updater_role -> update_role

awx/api/views.py

@@ -1354,7 +1354,7 @@ class InventoryList(ListCreateAPIView):
 
     def get_queryset(self):
         qs = Inventory.accessible_objects(self.request.user, {'read': True})
-        qs = qs.select_related('admin_role', 'auditor_role', 'updater_role', 'execute_role')
+        qs = qs.select_related('admin_role', 'auditor_role', 'update_role', 'execute_role')
         return qs
 
 class InventoryDetail(RetrieveUpdateDestroyAPIView):

awx/main/migrations/0008_v300_rbac_changes.py

@@ -144,8 +144,8 @@ class Migration(migrations.Migration):
         ),
         migrations.AddField(
             model_name='group',
-            name='updater_role',
+            name='update_role',
-            field=awx.main.fields.ImplicitRoleField(related_name='+', role_description=b'', parent_role=[b'inventory.updater_role', b'parents.updater_role'], to='main.Role', role_name=b'Inventory Group Updater', null=b'True', permissions={b'read': True, b'write': True, b'create': True, b'use': True}),
+            field=awx.main.fields.ImplicitRoleField(related_name='+', role_description=b'', parent_role=[b'inventory.update_role', b'parents.updater_role'], to='main.Role', role_name=b'Inventory Group Updater', null=b'True', permissions={b'read': True, b'write': True, b'create': True, b'use': True}),
         ),
         migrations.AddField(
             model_name='inventory',
@@ -164,7 +164,7 @@ class Migration(migrations.Migration):
         ),
         migrations.AddField(
             model_name='inventory',
-            name='updater_role',
+            name='update_role',
             field=awx.main.fields.ImplicitRoleField(related_name='+', role_description=b'May update the inventory', parent_role=None, to='main.Role', role_name=b'Inventory Updater', null=b'True', permissions={b'read': True, b'update': True}),
         ),
         migrations.AddField(

awx/main/migrations/_rbac.py

@@ -214,7 +214,7 @@ def migrate_inventory(apps, schema_editor):
         elif perm.permission_type == 'read':
             return inventory.auditor_role
         elif perm.permission_type == 'write':
-            return inventory.updater_role
+            return inventory.update_role
         elif perm.permission_type == 'check' or perm.permission_type == 'run':
             # These permission types are handled differntly in RBAC now, nothing to migrate.
             return False

awx/main/models/inventory.py

@@ -106,7 +106,7 @@ class Inventory(CommonModel, ResourceMixin):
         role_description='May view but not modify this inventory',
         parent_role='organization.auditor_role',
     )
-    updater_role = ImplicitRoleField(
+    update_role = ImplicitRoleField(
         role_name='Inventory Updater',
         role_description='May update the inventory',
     )
@@ -525,9 +525,9 @@ class Group(CommonModelNameNotUnique, ResourceMixin):
         role_name='Inventory Group Auditor',
         parent_role=['inventory.auditor_role', 'parents.auditor_role'],
     )
-    updater_role = ImplicitRoleField(
+    update_role = ImplicitRoleField(
         role_name='Inventory Group Updater',
-        parent_role=['inventory.updater_role', 'parents.updater_role'],
+        parent_role=['inventory.update_role', 'parents.updater_role'],
     )
     execute_role = ImplicitRoleField(
         role_name='Inventory Group Executor',

awx/main/signals.py

@@ -176,7 +176,7 @@ def grant_host_access_to_group_roles(instance, action, model, reverse, pk_set, *
             )
             RolePermission.objects.create(
                 resource=host,
-                role=group.updater_role,
+                role=group.update_role,
                 auto_generated=True,
                 read=1,
                 write=1,
@@ -208,7 +208,7 @@ def grant_host_access_to_group_roles(instance, action, model, reverse, pk_set, *
                 content_type = host_content_type,
                 object_id = host.id,
                 auto_generated = True,
-                role__in = [group.admin_role, group.updater_role, group.auditor_role, group.execute_role]
+                role__in = [group.admin_role, group.update_role, group.auditor_role, group.execute_role]
             ).delete()
 
         if reverse:

awx/main/tests/functional/test_rbac_inventory.py

@@ -33,7 +33,7 @@ def test_inventory_admin_user(inventory, permissions, user):
 
     assert inventory.accessible_by(u, permissions['admin'])
     assert inventory.execute_role.members.filter(id=u.id).exists() is False
-    assert inventory.updater_role.members.filter(id=u.id).exists() is False
+    assert inventory.update_role.members.filter(id=u.id).exists() is False
 
 @pytest.mark.django_db
 def test_inventory_auditor_user(inventory, permissions, user):
@@ -49,7 +49,7 @@ def test_inventory_auditor_user(inventory, permissions, user):
     assert inventory.accessible_by(u, permissions['admin']) is False
     assert inventory.accessible_by(u, permissions['auditor']) is True
     assert inventory.execute_role.members.filter(id=u.id).exists() is False
-    assert inventory.updater_role.members.filter(id=u.id).exists() is False
+    assert inventory.update_role.members.filter(id=u.id).exists() is False
 
 @pytest.mark.django_db
 def test_inventory_updater_user(inventory, permissions, user):
@@ -64,7 +64,7 @@ def test_inventory_updater_user(inventory, permissions, user):
 
     assert inventory.accessible_by(u, permissions['admin']) is False
     assert inventory.execute_role.members.filter(id=u.id).exists() is False
-    assert inventory.updater_role.members.filter(id=u.id).exists()
+    assert inventory.update_role.members.filter(id=u.id).exists()
 
 @pytest.mark.django_db
 def test_inventory_executor_user(inventory, permissions, user):
@@ -80,7 +80,7 @@ def test_inventory_executor_user(inventory, permissions, user):
     assert inventory.accessible_by(u, permissions['admin']) is False
     assert inventory.accessible_by(u, permissions['auditor']) is True
     assert inventory.execute_role.members.filter(id=u.id).exists()
-    assert inventory.updater_role.members.filter(id=u.id).exists() is False
+    assert inventory.update_role.members.filter(id=u.id).exists() is False
 
 
 
@@ -100,7 +100,7 @@ def test_inventory_admin_team(inventory, permissions, user, team):
     assert inventory.admin_role.members.filter(id=u.id).exists() is False
     assert inventory.auditor_role.members.filter(id=u.id).exists() is False
     assert inventory.execute_role.members.filter(id=u.id).exists() is False
-    assert inventory.updater_role.members.filter(id=u.id).exists() is False
+    assert inventory.update_role.members.filter(id=u.id).exists() is False
     assert inventory.accessible_by(u, permissions['auditor'])
     assert inventory.accessible_by(u, permissions['admin'])
 
@@ -122,7 +122,7 @@ def test_inventory_auditor(inventory, permissions, user, team):
     assert inventory.admin_role.members.filter(id=u.id).exists() is False
     assert inventory.auditor_role.members.filter(id=u.id).exists() is False
     assert inventory.execute_role.members.filter(id=u.id).exists() is False
-    assert inventory.updater_role.members.filter(id=u.id).exists() is False
+    assert inventory.update_role.members.filter(id=u.id).exists() is False
     assert inventory.accessible_by(u, permissions['auditor'])
     assert inventory.accessible_by(u, permissions['admin']) is False
 
@@ -143,8 +143,8 @@ def test_inventory_updater(inventory, permissions, user, team):
     assert inventory.admin_role.members.filter(id=u.id).exists() is False
     assert inventory.auditor_role.members.filter(id=u.id).exists() is False
     assert inventory.execute_role.members.filter(id=u.id).exists() is False
-    assert inventory.updater_role.members.filter(id=u.id).exists() is False
+    assert inventory.update_role.members.filter(id=u.id).exists() is False
-    assert team.member_role.is_ancestor_of(inventory.updater_role)
+    assert team.member_role.is_ancestor_of(inventory.update_role)
     assert team.member_role.is_ancestor_of(inventory.execute_role) is False
 
 
@@ -165,8 +165,8 @@ def test_inventory_executor(inventory, permissions, user, team):
     assert inventory.admin_role.members.filter(id=u.id).exists() is False
     assert inventory.auditor_role.members.filter(id=u.id).exists() is False
     assert inventory.execute_role.members.filter(id=u.id).exists() is False
-    assert inventory.updater_role.members.filter(id=u.id).exists() is False
+    assert inventory.update_role.members.filter(id=u.id).exists() is False
-    assert team.member_role.is_ancestor_of(inventory.updater_role) is False
+    assert team.member_role.is_ancestor_of(inventory.update_role) is False
     assert team.member_role.is_ancestor_of(inventory.execute_role)
 
 @pytest.mark.django_db

awx/main/tests/old/ad_hoc.py

@@ -463,7 +463,7 @@ class AdHocCommandApiTest(BaseAdHocCommandTest):
         # not allowed to run ad hoc commands).
         user_roles_list_url = reverse('api:user_roles_list', args=(self.other_django_user.pk,))
         with self.current_user('admin'):
-            response = self.post(user_roles_list_url, {"id": self.inventory.updater_role.id}, expect=204)
+            response = self.post(user_roles_list_url, {"id": self.inventory.update_role.id}, expect=204)
         with self.current_user('other'):
             self.run_test_ad_hoc_command(expect=403)
         self.check_get_list(url, 'other', qs)
@@ -1014,7 +1014,7 @@ class AdHocCommandApiTest(BaseAdHocCommandTest):
         other_cred = self.create_test_credential(user=self.other_django_user)
         user_roles_list_url = reverse('api:user_roles_list', args=(self.other_django_user.pk,))
         with self.current_user('admin'):
-            response = self.post(user_roles_list_url, {"id": self.inventory.updater_role.id}, expect=204)
+            response = self.post(user_roles_list_url, {"id": self.inventory.update_role.id}, expect=204)
         with self.current_user('other'):
             response = self.get(url, expect=200)
             self.assertEqual(response['count'], 0)