External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-03-26 05:15:02 -02:30
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #273 from chrismeyersfsu/fix-job_launch_credential_permissions

Browse Source 
restrict the set of valid, explicitly supplied credentials to be ones readable by the user
This commit is contained in:
Chris Meyers
2015-06-10 08:37:25 -04:00
parent ca59314f87 df57f45baa
commit f06c7e17f5
2 changed files with 11 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
awx/main/tests/jobs/job_launch.py
View File

@@ -118,6 +118,13 @@ class JobTemplateLaunchTest(BaseJobTestMixin, django.test.TestCase):
self.post(self.launch_url, {'credential': self.cred_doug.pk}, expect=400)
self.post(self.launch_url, {'credential_id': self.cred_doug.pk}, expect=400)
def test_explicit_unowned_cred(self):
# Explicitly specify a credential that we don't have access to
with self.current_user(self.user_juan):
launch_url = reverse('api:job_template_launch',
args=(self.jt_eng_run.pk,))
self.post(launch_url, {'credential_id': self.cred_sue.pk}, expect=403)
def test_no_project_fail(self):
# Job Templates without projects can not be launched
with self.current_user(self.user_sue):