def test_access_auditor(organization, inventory, user): u = user('admin', False) inventory.organization = organization organization.auditor_role.members.add(u) access = InventoryAccess(u) assert access.can_read(inventory) assert not access.can_add(None) assert not access.can_add({'organization': organization.id}) assert not access.can_change(inventory, None) assert not access.can_change(inventory, {'organization': organization.id}) assert not access.can_admin(inventory, None) assert not access.can_admin(inventory, {'organization': organization.id}) assert not access.can_delete(inventory) assert not access.can_run_ad_hoc_commands(inventory)
def test_access_admin(role, organization, inventory, user): a = user('admin', False) inventory.organization = organization role = getattr(organization, role) role.members.add(a) access = InventoryAccess(a) assert access.can_read(inventory) assert access.can_add(None) assert access.can_add({'organization': organization.id}) assert access.can_change(inventory, None) assert access.can_change(inventory, {'organization': organization.id}) assert access.can_admin(inventory, None) assert access.can_admin(inventory, {'organization': organization.id}) assert access.can_delete(inventory) assert access.can_run_ad_hoc_commands(inventory)
def test_running_job_protection(inventory, admin_user): AdHocCommand.objects.create(inventory=inventory, status='running') access = InventoryAccess(admin_user) with pytest.raises(ActiveJobConflict): access.can_delete(inventory)