From 4d080497cc2545eab91ecf3ad79307dda8e90ca2 Mon Sep 17 00:00:00 2001
From: Akita Noek <anoek@ansible.com>
Date: Fri, 29 Jan 2016 15:25:26 -0500
Subject: [PATCH] Updated inventory role/resource model to better match the
 spec

---
 awx/main/models/inventory.py | 34 +++++++++++++++-------------------
 1 file changed, 15 insertions(+), 19 deletions(-)

diff --git a/awx/main/models/inventory.py b/awx/main/models/inventory.py
index b75e55cfa5..313204454a 100644
--- a/awx/main/models/inventory.py
+++ b/awx/main/models/inventory.py
@@ -105,6 +105,12 @@ class Inventory(CommonModel, ResourceMixin):
         resource_field='resource',
         permissions = { 'read': True }
     )
+    updater_role = ImplicitRoleField(
+        role_name='Inventory Updater', 
+    )
+    executor_role = ImplicitRoleField(
+        role_name='Inventory Executor', 
+    )
 
     def get_absolute_url(self):
         return reverse('api:inventory_detail', args=(self.pk,))
@@ -330,7 +336,7 @@ class Inventory(CommonModel, ResourceMixin):
         return self.groups.exclude(parents__pk__in=group_pks).distinct()
 
 
-class Host(CommonModelNameNotUnique):
+class Host(CommonModelNameNotUnique, ResourceMixin):
     '''
     A managed node
     '''
@@ -548,6 +554,14 @@ class Group(CommonModelNameNotUnique, ResourceMixin):
         resource_field='resource',
         permissions = { 'read': True }
     )
+    updater_role = ImplicitRoleField(
+        role_name='Inventory Group Updater', 
+        parent_role='inventory.updater_role'
+    )
+    executor_role = ImplicitRoleField(
+        role_name='Inventory Group Executor', 
+        parent_role='inventory.executor_role'
+    )
 
     def __unicode__(self):
         return self.name
@@ -1118,24 +1132,6 @@ class InventorySource(UnifiedJobTemplate, InventorySourceOptions, ResourceMixin)
     update_cache_timeout = models.PositiveIntegerField(
         default=0,
     )
-    admin_role = ImplicitRoleField(
-        role_name='Inventory Group Administrator', 
-        parent_role=[
-            'group.admin_role',
-            'inventory.admin_role',
-        ],
-        resource_field='resource',
-        permissions = { 'all': True }
-    )
-    auditor_role = ImplicitRoleField(
-        role_name='Inventory Group Auditor', 
-        parent_role=[
-            'group.auditor_role',
-            'inventory.auditor_role',
-        ],
-        resource_field='resource',
-        permissions = { 'read': True }
-    )
 
     @classmethod
     def _get_unified_job_class(cls):