Eliminate multiple-organization projects

Projects are duplicated with this migration to provide a nearly
equivalent functionality.

Satisifies #1164

awx/main/tests/functional/test_rbac_project.py

@@ -1,11 +1,96 @@
 import pytest
 
 from awx.main.migrations import _rbac as rbac
-from awx.main.models import Role
+from awx.main.models import Role, Permission, Project, Organization, Credential, JobTemplate, Inventory
 from django.apps import apps
 from awx.main.migrations import _old_access as old_access
 
 
+@pytest.mark.django_db
+def test_project_migration():
+    '''
+
+        o1  o2  o3       with   o1 -- i1    o2 -- i2
+         \  |  /
+          \ | /
+   c1 ----  p1
+           / | \
+          /  |  \
+        jt1 jt2 jt3
+         |   |   |
+        i1  i2  i1
+
+
+        goes to
+
+
+            o1
+            |
+            |
+   c1 ----  p1
+           / |
+          /  |
+        jt1 jt3
+         |   |
+        i1  i1
+
+
+            o2
+            |
+            |
+   c1 ----  p2
+            |
+            |
+           jt2
+            |
+           i2
+
+            o3
+            |
+            |
+   c1 ----  p3
+
+
+    '''
+
+
+    o1 = Organization.objects.create(name='o1')
+    o2 = Organization.objects.create(name='o2')
+    o3 = Organization.objects.create(name='o3')
+
+    c1 = Credential.objects.create(name='c1')
+
+    p1 = Project.objects.create(name='p1', credential=c1)
+    p1.deprecated_organizations.add(o1, o2, o3)
+
+    i1 = Inventory.objects.create(name='i1', organization=o1)
+    i2 = Inventory.objects.create(name='i2', organization=o2)
+
+    jt1 = JobTemplate.objects.create(name='jt1', project=p1, inventory=i1)
+    jt2 = JobTemplate.objects.create(name='jt2', project=p1, inventory=i2)
+    jt3 = JobTemplate.objects.create(name='jt3', project=p1, inventory=i1)
+
+    assert o1.projects.count() == 0
+    assert o2.projects.count() == 0
+    assert o3.projects.count() == 0
+
+    rbac.migrate_projects(apps, None)
+
+    jt1 = JobTemplate.objects.get(pk=jt1.pk)
+    jt2 = JobTemplate.objects.get(pk=jt2.pk)
+    jt3 = JobTemplate.objects.get(pk=jt3.pk)
+
+    assert jt1.project == jt3.project
+    assert jt1.project != jt2.project
+
+    assert o1.projects.count() == 1
+    assert o2.projects.count() == 1
+    assert o3.projects.count() == 1
+    assert o1.projects.all()[0].jobtemplates.count() == 2
+    assert o2.projects.all()[0].jobtemplates.count() == 1
+    assert o3.projects.all()[0].jobtemplates.count() == 0
+
+
 #@pytest.mark.django_db
 #def test_project_user_project(user_project, project, user):
 #    u = user('owner')
@@ -56,13 +141,14 @@ from awx.main.migrations import _old_access as old_access
 #    assert len(migrations[project.name]['teams']) == 0
 #    assert project.accessible_by(admin, {'read': True, 'write': True}) is True
 #    assert project.accessible_by(member, {'read': True}) is False
-
+#
 #@pytest.mark.django_db
 #def test_project_team(user, team, project):
 #    nonmember = user('nonmember')
 #    member = user('member')
 #
-#    team.users.add(member)
+#    #team.users.add(member)
+#    team.member_role.members.add(member)
 #    project.teams.add(team)
 #
 #    assert project.accessible_by(nonmember, {'read': True}) is False
@@ -76,14 +162,14 @@ from awx.main.migrations import _old_access as old_access
 #    assert len(migrations[project.name]['teams']) == 1
 #    assert project.accessible_by(member, {'read': True}) is True
 #    assert project.accessible_by(nonmember, {'read': True}) is False
-
+#
 #@pytest.mark.django_db
 #def test_project_explicit_permission(user, team, project, organization):
 #    u = user('prjuser')
 #
 #    assert old_access.check_user_access(u, project.__class__, 'read', project) is False
 #
-#    organization.users.add(u)
+#    organization.member_role.members.add(u)
 #    p = Permission(user=u, project=project, permission_type='create', name='Perm name')
 #    p.save()
 #