more access tests and a Makefile driveby

2024-11-01 16:51:11 +03:00 · 2016-02-16 21:04:33 -05:00 · 2016-02-16 21:04:33 -05:00 · 5306eaa98c
commit 5306eaa98c
parent 40ec6a2da2
3 changed files with 32 additions and 5 deletions
--- a/2
+++ b/2
@ -798,7 +798,7 @@ docker-compose-test:

 MACHINE?=default
 docker-refresh:
-	rm -f awx/lib/.deps_built
+	rm -f awx/lib/.deps_built awx/lib/site-packages
 	eval $$(docker-machine env $(MACHINE))
 	docker stop $$(docker ps -a -q)
 	docker rm $$(docker ps -f name=tools_tower -a -q)
--- a/awx/main/tests/functional/test_rbac_job_templates.py
+++ b/awx/main/tests/functional/test_rbac_job_templates.py
@ -1,9 +1,15 @@
+import mock
 import pytest

+from awx.main.access import (
+    BaseAccess,
+    JobTemplateAccess,
+)
 from awx.main.migrations import _rbac as rbac
 from awx.main.models import Permission
 from django.apps import apps

+
@pytest.mark.django_db
 def test_job_template_migration_check(deploy_jobtemplate, check_jobtemplate, user):
    admin = user('admin', is_superuser=True)
@ -131,3 +137,15 @@ def test_job_template_team_deploy_migration(deploy_jobtemplate, check_jobtemplat

    assert check_jobtemplate.accessible_by(admin, {'execute': True}) is True
    assert check_jobtemplate.accessible_by(joe, {'execute': True}) is True
+
+
+@mock.patch.object(BaseAccess, 'check_license', return_value=None)
+@pytest.mark.django_db
+def test_job_template_access_superuser(check_license, user, deploy_jobtemplate):
+    # GIVEN a superuser
+    u = user('admin', True)
+    # WHEN access to a job template is checked
+    access = JobTemplateAccess(u)
+    # THEN all access checks should pass
+    assert access.can_read(deploy_jobtemplate)
+    assert access.can_add({})
--- a/awx/main/tests/functional/test_rbac_organization.py
+++ b/awx/main/tests/functional/test_rbac_organization.py
@ -1,7 +1,11 @@
+import mock
 import pytest

 from awx.main.migrations import _rbac as rbac
-from awx.main.access import OrganizationAccess
+from awx.main.access import (
+    BaseAccess,
+    OrganizationAccess,
+)
 from django.apps import apps


@ -29,8 +33,10 @@ def test_organization_migration_user(organization, permissions, user):
    assert len(migrations) == 1
    assert organization.accessible_by(u, permissions['auditor'])

+
+@mock.patch.object(BaseAccess, 'check_license', return_value=None)
@pytest.mark.django_db
-def test_organization_access_superuser(organization, user):
+def test_organization_access_superuser(cl, organization, user):
    access = OrganizationAccess(user('admin', True))
    organization.users.add(user('user', False))

@ -42,8 +48,9 @@ def test_organization_access_superuser(organization, user):
    assert len(org.users.all()) == 1


+@mock.patch.object(BaseAccess, 'check_license', return_value=None)
@pytest.mark.django_db
-def test_organization_access_admin(organization, user):
+def test_organization_access_admin(cl, organization, user):
    '''can_change because I am an admin of that org'''
    a = user('admin', False)
    organization.admins.add(a)
@ -57,8 +64,10 @@ def test_organization_access_admin(organization, user):
    assert len(org.admins.all()) == 1
    assert len(org.users.all()) == 1

+
+@mock.patch.object(BaseAccess, 'check_license', return_value=None)
@pytest.mark.django_db
-def test_organization_access_user(organization, user):
+def test_organization_access_user(cl, organization, user):
    access = OrganizationAccess(user('user', False))
    organization.users.add(user('user', False))