From 599902da47fadb04a1429415b04b6b8fd9aa1ae3 Mon Sep 17 00:00:00 2001
From: Wayne Witzel III <wayne@riotousliving.com>
Date: Fri, 13 May 2016 11:56:47 -0400
Subject: [PATCH] update api view/serializers for new role names

---
 awx/api/views.py                | 11 +++++------
 awx/main/models/rbac.py         |  4 +---
 awx/main/tests/old/ad_hoc.py    |  2 +-
 awx/main/tests/old/inventory.py | 10 +++++-----
 awx/main/tests/old/schedules.py |  2 +-
 5 files changed, 13 insertions(+), 16 deletions(-)

diff --git a/awx/api/views.py b/awx/api/views.py
index 971ff965d2..7a16ce650e 100644
--- a/awx/api/views.py
+++ b/awx/api/views.py
@@ -818,7 +818,7 @@ class TeamList(ListCreateAPIView):
 
     def get_queryset(self):
         qs = Team.accessible_objects(self.request.user, 'read_role').order_by()
-        qs = qs.select_related('admin_role', 'auditor_role', 'member_role', 'organization')
+        qs = qs.select_related('admin_role', 'read_role', 'member_role', 'organization')
         return qs
 
 class TeamDetail(RetrieveUpdateDestroyAPIView):
@@ -865,7 +865,7 @@ class TeamProjectsList(SubListAPIView):
     def get_queryset(self):
         team = self.get_parent_object()
         self.check_parent_access(team)
-        team_qs = Project.objects.filter(Q(member_role__parents=team.member_role) | Q(admin_role__parents=team.member_role)).distinct()
+        team_qs = Project.objects.filter(Q(use_role__parents=team.member_role) | Q(admin_role__parents=team.member_role)).distinct()
         user_qs = Project.accessible_objects(self.request.user, 'read_role').distinct()
         return team_qs & user_qs
 
@@ -913,9 +913,8 @@ class ProjectList(ListCreateAPIView):
         projects_qs = projects_qs.select_related(
             'organization',
             'admin_role',
-            'auditor_role',
-            'member_role',
-            'scm_update_role',
+            'use_role',
+            'update_role',
         )
         return projects_qs
 
@@ -1422,7 +1421,7 @@ class InventoryList(ListCreateAPIView):
 
     def get_queryset(self):
         qs = Inventory.accessible_objects(self.request.user, 'read_role')
-        qs = qs.select_related('admin_role', 'auditor_role', 'update_role', 'execute_role')
+        qs = qs.select_related('admin_role', 'read_role', 'update_role', 'execute_role')
         return qs
 
 class InventoryDetail(RetrieveUpdateDestroyAPIView):
diff --git a/awx/main/models/rbac.py b/awx/main/models/rbac.py
index fb57ef4f65..45f9ebe4bc 100644
--- a/awx/main/models/rbac.py
+++ b/awx/main/models/rbac.py
@@ -42,7 +42,6 @@ role_names = {
     'member_role'          : 'Member',
     'owner_role'           : 'Owner',
     'read_role'            : 'Read',
-    'scm_update_role'      : 'SCM Update',
     'update_role'          : 'Update',
     'use_role'             : 'Use',
 }
@@ -57,8 +56,7 @@ role_descriptions = {
     'member_role'          : 'User is a member of the %s',
     'owner_role'           : 'Owns and can manage all aspects of this %s',
     'read_role'            : 'May view settings for the %s',
-    'scm_update_role'      : 'May update the project from the configured source control management system',
-    'update_role'          : 'May update the inventory or group using the cloud source update system',
+    'update_role'          : 'May update project or inventory or group using the configured source update system',
     'use_role'             : 'Can use the %s in a job template',
 }
 
diff --git a/awx/main/tests/old/ad_hoc.py b/awx/main/tests/old/ad_hoc.py
index 8052350517..b05dc6df89 100644
--- a/awx/main/tests/old/ad_hoc.py
+++ b/awx/main/tests/old/ad_hoc.py
@@ -491,7 +491,7 @@ class AdHocCommandApiTest(BaseAdHocCommandTest):
         # Explicitly give nobody user read permission on the inventory.
         nobody_roles_list_url = reverse('api:user_roles_list', args=(self.nobody_django_user.pk,))
         with self.current_user('admin'):
-            response = self.post(nobody_roles_list_url, {"id": self.inventory.auditor_role.id}, expect=204)
+            response = self.post(nobody_roles_list_url, {"id": self.inventory.read_role.id}, expect=204)
         with self.current_user('nobody'):
             self.run_test_ad_hoc_command(credential=other_cred.pk, expect=403)
         self.check_get_list(url, 'other', qs)
diff --git a/awx/main/tests/old/inventory.py b/awx/main/tests/old/inventory.py
index ac9ab875b4..c0fb172b63 100644
--- a/awx/main/tests/old/inventory.py
+++ b/awx/main/tests/old/inventory.py
@@ -59,7 +59,7 @@ class InventoryTest(BaseTest):
 
         # create a permission here on the 'other' user so they have edit access on the org
         # we may add another permission type later.
-        self.inventory_b.auditor_role.members.add(self.other_django_user)
+        self.inventory_b.read_role.members.add(self.other_django_user)
 
     def tearDown(self):
         super(InventoryTest, self).tearDown()
@@ -267,14 +267,14 @@ class InventoryTest(BaseTest):
         temp_inv = temp_org.inventories.create(name='Delete Org Inventory')
         temp_inv.groups.create(name='Delete Org Inventory Group')
 
-        temp_inv.auditor_role.members.add(self.other_django_user)
+        temp_inv.read_role.members.add(self.other_django_user)
 
         reverse('api:organization_detail', args=(temp_org.pk,))
         inventory_detail = reverse('api:inventory_detail', args=(temp_inv.pk,))
-        auditor_role_users_list = reverse('api:role_users_list', args=(temp_inv.auditor_role.pk,))
+        read_role_users_list = reverse('api:role_users_list', args=(temp_inv.read_role.pk,))
 
         self.get(inventory_detail, expect=200, auth=self.get_other_credentials())
-        self.post(auditor_role_users_list, data={'disassociate': True, "id": self.other_django_user.id}, expect=204, auth=self.get_super_credentials())
+        self.post(read_role_users_list, data={'disassociate': True, "id": self.other_django_user.id}, expect=204, auth=self.get_super_credentials())
         self.get(inventory_detail, expect=403, auth=self.get_other_credentials())
 
     def test_create_inventory_script(self):
@@ -1474,7 +1474,7 @@ class InventoryUpdatesTest(BaseTransactionTest):
         # to see the inventory source and update view, but not start an update.
         user_roles_list_url = reverse('api:user_roles_list', args=(self.other_django_user.pk,))
         with self.current_user(self.super_django_user):
-            self.post(user_roles_list_url, {"id": self.inventory.auditor_role.id}, expect=204)
+            self.post(user_roles_list_url, {"id": self.inventory.read_role.id}, expect=204)
         with self.current_user(self.other_django_user):
             self.get(inv_src_url, expect=200)
             response = self.get(inv_src_update_url, expect=200)
diff --git a/awx/main/tests/old/schedules.py b/awx/main/tests/old/schedules.py
index f90fef6e24..441c1e2002 100644
--- a/awx/main/tests/old/schedules.py
+++ b/awx/main/tests/old/schedules.py
@@ -71,7 +71,7 @@ class ScheduleTest(BaseTest):
         self.first_inventory_source.source = 'ec2'
         self.first_inventory_source.save()
 
-        self.first_inventory.auditor_role.members.add(self.other_django_user)
+        self.first_inventory.read_role.members.add(self.other_django_user)
 
         self.second_inventory = Inventory.objects.create(name='test_inventory_2', description='for org 0', organization=self.organizations[0])
         self.second_inventory.hosts.create(name='host_2')