Resolving comment and updating tests

abdulirfan3 · Apr 6, 2020 · 6d08e21 · 6d08e21
1 parent 8b881d1
commit 6d08e21
Show file tree

Hide file tree

Showing 2 changed files with 23 additions and 11 deletions.
diff --git a/awx_collection/plugins/module_utils/tower_api.py b/awx_collection/plugins/module_utils/tower_api.py
@@ -575,7 +575,13 @@ def create_if_needed(self, existing_item, new_item, endpoint, on_create=None, it
             self.exit_json(**self.json_output)
 
     # We need to be able to recursevly step through fields in the case of inputs for credentials.
-    # They are dicts and we can't just compare them at the top level because the dict returned from the tower api will have fields like $encrypted$
+    # They are dicts and we can't just compare them at the top level because the dict from the tower api may have more fields that we have.
+    # For example, say someone did:
+    #  - tower_credential:
+    #      name: 'a cred'
+    #      username: 'John'
+    # Our new dict would be like { 'username': 'new_name' }
+    # But the existing cred from tower might come back as: { 'username': 'new_name', 'password': '$encrypted$', 'field2': 'something else' }
     @staticmethod
     def compare_fields(new_item, existing_item):
         needs_update = False

diff --git a/awx_collection/test/awx/test_credential.py b/awx_collection/test/awx/test_credential.py
@@ -106,30 +106,36 @@ def test_create_custom_credential_type(run_module, admin_user):
 
 
 @pytest.mark.django_db
-def test_kind_ct_exclusivity(run_module, admin_user, organization, cred_type, silence_deprecation):
+def test_ct_precedence_over_kind(run_module, admin_user, organization, cred_type, silence_deprecation):
     result = run_module('tower_credential', dict(
         name='A credential',
         organization=organization.name,
         kind='ssh',
         credential_type=cred_type.name,
         state='present'
     ), admin_user)
-    assert result.get('failed', False), result.get('msg', result)
-    assert result['msg'] == 'parameters are mutually exclusive: kind|credential_type'
+    assert not result.get('failed', False), result.get('msg', result)
+
+    cred = Credential.objects.get(name='A credential')
+
+    assert cred.credential_type == cred_type.name
 
 
 @pytest.mark.django_db
-def test_input_exclusivity(run_module, admin_user, organization):
+def test_input_overrides_old_fields(run_module, admin_user, organization):
     result = run_module('tower_credential', dict(
-        name='A credential',
+        name='A Vault credential',
         organization=organization.name,
-        kind='ssh',
-        inputs={'token': '7rEZK38DJl58A7RxA6EC7lLvUHbBQ1'},
-        security_token='7rEZK38DJl58A7RxA6EC7lLvUHbBQ1',
+        kind='Vault',
+        inputs={'vault_id': 'asdf'},
+        vault_id='1234',
         state='present'
     ), admin_user)
-    assert result.get('failed', False), result
-    assert result['msg'] == 'parameters are mutually exclusive: inputs|security_token'
+    assert not result.get('failed', False), result
+
+    cred = Credential.objects.get(name='A Vault credential')
+
+    assert cred.inputs.vault_id == 'asdf'
 
 
 @pytest.mark.django_db