Skip to content

Commit 9c7762d

Browse files
Dostonbek1Dostonbek1
authored
fix(AAP-29089): change organization field to be required in RBAC managed resources (#1007)
1 parent dc81d10 commit 9c7762d

17 files changed

+295
-49
lines changed

src/aap_eda/api/serializers/activation.py

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -440,8 +440,8 @@ class Meta:
440440
]
441441

442442
organization_id = serializers.IntegerField(
443-
required=False,
444-
allow_null=True,
443+
required=True,
444+
allow_null=False,
445445
validators=[validators.check_if_organization_exists],
446446
)
447447
rulebook_id = serializers.IntegerField(

src/aap_eda/api/serializers/decision_environment.py

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -41,8 +41,8 @@ class DecisionEnvironmentCreateSerializer(serializers.ModelSerializer):
4141
"""Serializer for creating the DecisionEnvironment."""
4242

4343
organization_id = serializers.IntegerField(
44-
required=False,
45-
allow_null=True,
44+
required=True,
45+
allow_null=False,
4646
validators=[validators.check_if_organization_exists],
4747
)
4848
eda_credential_id = serializers.IntegerField(

src/aap_eda/api/serializers/eda_credential.py

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -107,8 +107,8 @@ class EdaCredentialCreateSerializer(serializers.ModelSerializer):
107107
validators=[validators.check_if_credential_type_exists],
108108
)
109109
organization_id = serializers.IntegerField(
110-
required=False,
111-
allow_null=True,
110+
required=True,
111+
allow_null=False,
112112
validators=[validators.check_if_organization_exists],
113113
)
114114
inputs = serializers.JSONField()

src/aap_eda/api/serializers/project.py

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -71,8 +71,8 @@ class Meta:
7171

7272
class ProjectCreateRequestSerializer(serializers.ModelSerializer):
7373
organization_id = serializers.IntegerField(
74-
required=False,
75-
allow_null=True,
74+
required=True,
75+
allow_null=False,
7676
validators=[validators.check_if_organization_exists],
7777
)
7878
eda_credential_id = serializers.IntegerField(
@@ -107,7 +107,7 @@ class Meta:
107107

108108
class ProjectUpdateRequestSerializer(serializers.ModelSerializer):
109109
organization_id = serializers.IntegerField(
110-
required=False,
110+
required=True,
111111
allow_null=False,
112112
validators=[validators.check_if_organization_exists],
113113
)

src/aap_eda/api/serializers/team.py

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -44,6 +44,7 @@ class TeamCreateSerializer(
4444
):
4545
organization_id = serializers.IntegerField(
4646
required=True,
47+
allow_null=False,
4748
validators=[validators.check_if_organization_exists],
4849
)
4950

src/aap_eda/api/serializers/webhook.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -21,7 +21,7 @@
2121

2222

2323
class WebhookInSerializer(serializers.ModelSerializer):
24-
organization_id = serializers.IntegerField(required=False, allow_null=True)
24+
organization_id = serializers.IntegerField(required=True, allow_null=False)
2525
owner = serializers.HiddenField(default=serializers.CurrentUserDefault())
2626
eda_credential_id = serializers.IntegerField(
2727
required=True,

src/aap_eda/core/migrations/0046_alter_activation_organization_and_more.py

Lines changed: 87 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,87 @@
1+
# Generated by Django 4.2.7 on 2024-08-14 18:15
2+
3+
import django.db.models.deletion
4+
from django.db import migrations, models
5+
6+
import aap_eda.core.models.utils
7+
8+
9+
class Migration(migrations.Migration):
10+
dependencies = [
11+
("core", "0045_activation_skip_audit_events"),
12+
]
13+
14+
operations = [
15+
migrations.AlterField(
16+
model_name="activation",
17+
name="organization",
18+
field=models.ForeignKey(
19+
default=aap_eda.core.models.utils.get_default_organization_id,
20+
on_delete=django.db.models.deletion.CASCADE,
21+
to="core.organization",
22+
),
23+
),
24+
migrations.AlterField(
25+
model_name="auditrule",
26+
name="organization",
27+
field=models.ForeignKey(
28+
default=aap_eda.core.models.utils.get_default_organization_id,
29+
on_delete=django.db.models.deletion.CASCADE,
30+
to="core.organization",
31+
),
32+
),
33+
migrations.AlterField(
34+
model_name="decisionenvironment",
35+
name="organization",
36+
field=models.ForeignKey(
37+
default=aap_eda.core.models.utils.get_default_organization_id,
38+
on_delete=django.db.models.deletion.CASCADE,
39+
to="core.organization",
40+
),
41+
),
42+
migrations.AlterField(
43+
model_name="edacredential",
44+
name="organization",
45+
field=models.ForeignKey(
46+
default=aap_eda.core.models.utils.get_default_organization_id,
47+
on_delete=django.db.models.deletion.CASCADE,
48+
to="core.organization",
49+
),
50+
),
51+
migrations.AlterField(
52+
model_name="project",
53+
name="organization",
54+
field=models.ForeignKey(
55+
default=aap_eda.core.models.utils.get_default_organization_id,
56+
on_delete=django.db.models.deletion.CASCADE,
57+
to="core.organization",
58+
),
59+
),
60+
migrations.AlterField(
61+
model_name="rulebook",
62+
name="organization",
63+
field=models.ForeignKey(
64+
default=aap_eda.core.models.utils.get_default_organization_id,
65+
on_delete=django.db.models.deletion.CASCADE,
66+
to="core.organization",
67+
),
68+
),
69+
migrations.AlterField(
70+
model_name="rulebookprocess",
71+
name="organization",
72+
field=models.ForeignKey(
73+
default=aap_eda.core.models.utils.get_default_organization_id,
74+
on_delete=django.db.models.deletion.CASCADE,
75+
to="core.organization",
76+
),
77+
),
78+
migrations.AlterField(
79+
model_name="webhook",
80+
name="organization",
81+
field=models.ForeignKey(
82+
default=aap_eda.core.models.utils.get_default_organization_id,
83+
on_delete=django.db.models.deletion.CASCADE,
84+
to="core.organization",
85+
),
86+
),
87+
]

src/aap_eda/core/models/base.py

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -26,8 +26,9 @@ class Meta:
2626
organization = models.ForeignKey(
2727
"Organization",
2828
on_delete=models.CASCADE,
29+
blank=False,
30+
null=False,
2931
default=get_default_organization_id,
30-
null=True,
3132
)
3233

3334

tests/integration/api/test_activation.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -46,7 +46,7 @@ def test_create_activation(
4646
response = admin_client.post(
4747
f"{api_url_v1}/activations/", data=activation_payload
4848
)
49-
assert response.status_code == status.HTTP_201_CREATED
49+
assert response.status_code == status.HTTP_201_CREATED, response.data
5050
data = response.data
5151
activation = models.Activation.objects.filter(id=data["id"]).first()
5252
assert_activation_base_data(

tests/integration/api/test_activation_with_credential.py

Lines changed: 24 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -94,6 +94,7 @@ def kafka_credential_type() -> models.CredentialType:
9494
@pytest.mark.django_db
9595
def test_validate_for_aap_credential(
9696
default_activation: models.Activation,
97+
default_organization: models.Organization,
9798
inputs,
9899
result,
99100
preseed_credential_types,
@@ -106,6 +107,7 @@ def test_validate_for_aap_credential(
106107
inputs=inputs,
107108
managed=False,
108109
credential_type_id=aap_credential_type.id,
110+
organization=default_organization,
109111
)
110112
default_activation.eda_credentials.add(credential)
111113

@@ -120,6 +122,7 @@ def test_is_activation_valid_with_token_and_run_job_template(
120122
default_project: models.Project,
121123
default_user_awx_token: models.AwxToken,
122124
default_user: models.User,
125+
default_organization: models.Organization,
123126
preseed_credential_types,
124127
):
125128
activation = models.Activation.objects.create(
@@ -130,6 +133,7 @@ def test_is_activation_valid_with_token_and_run_job_template(
130133
project_id=default_project.id,
131134
awx_token_id=default_user_awx_token.id,
132135
user_id=default_user.id,
136+
organization=default_organization,
133137
)
134138

135139
valid, _ = is_activation_valid(activation)
@@ -139,6 +143,7 @@ def test_is_activation_valid_with_token_and_run_job_template(
139143
@pytest.mark.django_db
140144
def test_is_activation_valid_with_aap_credential_and_run_job_template(
141145
default_activation: models.Activation,
146+
default_organization: models.Organization,
142147
preseed_credential_types,
143148
):
144149
aap_credential_type = models.CredentialType.objects.get(
@@ -149,6 +154,7 @@ def test_is_activation_valid_with_aap_credential_and_run_job_template(
149154
inputs={"username": "adam", "password": "secret"},
150155
managed=False,
151156
credential_type_id=aap_credential_type.id,
157+
organization=default_organization,
152158
)
153159

154160
default_activation.eda_credentials.add(credential)
@@ -163,6 +169,7 @@ def test_is_activation_valid_with_run_job_template_and_no_token_no_credential(
163169
default_rulebook_with_run_job_template: models.Rulebook,
164170
default_project: models.Project,
165171
default_user: models.User,
172+
default_organization: models.Organization,
166173
preseed_credential_types,
167174
):
168175
activation = models.Activation.objects.create(
@@ -172,6 +179,7 @@ def test_is_activation_valid_with_run_job_template_and_no_token_no_credential(
172179
decision_environment_id=default_decision_environment.id,
173180
project_id=default_project.id,
174181
user_id=default_user.id,
182+
organization=default_organization,
175183
)
176184

177185
valid, message = is_activation_valid(activation)
@@ -247,6 +255,7 @@ def test_create_activation_with_eda_credentials(
247255
preseed_credential_types,
248256
credential_type,
249257
status_code,
258+
default_organization: models.Organization,
250259
):
251260
credential_type = models.CredentialType.objects.get(name=credential_type)
252261

@@ -257,13 +266,15 @@ def test_create_activation_with_eda_credentials(
257266
inputs=inputs_to_store(
258267
{"username": "dummy-user", "password": "dummy-password"}
259268
),
269+
organization=default_organization,
260270
)
261271
kafka_eda_credential = models.EdaCredential.objects.create(
262272
name="kafka-eda-credential",
263273
inputs=inputs_to_store(
264274
{"sasl_username": "adam", "sasl_password": "secret"},
265275
),
266276
credential_type=kafka_credential_type,
277+
organization=default_organization,
267278
)
268279
test_activation = {
269280
"name": "test_activation",
@@ -272,6 +283,7 @@ def test_create_activation_with_eda_credentials(
272283
],
273284
"rulebook_id": activation_payload["rulebook_id"],
274285
"eda_credentials": [credential.id, kafka_eda_credential.id],
286+
"organization_id": default_organization.id,
275287
}
276288

277289
response = admin_client.post(
@@ -315,19 +327,22 @@ def test_create_activation_with_key_conflict(
315327
default_decision_environment: models.DecisionEnvironment,
316328
default_rulebook: models.Rulebook,
317329
kafka_credential_type: models.CredentialType,
330+
default_organization: models.Organization,
318331
preseed_credential_types,
319332
):
320333
test_activation = {
321334
"name": "test_activation",
322335
"decision_environment_id": default_decision_environment.id,
323336
"rulebook_id": default_rulebook.id,
324337
"extra_var": OVERLAP_EXTRA_VAR,
338+
"organization_id": default_organization.id,
325339
}
326340

327341
test_eda_credential = models.EdaCredential.objects.create(
328342
name="eda-credential",
329343
inputs={"sasl_username": "adam", "sasl_password": "secret"},
330344
credential_type_id=kafka_credential_type.id,
345+
organization=default_organization,
331346
)
332347
test_activation["eda_credentials"] = [test_eda_credential.id]
333348

@@ -347,6 +362,7 @@ def test_create_activation_with_conflict_credentials(
347362
admin_client: APIClient,
348363
activation_payload: Dict[str, Any],
349364
user_credential_type: models.CredentialType,
365+
default_organization: models.Organization,
350366
preseed_credential_types,
351367
):
352368
test_activation = {
@@ -355,6 +371,7 @@ def test_create_activation_with_conflict_credentials(
355371
"decision_environment_id"
356372
],
357373
"rulebook_id": activation_payload["rulebook_id"],
374+
"organization_id": default_organization.id,
358375
}
359376

360377
eda_credentials = models.EdaCredential.objects.bulk_create(
@@ -392,19 +409,22 @@ def test_create_activation_without_extra_vars_single_credential(
392409
default_decision_environment: models.DecisionEnvironment,
393410
default_rulebook: models.Rulebook,
394411
user_credential_type: models.CredentialType,
412+
default_organization: models.Organization,
395413
preseed_credential_types,
396414
):
397415
test_activation = {
398416
"name": "test_activation",
399417
"decision_environment_id": default_decision_environment.id,
400418
"rulebook_id": default_rulebook.id,
401419
"extra_var": None,
420+
"organization_id": default_organization.id,
402421
}
403422

404423
eda_credential = models.EdaCredential.objects.create(
405424
name="credential-1",
406425
inputs={"sasl_username": "adam", "sasl_password": "secret"},
407426
credential_type_id=user_credential_type.id,
427+
organization=default_organization,
408428
)
409429

410430
eda_credential_ids = [eda_credential.id]
@@ -427,12 +447,14 @@ def test_create_activation_without_extra_vars_duplicate_credentials(
427447
default_decision_environment: models.DecisionEnvironment,
428448
default_rulebook: models.Rulebook,
429449
user_credential_type: models.CredentialType,
450+
default_organization: models.Organization,
430451
preseed_credential_types,
431452
):
432453
test_activation = {
433454
"name": "test_activation",
434455
"decision_environment_id": default_decision_environment.id,
435456
"rulebook_id": default_rulebook.id,
457+
"organization_id": default_organization.id,
436458
}
437459

438460
eda_credentials = models.EdaCredential.objects.bulk_create(
@@ -441,11 +463,13 @@ def test_create_activation_without_extra_vars_duplicate_credentials(
441463
name="credential-1",
442464
inputs={"sasl_username": "adam", "sasl_password": "secret"},
443465
credential_type_id=user_credential_type.id,
466+
organization=default_organization,
444467
),
445468
models.EdaCredential(
446469
name="credential-2",
447470
inputs={"sasl_username": "bearny", "sasl_password": "demo"},
448471
credential_type_id=user_credential_type.id,
472+
organization=default_organization,
449473
),
450474
]
451475
)

0 commit comments

Comments
 (0)