zware/awx
1
0
Fork 0
mirror of https://github.com/ZwareBear/awx.git synced 2026-05-15 15:58:38 -05:00
Code Issues Packages Projects Releases Wiki Activity

added Credential.migrate_to_rbac and tests

Browse Source
This commit is contained in:
Wayne Witzel III
2016-02-05 08:47:15 -05:00
parent b903726ddb
commit 58a603bac1
3 changed files with 73 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files
awx/main/tests/functional/conftest.py
+16 -1
View File
@@ -1,6 +1,10 @@
import pytest
from awx.main.models.organization import Organization
from awx.main.models.credential import Credential
from awx.main.models.organization import (
Organization,
Team,
)
from django.contrib.auth.models import User
@pytest.fixture
@@ -14,10 +18,18 @@ def user():
return user
return u
@pytest.fixture
def team(organization):
return Team.objects.create(organization=organization, name='test-team')
@pytest.fixture
def organization():
return Organization.objects.create(name="test-org", description="test-org-desc")
@pytest.fixture
def credential():
return Credential.objects.create(kind='aws', name='test-cred')
@pytest.fixture
def permissions():
return {
@@ -26,5 +38,8 @@ def permissions():
'auditor':{'read':True, 'create':False, 'write':False,
'update':False, 'delete':False, 'scm_update':False, 'execute':False, 'use':False,},
'usage':{'read':False, 'create':False, 'write':False,
'update':False, 'delete':False, 'scm_update':False, 'execute':False, 'use':True,},
}
awx/main/tests/functional/test_rbac_credential.py
+44
View File
@@ -0,0 +1,44 @@
import pytest
@pytest.mark.django_db
def test_credential_migration_user(credential, user, permissions):
u = user('user', False)
credential.user = u
migrated = credential.migrate_to_rbac()
assert len(migrated) == 1
assert credential.accessible_by(u, permissions['admin'])
@pytest.mark.django_db
def test_credential_usage_role(credential, user, permissions):
u = user('user', False)
credential.usage_role.members.add(u)
assert credential.accessible_by(u, permissions['usage'])
@pytest.mark.django_db
def test_credential_migration_team_member(credential, team, user, permissions):
u = user('user', False)
team.admin_role.members.add(u)
credential.team = team
# No permissions pre-migration
assert credential.accessible_by(u, permissions['admin']) == False
migrated = credential.migrate_to_rbac()
# Admin permissions post migration
assert len(migrated) == 1
assert credential.accessible_by(u, permissions['admin'])
@pytest.mark.django_db
def test_credential_migration_team_admin(credential, team, user, permissions):
u = user('user', False)
team.member_role.members.add(u)
credential.team = team
# No permissions pre-migration
assert credential.accessible_by(u, permissions['usage']) == False
# Usage permissions post migration
migrated = credential.migrate_to_rbac()
assert len(migrated) == 1
assert credential.accessible_by(u, permissions['usage'])