1
0
mirror of https://github.com/ansible/awx.git synced 2024-11-02 18:21:12 +03:00

introduce summary_fields for users, showing user_capabilities

This commit is contained in:
AlanCoding 2016-08-30 14:02:57 -04:00
parent 0151967e9c
commit a32dd5b535
3 changed files with 15 additions and 7 deletions

View File

@ -690,7 +690,7 @@ class UserSerializer(BaseSerializer):
class Meta:
model = User
fields = ('*', '-name', '-description', '-modified',
'-summary_fields', 'username', 'first_name', 'last_name',
'username', 'first_name', 'last_name',
'email', 'is_superuser', 'is_system_auditor', 'password', 'ldap_dn', 'external_account')
def to_representation(self, obj):

View File

@ -228,8 +228,6 @@ class BaseAccess(object):
# elif hasattr(obj, 'can_edit'):
# user_capabilities['change'] = obj.can_edit
print(type(obj))
for display_method in ['edit', 'delete', 'start', 'schedule', 'copy']:
# Custom ordering of methods used so we can reuse earlier calcs
if display_method not in method_list:
@ -251,7 +249,6 @@ class BaseAccess(object):
# Preprocessing before the access method is called
data = None
sub_obj = None
if method == 'add':
data = {}
@ -269,10 +266,12 @@ class BaseAccess(object):
try:
if method in ['change', 'start', 'delete']: # 3 args
if method in ['change', 'start']: # 3 args
user_capabilities[display_method] = self.user.can_access(type(obj), method, obj, data)
elif method == 'add': # 2 args
elif method in ['delete']: # 2 args
user_capabilities[display_method] = self.user.can_access(type(obj), method, obj)
elif method in ['add']: # 2 args with data
user_capabilities[display_method] = self.user.can_access(type(obj), method, data)
except Exception as exc:

View File

@ -11,7 +11,6 @@ def test_inventory_group_host_can_add(inventory, alice, options):
response = options(reverse('api:inventory_groups_list', args=[inventory.pk]), alice)
assert 'POST' in response.data['actions']
@pytest.mark.django_db
def test_inventory_group_host_can_not_add(inventory, bob, options):
inventory.read_role.members.add(bob)
@ -20,3 +19,13 @@ def test_inventory_group_host_can_not_add(inventory, bob, options):
assert 'POST' not in response.data['actions']
response = options(reverse('api:inventory_groups_list', args=[inventory.pk]), bob)
assert 'POST' not in response.data['actions']
@pytest.mark.django_db
def test_user_list_can_add(org_member, org_admin, options):
response = options(reverse('api:user_list'), org_admin)
assert 'POST' in response.data['actions']
@pytest.mark.django_db
def test_user_list_can_not_add(org_member, org_admin, options):
response = options(reverse('api:user_list'), org_member)
assert 'POST' not in response.data['actions']