コード例 #1
0
def test_role_users_list_other_user_admin_role(admin_role, err):
    with mock.patch('awx.api.views.RoleUsersList.get_parent_object') as role_get, \
            mock.patch('awx.api.views.ContentType.objects.get_for_model') as ct_get:

        role_mock = mock.MagicMock(spec=Role, id=1)
        content_type_mock = mock.MagicMock(spec=ContentType)
        role_mock.content_type = content_type_mock
        role_get.return_value = role_mock
        ct_get.return_value = content_type_mock

        user_admin_role = role_mock if admin_role else None
        with mock.patch('awx.api.views.User.admin_role',
                        new_callable=PropertyMock,
                        return_value=user_admin_role):
            factory = APIRequestFactory()
            view = RoleUsersList.as_view()

            user = User(username="******", is_superuser=True, pk=1, id=1)
            queried_user = User(username="******")

            request = factory.post("/role/1/users", {'id': 1}, format="json")
            force_authenticate(request, user)

            with mock.patch('awx.api.views.get_object_or_400',
                            return_value=queried_user):
                response = view(request)
            response.render()

            assert response.status_code == 403
            assert err in response.content
コード例 #2
0
ファイル: test_rbac_user.py プロジェクト: doziya/AWX
def test_user_accessible_objects(user, organization):
    admin = user('admin', False)
    u = user('john', False)
    assert User.accessible_objects(admin, 'admin_role').count() == 1

    organization.member_role.members.add(u)
    organization.admin_role.members.add(admin)
    assert User.accessible_objects(admin, 'admin_role').count() == 2

    organization.member_role.members.remove(u)
    assert User.accessible_objects(admin, 'admin_role').count() == 1
コード例 #3
0
    def test_copy_edit_standard(self, mocker, job_template_factory):
        """Verify that the exact output of the access.py methods
        are put into the serializer user_capabilities"""

        jt_obj = job_template_factory('testJT',
                                      project='proj1',
                                      persisted=False).job_template
        jt_obj.admin_role = Role(id=9, role_field='admin_role')
        jt_obj.execute_role = Role(id=8, role_field='execute_role')
        jt_obj.read_role = Role(id=7, role_field='execute_role')
        user = User(username="******")
        serializer = JobTemplateSerializer(job_template)
        serializer.show_capabilities = ['copy', 'edit']
        serializer._summary_field_labels = lambda self: []
        serializer._recent_jobs = lambda self: []
        request = APIRequestFactory().get('/api/v2/job_templates/42/')
        request.user = user
        view = JobTemplateDetail()
        view.request = request
        view.kwargs = {}
        serializer.context['view'] = view

        with mocker.patch("awx.api.serializers.role_summary_fields_generator",
                          return_value='Can eat pie'):
            with mocker.patch("awx.main.access.JobTemplateAccess.can_change",
                              return_value='foobar'):
                with mocker.patch("awx.main.access.JobTemplateAccess.can_copy",
                                  return_value='foo'):
                    response = serializer.get_summary_fields(jt_obj)

        assert response['user_capabilities']['copy'] == 'foo'
        assert response['user_capabilities']['edit'] == 'foobar'
コード例 #4
0
    def test_to_representation_orphan(self, superuser, sysaudit, admin_role,
                                      value):
        with mock.patch.object(CustomInventoryScriptSerializer,
                               'get_summary_fields',
                               return_value={}):
            with mock.patch.object(User,
                                   'is_system_auditor',
                                   return_value=sysaudit):
                user = User(username="******", is_superuser=superuser)
                roles = [user] if admin_role else []

                with mock.patch('awx.main.models.CustomInventoryScript.admin_role', new_callable=PropertyMock, return_value=roles),\
                        mock.patch('awx.api.serializers.settings'):
                    cis = CustomInventoryScript(pk=1, script=value)
                    serializer = CustomInventoryScriptSerializer()

                    factory = APIRequestFactory()
                    wsgi_request = factory.post("/inventory_script/1",
                                                {'id': 1},
                                                format="json")
                    force_authenticate(wsgi_request, user)

                    request = Request(wsgi_request)
                    serializer.context['request'] = request

                    representation = serializer.to_representation(cis)
                    assert representation['script'] == value
コード例 #5
0
def test_user_roles_list_user_admin_role(pk, err):
    with mock.patch('awx.api.views.get_object_or_400') as role_get, \
            mock.patch('awx.api.views.ContentType.objects.get_for_model') as ct_get:

        role_mock = mock.MagicMock(spec=Role, id=1, pk=1)
        content_type_mock = mock.MagicMock(spec=ContentType)
        role_mock.content_type = content_type_mock
        role_get.return_value = role_mock
        ct_get.return_value = content_type_mock

        with mock.patch('awx.api.views.User.admin_role',
                        new_callable=PropertyMock,
                        return_value=role_mock):
            factory = APIRequestFactory()
            view = UserRolesList.as_view()

            user = User(username="******", is_superuser=True, pk=1, id=1)

            request = factory.post("/user/1/roles", {'id': pk}, format="json")
            force_authenticate(request, user)

            response = view(request, pk=user.pk)
            response.render()

            assert response.status_code == 403
            assert err in response.content
コード例 #6
0
 def test_job_metavars(self):
     maker = User(username='******', pk=47, id=47)
     inv = Inventory(name='example-inv', id=45)
     assert Job(
         name='fake-job',
         pk=42, id=42,
         launch_type='manual',
         created_by=maker,
         inventory=inv
     ).awx_meta_vars() == {
         'tower_job_id': 42,
         'awx_job_id': 42,
         'tower_job_launch_type': 'manual',
         'awx_job_launch_type': 'manual',
         'awx_user_name': 'joe',
         'tower_user_name': 'joe',
         'awx_user_email': '',
         'tower_user_email': '',
         'awx_user_first_name': '',
         'tower_user_first_name': '',
         'awx_user_last_name': '',
         'tower_user_last_name': '',
         'awx_user_id': 47,
         'tower_user_id': 47,
         'tower_inventory_id': 45,
         'awx_inventory_id': 45,
         'tower_inventory_name': 'example-inv',
         'awx_inventory_name': 'example-inv'
     }
コード例 #7
0
ファイル: test_pipeline.py プロジェクト: yckwon75/awx
    def test__check_flag(self, user_flags_settings, expected):
        user = User()
        user.username = '******'
        user.is_superuser = False

        attributes = {
            'email': ['*****@*****.**'],
            'last_name': ['Westcott'],
            'is_superuser': ['something', 'else', 'true'],
            'username': ['test_id'],
            'first_name': ['John'],
            'Role': ['test-role-1', 'something', 'different'],
            'name_id': 'test_id',
        }

        assert expected == _check_flag(user, 'superuser', attributes, user_flags_settings)
コード例 #8
0
 def test_job_metavars(self):
     maker = User(username='******', pk=47, id=47)
     assert Job(name='fake-job',
                pk=42,
                id=42,
                launch_type='manual',
                created_by=maker).awx_meta_vars() == {
                    'tower_job_id': 42,
                    'awx_job_id': 42,
                    'tower_job_launch_type': 'manual',
                    'awx_job_launch_type': 'manual',
                    'awx_user_name': 'joe',
                    'tower_user_name': 'joe',
                    'awx_user_id': 47,
                    'tower_user_id': 47
                }
コード例 #9
0
ファイル: test_unified_job_unit.py プロジェクト: timkids/awx
 def test_job_metavars(self):
     maker = User(username='******', pk=47, id=47)
     inv = Inventory(name='example-inv', id=45)
     result_hash = {}
     for name in JOB_VARIABLE_PREFIXES:
         result_hash['{}_job_id'.format(name)] = 42
         result_hash['{}_job_launch_type'.format(name)] = 'manual'
         result_hash['{}_user_name'.format(name)] = 'joe'
         result_hash['{}_user_email'.format(name)] = ''
         result_hash['{}_user_first_name'.format(name)] = ''
         result_hash['{}_user_last_name'.format(name)] = ''
         result_hash['{}_user_id'.format(name)] = 47
         result_hash['{}_inventory_id'.format(name)] = 45
         result_hash['{}_inventory_name'.format(name)] = 'example-inv'
     assert Job(name='fake-job',
                pk=42,
                id=42,
                launch_type='manual',
                created_by=maker,
                inventory=inv).awx_meta_vars() == result_hash
コード例 #10
0
def test_team_roles_list_post_org_roles():
    with mock.patch('awx.api.views.get_object_or_400') as role_get, \
            mock.patch('awx.api.views.ContentType.objects.get_for_model') as ct_get:

        role_mock = mock.MagicMock(spec=Role)
        content_type_mock = mock.MagicMock(spec=ContentType)
        role_mock.content_type = content_type_mock
        role_get.return_value = role_mock
        ct_get.return_value = content_type_mock

        factory = APIRequestFactory()
        view = TeamRolesList.as_view()

        request = factory.post("/team/1/roles", {'id': 1}, format="json")
        force_authenticate(request, User(username="******", is_superuser=True))

        response = view(request)
        response.render()

        assert response.status_code == 400
        assert 'cannot assign' in response.content