External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-03-18 17:37:30 -02:30
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #3001 from anoek/misc-fixes

Browse Source 
Minor migration fixes
This commit is contained in:
Akita Noek
2016-07-14 11:23:22 -04:00
committed by GitHub
parent deb1c1652b 6da6f48521
commit d39b9ff84f
4 changed files with 9 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
awx/main/access.py
View File

@@ -1562,7 +1562,7 @@ class CustomInventoryScriptAccess(BaseAccess):
return self.user in org.admin_role return self.user in org.admin_role
@check_superuser @check_superuser
def can_admin(self, obj): def can_admin(self, obj, data=None):
return self.user in obj.admin_role return self.user in obj.admin_role
@check_superuser @check_superuser

2
awx/main/migrations/_old_access.py
View File

@@ -656,7 +656,7 @@ class TeamAccess(BaseAccess):
raise PermissionDenied('Unable to change organization on a team') raise PermissionDenied('Unable to change organization on a team')
if self.user.is_superuser: if self.user.is_superuser:
return True return True
if self.user in obj.organization.deprecated_admins.all(): if obj.organization and self.user in obj.organization.deprecated_admins.all():
return True return True
return False return False

3
awx/main/migrations/_rbac.py
View File

@@ -198,7 +198,8 @@ def migrate_credential(apps, schema_editor):
logger.info(smart_text(u"added Credential(name={}, kind={}, host={}) at organization level".format(cred.name, cred.kind, cred.host))) logger.info(smart_text(u"added Credential(name={}, kind={}, host={}) at organization level".format(cred.name, cred.kind, cred.host)))
if cred.deprecated_team is not None: if cred.deprecated_team is not None:
cred.deprecated_team.member_role.children.add(cred.admin_role) cred.deprecated_team.admin_role.children.add(cred.admin_role)
cred.deprecated_team.member_role.children.add(cred.use_role)
cred.save() cred.save()
logger.info(smart_text(u"added Credential(name={}, kind={}, host={}) at user level".format(cred.name, cred.kind, cred.host))) logger.info(smart_text(u"added Credential(name={}, kind={}, host={}) at user level".format(cred.name, cred.kind, cred.host)))
elif cred.deprecated_user is not None: elif cred.deprecated_user is not None:

8
awx/main/tests/functional/test_rbac_credential.py
View File

@@ -28,8 +28,10 @@ def test_two_teams_same_cred_name(organization_factory):
rbac.migrate_credential(apps, None) rbac.migrate_credential(apps, None)
assert objects.teams.team1.member_role in cred1.admin_role.parents.all() assert objects.teams.team1.admin_role in cred1.admin_role.parents.all()
assert objects.teams.team2.member_role in cred2.admin_role.parents.all() assert objects.teams.team2.admin_role in cred2.admin_role.parents.all()
assert objects.teams.team1.member_role in cred1.use_role.parents.all()
assert objects.teams.team2.member_role in cred2.use_role.parents.all()
@pytest.mark.django_db @pytest.mark.django_db
def test_credential_use_role(credential, user, permissions): def test_credential_use_role(credential, user, permissions):
@@ -53,7 +55,7 @@ def test_credential_migration_team_member(credential, team, user, permissions):
rbac.migrate_credential(apps, None) rbac.migrate_credential(apps, None)
# Admin permissions post migration # Admin permissions post migration
assert u in credential.admin_role assert u in credential.use_role
@pytest.mark.django_db @pytest.mark.django_db
def test_credential_migration_team_admin(credential, team, user, permissions): def test_credential_migration_team_admin(credential, team, user, permissions):