External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-05-10 10:57:35 -02:30
Code Issues Packages Projects Releases Wiki Activity

user password required on creation

Browse Source
This commit is contained in:
Chris Meyers
2015-05-22 15:31:13 -04:00
parent 39b051346a
commit ec456c4e8b
2 changed files with 15 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
awx/api/serializers.py
View File

@@ -594,6 +594,10 @@ class UserSerializer(BaseSerializer):
def restore_object(self, attrs, instance=None): def restore_object(self, attrs, instance=None):
new_password = attrs.pop('password', None) new_password = attrs.pop('password', None)
# first time creating, password required
if instance is None and new_password in (None, ''):
self._errors = {'password': ['Password required for new User']}
return
instance = super(UserSerializer, self).restore_object(attrs, instance) instance = super(UserSerializer, self).restore_object(attrs, instance)
instance._new_password = new_password instance._new_password = new_password
return instance return instance
@@ -655,6 +659,9 @@ class UserSerializer(BaseSerializer):
def validate_is_superuser(self, attrs, source): def validate_is_superuser(self, attrs, source):
return self._validate_ldap_managed_field(attrs, source) return self._validate_ldap_managed_field(attrs, source)
def validate_password(self, attrs, source):
return attrs
class OrganizationSerializer(BaseSerializer): class OrganizationSerializer(BaseSerializer):

11
awx/main/tests/users.py
View File

@@ -119,11 +119,16 @@ class UsersTest(BaseTest):
self.organizations[0].users.add(self.other_django_user) self.organizations[0].users.add(self.other_django_user)
self.organizations[0].users.add(self.normal_django_user) self.organizations[0].users.add(self.normal_django_user)
self.organizations[1].users.add(self.other_django_user) self.organizations[1].users.add(self.other_django_user)
def test_user_creation_fails_without_password(self):
url = reverse('api:user_list')
new_user = dict(username='blippy')
response = self.post(url, expect=400, data=new_user, auth=self.get_super_credentials())
def test_only_super_user_or_org_admin_can_add_users(self): def test_only_super_user_or_org_admin_can_add_users(self):
url = reverse('api:user_list') url = reverse('api:user_list')
new_user = dict(username='blippy') new_user = dict(username='blippy', password='hippy')
new_user2 = dict(username='blippy2') new_user2 = dict(username='blippy2', password='hippy2')
self.post(url, expect=401, data=new_user, auth=None) self.post(url, expect=401, data=new_user, auth=None)
self.post(url, expect=401, data=new_user, auth=self.get_invalid_credentials()) self.post(url, expect=401, data=new_user, auth=self.get_invalid_credentials())
self.post(url, expect=403, data=new_user, auth=self.get_other_credentials()) self.post(url, expect=403, data=new_user, auth=self.get_other_credentials())
@@ -138,7 +143,7 @@ class UsersTest(BaseTest):
def test_only_super_user_can_use_superuser_flag(self): def test_only_super_user_can_use_superuser_flag(self):
url = reverse('api:user_list') url = reverse('api:user_list')
new_super_user = dict(username='nommy', is_superuser=True) new_super_user = dict(username='nommy', password='cookie', is_superuser=True)
self.post(url, expect=401, data=new_super_user, auth=self.get_invalid_credentials()) self.post(url, expect=401, data=new_super_user, auth=self.get_invalid_credentials())
self.post(url, expect=403, data=new_super_user, auth=self.get_other_credentials()) self.post(url, expect=403, data=new_super_user, auth=self.get_other_credentials())
self.post(url, expect=403, data=new_super_user, auth=self.get_normal_credentials()) self.post(url, expect=403, data=new_super_user, auth=self.get_normal_credentials())