||
"Organization admins SHOULD be able to copy a JT firmly in their org"
|
||||
|
||||
# Serializer can_copy/can_edit fields
|
||||
serializer = JobTemplateSerializer(jt_copy_edit)
|
||||
request = RequestFactory().get('/api/v1/job_templates/12/')
|
||||
request.user = org_admin
|
||||
serializer.context['request'] = request
|
||||
response = serializer.to_representation(jt_copy_edit)
|
||||
assert response['summary_fields']['can_copy']
|
||||
assert response['summary_fields']['can_edit']
|
||||
|
||||
@pytest.mark.django_db
|
||||
@pytest.mark.skip(reason="Waiting on issue 1981")
|
||||
def test_org_admin_foreign_cred_no_copy_edit(jt_copy_edit, org_admin, machine_credential):
|
||||
"""
|
||||
Organization admins SHOULD NOT be able to copy JT without resource access
|
||||
but they SHOULD be able to edit that job template
|
||||
"""
|
||||
|
||||
# Attach credential to JT that org admin can not use
|
||||
jt_copy_edit.credential = machine_credential
|
||||
jt_copy_edit.save()
|
||||
|
||||
# Serializer can_copy/can_edit fields
|
||||
serializer = JobTemplateSerializer(jt_copy_edit)
|
||||
request = RequestFactory().get('/api/v1/job_templates/12/')
|
||||
request.user = org_admin
|
||||
serializer.context['request'] = request
|
||||
response = serializer.to_representation(jt_copy_edit)
|
||||
assert not response['summary_fields']['can_copy']
|
||||
assert response['summary_fields']['can_edit']
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_jt_admin_copy_edit(jt_copy_edit, rando):
|
||||
"JT admins wihout access to associated resources SHOULD NOT be able to copy"
|
||||
|
||||
# random user given JT admin access only
|
||||
jt_copy_edit.admin_role.members.add(rando)
|
||||
jt_copy_edit.save()
|
||||
|
||||
# Serializer can_copy/can_edit fields
|
||||
serializer = JobTemplateSerializer(jt_copy_edit)
|
||||
request = RequestFactory().get('/api/v1/job_templates/12/')
|
||||
request.user = rando
|
||||
serializer.context['request'] = request
|
||||
response = serializer.to_representation(jt_copy_edit)
|
||||
assert not response['summary_fields']['can_copy']
|
||||
assert not response['summary_fields']['can_edit']
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_proj_jt_admin_copy_edit(jt_copy_edit, rando):
|
||||
"JT admins with access to associated resources SHOULD be able to copy"
|
||||
|
||||
# random user given JT and project admin abilities
|
||||
jt_copy_edit.admin_role.members.add(rando)
|
||||
jt_copy_edit.save()
|
||||
jt_copy_edit.project.admin_role.members.add(rando)
|
||||
jt_copy_edit.project.save()
|
||||
|
||||
# Serializer can_copy/can_edit fields
|
||||
serializer = JobTemplateSerializer(jt_copy_edit)
|
||||
request = RequestFactory().get('/api/v1/job_templates/12/')
|
||||
request.user = rando
|
||||
serializer.context['request'] = request
|
||||
response = serializer.to_representation(jt_copy_edit)
|
||||
assert response['summary_fields']['can_copy']
|
||||
assert response['summary_fields']['can_edit']
|
||||
|
||||
# Functional tests - create new JT with all returned fields, as the UI does
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_org_admin_copy_edit_functional(jt_copy_edit, org_admin, get, post):
|
||||
get_response = get(reverse('api:job_template_detail', args=[jt_copy_edit.pk]), user=org_admin)
|
||||
|
||||
post_data = get_response.data
|
||||
post_data['name'] = '%s @ 12:19:47 pm' % post_data['name']
|
||||
|
||||
assert get_response.status_code == 200
|
||||
assert get_response.data['summary_fields']['can_copy']
|
||||
|
||||
with mock.patch(
|
||||
'awx.main.models.projects.ProjectOptions.playbooks',
|
||||
new_callable=mock.PropertyMock(return_value=['hello_world.yml'])):
|
||||
post_response = post(reverse('api:job_template_list', args=[]), user=org_admin, data=post_data)
|
||||
|
||||
print '\n post_response: ' + str(post_response.data)
|
||||
assert post_response.status_code == 201
|
||||
assert post_response.data['name'] == 'copy-edit-job-template @ 12:19:47 pm'
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_jt_admin_copy_edit_functional(jt_copy_edit, rando, get, post):
|
||||
|
||||
# Grant random user JT admin access only
|
||||
jt_copy_edit.admin_role.members.add(rando)
|
||||
jt_copy_edit.save()
|
||||
|
||||
get_response = get(reverse('api:job_template_detail', args=[jt_copy_edit.pk]), user=rando)
|
||||
|
||||
assert get_response.status_code == 200
|
||||
assert not get_response.data['summary_fields']['can_copy']
|
||||
|
||||
post_data = get_response.data
|
||||
post_data['name'] = '%s @ 12:19:47 pm' % post_data['name']
|
||||
|
||||
with mock.patch(
|
||||
'awx.main.models.projects.ProjectOptions.playbooks',
|
||||
new_callable=mock.PropertyMock(return_value=['hello_world.yml'])):
|
||||
post_response = post(reverse('api:job_template_list', args=[]), user=rando, data=post_data)
|
||||
|
||||
print '\n post_response: ' + str(post_response.data)
|
||||
assert post_response.status_code == 403
|
||||
|
||||
# Validation function tests
|
||||
# TODO: replace these JT creations with Wayne's new awesome factories
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_missing_project_error(inventory, machine_credential):
|
||||
obj = JobTemplate.objects.create(
|
||||
job_type='run',
|
||||
project=None,
|
||||
inventory=inventory,
|
||||
credential=machine_credential,
|
||||
name='missing-project-jt'
|
||||
)
|
||||
assert 'project' in obj.resources_needed_to_start
|
||||
validation_errors, resources_needed_to_start = obj.resource_validation_data()
|
||||
assert 'project' in validation_errors
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_inventory_credential_contradictions(project):
|
||||
obj = JobTemplate.objects.create(
|
||||
job_type='run',
|
||||
project=project,
|
||||
inventory=None, ask_inventory_on_launch=False,
|
||||
credential=None, ask_credential_on_launch=False,
|
||||
name='missing-project-jt'
|
||||
)
|
||||
assert 'inventory' in obj.resources_needed_to_start
|
||||
assert 'credential' in obj.resources_needed_to_start
|
||||
validation_errors, resources_needed_to_start = obj.resource_validation_data()
|
||||
assert 'inventory' in validation_errors
|
||||
assert 'credential' in validation_errors
|
||||
|
||||
@ -1,202 +0,0 @@
|
||||
import pytest
|
||||
import mock
|
||||
|
||||
# AWX
|
||||
from awx.api.serializers import JobTemplateSerializer
|
||||
from awx.main.access import JobTemplateAccess
|
||||
from awx.main.models.jobs import JobTemplate
|
||||
|
||||
# Django
|
||||
from django.test.client import RequestFactory
|
||||
from django.forms.models import model_to_dict
|
||||
from django.core.urlresolvers import reverse
|
||||
|
||||
|
||||
@pytest.fixture
|
||||
def jt_copy_edit(project):
|
||||
return JobTemplate.objects.create(
|
||||
job_type='run',
|
||||
project=project,
|
||||
playbook='hello_world.yml',
|
||||
ask_inventory_on_launch=True,
|
||||
ask_credential_on_launch=True,
|
||||
name='copy-edit-job-template'
|
||||
)
|
||||
|
||||
# Test protection against limited set of validation problems
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_bad_data_copy_edit(admin_user, project):
|
||||
"If a required resource (inventory here) was deleted, copying not allowed"
|
||||
|
||||
jt_res = JobTemplate.objects.create(
|
||||
job_type='run',
|
||||
project=project,
|
||||
inventory=None, ask_inventory_on_launch=False, # not allowed
|
||||
credential=None, ask_credential_on_launch=True,
|
||||
name='deploy-job-template'
|
||||
)
|
||||
serializer = JobTemplateSerializer(jt_res)
|
||||
request = RequestFactory().get('/api/v1/job_templates/12/')
|
||||
request.user = admin_user
|
||||
serializer.context['request'] = request
|
||||
response = serializer.to_representation(jt_res)
|
||||
assert not response['summary_fields']['can_copy']
|
||||
assert response['summary_fields']['can_edit']
|
||||
|
||||
# Tests for correspondence between view info and actual access
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_admin_copy_edit(jt_copy_edit, admin_user):
|
||||
"Absent a validation error, system admins can do everything"
|
||||
|
||||
# Serializer can_copy/can_edit fields
|
||||
serializer = JobTemplateSerializer(jt_copy_edit)
|
||||
request = RequestFactory().get('/api/v1/job_templates/12/')
|
||||
request.user = admin_user
|
||||
serializer.context['request'] = request
|
||||
response = serializer.to_representation(jt_copy_edit)
|
||||
assert response['summary_fields']['can_copy']
|
||||
assert response['summary_fields']['can_edit']
|
||||
|
||||
# Access
|
||||
jt_access = JobTemplateAccess(admin_user)
|
||||
jt_dict = model_to_dict(jt_copy_edit)
|
||||
assert jt_access.can_add(jt_dict)
|
||||
assert jt_access.can_change(jt_copy_edit, jt_dict)
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_org_admin_copy_edit(jt_copy_edit, org_admin):
|
||||
"Organization admins SHOULD be able to copy a JT firmly in their org"
|
||||
|
||||
# Serializer can_copy/can_edit fields
|
||||
serializer = JobTemplateSerializer(jt_copy_edit)
|
||||
request = RequestFactory().get('/api/v1/job_templates/12/')
|
||||
request.user = org_admin
|
||||
serializer.context['request'] = request
|
||||
response = serializer.to_representation(jt_copy_edit)
|
||||
assert response['summary_fields']['can_copy']
|
||||
assert response['summary_fields']['can_edit']
|
||||
|
||||
# Access
|
||||
jt_access = JobTemplateAccess(org_admin)
|
||||
jt_dict = model_to_dict(jt_copy_edit)
|
||||
assert jt_access.can_add(jt_dict)
|
||||
assert jt_access.can_change(jt_copy_edit, jt_dict)
|
||||
|
||||
@pytest.mark.django_db
|
||||
@pytest.mark.skip(reason="Waiting on issue 1981")
|
||||
def test_org_admin_foreign_cred_no_copy_edit(jt_copy_edit, org_admin, machine_credential):
|
||||
"Organization admins SHOULD NOT be able to copy JT without resource access"
|
||||
|
||||
# Attach credential to JT that org admin can not use
|
||||
jt_copy_edit.credential = machine_credential
|
||||
jt_copy_edit.save()
|
||||
|
||||
# Serializer can_copy/can_edit fields
|
||||
serializer = JobTemplateSerializer(jt_copy_edit)
|
||||
request = RequestFactory().get('/api/v1/job_templates/12/')
|
||||
request.user = org_admin
|
||||
serializer.context['request'] = request
|
||||
response = serializer.to_representation(jt_copy_edit)
|
||||
assert not response['summary_fields']['can_copy']
|
||||
assert response['summary_fields']['can_edit']
|
||||
|
||||
# Access
|
||||
jt_access = JobTemplateAccess(org_admin)
|
||||
jt_dict = model_to_dict(jt_copy_edit)
|
||||
assert not jt_access.can_add(jt_dict)
|
||||
assert jt_access.can_change(jt_copy_edit, jt_dict)
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_jt_admin_copy_edit(jt_copy_edit, rando):
|
||||
"JT admins wihout access to associated resources SHOULD NOT be able to copy"
|
||||
|
||||
# random user given JT admin access only
|
||||
jt_copy_edit.admin_role.members.add(rando)
|
||||
jt_copy_edit.save()
|
||||
|
||||
# Serializer can_copy/can_edit fields
|
||||
serializer = JobTemplateSerializer(jt_copy_edit)
|
||||
request = RequestFactory().get('/api/v1/job_templates/12/')
|
||||
request.user = rando
|
||||
serializer.context['request'] = request
|
||||
response = serializer.to_representation(jt_copy_edit)
|
||||
assert not response['summary_fields']['can_copy']
|
||||
assert not response['summary_fields']['can_edit']
|
||||
|
||||
# Access
|
||||
jt_access = JobTemplateAccess(rando)
|
||||
jt_dict = model_to_dict(jt_copy_edit)
|
||||
print ' jt_dict: ' + str(jt_dict)
|
||||
assert not jt_access.can_add(jt_dict)
|
||||
assert not jt_access.can_change(jt_copy_edit, jt_dict)
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_proj_jt_admin_copy_edit(jt_copy_edit, rando):
|
||||
"JT admins with access to associated resources SHOULD be able to copy"
|
||||
|
||||
# random user given JT and project admin abilities
|
||||
jt_copy_edit.admin_role.members.add(rando)
|
||||
jt_copy_edit.save()
|
||||
jt_copy_edit.project.admin_role.members.add(rando)
|
||||
jt_copy_edit.project.save()
|
||||
|
||||
# Serializer can_copy/can_edit fields
|
||||
serializer = JobTemplateSerializer(jt_copy_edit)
|
||||
request = RequestFactory().get('/api/v1/job_templates/12/')
|
||||
request.user = rando
|
||||
serializer.context['request'] = request
|
||||
response = serializer.to_representation(jt_copy_edit)
|
||||
assert response['summary_fields']['can_copy']
|
||||
assert response['summary_fields']['can_edit']
|
||||
|
||||
# Access
|
||||
jt_access = JobTemplateAccess(rando)
|
||||
jt_dict = model_to_dict(jt_copy_edit)
|
||||
assert jt_access.can_add(jt_dict)
|
||||
assert jt_access.can_change(jt_copy_edit, jt_dict)
|
||||
|
||||
# Functional tests - create new JT with all returned fields, as the UI does
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_org_admin_copy_edit_functional(jt_copy_edit, org_admin, get, post):
|
||||
get_response = get(reverse('api:job_template_detail', args=[jt_copy_edit.pk]), user=org_admin)
|
||||
|
||||
post_data = get_response.data
|
||||
post_data['name'] = '%s @ 12:19:47 pm' % post_data['name']
|
||||
|
||||
assert get_response.status_code == 200
|
||||
assert get_response.data['summary_fields']['can_copy']
|
||||
|
||||
with mock.patch(
|
||||
'awx.main.models.projects.ProjectOptions.playbooks',
|
||||
new_callable=mock.PropertyMock(return_value=['hello_world.yml'])):
|
||||
post_response = post(reverse('api:job_template_list', args=[]), user=org_admin, data=post_data)
|
||||
|
||||
print '\n post_response: ' + str(post_response.data)
|
||||
assert post_response.status_code == 201
|
||||
assert post_response.data['name'] == 'copy-edit-job-template @ 12:19:47 pm'
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_jt_admin_copy_edit_functional(jt_copy_edit, rando, get, post):
|
||||
|
||||
# Grant random user JT admin access only
|
||||
jt_copy_edit.admin_role.members.add(rando)
|
||||
jt_copy_edit.save()
|
||||
|
||||
get_response = get(reverse('api:job_template_detail', args=[jt_copy_edit.pk]), user=rando)
|
||||
|
||||
assert get_response.status_code == 200
|
||||
assert not get_response.data['summary_fields']['can_copy']
|
||||
|
||||
post_data = get_response.data
|
||||
post_data['name'] = '%s @ 12:19:47 pm' % post_data['name']
|
||||
|
||||
with mock.patch(
|
||||
'awx.main.models.projects.ProjectOptions.playbooks',
|
||||
new_callable=mock.PropertyMock(return_value=['hello_world.yml'])):
|
||||
post_response = post(reverse('api:job_template_list', args=[]), user=rando, data=post_data)
|
||||
|
||||
print '\n post_response: ' + str(post_response.data)
|
||||
assert post_response.status_code == 403
|
||||
@ -9,9 +9,14 @@ from awx.main.models import Label, Job
|
||||
#DRF
|
||||
from rest_framework import serializers
|
||||
|
||||
def mock_JT_resource_data():
|
||||
return ({}, [])
|
||||
|
||||
@pytest.fixture
|
||||
def job_template(mocker):
|
||||
return mocker.MagicMock(pk=5)
|
||||
mock_jt = mocker.MagicMock(pk=5)
|
||||
mock_jt.resource_validation_data = mock_JT_resource_data
|
||||
return mock_jt
|
||||
|
||||
@pytest.fixture
|
||||
def job(mocker, job_template):
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user