remove usage of import * and enforce F405 in our linter

import * is a scourge upon the earth

awx/main/access.py

@@ -28,7 +28,17 @@ from awx.main.utils import (
     to_python_boolean,
     get_licenser,
 )
-from awx.main.models import * # noqa
+from awx.main.models import (
+    ActivityStream, AdHocCommand, AdHocCommandEvent, Credential, CredentialType,
+    CustomInventoryScript, Group, Host, Instance, InstanceGroup, Inventory,
+    InventorySource, InventoryUpdate, InventoryUpdateEvent, Job, JobEvent,
+    JobHostSummary, JobLaunchConfig, JobTemplate, Label, Notification,
+    NotificationTemplate, Organization, Project, ProjectUpdate,
+    ProjectUpdateEvent, Role, Schedule, SystemJob, SystemJobEvent,
+    SystemJobTemplate, Team, UnifiedJob, UnifiedJobTemplate, WorkflowJob,
+    WorkflowJobNode, WorkflowJobTemplate, WorkflowJobTemplateNode,
+    ROLE_SINGLETON_SYSTEM_ADMINISTRATOR, ROLE_SINGLETON_SYSTEM_AUDITOR
+)
 from awx.main.models.mixins import ResourceMixin
 
 from awx.conf.license import LicenseForbids, feature_enabled
@@ -434,12 +444,16 @@ class InstanceAccess(BaseAccess):
                    skip_sub_obj_read_check=False):
         if relationship == 'rampart_groups' and isinstance(sub_obj, InstanceGroup):
             return self.user.is_superuser
-        return super(InstanceAccess, self).can_attach(obj, sub_obj, relationship, *args, **kwargs)
+        return super(InstanceAccess, self).can_attach(
+            obj, sub_obj, relationship, data, skip_sub_obj_read_check=skip_sub_obj_read_check
+        )
 
     def can_unattach(self, obj, sub_obj, relationship, data=None):
         if relationship == 'rampart_groups' and isinstance(sub_obj, InstanceGroup):
             return self.user.is_superuser
-        return super(InstanceAccess, self).can_unattach(obj, sub_obj, relationship, *args, **kwargs)
+        return super(InstanceAccess, self).can_unattach(
+            obj, sub_obj, relationship, relationship, data=data
+        )
 
     def can_add(self, data):
         return False
@@ -1341,7 +1355,7 @@ class JobTemplateAccess(BaseAccess):
         '''
 
         # obj.credentials.all() is accessible ONLY when object is saved (has valid id)
-        credential_manager = getattr(obj, 'credentials', None) if getattr(obj, 'id', False) else Credentials.objects.none()
+        credential_manager = getattr(obj, 'credentials', None) if getattr(obj, 'id', False) else Credential.objects.none()
         return reduce(lambda prev, cred: prev and self.user in cred.use_role, credential_manager.all(), True)
 
     def can_start(self, obj, validate_license=True):
@@ -1850,7 +1864,6 @@ class WorkflowJobTemplateAccess(BaseAccess):
             qs = obj.workflow_job_template_nodes
             qs = qs.prefetch_related('unified_job_template', 'inventory__use_role', 'credentials__use_role')
             for node in qs.all():
-                node_errors = {}
                 if node.inventory and self.user not in node.inventory.use_role:
                     missing_inventories.append(node.inventory.name)
                 for cred in node.credentials.all():
@@ -1859,8 +1872,6 @@ class WorkflowJobTemplateAccess(BaseAccess):
                 ujt = node.unified_job_template
                 if ujt and not self.user.can_access(UnifiedJobTemplate, 'start', ujt, validate_license=False):
                     missing_ujt.append(ujt.name)
-                if node_errors:
-                    wfjt_errors[node.id] = node_errors
             if missing_ujt:
                 self.messages['templates_unable_to_copy'] = missing_ujt
             if missing_credentials:

awx/main/models/__init__.py

@@ -6,27 +6,60 @@ from django.conf import settings # noqa
 from django.db.models.signals import pre_delete  # noqa
 
 # AWX
-from awx.main.models.base import * # noqa
-from awx.main.models.unified_jobs import * # noqa
-from awx.main.models.organization import * # noqa
-from awx.main.models.credential import * # noqa
-from awx.main.models.projects import * # noqa
-from awx.main.models.inventory import * # noqa
-from awx.main.models.jobs import * # noqa
-from awx.main.models.events import * # noqa
-from awx.main.models.ad_hoc_commands import * # noqa
-from awx.main.models.schedules import * # noqa
-from awx.main.models.activity_stream import * # noqa
-from awx.main.models.ha import * # noqa
-from awx.main.models.rbac import * # noqa
-from awx.main.models.mixins import * # noqa
-from awx.main.models.notifications import * # noqa
-from awx.main.models.fact import * # noqa
-from awx.main.models.label import * # noqa
-from awx.main.models.workflow import * # noqa
-from awx.main.models.channels import * # noqa
+from awx.main.models.base import (  # noqa
+    BaseModel, prevent_search, CLOUD_INVENTORY_SOURCES, VERBOSITY_CHOICES
+)
+from awx.main.models.unified_jobs import (  # noqa
+    UnifiedJob, UnifiedJobTemplate, StdoutMaxBytesExceeded
+)
+from awx.main.models.organization import (  # noqa
+    Organization, Profile, Team, UserSessionMembership
+)
+from awx.main.models.credential import (  # noqa
+    Credential, CredentialType, V1Credential, build_safe_env
+)
+from awx.main.models.projects import Project, ProjectUpdate  # noqa
+from awx.main.models.inventory import (  # noqa
+    CustomInventoryScript, Group, Host, Inventory, InventorySource,
+    InventoryUpdate, SmartInventoryMembership
+)
+from awx.main.models.jobs import (  # noqa
+    Job, JobHostSummary, JobLaunchConfig, JobTemplate, SystemJob,
+    SystemJobTemplate,
+)
+from awx.main.models.events import (  # noqa
+    AdHocCommandEvent, InventoryUpdateEvent, JobEvent, ProjectUpdateEvent,
+    SystemJobEvent,
+)
+from awx.main.models.ad_hoc_commands import AdHocCommand # noqa
+from awx.main.models.schedules import Schedule # noqa
+from awx.main.models.activity_stream import ActivityStream # noqa
+from awx.main.models.ha import (  # noqa
+    Instance, InstanceGroup, JobOrigin, TowerScheduleState,
+)
+from awx.main.models.rbac import (  # noqa
+    Role, batch_role_ancestor_rebuilding, get_roles_on_resource,
+    role_summary_fields_generator, ROLE_SINGLETON_SYSTEM_ADMINISTRATOR,
+    ROLE_SINGLETON_SYSTEM_AUDITOR,
+)
+from awx.main.models.mixins import (  # noqa
+    CustomVirtualEnvMixin, ResourceMixin, SurveyJobMixin,
+    SurveyJobTemplateMixin, TaskManagerInventoryUpdateMixin,
+    TaskManagerJobMixin, TaskManagerProjectUpdateMixin,
+    TaskManagerUnifiedJobMixin,
+)
+from awx.main.models.notifications import Notification, NotificationTemplate # noqa
+from awx.main.models.fact import Fact # noqa
+from awx.main.models.label import Label # noqa
+from awx.main.models.workflow import (  # noqa
+    WorkflowJob, WorkflowJobNode, WorkflowJobOptions, WorkflowJobTemplate,
+    WorkflowJobTemplateNode,
+)
+from awx.main.models.channels import ChannelGroup # noqa
 from awx.api.versioning import reverse
-from awx.main.models.oauth import * # noqa
+from awx.main.models.oauth import ( # noqa
+    OAuth2AccessToken, OAuth2Application
+)
 from oauth2_provider.models import Grant, RefreshToken # noqa -- needed django-oauth-toolkit model migrations
 
 
@@ -50,7 +83,10 @@ _PythonSerializer.handle_m2m_field = _new_handle_m2m_field
 
 # Add custom methods to User model for permissions checks.
 from django.contrib.auth.models import User  # noqa
-from awx.main.access import * # noqa
+from awx.main.access import (  # noqa
+    get_user_queryset, check_user_access, check_user_access_with_errors,
+    user_accessible_objects
+)
 
 
 User.add_to_class('get_queryset', get_user_queryset)

awx/main/signals.py

@@ -30,7 +30,14 @@ from crum.signals import current_user_getter
 
 
 # AWX
-from awx.main.models import * # noqa
+from awx.main.models import (
+    ActivityStream, AdHocCommandEvent, Group, Host, InstanceGroup, Inventory,
+    InventorySource, InventoryUpdateEvent, Job, JobEvent, JobHostSummary,
+    JobTemplate, OAuth2AccessToken, Organization, Project, ProjectUpdateEvent,
+    Role, SystemJob, SystemJobEvent, SystemJobTemplate, UnifiedJob,
+    UnifiedJobTemplate, User, UserSessionMembership,
+    ROLE_SINGLETON_SYSTEM_ADMINISTRATOR
+)
 from awx.main.constants import CENSOR_VALUE
 from awx.main.utils import model_instance_diff, model_to_dict, camelcase_to_underscore, get_current_apps
 from awx.main.utils import ignore_inventory_computed_fields, ignore_inventory_group_removal, _inventory_updates

awx/main/tests/functional/api/test_organizations.py

@@ -10,7 +10,7 @@ import pytest
 from unittest import mock
 
 # AWX
-from awx.main.models import * # noqa
+from awx.main.models import ProjectUpdate
 from awx.api.versioning import reverse
 
 

awx/main/tests/functional/test_named_url.py

@@ -1,10 +1,15 @@
 import pytest
 
 from django.core.exceptions import ImproperlyConfigured
+from django.conf import settings
 
 from awx.api.versioning import reverse
 from awx.main.middleware import URLModificationMiddleware
-from awx.main.models import * # noqa
+from awx.main.models import (  # noqa
+    Credential, CustomInventoryScript, Group, Host, Instance, InstanceGroup,
+    Inventory, InventorySource, JobTemplate, NotificationTemplate,
+    Organization, Project, User, WorkflowJobTemplate,
+)
 from awx.conf import settings_registry
 
 

awx/main/tests/unit/api/test_views.py

@@ -113,7 +113,7 @@ class TestInventoryInventorySourcesUpdate:
 
         with mocker.patch.object(InventoryInventorySourcesUpdate, 'get_object', return_value=obj):
             with mocker.patch.object(InventoryInventorySourcesUpdate, 'get_serializer_context', return_value=None):
-                with mocker.patch('awx.api.views.InventoryUpdateDetailSerializer') as serializer_class:
+                with mocker.patch('awx.api.serializers.InventoryUpdateDetailSerializer') as serializer_class:
                     serializer = serializer_class.return_value
                     serializer.to_representation.return_value = {}
 

awx/main/utils/__init__.py

@@ -2,5 +2,8 @@
 # All Rights Reserved.
 
 # AWX
-from awx.main.utils.common import * # noqa
-from awx.main.utils.encryption import * # noqa
+from awx.main.utils.common import *  # noqa
+from awx.main.utils.encryption import (  # noqa
+    get_encryption_key, encrypt_field, decrypt_field, encrypt_value,
+    decrypt_value, encrypt_dict,
+)