ae5949aa7e
# What this PR does Fixes the issue when users with the viewer role can't fetch the cloud connection status, which makes the plugin fail to load for viewers. This PR makes the cloud connection endpoint use `OTHER_SETTINGS_READ` for fetching the cloud connection status instead of `OTHER_SETTINGS_WRITE`. ## Checklist - [x] Tests updated - [x] `CHANGELOG.md` updated
41 lines
1.3 KiB
Python
41 lines
1.3 KiB
Python
import pytest
|
|
from django.urls import reverse
|
|
from rest_framework import status
|
|
from rest_framework.test import APIClient
|
|
|
|
from apps.api.permissions import LegacyAccessControlRole
|
|
from apps.oss_installation.models import CloudConnector
|
|
|
|
|
|
@pytest.mark.django_db
|
|
def test_cloud_connection_viewer_can_read(
|
|
make_organization_and_user_with_plugin_token,
|
|
make_user_auth_headers,
|
|
):
|
|
organization, user, token = make_organization_and_user_with_plugin_token(role=LegacyAccessControlRole.VIEWER)
|
|
|
|
# create cloud connection
|
|
CloudConnector.objects.create(cloud_url="test")
|
|
|
|
client = APIClient()
|
|
url = reverse("oss_installation:cloud-connection-status")
|
|
|
|
response = client.get(url, **make_user_auth_headers(user, token))
|
|
assert response.status_code == status.HTTP_200_OK
|
|
|
|
|
|
@pytest.mark.django_db
|
|
def test_cloud_connection_viewer_cant_delete(
|
|
make_organization_and_user_with_plugin_token,
|
|
make_user_auth_headers,
|
|
):
|
|
organization, user, token = make_organization_and_user_with_plugin_token(role=LegacyAccessControlRole.VIEWER)
|
|
|
|
# create cloud connection
|
|
CloudConnector.objects.create(cloud_url="test")
|
|
|
|
client = APIClient()
|
|
url = reverse("oss_installation:cloud-connection-status")
|
|
response = client.delete(url, **make_user_auth_headers(user, token))
|
|
|
|
assert response.status_code == status.HTTP_403_FORBIDDEN
|