mirror of
https://github.com/ansible/awx.git
synced 2026-03-07 11:41:08 -03:30
Merge branch 'rbac' into devel
This commit is contained in:
Wayne Witzel III
@@ -15,7 +15,7 @@ def log_migration(wrapped):
|
|||||||
as it runs, Django resets this, so we use a decorator
|
as it runs, Django resets this, so we use a decorator
|
||||||
to re-add the handler for each method.
|
to re-add the handler for each method.
|
||||||
'''
|
'''
|
||||||
handler = logging.FileHandler("tower_rbac_migrations.log", mode="a", encoding="UTF-8")
|
handler = logging.FileHandler("/tmp/tower_rbac_migrations.log", mode="a", encoding="UTF-8")
|
||||||
formatter = logging.Formatter('%(asctime)s - %(name)s - %(levelname)s - %(message)s')
|
formatter = logging.Formatter('%(asctime)s - %(name)s - %(levelname)s - %(message)s')
|
||||||
handler.setLevel(logging.DEBUG)
|
handler.setLevel(logging.DEBUG)
|
||||||
handler.setFormatter(formatter)
|
handler.setFormatter(formatter)
|
||||||
@@ -177,25 +177,28 @@ def migrate_inventory(apps, schema_editor):
|
|||||||
Inventory = apps.get_model('main', 'Inventory')
|
Inventory = apps.get_model('main', 'Inventory')
|
||||||
Permission = apps.get_model('main', 'Permission')
|
Permission = apps.get_model('main', 'Permission')
|
||||||
|
|
||||||
|
def role_from_permission():
|
||||||
|
if perm.permission_type == 'admin':
|
||||||
|
return inventory.admin_role
|
||||||
|
elif perm.permission_type == 'read':
|
||||||
|
return inventory.auditor_role
|
||||||
|
elif perm.permission_type == 'write':
|
||||||
|
return inventory.updater_role
|
||||||
|
elif perm.permission_type == 'check' or perm.permission_type == 'run':
|
||||||
|
# These permission types are handled differntly in RBAC now, nothing to migrate.
|
||||||
|
return False
|
||||||
|
else:
|
||||||
|
return None
|
||||||
|
|
||||||
for inventory in Inventory.objects.iterator():
|
for inventory in Inventory.objects.iterator():
|
||||||
for perm in Permission.objects.filter(inventory=inventory):
|
for perm in Permission.objects.filter(inventory=inventory):
|
||||||
role = None
|
role = None
|
||||||
execrole = None
|
execrole = None
|
||||||
if perm.permission_type == 'admin':
|
|
||||||
role = inventory.admin_role
|
role = role_from_permission()
|
||||||
pass
|
if role is None:
|
||||||
elif perm.permission_type == 'read':
|
|
||||||
role = inventory.auditor_role
|
|
||||||
pass
|
|
||||||
elif perm.permission_type == 'write':
|
|
||||||
role = inventory.updater_role
|
|
||||||
pass
|
|
||||||
elif perm.permission_type == 'check':
|
|
||||||
pass
|
|
||||||
elif perm.permission_type == 'run':
|
|
||||||
pass
|
|
||||||
else:
|
|
||||||
raise Exception(smart_text(u'Unhandled permission type for inventory: {}'.format( perm.permission_type)))
|
raise Exception(smart_text(u'Unhandled permission type for inventory: {}'.format( perm.permission_type)))
|
||||||
|
|
||||||
if perm.run_ad_hoc_commands:
|
if perm.run_ad_hoc_commands:
|
||||||
execrole = inventory.executor_role
|
execrole = inventory.executor_role
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user