diff options
author | Alan Rominger <arominge@redhat.com> | 2023-11-13 21:13:25 +0100 |
---|---|---|
committer | Alan Rominger <arominge@redhat.com> | 2024-04-11 20:59:09 +0200 |
commit | 817c3b36b953a44f8b968b87d2c1252a41311ad6 (patch) | |
tree | e4242b939bf756d75c06be994807303c48ed0889 /awx_collection | |
parent | Fix failure from DAB (#15102) (diff) | |
download | awx-817c3b36b953a44f8b968b87d2c1252a41311ad6.tar.xz awx-817c3b36b953a44f8b968b87d2c1252a41311ad6.zip |
Replace role system with permissions-based DB roles
Develop ability to list permissions for existing roles
Create a model registry for RBAC-tracked models
Write the data migration logic for creating
the preloaded role definitions
Write migration to migrate old Role into ObjectRole model
This loops over the old Role model, knowing it is unique
on object and role_field
Most of the logic is concerned with identifying the
needed permissions, and then corresponding role definition
As needed, object roles are created and users then teams
are assigned
Write re-computation of cache logic for teams
and then for object role permissions
Migrate new RBAC internals to ansible_base
Migrate tests to ansible_base
Implement solution for visible_roles
Expose URLs for DAB RBAC
Diffstat (limited to 'awx_collection')
-rw-r--r-- | awx_collection/test/awx/test_role.py | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/awx_collection/test/awx/test_role.py b/awx_collection/test/awx/test_role.py index f5cc5ceec1..519d1f87b0 100644 --- a/awx_collection/test/awx/test_role.py +++ b/awx_collection/test/awx/test_role.py @@ -18,9 +18,9 @@ def test_grant_organization_permission(run_module, admin_user, organization, sta assert not result.get('failed', False), result.get('msg', result) if state == 'present': - assert rando in organization.execute_role + assert rando in organization.admin_role else: - assert rando not in organization.execute_role + assert rando not in organization.admin_role @pytest.mark.django_db |