mirror of
https://github.com/ansible/awx.git
synced 2024-11-01 08:21:15 +03:00
Merge pull request #2562 from AlanCoding/2527_inv_update_access
Add can_delete to InventoryUpdateAccess
This commit is contained in:
Alan Rominger
GitHub
commit
e67cc8ba38
@ -547,6 +547,10 @@ class InventoryUpdateAccess(BaseAccess):
|
|||||||
def can_cancel(self, obj):
|
def can_cancel(self, obj):
|
||||||
return self.can_change(obj, {}) and obj.can_cancel
|
return self.can_change(obj, {}) and obj.can_cancel
|
||||||
|
|
||||||
|
@check_superuser
|
||||||
|
def can_delete(self, obj):
|
||||||
|
return self.user in obj.inventory_source.inventory.admin_role
|
||||||
|
|
||||||
class CredentialAccess(BaseAccess):
|
class CredentialAccess(BaseAccess):
|
||||||
'''
|
'''
|
||||||
I can see credentials when:
|
I can see credentials when:
|
||||||
|
|||||||
@ -29,6 +29,8 @@ from awx.main.models.jobs import JobTemplate
|
|||||||
from awx.main.models.inventory import (
|
from awx.main.models.inventory import (
|
||||||
Group,
|
Group,
|
||||||
Inventory,
|
Inventory,
|
||||||
|
InventoryUpdate,
|
||||||
|
InventorySource
|
||||||
)
|
)
|
||||||
from awx.main.models.organization import (
|
from awx.main.models.organization import (
|
||||||
Organization,
|
Organization,
|
||||||
@ -265,6 +267,15 @@ def hosts(group_factory):
|
|||||||
def group(inventory):
|
def group(inventory):
|
||||||
return inventory.groups.create(name='single-group')
|
return inventory.groups.create(name='single-group')
|
||||||
|
|
||||||
|
@pytest.fixture
|
||||||
|
def inventory_source(group, inventory):
|
||||||
|
return InventorySource.objects.create(name=group.name, group=group,
|
||||||
|
inventory=inventory, source='gce')
|
||||||
|
|
||||||
|
@pytest.fixture
|
||||||
|
def inventory_update(inventory_source):
|
||||||
|
return InventoryUpdate.objects.create(inventory_source=inventory_source)
|
||||||
|
|
||||||
@pytest.fixture
|
@pytest.fixture
|
||||||
def host(group, inventory):
|
def host(group, inventory):
|
||||||
return group.hosts.create(name='single-host', inventory=inventory)
|
return group.hosts.create(name='single-host', inventory=inventory)
|
||||||
|
|||||||
@ -6,7 +6,11 @@ from awx.main.models import (
|
|||||||
Host,
|
Host,
|
||||||
CustomInventoryScript,
|
CustomInventoryScript,
|
||||||
)
|
)
|
||||||
from awx.main.access import InventoryAccess, HostAccess
|
from awx.main.access import (
|
||||||
|
InventoryAccess,
|
||||||
|
HostAccess,
|
||||||
|
InventoryUpdateAccess
|
||||||
|
)
|
||||||
from django.apps import apps
|
from django.apps import apps
|
||||||
|
|
||||||
@pytest.mark.django_db
|
@pytest.mark.django_db
|
||||||
@ -231,6 +235,10 @@ def test_access_auditor(organization, inventory, user):
|
|||||||
assert not access.can_delete(inventory)
|
assert not access.can_delete(inventory)
|
||||||
assert not access.can_run_ad_hoc_commands(inventory)
|
assert not access.can_run_ad_hoc_commands(inventory)
|
||||||
|
|
||||||
|
@pytest.mark.django_db
|
||||||
|
def test_inventory_update_org_admin(inventory_update, org_admin):
|
||||||
|
access = InventoryUpdateAccess(org_admin)
|
||||||
|
assert access.can_delete(inventory_update)
|
||||||
|
|
||||||
|
|
||||||
@pytest.mark.django_db
|
@pytest.mark.django_db
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user