1
0
mirror of https://github.com/ansible/awx.git synced 2024-11-01 08:21:15 +03:00

Merge pull request #4289 from AlanCoding/org_sublist_fix

Avoid applying system auditor prop if action was association
This commit is contained in:
Alan Rominger 2016-12-05 16:58:28 -05:00 committed by GitHub
commit 9396fb0400
2 changed files with 16 additions and 1 deletions

View File

@ -768,7 +768,7 @@ class BaseUsersList(SubListCreateAttachDetachAPIView):
def post(self, request, *args, **kwargs):
ret = super(BaseUsersList, self).post( request, *args, **kwargs)
try:
if request.data.get('is_system_auditor', False):
if ret.data is not None and request.data.get('is_system_auditor', False):
# This is a faux-field that just maps to checking the system
# auditor role member list.. unfortunately this means we can't
# set it on creation, and thus needs to be set here.

View File

@ -45,3 +45,18 @@ def test_role_team_view_access(rando, team, inventory, mocker, post):
mock_access.assert_called_once_with(
inventory.admin_role, team, 'member_role.parents', data,
skip_sub_obj_read_check=False)
@pytest.mark.django_db
def test_org_associate_with_junk_data(rando, admin_user, organization, post):
"""
Assure that post-hoc enforcement of auditor role
will turn off if the action is an association
"""
user_data = {'is_system_auditor': True, 'id': rando.pk}
post(url=reverse('api:organization_users_list', args=(organization.pk,)),
data=user_data, expect=204, user=admin_user)
# assure user is now an org member
assert rando in organization.member_role
# assure that this did not also make them a system auditor
assert not rando.is_system_auditor