Merge branch 'devel' into wf_rbac_prompt

awx/main/migrations/0036_v310_remove_tower_settings.py

@@ -0,0 +1,22 @@
+# -*- coding: utf-8 -*-
+from __future__ import unicode_literals
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('main', '0035_v310_jobevent_uuid'),
+    ]
+
+    # These settings are now in the separate awx.conf app.
+    operations = [
+        migrations.RemoveField(
+            model_name='towersettings',
+            name='user',
+        ),
+        migrations.DeleteModel(
+            name='TowerSettings',
+        ),
+    ]

awx/main/migrations/_old_access.py

@@ -13,6 +13,7 @@ import sys
 import logging
 
 # Django
+from django.conf import settings
 from django.db.models import F, Q
 from django.contrib.auth.models import User
 
@@ -22,9 +23,7 @@ from rest_framework.exceptions import ParseError, PermissionDenied
 # AWX
 from awx.main.utils import * # noqa
 from awx.main.models import * # noqa
-from awx.api.license import LicenseForbids
-from awx.main.task_engine import TaskSerializer
-from awx.main.conf import tower_settings
+from awx.conf.license import LicenseForbids
 
 __all__ = ['get_user_queryset', 'check_user_access']
 
@@ -153,8 +152,8 @@ class BaseAccess(object):
         return self.can_change(obj, None)
 
     def check_license(self, add_host=False, feature=None, check_expiration=True):
-        reader = TaskSerializer()
-        validation_info = reader.from_database()
+        from awx.main.task_engine import TaskEnhancer
+        validation_info = TaskEnhancer().validate_enhancements()
         if ('test' in sys.argv or 'py.test' in sys.argv[0] or 'jenkins' in sys.argv) and not os.environ.get('SKIP_LICENSE_FIXUP_FOR_TEST', ''):
             validation_info['free_instances'] = 99999999
             validation_info['time_remaining'] = 99999999
@@ -202,7 +201,7 @@ class UserAccess(BaseAccess):
         qs = self.model.objects.distinct()
         if self.user.is_superuser:
             return qs
-        if tower_settings.ORG_ADMINS_CAN_SEE_ALL_USERS and self.user.deprecated_admin_of_organizations.all().exists():
+        if settings.ORG_ADMINS_CAN_SEE_ALL_USERS and self.user.deprecated_admin_of_organizations.all().exists():
             return qs
         return qs.filter(
             Q(pk=self.user.pk) |
@@ -1624,29 +1623,6 @@ class CustomInventoryScriptAccess(BaseAccess):
         return False
 
 
-class TowerSettingsAccess(BaseAccess):
-    '''
-    - I can see settings when
-      - I am a super user
-    - I can edit settings when
-      - I am a super user
-    - I can clear settings when
-      - I am a super user
-    '''
-
-    model = TowerSettings
-
-    def get_queryset(self):
-        if self.user.is_superuser:
-            return self.model.objects.all()
-        return self.model.objects.none()
-
-    def can_change(self, obj, data):
-        return self.user.is_superuser
-
-    def can_delete(self, obj):
-        return self.user.is_superuser
-
 register_access(User, UserAccess)
 register_access(Organization, OrganizationAccess)
 register_access(Inventory, InventoryAccess)
@@ -1672,4 +1648,3 @@ register_access(UnifiedJobTemplate, UnifiedJobTemplateAccess)
 register_access(UnifiedJob, UnifiedJobAccess)
 register_access(ActivityStream, ActivityStreamAccess)
 register_access(CustomInventoryScript, CustomInventoryScriptAccess)
-register_access(TowerSettings, TowerSettingsAccess)