External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-05-09 02:17:37 -02:30
Code Issues Packages Projects Releases Wiki Activity

Rename credential migration helpers

Browse Source
This commit is contained in:
Wayne Witzel III
2016-03-17 11:37:59 -04:00
parent b59e960b46
commit 74e2c440a5
1 changed files with 17 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

59
awx/main/migrations/_rbac.py
View File

@@ -55,41 +55,19 @@ def migrate_team(apps, schema_editor):
migrations[t.name].append(user) migrations[t.name].append(user)
return migrations return migrations
def _update_jt_creds(jts, cred): def _update_credential_parents(org, cred):
for i, jt in enumerate(jts):
if i == 0:
jt.inventory.organization.admin_role.children.add(cred.owner_role)
continue
cred.pk = None
cred.user = None
cred.save()
jt.credential = cred
jt.inventory.organization.admin_role.children.add(cred.owner_role)
jt.save()
def _update_proj_creds(projects, cred):
for i, proj in enumerate(projects):
if i == 0:
proj.organization.admin_role.children.add(cred.owner_role)
continue
cred.pk = None
cred.user = None
cred.save()
proj.credential = cred
proj.organization.admin_role.children.add(cred.owner_role)
proj.save()
def _handle_single_cred(org, cred):
org.admin_role.children.add(cred.owner_role) org.admin_role.children.add(cred.owner_role)
org.member_role.children.add(cred.usage_role) org.member_role.children.add(cred.usage_role)
cred.user, cred.team = None, None cred.user, cred.team = None, None
cred.save() cred.save()
def _handle_multi_cred(insts, cred, org_path='organization'): def _discover_credentials(insts, cred, org_path='organization'):
'''_discover_credentials will find shared credentials across
organizations. If a shared credential is found, it will duplicate
the credential, ensure the proper role permissions are added to the new
credential, and update any references from the old to the newly created
credential.
'''
def get_org(inst): def get_org(inst):
fields = org_path.split('.') fields = org_path.split('.')
for field in fields: for field in fields:
@@ -101,23 +79,20 @@ def _handle_multi_cred(insts, cred, org_path='organization'):
orgs[get_org(inst)].append(inst) orgs[get_org(inst)].append(inst)
if len(orgs) == 1: if len(orgs) == 1:
_handle_single_cred(insts[0].inventory.organization, cred) _update_credential_parents(insts[0].inventory.organization, cred)
else: else:
for pos, org in enumerate(orgs): for pos, org in enumerate(orgs):
if pos == 0: if pos == 0:
_handle_single_cred(org, cred) _update_credential_parents(org, cred)
else: else:
cred.pk, cred.user, cred.team = None, None, None cred.pk, cred.user, cred.team = None, None, None
cred.save() cred.save()
cred.owner_role, cred.usage_role = None, None cred.owner_role, cred.usage_role = None, None
cred.save() cred.save()
for i in orgs[org]: for i in orgs[org]:
i.credential = cred i.credential = cred
i.save() i.save()
_update_credential_parents(org, cred)
_handle_single_cred(org, cred)
def migrate_credential(apps, schema_editor): def migrate_credential(apps, schema_editor):
Credential = apps.get_model('main', "Credential") Credential = apps.get_model('main', "Credential")
@@ -130,25 +105,25 @@ def migrate_credential(apps, schema_editor):
jts = JobTemplate.objects.filter(Q(credential=cred) | Q(cloud_credential=cred)).all() jts = JobTemplate.objects.filter(Q(credential=cred) | Q(cloud_credential=cred)).all()
if jts is not None: if jts is not None:
if len(jts) == 1: if len(jts) == 1:
_handle_single_cred(jts[0].inventory.organization, cred) _update_credential_parents(jts[0].inventory.organization, cred)
else: else:
_handle_multi_cred(jts, cred, org_path='inventory.organization') _discover_credentials(jts, cred, org_path='inventory.organization')
continue continue
invs = InventorySource.objects.filter(credential=cred).all() invs = InventorySource.objects.filter(credential=cred).all()
if invs is not None: if invs is not None:
if len(invs) == 1: if len(invs) == 1:
_single_cred(invs[0].inventory.organization, cred) _update_credential_parents(invs[0].inventory.organization, cred)
else: else:
_multi_cred(invs, cred, org_path='inventory.organization') _discover_credentials(invs, cred, org_path='inventory.organization')
continue continue
projs = Project.objects.filter(credential=cred).all() projs = Project.objects.filter(credential=cred).all()
if projs is not None: if projs is not None:
if len(projs) == 1: if len(projs) == 1:
_single_cred(projs[0].organization, cred) _update_credential_parents(projs[0].organization, cred)
else: else:
_multi_cred(projs, cred, org_path='organization') _discover_credentials(projs, cred, org_path='organization')
continue continue
if cred.team is not None: if cred.team is not None: