2022-12-15 19:32:55 +01:00
|
|
|
from ee.api.test.base import APILicensedTest
|
2024-10-29 22:17:27 +01:00
|
|
|
from ee.models.rbac.organization_resource_access import OrganizationResourceAccess
|
|
|
|
from ee.models.rbac.role import Role, RoleMembership
|
2022-12-15 19:32:55 +01:00
|
|
|
from posthog.models.feature_flag import FeatureFlag
|
|
|
|
from posthog.models.organization import OrganizationMembership
|
|
|
|
|
|
|
|
|
|
|
|
class TestFeatureFlagEnterpriseAPI(APILicensedTest):
|
|
|
|
def test_adding_role_edit_access_is_not_restrictive(self):
|
|
|
|
FeatureFlag.objects.create(created_by=self.user, key="flag_a", name="Flag A", team=self.team)
|
|
|
|
self.assertEqual(self.organization_membership.level, OrganizationMembership.Level.MEMBER)
|
|
|
|
OrganizationResourceAccess.objects.create(
|
|
|
|
resource=OrganizationResourceAccess.Resources.FEATURE_FLAGS,
|
|
|
|
access_level=OrganizationResourceAccess.AccessLevel.CAN_ALWAYS_EDIT,
|
|
|
|
organization=self.organization,
|
|
|
|
)
|
|
|
|
role = Role.objects.create(
|
|
|
|
name="Marketing",
|
|
|
|
organization=self.organization,
|
|
|
|
feature_flags_access_level=OrganizationResourceAccess.AccessLevel.CAN_ONLY_VIEW,
|
|
|
|
)
|
|
|
|
RoleMembership.objects.create(role=role, user=self.user)
|
|
|
|
flag_res = self.client.get(f"/api/projects/{self.team.id}/feature_flags/")
|
|
|
|
self.assertEqual(flag_res.json()["count"], 1)
|
|
|
|
self.assertEqual(flag_res.json()["results"][0]["can_edit"], True)
|