Initial (editable) pass of adding JT.organization

This is the old version of this feature from 2019 this allows setting the organization in the data sent to the API when creating a JT, and exposes the field in the UI as well Subsequent commit changes the field from editable to read-only, but as of this commit, the machinery is not hooked up to infer it from project
2026-03-17 17:07:33 -02:30 · 2020-01-16 14:59:43 -05:00
parent 1876849d89
commit daa9282790
46 changed files with 985 additions and 377 deletions
--- a/awx/main/tests/unit/test_access.py
+++ b/awx/main/tests/unit/test_access.py
@@ -148,7 +148,9 @@ def job_template_with_ids(job_template_factory):
        'testJT', project=proj, inventory=inv, credential=credential,
        cloud_credential=cloud_cred, network_credential=net_cred,
        persisted=False)
-    return jt_objects.job_template
+    jt = jt_objects.job_template
+    jt.organization = Organization(id=1, pk=1, name='fooOrg')
+    return jt


 def test_superuser(mocker):
@@ -180,21 +182,24 @@ def test_jt_existing_values_are_nonsensitive(job_template_with_ids, user_unit):
 def test_change_jt_sensitive_data(job_template_with_ids, mocker, user_unit):
    """Assure that can_add is called with all ForeignKeys."""

-    job_template_with_ids.admin_role = Role()
+    class RoleReturnsTrue(Role):
+        def __contains__(self, accessor):
+            return True
+
+    job_template_with_ids.admin_role = RoleReturnsTrue()
+    job_template_with_ids.organization.job_template_admin_role = RoleReturnsTrue()
+
+    inv2 = Inventory()
+    inv2.use_role = RoleReturnsTrue()
+    data = {'inventory': inv2}

-    data = {'inventory': job_template_with_ids.inventory.id + 1}
    access = JobTemplateAccess(user_unit)

-    mock_add = mock.MagicMock(return_value=False)
-    with mock.patch('awx.main.models.rbac.Role.__contains__', return_value=True):
-        with mocker.patch('awx.main.access.JobTemplateAccess.can_add', mock_add):
-            with mocker.patch('awx.main.access.JobTemplateAccess.can_read', return_value=True):
-                assert not access.can_change(job_template_with_ids, data)
+    assert not access.changes_are_non_sensitive(job_template_with_ids, data)

-    mock_add.assert_called_once_with({
-        'inventory': data['inventory'],
-        'project': job_template_with_ids.project.id
-    })
+    job_template_with_ids.inventory.use_role = RoleReturnsTrue()
+    job_template_with_ids.project.use_role = RoleReturnsTrue()
+    assert access.can_change(job_template_with_ids, data)


 def mock_raise_none(self, add_host=False, feature=None, check_expiration=True):