diff --git a/awx/main/fields.py b/awx/main/fields.py index e5210b423b..cb19a4c2c6 100644 --- a/awx/main/fields.py +++ b/awx/main/fields.py @@ -2,7 +2,7 @@ # All Rights Reserved. # Django -from django.db.models.signals import post_save, post_init +from django.db.models.signals import post_save from django.db import models from django.db.models.fields.related import SingleRelatedObjectDescriptor from django.db.models.fields.related import ReverseSingleRelatedObjectDescriptor @@ -66,7 +66,7 @@ class ResourceFieldDescriptor(ReverseSingleRelatedObjectDescriptor): # Take first non null parent resource parent = None if type(self.parent_resource) is list: - for path in self.parent_resource: + for path in self.parent_resource: parent = resolve_field(instance, path) if parent: break @@ -123,7 +123,7 @@ class ImplicitRoleDescriptor(ReverseSingleRelatedObjectDescriptor): if self.parent_role: # Add all non-null parent roles as parents if type(self.parent_role) is list: - for path in self.parent_role: + for path in self.parent_role: if path.startswith("singleton:"): parent = Role.singleton(path[10:]) else: @@ -142,7 +142,7 @@ class ImplicitRoleDescriptor(ReverseSingleRelatedObjectDescriptor): if self.resource_field and self.permissions: permissions = RolePermission( - role=role, + role=role, resource=getattr(instance, self.resource_field) ) @@ -180,13 +180,13 @@ class ImplicitRoleField(models.ForeignKey): def contribute_to_class(self, cls, name): super(ImplicitRoleField, self).contribute_to_class(cls, name) - setattr(cls, - self.name, + setattr(cls, + self.name, ImplicitRoleDescriptor( - self.role_name, - self.resource_field, - self.permissions, - self.parent_role, + self.role_name, + self.resource_field, + self.permissions, + self.parent_role, self ) ) diff --git a/awx/main/models/credential.py b/awx/main/models/credential.py index a7645fdfe8..462cf35249 100644 --- a/awx/main/models/credential.py +++ b/awx/main/models/credential.py @@ -159,13 +159,13 @@ class Credential(PasswordFieldsModel, CommonModelNameNotUnique, ResourceMixin): role_name='Credential Owner', parent_role='team.admin_role', resource_field='resource', - permissions = { 'all': True } + permissions = {'all': True} ) usage_role = ImplicitRoleField( role_name='Credential User', resource_field='resource', parent_role= 'team.member_role', - permissions = { 'use': True } + permissions = {'use': True} ) @property diff --git a/awx/main/models/inventory.py b/awx/main/models/inventory.py index 313204454a..e33cec1a23 100644 --- a/awx/main/models/inventory.py +++ b/awx/main/models/inventory.py @@ -94,22 +94,22 @@ class Inventory(CommonModel, ResourceMixin): help_text=_('Number of external inventory sources in this inventory with failures.'), ) admin_role = ImplicitRoleField( - role_name='Inventory Administrator', + role_name='Inventory Administrator', parent_role='organization.admin_role', resource_field='resource', - permissions = { 'all': True } + permissions = {'all': True} ) auditor_role = ImplicitRoleField( - role_name='Inventory Auditor', + role_name='Inventory Auditor', parent_role='organization.auditor_role', resource_field='resource', - permissions = { 'read': True } + permissions = {'read': True} ) updater_role = ImplicitRoleField( - role_name='Inventory Updater', + role_name='Inventory Updater', ) executor_role = ImplicitRoleField( - role_name='Inventory Executor', + role_name='Inventory Executor', ) def get_absolute_url(self): @@ -543,23 +543,23 @@ class Group(CommonModelNameNotUnique, ResourceMixin): help_text=_('Inventory source(s) that created or modified this group.'), ) admin_role = ImplicitRoleField( - role_name='Inventory Group Administrator', + role_name='Inventory Group Administrator', parent_role='inventory.admin_role', resource_field='resource', - permissions = { 'all': True } + permissions = {'all': True} ) auditor_role = ImplicitRoleField( - role_name='Inventory Group Auditor', + role_name='Inventory Group Auditor', parent_role='inventory.auditor_role', resource_field='resource', - permissions = { 'read': True } + permissions = {'read': True} ) updater_role = ImplicitRoleField( - role_name='Inventory Group Updater', + role_name='Inventory Group Updater', parent_role='inventory.updater_role' ) executor_role = ImplicitRoleField( - role_name='Inventory Group Executor', + role_name='Inventory Group Executor', parent_role='inventory.executor_role' ) @@ -1186,7 +1186,7 @@ class InventorySource(UnifiedJobTemplate, InventorySourceOptions, ResourceMixin) return 'never updated' # inherit the child job status else: - return self.last_job.status + return self.last_job.status else: return 'none' diff --git a/awx/main/models/jobs.py b/awx/main/models/jobs.py index 9c3866b593..d8f114bc40 100644 --- a/awx/main/models/jobs.py +++ b/awx/main/models/jobs.py @@ -182,22 +182,22 @@ class JobTemplate(UnifiedJobTemplate, JobOptions, ResourceMixin): default={}, ) admin_role = ImplicitRoleField( - role_name='Job Template Administrator', + role_name='Job Template Administrator', parent_role='project.admin_role', resource_field='resource', - permissions = { 'all': True } + permissions = {'all': True} ) auditor_role = ImplicitRoleField( - role_name='Job Template Auditor', + role_name='Job Template Auditor', parent_role='project.auditor_role', resource_field='resource', - permissions = { 'read': True } + permissions = {'read': True} ) executor_role = ImplicitRoleField( - role_name='Job Template Executor', + role_name='Job Template Executor', parent_role='project.auditor_role', resource_field='resource', - permissions = { 'execute': True } + permissions = {'execute': True} ) @classmethod diff --git a/awx/main/models/organization.py b/awx/main/models/organization.py index 37cd56543d..ffb8d40e24 100644 --- a/awx/main/models/organization.py +++ b/awx/main/models/organization.py @@ -55,12 +55,12 @@ class Organization(CommonModel, ResourceMixin): admin_role = ImplicitRoleField( role_name='Organization Administrator', resource_field='resource', - permissions = { 'all': True } + permissions = {'all': True} ) auditor_role = ImplicitRoleField( role_name='Organization Auditor', resource_field='resource', - permissions = { 'read': True } + permissions = {'read': True} ) @@ -118,13 +118,13 @@ class Team(CommonModelNameNotUnique, ResourceMixin): role_name='Team Administrator', parent_role='organization.admin_role', resource_field='resource', - permissions = { 'all': True } + permissions = {'all': True} ) auditor_role = ImplicitRoleField( role_name='Team Auditor', parent_role='organization.auditor_role', resource_field='resource', - permissions = { 'read': True } + permissions = {'read': True} ) member_role = ImplicitRoleField( role_name='Team Member', diff --git a/awx/main/models/projects.py b/awx/main/models/projects.py index cb3f143dbd..1da3d51961 100644 --- a/awx/main/models/projects.py +++ b/awx/main/models/projects.py @@ -216,28 +216,28 @@ class Project(UnifiedJobTemplate, ProjectOptions, ResourceMixin): blank=True, ) admin_role = ImplicitRoleField( - role_name='Project Administrator', + role_name='Project Administrator', parent_role='organization.admin_role', resource_field='resource', - permissions = { 'all': True } + permissions = {'all': True} ) auditor_role = ImplicitRoleField( - role_name='Project Auditor', + role_name='Project Auditor', parent_role='organization.auditor_role', resource_field='resource', - permissions = { 'read': True } + permissions = {'read': True} ) member_role = ImplicitRoleField( - role_name='Project Member', + role_name='Project Member', parent_role='admin', resource_field='resource', - permissions = { 'usage': True } + permissions = {'usage': True} ) scm_update_role = ImplicitRoleField( - role_name='Project Updater', + role_name='Project Updater', parent_role='admin', resource_field='resource', - permissions = { 'scm_update': True } + permissions = {'scm_update': True} ) @classmethod @@ -333,7 +333,7 @@ class Project(UnifiedJobTemplate, ProjectOptions, ResourceMixin): if (self.last_job_run + datetime.timedelta(seconds=self.scm_update_cache_timeout)) > now(): return True return False - + @property def needs_update_on_launch(self): if self.active and self.scm_type and self.scm_update_on_launch: diff --git a/awx/main/models/rbac.py b/awx/main/models/rbac.py index 37948fe14e..d8cdaecfe2 100644 --- a/awx/main/models/rbac.py +++ b/awx/main/models/rbac.py @@ -18,7 +18,7 @@ logger = logging.getLogger('awx.main.models.rbac') class Role(CommonModelNameNotUnique): ''' - Role model + Role model ''' class Meta: @@ -82,7 +82,7 @@ class Role(CommonModelNameNotUnique): except Role.DoesNotExist: ret = Role(singleton_name=name) ret.save() - return ret; + return ret @@ -102,7 +102,7 @@ class RoleHierarchy(CreatedModifiedModel): class Resource(CommonModelNameNotUnique): ''' - Role model + Role model ''' class Meta: diff --git a/awx/main/tests/functional/conftest.py b/awx/main/tests/functional/conftest.py index d3454a8a4e..c565cebac5 100644 --- a/awx/main/tests/functional/conftest.py +++ b/awx/main/tests/functional/conftest.py @@ -40,6 +40,6 @@ def permissions(): 'update':False, 'delete':False, 'scm_update':False, 'execute':False, 'use':False,}, 'usage':{'read':False, 'create':False, 'write':False, - 'update':False, 'delete':False, 'scm_update':False, 'execute':False, 'use':True,}, + 'update':False, 'delete':False, 'scm_update':False, 'execute':False, 'use':True,}, } diff --git a/awx/main/tests/functional/test_rbac_credential.py b/awx/main/tests/functional/test_rbac_credential.py index 8868501e6a..173467f258 100644 --- a/awx/main/tests/functional/test_rbac_credential.py +++ b/awx/main/tests/functional/test_rbac_credential.py @@ -21,7 +21,7 @@ def test_credential_migration_team_member(credential, team, user, permissions): credential.team = team # No permissions pre-migration - assert credential.accessible_by(u, permissions['admin']) == False + assert not credential.accessible_by(u, permissions['admin']) migrated = credential.migrate_to_rbac() # Admin permissions post migration @@ -35,7 +35,7 @@ def test_credential_migration_team_admin(credential, team, user, permissions): credential.team = team # No permissions pre-migration - assert credential.accessible_by(u, permissions['usage']) == False + assert not credential.accessible_by(u, permissions['usage']) # Usage permissions post migration migrated = credential.migrate_to_rbac() diff --git a/awx/main/tests/functional/test_rbac_organization.py b/awx/main/tests/functional/test_rbac_organization.py index baefd56acb..1eadd5a866 100644 --- a/awx/main/tests/functional/test_rbac_organization.py +++ b/awx/main/tests/functional/test_rbac_organization.py @@ -7,7 +7,7 @@ def test_organization_migration_admin(organization, permissions, user): u = user('admin', True) organization.admins.add(u) - assert organization.accessible_by(u, permissions['admin']) == False + assert not organization.accessible_by(u, permissions['admin']) migrated_users = organization.migrate_to_rbac() assert len(migrated_users) == 1 @@ -18,7 +18,7 @@ def test_organization_migration_user(organization, permissions, user): u = user('user', False) organization.users.add(u) - assert organization.accessible_by(u, permissions['auditor']) == False + assert not organization.accessible_by(u, permissions['auditor']) migrated_users = organization.migrate_to_rbac() assert len(migrated_users) == 1 @@ -27,7 +27,7 @@ def test_organization_migration_user(organization, permissions, user): @pytest.mark.django_db def test_organization_access_superuser(organization, user): access = OrganizationAccess(user('admin', True)) - assert access.can_change(organization, None) == True + assert access.can_change(organization, None) @pytest.mark.django_db def test_organization_access_admin(organization, user): @@ -35,9 +35,9 @@ def test_organization_access_admin(organization, user): organization.admins.add(u) access = OrganizationAccess(u) - assert access.can_change(organization, None) == True + assert access.can_change(organization, None) @pytest.mark.django_db def test_organization_access_user(organization, user): access = OrganizationAccess(user('user', False)) - assert access.can_change(organization, None) == False + assert not access.can_change(organization, None)