@@ -491,3 +491,76 @@ def test_serializer_allows_null_values_in_validation(self, admin_api_client, ran
491491 # Verify that created_by is None in validated_data when null is passed
492492 validated_data = serializer .validated_data
493493 assert 'created_by' not in validated_data or validated_data .get ('created_by' ) is None
494+
495+
496+ @pytest .mark .django_db
497+ class TestValidationErrors :
498+ """Test validation error cases in service API serializers"""
499+
500+ def test_system_role_with_object_id_error (self , admin_api_client , rando ):
501+ """Test that providing object_id for system role raises validation error"""
502+ from ansible_base .rbac .models import RoleDefinition
503+
504+ # Get a system role (no content_type)
505+ system_rd = RoleDefinition .objects .managed .sys_auditor
506+ assert system_rd .content_type_id is None , "Should be a system role"
507+
508+ url = get_relative_url ('serviceuserassignment-assign' )
509+ data = {
510+ "role_definition" : system_rd .name ,
511+ "user_ansible_id" : str (rando .resource .ansible_id ),
512+ "object_id" : "12345" , # This should cause error for system role
513+ }
514+
515+ response = admin_api_client .post (url , data = data )
516+ assert response .status_code == 400 , response .data
517+ assert "Can not provide either 'object_id' or 'object_ansible_id' for system role" in str (response .data )
518+
519+ def test_system_role_with_object_ansible_id_error (self , admin_api_client , rando , organization ):
520+ """Test that providing object_ansible_id for system role raises validation error"""
521+ from ansible_base .rbac .models import RoleDefinition
522+
523+ # Get a system role (no content_type)
524+ system_rd = RoleDefinition .objects .managed .sys_auditor
525+ assert system_rd .content_type_id is None , "Should be a system role"
526+
527+ url = get_relative_url ('serviceuserassignment-assign' )
528+ data = {
529+ "role_definition" : system_rd .name ,
530+ "user_ansible_id" : str (rando .resource .ansible_id ),
531+ "object_ansible_id" : str (organization .resource .ansible_id ), # This should cause error for system role
532+ }
533+
534+ response = admin_api_client .post (url , data = data )
535+ assert response .status_code == 400 , response .data
536+ assert "Can not provide either 'object_id' or 'object_ansible_id' for system role" in str (response .data )
537+
538+ def test_object_role_without_valid_object_error (self , admin_api_client , rando , inv_rd ):
539+ """Test that object role without valid object raises validation error"""
540+ url = get_relative_url ('serviceuserassignment-assign' )
541+ data = {
542+ "role_definition" : inv_rd .name ,
543+ "user_ansible_id" : str (rando .resource .ansible_id ),
544+ "object_id" : "99999" , # Non-existent inventory ID
545+ }
546+
547+ response = admin_api_client .post (url , data = data )
548+ assert response .status_code == 400 , response .data
549+ # Check if the error is about object not existing
550+ error_msg = str (response .data )
551+ assert "does not exist" in error_msg .lower ()
552+
553+ def test_object_role_without_object_specified_error (self , admin_api_client , rando , inv_rd ):
554+ """Test that object role without object_id raises validation error"""
555+ url = get_relative_url ('serviceuserassignment-assign' )
556+ data = {
557+ "role_definition" : inv_rd .name ,
558+ "user_ansible_id" : str (rando .resource .ansible_id ),
559+ # No object_id or object_ansible_id provided
560+ }
561+
562+ response = admin_api_client .post (url , data = data )
563+ assert response .status_code == 400 , response .data
564+ # Check if the error is about missing object_id or object_ansible_id
565+ error_msg = str (response .data )
566+ assert "You must provide either 'object_id' or 'object_ansible_id'" in error_msg
0 commit comments