1
0
mirror of https://github.com/ansible/awx.git synced 2024-10-31 15:21:13 +03:00

series of tests to verify user executing permissions

This commit is contained in:
AlanCoding 2016-04-11 10:05:04 -04:00 committed by Wayne Witzel III
parent b4ef0304e3
commit 98dd79775b

View File

@ -0,0 +1,47 @@
import pytest
from awx.main.models.inventory import Inventory
from awx.main.models.credential import Credential
from awx.main.models.jobs import JobTemplate
@pytest.fixture
def machine_credential():
return Credential.objects.create(name='machine-cred', kind='ssh', username='test_user', password='pas4word')
@pytest.mark.django_db
@pytest.mark.job_permissions
def test_admin_executing_permissions(deploy_jobtemplate, inventory, machine_credential, user):
admin_user = user('admin-user', True)
assert admin_user.can_access(Inventory, 'read', inventory)
assert admin_user.can_access(Inventory, 'execute', inventory) # for ad_hoc
assert admin_user.can_access(JobTemplate, 'start', deploy_jobtemplate)
assert admin_user.can_access(Credential, 'read', machine_credential)
@pytest.mark.django_db
@pytest.mark.job_permissions
def test_job_template_start_access(deploy_jobtemplate, user):
common_user = user('test-user', False)
deploy_jobtemplate.executor_role.members.add(common_user)
assert common_user.can_access(JobTemplate, 'start', deploy_jobtemplate)
@pytest.mark.django_db
@pytest.mark.job_permissions
def test_credential_use_access(machine_credential, user):
common_user = user('test-user', False)
machine_credential.usage_role.members.add(common_user)
assert common_user.can_access(Credential, 'read', machine_credential)
@pytest.mark.django_db
@pytest.mark.job_permissions
def test_inventory_use_access(inventory, user):
common_user = user('test-user', False)
inventory.executor_role.members.add(common_user)
assert common_user.can_access(Inventory, 'start', inventory)