def test_org_admin_copy_edit(self, jt_copy_edit, org_admin): "Organization admins SHOULD be able to copy a JT firmly in their org" serializer = JobTemplateSerializer( jt_copy_edit, context=self.fake_context(org_admin)) response = serializer.to_representation(jt_copy_edit) assert response['summary_fields']['user_capabilities']['copy'] assert response['summary_fields']['user_capabilities']['edit']
def test_sys_admin_copy_edit(self, jt_copy_edit, admin_user): "Absent a validation error, system admins can do everything" serializer = JobTemplateSerializer( jt_copy_edit, context=self.fake_context(admin_user)) response = serializer.to_representation(jt_copy_edit) assert response['summary_fields']['user_capabilities']['copy'] assert response['summary_fields']['user_capabilities']['edit']
def test_proj_jt_admin_copy_edit(self, jt_copy_edit, rando): "JT admins with access to associated resources SHOULD be able to copy" # random user given JT and project admin abilities jt_copy_edit.admin_role.members.add(rando) jt_copy_edit.save() jt_copy_edit.project.admin_role.members.add(rando) jt_copy_edit.project.save() serializer = JobTemplateSerializer(jt_copy_edit, context=self.fake_context(rando)) response = serializer.to_representation(jt_copy_edit) assert response['summary_fields']['user_capabilities']['copy'] assert response['summary_fields']['user_capabilities']['edit']
def test_jt_admin_copy_edit(self, jt_copy_edit, rando): """ JT admins wihout access to associated resources SHOULD NOT be able to copy SHOULD be able to make nonsensitive changes""" # random user given JT admin access only jt_copy_edit.admin_role.members.add(rando) jt_copy_edit.save() serializer = JobTemplateSerializer(jt_copy_edit, context=self.fake_context(rando)) response = serializer.to_representation(jt_copy_edit) assert not response['summary_fields']['user_capabilities']['copy'] assert response['summary_fields']['user_capabilities']['edit']
def test_validation_bad_data_copy_edit(self, admin_user, project): """ If a required resource (inventory here) was deleted, copying not allowed because doing so would caues a validation error """ jt_res = JobTemplate.objects.create( job_type='run', project=project, inventory=None, ask_inventory_on_launch=False, # not allowed ask_credential_on_launch=True, name='deploy-job-template' ) serializer = JobTemplateSerializer(jt_res, context=self.fake_context(admin_user)) response = serializer.to_representation(jt_res) assert not response['summary_fields']['user_capabilities']['copy'] assert response['summary_fields']['user_capabilities']['edit']
def test_org_admin_foreign_cred_no_copy_edit(self, jt_copy_edit, org_admin, machine_credential): """ Organization admins without access to the 3 related resources: SHOULD NOT be able to copy JT SHOULD be able to edit that job template, for nonsensitive changes """ # Attach credential to JT that org admin cannot use jt_copy_edit.credential = machine_credential jt_copy_edit.save() serializer = JobTemplateSerializer(jt_copy_edit) serializer.context = self.fake_context(org_admin) response = serializer.to_representation(jt_copy_edit) assert not response['summary_fields']['user_capabilities']['copy'] assert response['summary_fields']['user_capabilities']['edit']