def test_add_JT_no_start_perm(self, wfjt, job_template, rando): wfjt.admin_role.members.add(rando) access = WorkflowJobTemplateNodeAccess(rando) job_template.read_role.members.add(rando) assert not access.can_add({ 'workflow_job_template': wfjt, 'unified_job_template': job_template})
def test_remove_unwanted_foreign_node(self, wfjt_node, job_template, rando): wfjt = wfjt_node.workflow_job_template wfjt.admin_role.members.add(rando) wfjt_node.unified_job_template = job_template access = WorkflowJobTemplateNodeAccess(rando) assert access.can_delete(wfjt_node)
def test_add_node_with_minimum_permissions(self, wfjt, job_template, inventory, rando): wfjt.admin_role.members.add(rando) access = WorkflowJobTemplateNodeAccess(rando) job_template.execute_role.members.add(rando) inventory.use_role.members.add(rando) assert access.can_add({ 'workflow_job_template': wfjt, 'inventory': inventory, 'unified_job_template': job_template})
def test_access_to_edit_non_JT(self, rando, workflow_job_template, organization, project): workflow_job_template.admin_role.members.add(rando) node = workflow_job_template.workflow_job_template_nodes.create( unified_job_template=project ) assert not WorkflowJobTemplateNodeAccess(rando).can_change(node, {'limit': ''}) project.update_role.members.add(rando) assert WorkflowJobTemplateNodeAccess(rando).can_change(node, {'limit': ''})
def test_no_jt_access_to_edit(self, wfjt_node, org_admin): # without access to the related job template, admin to the WFJT can # not change the prompted parameters access = WorkflowJobTemplateNodeAccess(org_admin) assert not access.can_change(wfjt_node, {'job_type': 'scan'})
def test_node_edit_allowed(self, wfjt_node, org_admin): wfjt_node.unified_job_template.admin_role.members.add(org_admin) access = WorkflowJobTemplateNodeAccess(org_admin) assert access.can_change(wfjt_node, {'job_type': 'check'})
def test_no_jt_access_to_edit(self, wfjt_node, rando): # without access to the related job template, admin to the WFJT can # not change the prompted parameters wfjt_node.workflow_job_template.admin_role.members.add(rando) access = WorkflowJobTemplateNodeAccess(rando) assert not access.can_change(wfjt_node, {'job_type': 'check'})