tbs093a
/
docker.images
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
docker.images/ansible.awx/awx-17.1.0/awx/main/tests/functional/api/test_webhooks.py

261 lines
10 KiB
Python
Raw Blame History

import pytest
from awx.api.versioning import reverse
from awx.main.models.mixins import WebhookTemplateMixin
from awx.main.models.credential import Credential, CredentialType
@pytest.mark.django_db
@pytest.mark.parametrize(
"user_role, expect", [
('superuser', 200),
('org admin', 200),
('jt admin', 200),
('jt execute', 403),
('org member', 403),
]
)
def test_get_webhook_key_jt(organization_factory, job_template_factory, get, user_role, expect):
objs = organization_factory("org", superusers=['admin'], users=['user'])
jt = job_template_factory("jt", organization=objs.organization,
inventory='test_inv', project='test_proj').job_template
if user_role == 'superuser':
user = objs.superusers.admin
else:
user = objs.users.user
grant_obj = objs.organization if user_role.startswith('org') else jt
getattr(grant_obj, '{}_role'.format(user_role.split()[1])).members.add(user)
url = reverse('api:webhook_key', kwargs={'model_kwarg': 'job_templates', 'pk': jt.pk})
response = get(url, user=user, expect=expect)
if expect < 400:
assert response.data == {'webhook_key': ''}
@pytest.mark.django_db
@pytest.mark.parametrize(
"user_role, expect", [
('superuser', 200),
('org admin', 200),
('jt admin', 200),
('jt execute', 403),
('org member', 403),
]
)
def test_get_webhook_key_wfjt(organization_factory, workflow_job_template_factory, get, user_role, expect):
objs = organization_factory("org", superusers=['admin'], users=['user'])
wfjt = workflow_job_template_factory("wfjt", organization=objs.organization).workflow_job_template
if user_role == 'superuser':
user = objs.superusers.admin
else:
user = objs.users.user
grant_obj = objs.organization if user_role.startswith('org') else wfjt
getattr(grant_obj, '{}_role'.format(user_role.split()[1])).members.add(user)
url = reverse('api:webhook_key', kwargs={'model_kwarg': 'workflow_job_templates', 'pk': wfjt.pk})
response = get(url, user=user, expect=expect)
if expect < 400:
assert response.data == {'webhook_key': ''}
@pytest.mark.django_db
@pytest.mark.parametrize(
"user_role, expect", [
('superuser', 201),
('org admin', 201),
('jt admin', 201),
('jt execute', 403),
('org member', 403),
]
)
def test_post_webhook_key_jt(organization_factory, job_template_factory, post, user_role, expect):
objs = organization_factory("org", superusers=['admin'], users=['user'])
jt = job_template_factory("jt", organization=objs.organization,
inventory='test_inv', project='test_proj').job_template
if user_role == 'superuser':
user = objs.superusers.admin
else:
user = objs.users.user
grant_obj = objs.organization if user_role.startswith('org') else jt
getattr(grant_obj, '{}_role'.format(user_role.split()[1])).members.add(user)
url = reverse('api:webhook_key', kwargs={'model_kwarg': 'job_templates', 'pk': jt.pk})
response = post(url, {}, user=user, expect=expect)
if expect < 400:
assert bool(response.data.get('webhook_key'))
@pytest.mark.django_db
@pytest.mark.parametrize(
"user_role, expect", [
('superuser', 201),
('org admin', 201),
('jt admin', 201),
('jt execute', 403),
('org member', 403),
]
)
def test_post_webhook_key_wfjt(organization_factory, workflow_job_template_factory, post, user_role, expect):
objs = organization_factory("org", superusers=['admin'], users=['user'])
wfjt = workflow_job_template_factory("wfjt", organization=objs.organization).workflow_job_template
if user_role == 'superuser':
user = objs.superusers.admin
else:
user = objs.users.user
grant_obj = objs.organization if user_role.startswith('org') else wfjt
getattr(grant_obj, '{}_role'.format(user_role.split()[1])).members.add(user)
url = reverse('api:webhook_key', kwargs={'model_kwarg': 'workflow_job_templates', 'pk': wfjt.pk})
response = post(url, {}, user=user, expect=expect)
if expect < 400:
assert bool(response.data.get('webhook_key'))
@pytest.mark.django_db
@pytest.mark.parametrize(
"service", [s for s, _ in WebhookTemplateMixin.SERVICES]
)
def test_set_webhook_service(organization_factory, job_template_factory, patch, service):
objs = organization_factory("org", superusers=['admin'])
jt = job_template_factory("jt", organization=objs.organization,
inventory='test_inv', project='test_proj').job_template
admin = objs.superusers.admin
assert (jt.webhook_service, jt.webhook_key) == ('', '')
url = reverse('api:job_template_detail', kwargs={'pk': jt.pk})
patch(url, {'webhook_service': service}, user=admin, expect=200)
jt.refresh_from_db()
assert jt.webhook_service == service
assert jt.webhook_key != ''
@pytest.mark.django_db
@pytest.mark.parametrize(
"service", [s for s, _ in WebhookTemplateMixin.SERVICES]
)
def test_unset_webhook_service(organization_factory, job_template_factory, patch, service):
objs = organization_factory("org", superusers=['admin'])
jt = job_template_factory("jt", organization=objs.organization, webhook_service=service,
inventory='test_inv', project='test_proj').job_template
admin = objs.superusers.admin
assert jt.webhook_service == service
assert jt.webhook_key != ''
url = reverse('api:job_template_detail', kwargs={'pk': jt.pk})
patch(url, {'webhook_service': ''}, user=admin, expect=200)
jt.refresh_from_db()
assert (jt.webhook_service, jt.webhook_key) == ('', '')
@pytest.mark.django_db
@pytest.mark.parametrize(
"service", [s for s, _ in WebhookTemplateMixin.SERVICES]
)
def test_set_webhook_credential(organization_factory, job_template_factory, patch, service):
objs = organization_factory("org", superusers=['admin'])
jt = job_template_factory("jt", organization=objs.organization, webhook_service=service,
inventory='test_inv', project='test_proj').job_template
admin = objs.superusers.admin
assert jt.webhook_service == service
assert jt.webhook_key != ''
cred_type = CredentialType.defaults['{}_token'.format(service)]()
cred_type.save()
cred = Credential.objects.create(credential_type=cred_type, name='test-cred',
inputs={'token': 'secret'})
url = reverse('api:job_template_detail', kwargs={'pk': jt.pk})
patch(url, {'webhook_credential': cred.pk}, user=admin, expect=200)
jt.refresh_from_db()
assert jt.webhook_service == service
assert jt.webhook_key != ''
assert jt.webhook_credential == cred
@pytest.mark.django_db
@pytest.mark.parametrize(
"service,token", [
(s, WebhookTemplateMixin.SERVICES[i - 1][0]) for i, (s, _) in enumerate(WebhookTemplateMixin.SERVICES)
]
)
def test_set_wrong_service_webhook_credential(organization_factory, job_template_factory, patch, service, token):
objs = organization_factory("org", superusers=['admin'])
jt = job_template_factory("jt", organization=objs.organization, webhook_service=service,
inventory='test_inv', project='test_proj').job_template
admin = objs.superusers.admin
assert jt.webhook_service == service
assert jt.webhook_key != ''
cred_type = CredentialType.defaults['{}_token'.format(token)]()
cred_type.save()
cred = Credential.objects.create(credential_type=cred_type, name='test-cred',
inputs={'token': 'secret'})
url = reverse('api:job_template_detail', kwargs={'pk': jt.pk})
response = patch(url, {'webhook_credential': cred.pk}, user=admin, expect=400)
jt.refresh_from_db()
assert jt.webhook_service == service
assert jt.webhook_key != ''
assert jt.webhook_credential is None
assert response.data == {'webhook_credential': ["Must match the selected webhook service."]}
@pytest.mark.django_db
@pytest.mark.parametrize(
"service", [s for s, _ in WebhookTemplateMixin.SERVICES]
)
def test_set_webhook_credential_without_service(organization_factory, job_template_factory, patch, service):
objs = organization_factory("org", superusers=['admin'])
jt = job_template_factory("jt", organization=objs.organization,
inventory='test_inv', project='test_proj').job_template
admin = objs.superusers.admin
assert jt.webhook_service == ''
assert jt.webhook_key == ''
cred_type = CredentialType.defaults['{}_token'.format(service)]()
cred_type.save()
cred = Credential.objects.create(credential_type=cred_type, name='test-cred',
inputs={'token': 'secret'})
url = reverse('api:job_template_detail', kwargs={'pk': jt.pk})
response = patch(url, {'webhook_credential': cred.pk}, user=admin, expect=400)
jt.refresh_from_db()
assert jt.webhook_service == ''
assert jt.webhook_key == ''
assert jt.webhook_credential is None
assert response.data == {'webhook_credential': ["Must match the selected webhook service."]}
@pytest.mark.django_db
@pytest.mark.parametrize(
"service", [s for s, _ in WebhookTemplateMixin.SERVICES]
)
def test_unset_webhook_service_with_credential(organization_factory, job_template_factory, patch, service):
objs = organization_factory("org", superusers=['admin'])
jt = job_template_factory("jt", organization=objs.organization, webhook_service=service,
inventory='test_inv', project='test_proj').job_template
admin = objs.superusers.admin
assert jt.webhook_service == service
assert jt.webhook_key != ''
cred_type = CredentialType.defaults['{}_token'.format(service)]()
cred_type.save()
cred = Credential.objects.create(credential_type=cred_type, name='test-cred',
inputs={'token': 'secret'})
jt.webhook_credential = cred
jt.save()
url = reverse('api:job_template_detail', kwargs={'pk': jt.pk})
response = patch(url, {'webhook_service': ''}, user=admin, expect=400)
jt.refresh_from_db()
assert jt.webhook_service == service
assert jt.webhook_key != ''
assert jt.webhook_credential == cred
assert response.data == {'webhook_credential': ["Must match the selected webhook service."]}
Reference in New Issue View Git Blame Copy Permalink