Revert "User tenancy cannot be changed" This reverts commit f67b3e60a7f56aa92c40d4dfda195d9a6db3f328.
Project: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/commit/9b95ab9d Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/tree/9b95ab9d Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/diff/9b95ab9d Branch: refs/heads/master Commit: 9b95ab9d3c818f1a77015eac5b92a5e0819af459 Parents: fb42758 Author: nir-sopher <n...@qwilt.com> Authored: Tue Jun 27 08:39:11 2017 +0300 Committer: Jeremy Mitchell <mitchell...@gmail.com> Committed: Wed Jul 19 15:55:31 2017 -0600 ---------------------------------------------------------------------- traffic_ops/app/lib/API/User.pm | 10 -------- traffic_ops/app/t/api/1.2/tenant_access.t | 34 +++++++++++++------------- 2 files changed, 17 insertions(+), 27 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/blob/9b95ab9d/traffic_ops/app/lib/API/User.pm ---------------------------------------------------------------------- diff --git a/traffic_ops/app/lib/API/User.pm b/traffic_ops/app/lib/API/User.pm index 03372b8..5b09d74 100644 --- a/traffic_ops/app/lib/API/User.pm +++ b/traffic_ops/app/lib/API/User.pm @@ -184,16 +184,6 @@ sub update { #no access to target tenancy return $self->forbidden(); } - if (defined ($user->tenant_id) and $user->tenant_id != $tenant_id){ - #not allowing a tenant to be changed once not "none". - if (!defined($tenant_id) and $tenant_utils->is_root_tenant($tenants_data, $tenant_utils->current_user_tenant())) { - #however, as currently user deletion is not supported, a "root" tenant can - #move a user to undef tenant. - } - else{ - return $self->alert("User tenant cannot be changed."); - } - } my ( $is_valid, $result ) = $self->is_valid( $params, $user_id ); http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/blob/9b95ab9d/traffic_ops/app/t/api/1.2/tenant_access.t ---------------------------------------------------------------------- diff --git a/traffic_ops/app/t/api/1.2/tenant_access.t b/traffic_ops/app/t/api/1.2/tenant_access.t index 2f5fce7..b764502 100644 --- a/traffic_ops/app/t/api/1.2/tenant_access.t +++ b/traffic_ops/app/t/api/1.2/tenant_access.t @@ -289,7 +289,7 @@ sub clear_tenant { #deleting the user - as the user do operations this is not so simple. We move it to the root tenant and the fixture cleanup will do my $json = decode_json( $t->get_ok('/api/1.2/users/'.$tenants_data->{$name}->{'admin_uid'})->tx->res->content->asset->slurp ); my $response = $json->{response}[0]; - $response->{"tenantId"} = undef; + $response->{"tenantId"} = get_tenant_id("root"); ok $t->put_ok('/api/1.2/users/'.$tenants_data->{$name}->{'admin_uid'} => {Accept => 'application/json'} => json => $response) ->status_is(200)->or( sub { diag $t->tx->res->content->asset->{content}; } ) , 'Success move user?'; @@ -424,22 +424,22 @@ sub test_user_resource_write_allow_access { , 'Success change user email: login tenant:'.$login_tenant.' resource tenant: '.$resource_tenant.'?'; #change the tenant to my tenant - if ($resource_tenant eq "none" or $resource_tenant eq $login_tenant) { - $response2edit->{"tenantId"} = $tenants_data->{$login_tenant}->{'id'}; - ok $t->put_ok('/api/1.2/users/'.$new_userid => { Accept => 'application/json' } => json => $response2edit) - ->status_is(200)->or( sub { diag $t->tx->res->content->asset->{content}; } ) - ->json_is( "/response/username" => $response2edit->{"username"}) - ->json_is( "/response/email" => $response2edit->{"email"} ) - ->json_is( "/response/tenantId" => $response2edit->{"tenantId"}) - , 'Success change user tenant to login: login tenant:'.$login_tenant.' resource tenant: '.$resource_tenant.'?'; - } - else{ - $response2edit->{"tenantId"} = $tenants_data->{$login_tenant}->{'id'}; - ok $t->put_ok('/api/1.2/users/'.$new_userid => { Accept => 'application/json' } => json => $response2edit) - ->json_is( "/alerts/0/text" => "User tenant cannot be changed.") - ->status_is(400)->or( sub { diag $t->tx->res->content->asset->{content}; } ) - , 'Cannot change tenancy as it is not allowed: login tenant:'.$login_tenant.' resource tenant: '.$resource_tenant.'?'; - } + $response2edit->{"tenantId"} = $tenants_data->{$login_tenant}->{'id'}; + ok $t->put_ok('/api/1.2/users/'.$new_userid => {Accept => 'application/json'} => json => $response2edit) + ->status_is(200)->or( sub { diag $t->tx->res->content->asset->{content}; } ) + ->json_is( "/response/username" => $response2edit->{"username"}) + ->json_is( "/response/email" => $response2edit->{"email"} ) + ->json_is( "/response/tenantId" => $response2edit->{"tenantId"}) + , 'Success change user tenant to login: login tenant:'.$login_tenant.' resource tenant: '.$resource_tenant.'?'; + + #change the tenant to his tenant + $response2edit->{"tenantId"} = $tenants_data->{$resource_tenant}->{'id'}; + ok $t->put_ok('/api/1.2/users/'.$new_userid => {Accept => 'application/json'} => json => $response2edit) + ->status_is(200)->or( sub { diag $t->tx->res->content->asset->{content}; } ) + ->json_is( "/response/username" => $response2edit->{"username"}) + ->json_is( "/response/email" => $response2edit->{"email"} ) + ->json_is( "/response/tenantId" => $response2edit->{"tenantId"}) + , 'Success change user tenant to orig: login tenant:'.$login_tenant.' resource tenant: '.$resource_tenant.'?'; logout_from_tenant_admin();
