fixing tests for new team role assignment restrictions

awx/main/tests/functional/test_rbac_api.py

@@ -12,7 +12,7 @@ def mock_feature_enabled(feature, bypass_database=None):
 
 @pytest.fixture
 def role():
-    return Role.objects.create()
+    return Role.objects.create(role_field='admin_role')
 
 
 #
@@ -210,33 +210,33 @@ def test_get_teams_roles_list(get, team, organization, admin):
 
 
 @pytest.mark.django_db
-def test_add_role_to_teams(team, role, post, admin):
+def test_add_role_to_teams(team, post, admin):
-    assert team.member_role.children.filter(id=role.id).count() == 0
+    assert team.member_role.children.filter(id=team.member_role.id).count() == 0
     url = reverse('api:team_roles_list', args=(team.id,))
 
-    response = post(url, {'id': role.id}, admin)
+    response = post(url, {'id': team.member_role.id}, admin)
     assert response.status_code == 204
-    assert team.member_role.children.filter(id=role.id).count() == 1
+    assert team.member_role.children.filter(id=team.member_role.id).count() == 1
 
-    response = post(url, {'id': role.id}, admin)
+    response = post(url, {'id': team.member_role.id}, admin)
     assert response.status_code == 204
-    assert team.member_role.children.filter(id=role.id).count() == 1
+    assert team.member_role.children.filter(id=team.member_role.id).count() == 1
 
     response = post(url, {}, admin)
     assert response.status_code == 400
-    assert team.member_role.children.filter(id=role.id).count() == 1
+    assert team.member_role.children.filter(id=team.member_role.id).count() == 1
 
 @pytest.mark.django_db
-def test_remove_role_from_teams(team, role, post, admin):
+def test_remove_role_from_teams(team, post, admin):
-    assert team.member_role.children.filter(id=role.id).count() == 0
+    assert team.member_role.children.filter(id=team.member_role.id).count() == 0
     url = reverse('api:team_roles_list', args=(team.id,))
-    response = post(url, {'id': role.id}, admin)
+    response = post(url, {'id': team.member_role.id}, admin)
     assert response.status_code == 204
-    assert team.member_role.children.filter(id=role.id).count() == 1
+    assert team.member_role.children.filter(id=team.member_role.id).count() == 1
 
-    response = post(url, {'disassociate': role.id, 'id': role.id}, admin)
+    response = post(url, {'disassociate': team.member_role.id, 'id': team.member_role.id}, admin)
     assert response.status_code == 204
-    assert team.member_role.children.filter(id=role.id).count() == 0
+    assert team.member_role.children.filter(id=team.member_role.id).count() == 0
 
 
 

awx/main/tests/functional/test_rbac_team.py

@@ -10,17 +10,17 @@ def test_team_attach_unattach(team, user):
     access = TeamAccess(u)
 
     team.member_role.members.add(u)
-    assert not access.can_attach(team, u.admin_role, 'member_role.children', None)
+    assert not access.can_attach(team, team.member_role, 'member_role.children', None)
-    assert not access.can_unattach(team, u.admin_role, 'member_role.children')
+    assert not access.can_unattach(team, team.member_role, 'member_role.children')
 
     team.admin_role.members.add(u)
-    assert access.can_attach(team, u.admin_role, 'member_role.children', None)
+    assert access.can_attach(team, team.member_role, 'member_role.children', None)
-    assert access.can_unattach(team, u.admin_role, 'member_role.children')
+    assert access.can_unattach(team, team.member_role, 'member_role.children')
 
     u2 = user('non-member', False)
     access = TeamAccess(u2)
-    assert not access.can_attach(team, u2.admin_role, 'member_role.children', None)
+    assert not access.can_attach(team, team.member_role, 'member_role.children', None)
-    assert not access.can_unattach(team, u2.admin_role, 'member_role.chidlren')
+    assert not access.can_unattach(team, team.member_role, 'member_role.chidlren')
 
 @pytest.mark.django_db
 def test_team_access_superuser(team, user):