nautobot 3.0.0rc2__py3-none-any.whl → 3.0.1__py3-none-any.whl

nautobot/core/ui/bulk_buttons.py

@@ -1,5 +1,6 @@
 from nautobot.core.choices import ButtonActionColorChoices
 from nautobot.core.ui import object_detail
+from nautobot.core.utils.lookup import get_route_for_model
 
 
 class BaseBulkButton(object_detail.FormButton):
@@ -12,9 +13,7 @@ class BaseBulkButton(object_detail.FormButton):
     weight = None
 
     def __init__(self, *, form_id: str, model, **kwargs):
-        model_name = model.__name__.lower()
-        app_label = model._meta.app_label
-        link_name = f"{app_label}:{model_name}_bulk_{self.action}"
+        link_name = get_route_for_model(model, f"bulk_{self.action}")
 
         super().__init__(
             link_name=link_name,

nautobot/core/views/generic.py

@@ -227,6 +227,7 @@ class ObjectListView(UIComponentsMixin, ObjectPermissionRequiredMixin, View):
         hide_hierarchy_ui = False
         clear_view = request.GET.get("clear_view", False)
         resolved_path = resolve(request.path)
+        # Note that `resolved_path.app_name` does work even for nested paths like `plugins:example_app:...`
         list_url = f"{resolved_path.app_name}:{resolved_path.url_name}"
 
         skip_user_and_global_default_saved_view = False

nautobot/core/views/mixins.py

@@ -17,7 +17,7 @@ from django.forms import Form, ModelMultipleChoiceField, MultipleHiddenInput
 from django.http import HttpResponse
 from django.shortcuts import get_object_or_404, redirect
 from django.template.loader import select_template, TemplateDoesNotExist
-from django.urls import reverse
+from django.urls import resolve, reverse
 from django.urls.exceptions import NoReverseMatch
 from django.utils.encoding import iri_to_uri
 from django.utils.html import format_html
@@ -74,9 +74,6 @@ PERMISSIONS_ACTION_MAP = {
     "changelog": "view",
     "notes": "view",
     "data_compliance": "view",
-    "approve": "change",
-    "deny": "change",
-    "comment": "change",
 }
 
 
@@ -421,7 +418,7 @@ class NautobotViewSetMixin(GenericViewSet, UIComponentsMixin, AccessMixin, GetRe
             model_permissions.append(f"{model._meta.app_label}.{action}_{model._meta.model_name}")
         # Append additional object permissions if specified.
         if self.custom_view_additional_permissions:
-            model_permissions.append(*self.custom_view_additional_permissions)
+            model_permissions.extend(self.custom_view_additional_permissions)
         return model_permissions
 
     def get_required_permission(self):
@@ -932,10 +929,12 @@ class ObjectListViewMixin(NautobotViewSetMixin, mixins.ListModelMixin):
                 self.filterset_class(),
             )
 
+        resolved_path = resolve(request.path)
+        # Note that `resolved_path.app_name` does work even for nested paths like `plugins:example_app:...`
+        view_name = f"{resolved_path.app_name}:{resolved_path.url_name}"
+
         # Check if there is a default for this view for this specific user
         user_default_saved_view = None
-        app_label, model_name = queryset.model._meta.label.split(".")
-        view_name = f"{app_label}:{model_name.lower()}_list"
         user = request.user
         if not isinstance(user, AnonymousUser):
             try:

nautobot/core/views/renderers.py

@@ -311,6 +311,7 @@ class NautobotHTMLRenderer(renderers.BrowsableAPIRenderer):
             valid_actions = self.validate_action_buttons(view, request)
             # Query SavedViews for dropdown button
             resolved_path = resolve(request.path)
+            # Note that `resolved_path.app_name` does work even for nested paths like `plugins:example_app:...`
             list_url = f"{resolved_path.app_name}:{resolved_path.url_name}"
             saved_views = None
             if model.is_saved_view_model:

nautobot/core/views/utils.py

@@ -591,9 +591,9 @@ def get_bulk_queryset_from_view(
 
     queryset = view_class.queryset.restrict(user, action)
 
-    # The filterset_class is determined from model on purpose, as filterset_class the view as a param, will not work
-    # with a job. It is better to be consistent with each with sending the same params that will
-    # always be available from to the confirmation page and to the job.
+    # The filterset_class is determined from model on purpose versus getting it from the view itself. This is
+    # because the filterset_class on the view as a param, will not work with a job. It is better to be consistent
+    # with each with sending the same params that will always be available from to the confirmation page and to the job.
     filterset_class = get_filterset_for_model(model)
 
     if not filterset_class:

nautobot/extras/jobs.py

@@ -29,6 +29,7 @@ from django.db.models.query import QuerySet
 from django.forms import ValidationError
 from django.utils.functional import classproperty
 import netaddr
+from prometheus_client import Counter
 import yaml
 
 from nautobot.core.celery import import_jobs, nautobot_task
@@ -89,6 +90,27 @@ __all__ = [
 
 logger = logging.getLogger(__name__)
 
+started_jobs_counter = Counter(
+    name="nautobot_worker_started_jobs",
+    documentation="Job executions that started running",
+    labelnames=("job_class_name", "module_name"),
+)
+finished_jobs_counter = Counter(
+    name="nautobot_worker_finished_jobs",
+    documentation="Job executions that finished running",
+    labelnames=("job_class_name", "module_name", "status"),
+)
+exception_jobs_counter = Counter(
+    name="nautobot_worker_exception_jobs",
+    documentation="Job executions that raised an exception",
+    labelnames=("job_class_name", "module_name", "exception_type"),
+)
+singleton_conflict_counter = Counter(
+    name="nautobot_worker_singleton_conflict",
+    documentation="Job executions that ran into a singleton lock",
+    labelnames=("job_class_name", "module_name"),
+)
+
 
 class RunJobTaskFailed(Exception):
     """Celery task failed for some reason."""
@@ -1194,6 +1216,9 @@ def _prepare_job(job_class_path, request, kwargs) -> tuple[Job, dict]:
                     extra={"object": job.job_model, "grouping": "initialization"},
                 )
             else:
+                singleton_conflict_counter.labels(
+                    job_class_name=job.job_model.job_class_name, module_name=job.job_model.module_name
+                ).inc()
                 # TODO 3.0: maybe change to logger.failure() and return cleanly, as this is an "acceptable" failure?
                 job.logger.error(
                     "Job %s is a singleton and already running.",
@@ -1277,6 +1302,9 @@ def run_job(self, job_class_path, *args, **kwargs):
 
     result = None
     status = None
+    started_jobs_counter.labels(
+        job_class_name=job.job_model.job_class_name, module_name=job.job_model.module_name
+    ).inc()
     try:
         before_start_result = job.before_start(self.request.id, args, kwargs)
         if not job._failed:
@@ -1293,6 +1321,9 @@ def run_job(self, job_class_path, *args, **kwargs):
             job.on_success(result, self.request.id, args, kwargs)
         else:
             job.on_failure(result, self.request.id, args, kwargs, None)
+        finished_jobs_counter.labels(
+            job_class_name=job.job_model.job_class_name, module_name=job.job_model.module_name, status=status
+        ).inc()
 
         job.after_return(status, result, self.request.id, args, kwargs, None)
 
@@ -1309,11 +1340,21 @@ def run_job(self, job_class_path, *args, **kwargs):
         # We don't want to overwrite the manual state update that we did above, so:
         raise Ignore()
 
-    except Reject:
+    except Reject as exc:
+        exception_jobs_counter.labels(
+            job_class_name=job.job_model.job_class_name,
+            module_name=job.job_model.module_name,
+            exception_type=type(exc).__name__,
+        ).inc()
         status = status or JobResultStatusChoices.STATUS_REJECTED
         raise
 
-    except Ignore:
+    except Ignore as exc:
+        exception_jobs_counter.labels(
+            job_class_name=job.job_model.job_class_name,
+            module_name=job.job_model.module_name,
+            exception_type=type(exc).__name__,
+        ).inc()
         status = status or JobResultStatusChoices.STATUS_IGNORED
         raise
 
@@ -1326,6 +1367,11 @@ def run_job(self, job_class_path, *args, **kwargs):
             "exc_type": type(exc).__name__,
             "exc_message": sanitize(str(exc)),
         }
+        exception_jobs_counter.labels(
+            job_class_name=job.job_model.job_class_name,
+            module_name=job.job_model.module_name,
+            exception_type=type(exc).__name__,
+        ).inc()
         raise
 
     finally:

nautobot/extras/models/models.py

@@ -25,6 +25,7 @@ from nautobot.core.models import BaseManager, BaseModel
 from nautobot.core.models.fields import ForeignKeyWithAutoRelatedName, LaxURLField
 from nautobot.core.models.generics import OrganizationalModel, PrimaryModel
 from nautobot.core.utils.data import deepmerge, render_jinja2
+from nautobot.core.utils.lookup import get_filterset_for_model, get_model_for_view_name
 from nautobot.extras.choices import (
     ButtonClassChoices,
     WebhookHttpMethodChoices,
@@ -918,6 +919,24 @@ class SavedView(BaseModel, ChangeLoggedModel):
 
         super().save(*args, **kwargs)
 
+    @property
+    def model(self):
+        """
+        Return the model class associated with this SavedView, based on the 'view' field.
+        """
+        return get_model_for_view_name(self.view)
+
+    def get_filtered_queryset(self, user):
+        """
+        Return a queryset for the associated model, filtered by this SavedView's filter_params.
+        """
+        model = self.model
+        if model is None:
+            return None
+        filter_params = self.config.get("filter_params", {})
+        filterset_class = get_filterset_for_model(model)
+        return filterset_class(filter_params, model.objects.restrict(user)).qs
+
 
 @extras_features("graphql")
 class UserSavedViewAssociation(BaseModel):

nautobot/extras/tables.py

@@ -336,19 +336,19 @@ class ApprovalWorkflowTable(BaseTable):
         model = ApprovalWorkflow
         fields = (
             "pk",
-            "approval_workflow_definition",
             "object_under_review_content_type",
             "object_under_review",
-            "current_state",
             "user",
+            "current_state",
+            "approval_workflow_definition",
         )
         default_columns = (
             "pk",
-            "approval_workflow_definition",
             "object_under_review_content_type",
             "object_under_review",
-            "current_state",
             "user",
+            "current_state",
+            "approval_workflow_definition",
             "actions",
         )
 
@@ -426,6 +426,7 @@ class ApproverDashboardTable(ApprovalWorkflowStageTable):
         template_code="<a href={{record.approval_workflow.get_absolute_url}}>{{ record.approval_workflow_stage_definition.name }}</a>",
         verbose_name="Current Stage",
     )
+    approval_workflow__object_under_review_content_type = tables.Column(verbose_name="Object Type Under Review")
     object_under_review = tables.TemplateColumn(
         template_code="<a href={{record.approval_workflow.object_under_review.get_absolute_url }}>{{ record.approval_workflow.object_under_review }}</a>"
     )
@@ -437,6 +438,7 @@ class ApproverDashboardTable(ApprovalWorkflowStageTable):
         model = ApprovalWorkflowStage
         fields = (
             "pk",
+            "approval_workflow__object_under_review_content_type",
             "object_under_review",
             "approval_workflow",
             "approval_workflow_stage",
@@ -446,9 +448,10 @@ class ApproverDashboardTable(ApprovalWorkflowStageTable):
         )
         default_columns = (
             "pk",
-            "approval_workflow_stage",
-            "approval_workflow",
+            "approval_workflow__object_under_review_content_type",
             "object_under_review",
+            "approval_workflow",
+            "approval_workflow_stage",
             "actions_needed",
             "state",
             "actions",

nautobot/extras/templates/extras/approval_workflow/approve.html

@@ -1,11 +1,18 @@
 {% extends 'utilities/confirmation_form.html' %}
 {% load form_helpers %}
+{% load helpers %}
 
-{% block title %}Approve {{ obj_type }}?{% endblock %}
+
+{% block title %}Approve Workflow Stage?{% endblock %}
 
 {% block message %}
     {% block message_extra %}{% endblock %}
-    <p>Are you sure you want to approve <strong>{{ obj }}</strong> for <strong> {{ object_under_review }}</strong>?</p>
+    <p>Are you sure you want to approve</p>
+    <ul>
+        <li>Stage <strong>{{ obj.approval_workflow_stage_definition.name }}</strong></li>
+        <li>from Workflow <strong>{{ obj.approval_workflow_stage_definition.approval_workflow_definition.name }}</strong></li>
+        <li>for {{ object_under_review|meta:"verbose_name"|bettertitle }} <strong>{{ object_under_review|hyperlinked_object}}</strong>?</li>
+    </ul>
     <p>You can leave optional comments here.</p>
     {% render_field form.comments %}
 {% endblock %}

nautobot/extras/templates/extras/approval_workflow/deny.html

@@ -1,10 +1,16 @@
 {% extends 'utilities/confirmation_form.html' %}
 {% load form_helpers %}
+{% load helpers %}
 
-{% block title %}Deny {{ obj_type }}?{% endblock %}
+{% block title %}Deny Workflow Stage?{% endblock %}
 
 {% block message %}
-    <p>Are you sure you want to deny <strong>{{ obj }}</strong> for <strong> {{ object_under_review }}</strong>?</p>
+    <p>Are you sure you want to deny</p>
+    <ul>
+        <li>Stage <strong>{{ obj.approval_workflow_stage_definition.name }}</strong></li>
+        <li>from Workflow <strong>{{ obj.approval_workflow_stage_definition.approval_workflow_definition.name }}</strong></li>
+        <li>for {{ object_under_review|meta:"verbose_name"|bettertitle }} <strong>{{ object_under_review|hyperlinked_object}}</strong>?</li>
+    </ul>
     <p>You can leave optional comments here.</p>
     {% render_field form.comments %}
-{% endblock %}
+{% endblock %}

nautobot/extras/tests/test_customfields_filters.py

@@ -3,8 +3,8 @@ from django.db.models import Model
 from django.test import tag
 
 from nautobot.core.testing import views
-from nautobot.extras.choices import CustomFieldFilterLogicChoices, CustomFieldTypeChoices
-from nautobot.extras.models import CustomField
+from nautobot.extras.choices import CustomFieldFilterLogicChoices, CustomFieldTypeChoices, DynamicGroupOperatorChoices
+from nautobot.extras.models import CustomField, DynamicGroup, DynamicGroupMembership
 
 
 @tag("unit")
@@ -368,6 +368,82 @@ class CustomFieldsFilters:
                             instances, filtered, test_case["expected"], assert_in_msg, assert_not_in_msg
                         )
 
+        def test_str_custom_field_with_dynamic_groups(self):
+            cf_label = "test_dgs_label_str"
+            cf_label_ic = "test_dgs_label_str_ic"
+            test_data = self.filter_matrix[CustomFieldTypeChoices.TYPE_TEXT]
+            model = self.filterset.Meta.model
+            self.create_custom_field(model, cf_label)
+            self.create_custom_field(model, cf_label_ic, filter_logic=CustomFieldFilterLogicChoices.FILTER_LOOSE)
+
+            instances = self.queryset.all()[:5]
+            self.prepare_custom_fields_values(cf_label, instances, test_data["value"], "not-matched")
+            self.prepare_custom_fields_values(cf_label_ic, instances, test_data["value"], "not-matched")
+
+            ct = ContentType.objects.get_for_model(model)
+
+            filter_group = DynamicGroup.objects.create(
+                name="CustomField DynamicGroup",
+                content_type=ct,
+                filter={},
+            )
+            parent_group = DynamicGroup.objects.create(
+                name="Parent CustomField DynamicGroup",
+                content_type=ct,
+                filter={},
+            )
+            group_membership = DynamicGroupMembership.objects.create(
+                parent_group=parent_group,
+                group=filter_group,
+                operator=DynamicGroupOperatorChoices.OPERATOR_INTERSECTION,
+                weight=10,
+            )
+
+            # Prepare test cases
+            # For dynamic group we're supporting only exact or icontains for now
+            # Depending on the custom field filter logic
+            for lookup_data in test_data["lookups"]:
+                if lookup_data["lookup"] not in ["", "ic"]:
+                    continue
+
+                test_cases = [(lookup_data["lookup"], test_case) for test_case in lookup_data["test_cases"]]
+                group_membership.operator = DynamicGroupOperatorChoices.OPERATOR_INTERSECTION
+                group_membership.save()
+
+                for lookup, test_case in test_cases:
+                    assert_in_msg = f'object expected to be found for searching `{lookup}` ({lookup_data["name"]}) = "{test_case["search"]}"'
+                    assert_not_in_msg = f'object expected to be filtered out for searching `{lookup}` ({lookup_data["name"]}) = "{test_case["search"]}"'
+                    group_filter = {f"cf_{cf_label}": test_case["search"]}
+                    if lookup == "ic":
+                        group_filter = {f"cf_{cf_label_ic}": test_case["search"]}
+
+                    with self.subTest(f"Test filtering {group_filter}"):
+                        filter_group.set_filter(group_filter)
+                        filter_group.save()
+                        members = parent_group.update_cached_members()
+                        self.assertProperInstancesReturned(
+                            instances, members, test_case["expected"], assert_in_msg, assert_not_in_msg
+                        )
+
+                negated_test_cases = self.get_negated_test_cases(lookup_data["lookup"], lookup_data["test_cases"])
+                group_membership.operator = DynamicGroupOperatorChoices.OPERATOR_DIFFERENCE
+                group_membership.save()
+
+                for lookup, test_case in negated_test_cases:
+                    assert_in_msg = f'object expected to be found for searching `{lookup}` ({lookup_data["name"]}) = "{test_case["search"]}"'
+                    assert_not_in_msg = f'object expected to be filtered out for searching `{lookup}` ({lookup_data["name"]}) = "{test_case["search"]}"'
+                    group_filter = {f"cf_{cf_label}": test_case["search"]}
+                    if lookup == "ic":
+                        group_filter = {f"cf_{cf_label_ic}": test_case["search"]}
+
+                    with self.subTest(f"Test negated filtering {group_filter}"):
+                        filter_group.set_filter(group_filter)
+                        filter_group.save()
+                        members = parent_group.update_cached_members()
+                        self.assertProperInstancesReturned(
+                            instances, members, test_case["expected"], assert_in_msg, assert_not_in_msg
+                        )
+
         def test_str_custom_field_filters(self):
             cf_label = "test_fs_label_str"
             test_data = self.filter_matrix[CustomFieldTypeChoices.TYPE_TEXT]
@@ -411,11 +487,15 @@ class CustomFieldsFilters:
                         )
 
         @staticmethod
-        def create_custom_field(model: Model, label: str) -> CustomField:
+        def create_custom_field(
+            model: Model,
+            label: str,
+            filter_logic: CustomFieldFilterLogicChoices = CustomFieldFilterLogicChoices.FILTER_EXACT,
+        ) -> CustomField:
             cf = CustomField.objects.create(
                 type=CustomFieldTypeChoices.TYPE_TEXT,
                 label=label,
-                filter_logic=CustomFieldFilterLogicChoices.FILTER_EXACT,
+                filter_logic=filter_logic,
             )
             cf.content_types.set([ContentType.objects.get_for_model(model)])
             return cf

nautobot/extras/tests/test_views.py

@@ -419,19 +419,33 @@ class ApprovalWorkflowStageViewTestCase(
         self.client.force_login(self.user)
         self.add_permissions("extras.change_approvalworkflowstage", "extras.view_approvalworkflowstage")
 
-        # Try GET with model-level permission
+        # Try GET with model-level permission but not belonging to the approver group
         url = reverse("extras:approvalworkflowstage_approve", args=[approval_workflow_stage.pk])
+        response = self.client.get(url, follow=True)
+        self.assertHttpStatus(response, 200)
+        self.assertBodyContains(response, "You are not permitted to approve this")
+
+        # Try GET with belonging to the approver group
+        approval_workflow_stage.approval_workflow_stage_definition.approver_group.user_set.add(self.user)
         response = self.client.get(url)
+        approval_workflow_stage.approval_workflow_stage_definition.approver_group.user_set.remove(self.user)
         self.assertHttpStatus(response, 200)
         self.assertBodyContains(response, '<div class="card border-success">')  # Assert the success panel is present
 
-        # Try POST with model-level permission
+        # Try POST with model-level permission but not belonging to the approver group
         request = {
             "path": url,
             "data": post_data({"comments": "Approved!"}),
         }
         response = self.client.post(**request, follow=True)
         self.assertHttpStatus(response, 200)
+        self.assertBodyContains(response, "You are not permitted to approve this")
+
+        # Try POST with belonging to the approver group
+        approval_workflow_stage.approval_workflow_stage_definition.approver_group.user_set.add(self.user)
+        response = self.client.post(**request, follow=True)
+        approval_workflow_stage.approval_workflow_stage_definition.approver_group.user_set.remove(self.user)
+        self.assertHttpStatus(response, 200)
         approval_workflow_stage.refresh_from_db()
         # New response should be created
         new_response = ApprovalWorkflowStageResponse.objects.get(
@@ -469,8 +483,10 @@ class ApprovalWorkflowStageViewTestCase(
         self.add_permissions("extras.change_approvalworkflowstage", "extras.view_approvalworkflowstage")
 
         # Try GET with model-level permission
+        approval_workflow_stage.approval_workflow_stage_definition.approver_group.user_set.add(self.user)
         url = reverse("extras:approvalworkflowstage_approve", args=[approval_workflow_stage.pk])
         response = self.client.get(url)
+        approval_workflow_stage.approval_workflow_stage_definition.approver_group.user_set.remove(self.user)
         self.assertHttpStatus(response, 200)
         self.assertBodyContains(response, '<div class="card border-success">')  # Assert the success panel is present
         self.assertBodyContains(response, "existing comment")
@@ -480,7 +496,9 @@ class ApprovalWorkflowStageViewTestCase(
             "path": url,
             "data": post_data({"comments": "Approved!"}),
         }
+        approval_workflow_stage.approval_workflow_stage_definition.approver_group.user_set.add(self.user)
         response = self.client.post(**request, follow=True)
+        approval_workflow_stage.approval_workflow_stage_definition.approver_group.user_set.remove(self.user)
         self.assertHttpStatus(response, 200)
         approval_workflow_stage.refresh_from_db()
         # Response should be updated
@@ -500,19 +518,33 @@ class ApprovalWorkflowStageViewTestCase(
         approval_workflow_stage = ApprovalWorkflowStage.objects.first()
         self.add_permissions("extras.change_approvalworkflowstage", "extras.view_approvalworkflowstage")
 
-        # Try GET with model-level permission
+        # Try GET with model-level permission but not belonging to the approver group
         url = reverse("extras:approvalworkflowstage_deny", args=[approval_workflow_stage.pk])
+        response = self.client.get(url, follow=True)
+        self.assertHttpStatus(response, 200)
+        self.assertBodyContains(response, "You are not permitted to deny this")
+
+        # Try GET with belonging to the approver group
+        approval_workflow_stage.approval_workflow_stage_definition.approver_group.user_set.add(self.user)
         response = self.client.get(url)
+        approval_workflow_stage.approval_workflow_stage_definition.approver_group.user_set.remove(self.user)
         self.assertHttpStatus(response, 200)
         self.assertBodyContains(response, '<div class="card border-danger">')  # Assert the danger panel is present
 
-        # Try POST with model-level permission
+        # Try POST with model-level permission but not belonging to the approver group
         request = {
             "path": url,
             "data": post_data({"comments": "Denied!"}),
         }
         response = self.client.post(**request, follow=True)
         self.assertHttpStatus(response, 200)
+        self.assertBodyContains(response, "You are not permitted to deny this")
+
+        # Try POST with belonging to the approver group
+        approval_workflow_stage.approval_workflow_stage_definition.approver_group.user_set.add(self.user)
+        response = self.client.post(**request, follow=True)
+        approval_workflow_stage.approval_workflow_stage_definition.approver_group.user_set.remove(self.user)
+        self.assertHttpStatus(response, 200)
         approval_workflow_stage.refresh_from_db()
         # New response should be created
         new_response = ApprovalWorkflowStageResponse.objects.get(
@@ -550,18 +582,22 @@ class ApprovalWorkflowStageViewTestCase(
         self.add_permissions("extras.change_approvalworkflowstage", "extras.view_approvalworkflowstage")
 
         # Try GET with model-level permission
+        approval_workflow_stage.approval_workflow_stage_definition.approver_group.user_set.add(self.user)
         url = reverse("extras:approvalworkflowstage_deny", args=[approval_workflow_stage.pk])
         response = self.client.get(url)
+        approval_workflow_stage.approval_workflow_stage_definition.approver_group.user_set.remove(self.user)
         self.assertHttpStatus(response, 200)
         self.assertBodyContains(response, '<div class="card border-danger">')  # Assert the danger panel is present
         self.assertBodyContains(response, "existing comment")
 
         # Try POST with model-level permission
+        approval_workflow_stage.approval_workflow_stage_definition.approver_group.user_set.add(self.user)
         request = {
             "path": url,
             "data": post_data({"comments": "Denied!"}),
         }
         response = self.client.post(**request, follow=True)
+        approval_workflow_stage.approval_workflow_stage_definition.approver_group.user_set.remove(self.user)
         self.assertHttpStatus(response, 200)
         approval_workflow_stage.refresh_from_db()
         # Response should be updated