External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-05-08 09:57:35 -02:30
Code Issues Packages Projects Releases Wiki Activity

fix tests with refreshes

Browse Source
This commit is contained in:
Wayne Witzel III
2016-06-10 13:33:23 -04:00
parent 5754b4bb2c
commit e243c8319d
3 changed files with 16 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
awx/api/urls.py
View File

@@ -168,7 +168,6 @@ credential_urls = patterns('awx.api.views',
url(r'^(?P<pk>[0-9]+)/object_roles/$', 'credential_object_roles_list'), url(r'^(?P<pk>[0-9]+)/object_roles/$', 'credential_object_roles_list'),
url(r'^(?P<pk>[0-9]+)/owner/users/$', 'credential_owner_users_list'), url(r'^(?P<pk>[0-9]+)/owner/users/$', 'credential_owner_users_list'),
url(r'^(?P<pk>[0-9]+)/owner/teams/$', 'credential_owner_teams_list'), url(r'^(?P<pk>[0-9]+)/owner/teams/$', 'credential_owner_teams_list'),
url(r'^(?P<pk>[0-9]+)/organization/$', 'credential_owner_teams_list'),
# See also credentials resources on users/teams. # See also credentials resources on users/teams.
) )

40
awx/main/migrations/_rbac.py
View File

@@ -126,7 +126,7 @@ def _update_credential_parents(org, cred):
cred.organization = org cred.organization = org
cred.save() cred.save()
def _discover_credentials(apps, instances, cred, orgfunc): def _discover_credentials(instances, cred, orgfunc):
'''_discover_credentials will find shared credentials across '''_discover_credentials will find shared credentials across
organizations. If a shared credential is found, it will duplicate organizations. If a shared credential is found, it will duplicate
the credential, ensure the proper role permissions are added to the new the credential, ensure the proper role permissions are added to the new
@@ -139,8 +139,6 @@ def _discover_credentials(apps, instances, cred, orgfunc):
orgfunc is a function that when called with an instance from instances orgfunc is a function that when called with an instance from instances
will produce an Organization object. will produce an Organization object.
''' '''
Credential = apps.get_model('main', "Credential")
orgs = defaultdict(list) orgs = defaultdict(list)
for inst in instances: for inst in instances:
try: try:
@@ -163,38 +161,16 @@ def _discover_credentials(apps, instances, cred, orgfunc):
_update_credential_parents(org, cred) _update_credential_parents(org, cred)
else: else:
# Create a new credential # Create a new credential
new_cred = Credential.objects.create( cred.pk = None
kind = cred.kind, cred.save()
cloud = cred.cloud,
host = cred.host, cred.owner_role, cred.use_role, cred.organization = None, None, None
username = cred.username,
password = cred.password,
security_token = cred.security_token,
project = cred.project,
domain = cred.domain,
ssh_key_data = cred.ssh_key_data,
ssh_key_unlock = cred.ssh_key_unlock,
become_method = cred.become_method,
become_username = cred.become_username,
become_password = cred.become_password,
vault_password = cred.vault_password,
authorize = cred.authorize,
authorize_password = cred.authorize_password,
client = cred.client,
secret = cred.secret,
subscription = cred.subscription,
tenant = cred.tenant,
created = cred.created,
modified = cred.modified,
created_by_id = cred.created_by_id,
modified_by_id = cred.modified_by_id,
)
for i in orgs[org]: for i in orgs[org]:
i.credential = new_cred i.credential = cred
i.save() i.save()
_update_credential_parents(org, new_cred) _update_credential_parents(org, cred)
@log_migration @log_migration
def migrate_credential(apps, schema_editor): def migrate_credential(apps, schema_editor):
@@ -210,7 +186,7 @@ def migrate_credential(apps, schema_editor):
if len(results) == 1: if len(results) == 1:
_update_credential_parents(results[0].inventory.organization, cred) _update_credential_parents(results[0].inventory.organization, cred)
else: else:
_discover_credentials(apps, results, cred, attrfunc('inventory.organization')) _discover_credentials(results, cred, attrfunc('inventory.organization'))
logger.info(smart_text(u"added Credential(name={}, kind={}, host={}) at organization level".format(cred.name, cred.kind, cred.host))) logger.info(smart_text(u"added Credential(name={}, kind={}, host={}) at organization level".format(cred.name, cred.kind, cred.host)))
projs = Project.objects.filter(credential=cred).all() projs = Project.objects.filter(credential=cred).all()

8
awx/main/tests/functional/test_rbac_credential.py
View File

@@ -118,6 +118,9 @@ def test_cred_job_template(user, team, deploy_jobtemplate):
access = CredentialAccess(a) access = CredentialAccess(a)
rbac.migrate_credential(apps, None) rbac.migrate_credential(apps, None)
cred.refresh_from_db()
assert access.can_change(cred, {'organization': org.pk}) assert access.can_change(cred, {'organization': org.pk})
org.admin_role.members.remove(a) org.admin_role.members.remove(a)
@@ -135,6 +138,8 @@ def test_cred_multi_job_template_single_org_xfail(user, deploy_jobtemplate):
access = CredentialAccess(a) access = CredentialAccess(a)
rbac.migrate_credential(apps, None) rbac.migrate_credential(apps, None)
cred.refresh_from_db()
assert not access.can_change(cred, {'organization': org.pk}) assert not access.can_change(cred, {'organization': org.pk})
@pytest.mark.django_db @pytest.mark.django_db
@@ -149,6 +154,8 @@ def test_cred_multi_job_template_single_org(user, team, deploy_jobtemplate):
access = CredentialAccess(a) access = CredentialAccess(a)
rbac.migrate_credential(apps, None) rbac.migrate_credential(apps, None)
cred.refresh_from_db()
assert access.can_change(cred, {'organization': org.pk}) assert access.can_change(cred, {'organization': org.pk})
org.admin_role.members.remove(a) org.admin_role.members.remove(a)
@@ -180,6 +187,7 @@ def test_single_cred_multi_job_template_multi_org(user, organizations, credentia
for jt in jts: for jt in jts:
jt.refresh_from_db() jt.refresh_from_db()
credential.refresh_from_db()
assert jts[0].credential != jts[1].credential assert jts[0].credential != jts[1].credential
assert access.can_change(jts[0].credential, {'organization': org.pk}) assert access.can_change(jts[0].credential, {'organization': org.pk})