Allows specification for optional multiple identifiers #13827
Conversation
- Supports current single identifier, where user must be allowed
that specific role for authorization:
:post:
- :name: delete
:identifier: vm_delete
- Supports multiple identifiers, where user must be
allowed at least one of the roles specified for authorization:
:post:
- :name: delete
:identifier:
- vm_delete
- instance_terminate
- Adding role based authorization rspecs
abellotti
force-pushed
the
api_multiple_identifiers
branch
from
1debae5 to
4e9bff8
Compare
abellotti
changed the title
|
Updated Usage to leverage yaml array.
|
| saved_identifier = config.identifier | ||
| config.identifier = new_identifier | ||
| yield | ||
| config.identifier = saved_identifier |
There was a problem hiding this comment.
This should be in an ensure
def vms_get_test
# stuff
yield
ensure
config.identifier = saved_identifier
endThis way if a test raises an exception, you can be sure it puts the settings back.
Alternately, the test should not modify settings in this way. Instead, there should be probably be a stub_settings type method, like we do for other Settings. stubbing ensures the values return to normal after test completion.
There was a problem hiding this comment.
A stub method would read better as well. It's not clear (perhaps because of the vms_get_test method name), that what you are testing is different combinations of RBAC identifiers via the settings.
compare:
vms_get_test("vm_view_role1") do
#stuff
endvs
stub_api_settings(:collections, :vms, :collection, :actions, :get, "vm_view_role1")
#stuff
|
cc @gtanzillo |
- Introduced stub_api_action_role - Updated tests to use the new stub_api_action_role - Fixed issue in api spec helper update_user_role not able to handle identifier arrays.
|
Checked commits abellotti/manageiq@4e9bff8~...598ced7 with ruby 2.2.6, rubocop 0.47.1, and haml-lint 0.20.0 |
Pivitol Story: https://www.pivotaltracker.com/story/show/139477969