1
0
mirror of https://github.com/ansible/awx.git synced 2024-10-30 05:25:29 +03:00

convert Credential to django migration

This commit is contained in:
Wayne Witzel III 2016-02-08 15:54:11 -05:00
parent 1ed18e4561
commit 8cf0ba0da7
4 changed files with 26 additions and 14 deletions

View File

@ -12,5 +12,6 @@ class Migration(migrations.Migration):
]
operations = [
migrations.RunPython(rbac.migrate_organization, rbac.unmigrate_organization),
migrations.RunPython(rbac.migrate_organization),
migrations.RunPython(rbac.migrate_credential),
]

View File

@ -13,5 +13,15 @@ def migrate_organization(apps, schema_editor):
return migrations
def unmigrate_organization(apps, schema_editor):
pass
def migrate_credential(apps, schema_editor):
migrations = defaultdict(list)
credential = apps.get_model('main', "Credential")
for cred in credential.objects.all():
if cred.user:
cred.owner_role.members.add(cred.user)
migrations[cred.name].append(cred.user)
elif cred.team:
cred.owner_role.parents.add(cred.team.admin_role)
cred.usage_role.parents.add(cred.team.member_role)
migrations[cred.name].append(cred.team)
return migrations

View File

@ -363,14 +363,6 @@ class Credential(PasswordFieldsModel, CommonModelNameNotUnique, ResourceMixin):
update_fields.append('cloud')
super(Credential, self).save(*args, **kwargs)
def migrate_to_rbac(self):
if self.user:
self.owner_role.members.add(self.user)
return [self.user]
elif self.team:
self.owner_role.parents.add(self.team.admin_role)
self.usage_role.parents.add(self.team.member_role)
return [self.team]
def validate_ssh_private_key(data):
"""Validate that the given SSH private key or certificate is,

View File

@ -1,10 +1,16 @@
import pytest
from awx.main.migrations import _rbac as rbac
from django.apps import apps
@pytest.mark.django_db
def test_credential_migration_user(credential, user, permissions):
u = user('user', False)
credential.user = u
migrated = credential.migrate_to_rbac()
credential.save()
migrated = rbac.migrate_credential(apps, None)
assert len(migrated) == 1
assert credential.accessible_by(u, permissions['admin'])
@ -19,11 +25,13 @@ def test_credential_migration_team_member(credential, team, user, permissions):
u = user('user', False)
team.admin_role.members.add(u)
credential.team = team
credential.save()
# No permissions pre-migration
assert not credential.accessible_by(u, permissions['admin'])
migrated = credential.migrate_to_rbac()
migrated = rbac.migrate_credential(apps, None)
# Admin permissions post migration
assert len(migrated) == 1
assert credential.accessible_by(u, permissions['admin'])
@ -33,12 +41,13 @@ def test_credential_migration_team_admin(credential, team, user, permissions):
u = user('user', False)
team.member_role.members.add(u)
credential.team = team
credential.save()
# No permissions pre-migration
assert not credential.accessible_by(u, permissions['usage'])
# Usage permissions post migration
migrated = credential.migrate_to_rbac()
migrated = rbac.migrate_credential(apps, None)
assert len(migrated) == 1
assert credential.accessible_by(u, permissions['usage'])