zware/awx
1
0
Fork 0
mirror of https://github.com/ZwareBear/awx.git synced 2026-05-04 07:51:58 -05:00
Code Issues Packages Projects Releases Wiki Activity

Add support for following parental changes on save and delete in the RBAC system

Browse Source
This commit is contained in:
Akita Noek
2016-02-29 16:59:20 -05:00
parent c5b7d3363b
commit e94d441fb0
3 changed files with 215 additions and 39 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
awx/main/tests/functional/test_rbac_core.py
View File

@@ -2,6 +2,7 @@ import pytest
from awx.main.models import (
Role,
Resource,
Organization,
)
@@ -90,14 +91,50 @@ def test_auto_m2m_adjuments(organization, project, alice):
assert project.accessible_by(alice, {'read': True}) is True
@pytest.mark.django_db
@pytest.mark.skipif(True, reason='Unimplemented')
def test_auto_field_adjuments(organization, inventory, team, alice):
'Ensures the auto role reparenting is working correctly through m2m maps'
'Ensures the auto role reparenting is working correctly through non m2m fields'
org2 = Organization.objects.create(name='Org 2', description='org 2')
org2.admin_role.members.add(alice)
assert inventory.accessible_by(alice, {'read': True}) is False
inventory.organization = org2
inventory.save()
assert inventory.accessible_by(alice, {'read': True}) is True
inventory.organization = organization
inventory.save()
assert inventory.accessible_by(alice, {'read': True}) is False
#assert False
@pytest.mark.django_db
def test_implicit_deletes(alice):
'Ensures implicit resources and roles delete themselves'
delorg = Organization.objects.create(name='test-org')
delorg.admin_role.members.add(alice)
resource_id = delorg.resource.id
admin_role_id = delorg.admin_role.id
auditor_role_id = delorg.auditor_role.id
assert Role.objects.filter(id=admin_role_id).count() == 1
assert Role.objects.filter(id=auditor_role_id).count() == 1
assert Resource.objects.filter(id=resource_id).count() == 1
n_alice_roles = alice.roles.count()
n_system_admin_children = Role.singleton('System Administrator').children.count()
delorg.delete()
assert Role.objects.filter(id=admin_role_id).count() == 0
assert Role.objects.filter(id=auditor_role_id).count() == 0
assert Resource.objects.filter(id=resource_id).count() == 0
assert alice.roles.count() == (n_alice_roles - 1)
assert Role.singleton('System Administrator').children.count() == (n_system_admin_children - 1)
@pytest.mark.django_db
def test_content_object(user):
'Ensure our conent_object stuf seems to be working'
print('Creating organization')
org = Organization.objects.create(name='test-org')
print('Organizaiton id: %d resource: %d admin_role: %d' % (org.id, org.resource.id, org.admin_role.id))
assert org.resource.content_object.id == org.id
assert org.admin_role.content_object.id == org.id