mirror of
https://github.com/ansible/awx.git
synced 2026-01-19 13:41:28 -03:30
Removed resource_field ImplicitRoleField
We just now assume that this field is always named 'resource' Completes functionality of #926, documentation next
This commit is contained in:
Akita Noek
parent
c77620f1ae
commit
e2a428b9f5
@ -91,9 +91,8 @@ class ImplicitResourceField(models.ForeignKey):
|
||||
class ImplicitRoleDescriptor(ReverseSingleRelatedObjectDescriptor):
|
||||
"""Descriptor Implict Role Fields. Auto-creates the appropriate role entry on first access"""
|
||||
|
||||
def __init__(self, role_name, resource_field, permissions, parent_role, *args, **kwargs):
|
||||
def __init__(self, role_name, permissions, parent_role, *args, **kwargs):
|
||||
self.role_name = role_name
|
||||
self.resource_field = resource_field
|
||||
self.permissions = permissions
|
||||
self.parent_role = parent_role
|
||||
|
||||
@ -143,10 +142,10 @@ class ImplicitRoleDescriptor(ReverseSingleRelatedObjectDescriptor):
|
||||
setattr(instance, self.field.name, role)
|
||||
instance.save(update_fields=[self.field.name,])
|
||||
|
||||
if self.resource_field and self.permissions:
|
||||
if self.permissions is not None:
|
||||
permissions = RolePermission(
|
||||
role=role,
|
||||
resource=getattr(instance, self.resource_field)
|
||||
resource=instance.resource
|
||||
)
|
||||
|
||||
if 'all' in self.permissions and self.permissions['all']:
|
||||
@ -170,9 +169,8 @@ class ImplicitRoleDescriptor(ReverseSingleRelatedObjectDescriptor):
|
||||
class ImplicitRoleField(models.ForeignKey):
|
||||
"""Implicitly creates a role entry for a resource"""
|
||||
|
||||
def __init__(self, role_name=None, resource_field=None, permissions=None, parent_role=None, *args, **kwargs):
|
||||
def __init__(self, role_name=None, permissions=None, parent_role=None, *args, **kwargs):
|
||||
self.role_name = role_name
|
||||
self.resource_field = resource_field
|
||||
self.permissions = permissions
|
||||
self.parent_role = parent_role
|
||||
|
||||
@ -187,7 +185,6 @@ class ImplicitRoleField(models.ForeignKey):
|
||||
self.name,
|
||||
ImplicitRoleDescriptor(
|
||||
self.role_name,
|
||||
self.resource_field,
|
||||
self.permissions,
|
||||
self.parent_role,
|
||||
self
|
||||
|
||||
@ -158,12 +158,10 @@ class Credential(PasswordFieldsModel, CommonModelNameNotUnique, ResourceMixin):
|
||||
owner_role = ImplicitRoleField(
|
||||
role_name='Credential Owner',
|
||||
parent_role='team.admin_role',
|
||||
resource_field='resource',
|
||||
permissions = {'all': True}
|
||||
)
|
||||
usage_role = ImplicitRoleField(
|
||||
role_name='Credential User',
|
||||
resource_field='resource',
|
||||
parent_role= 'team.member_role',
|
||||
permissions = {'use': True}
|
||||
)
|
||||
|
||||
@ -96,13 +96,11 @@ class Inventory(CommonModel, ResourceMixin):
|
||||
admin_role = ImplicitRoleField(
|
||||
role_name='Inventory Administrator',
|
||||
parent_role='organization.admin_role',
|
||||
resource_field='resource',
|
||||
permissions = {'all': True}
|
||||
)
|
||||
auditor_role = ImplicitRoleField(
|
||||
role_name='Inventory Auditor',
|
||||
parent_role='organization.auditor_role',
|
||||
resource_field='resource',
|
||||
permissions = {'read': True}
|
||||
)
|
||||
updater_role = ImplicitRoleField(
|
||||
@ -545,25 +543,21 @@ class Group(CommonModelNameNotUnique, ResourceMixin):
|
||||
admin_role = ImplicitRoleField(
|
||||
role_name='Inventory Group Administrator',
|
||||
parent_role=['inventory.admin_role', 'parents.admin_role'],
|
||||
resource_field='resource',
|
||||
permissions = {'all': True}
|
||||
)
|
||||
auditor_role = ImplicitRoleField(
|
||||
role_name='Inventory Group Auditor',
|
||||
parent_role=['inventory.auditor_role', 'parents.auditor_role'],
|
||||
resource_field='resource',
|
||||
permissions = {'read': True}
|
||||
)
|
||||
updater_role = ImplicitRoleField(
|
||||
role_name='Inventory Group Updater',
|
||||
parent_role=['inventory.updater_role', 'parents.updater_role'],
|
||||
resource_field='resource',
|
||||
permissions = {'read': True, 'write': True, 'create': True, 'use': True},
|
||||
)
|
||||
executor_role = ImplicitRoleField(
|
||||
role_name='Inventory Group Executor',
|
||||
parent_role=['inventory.executor_role', 'parents.executor_role'],
|
||||
resource_field='resource',
|
||||
permissions = {'read':True, 'execute':True},
|
||||
)
|
||||
|
||||
|
||||
@ -184,18 +184,15 @@ class JobTemplate(UnifiedJobTemplate, JobOptions, ResourceMixin):
|
||||
admin_role = ImplicitRoleField(
|
||||
role_name='Job Template Administrator',
|
||||
parent_role='project.admin_role',
|
||||
resource_field='resource',
|
||||
permissions = {'all': True}
|
||||
)
|
||||
auditor_role = ImplicitRoleField(
|
||||
role_name='Job Template Auditor',
|
||||
parent_role='project.auditor_role',
|
||||
resource_field='resource',
|
||||
permissions = {'read': True}
|
||||
)
|
||||
executor_role = ImplicitRoleField(
|
||||
role_name='Job Template Executor',
|
||||
resource_field='resource',
|
||||
permissions = {'read': True, 'execute': True}
|
||||
)
|
||||
|
||||
|
||||
@ -51,18 +51,15 @@ class Organization(CommonModel, ResourceMixin):
|
||||
admin_role = ImplicitRoleField(
|
||||
role_name='Organization Administrator',
|
||||
parent_role='singleton:System Administrator',
|
||||
resource_field='resource',
|
||||
permissions = {'all': True}
|
||||
)
|
||||
auditor_role = ImplicitRoleField(
|
||||
role_name='Organization Auditor',
|
||||
parent_role='singleton:System Auditor',
|
||||
resource_field='resource',
|
||||
permissions = {'read': True}
|
||||
)
|
||||
member_role = ImplicitRoleField(
|
||||
role_name='Organization Member',
|
||||
resource_field='resource',
|
||||
permissions = {'read': True}
|
||||
)
|
||||
|
||||
@ -110,19 +107,16 @@ class Team(CommonModelNameNotUnique, ResourceMixin):
|
||||
admin_role = ImplicitRoleField(
|
||||
role_name='Team Administrator',
|
||||
parent_role='organization.admin_role',
|
||||
resource_field='resource',
|
||||
permissions = {'all': True}
|
||||
)
|
||||
auditor_role = ImplicitRoleField(
|
||||
role_name='Team Auditor',
|
||||
parent_role='organization.auditor_role',
|
||||
resource_field='resource',
|
||||
permissions = {'read': True}
|
||||
)
|
||||
member_role = ImplicitRoleField(
|
||||
role_name='Team Member',
|
||||
parent_role='admin_role',
|
||||
resource_field='resource',
|
||||
permissions = {'read':True},
|
||||
)
|
||||
|
||||
|
||||
@ -210,24 +210,20 @@ class Project(UnifiedJobTemplate, ProjectOptions, ResourceMixin):
|
||||
admin_role = ImplicitRoleField(
|
||||
role_name='Project Administrator',
|
||||
parent_role='organizations.admin_role',
|
||||
resource_field='resource',
|
||||
permissions = {'all': True}
|
||||
)
|
||||
auditor_role = ImplicitRoleField(
|
||||
role_name='Project Auditor',
|
||||
parent_role='organizations.auditor_role',
|
||||
resource_field='resource',
|
||||
permissions = {'read': True}
|
||||
)
|
||||
member_role = ImplicitRoleField(
|
||||
role_name='Project Member',
|
||||
resource_field='resource',
|
||||
permissions = {'read': True}
|
||||
)
|
||||
scm_update_role = ImplicitRoleField(
|
||||
role_name='Project Updater',
|
||||
parent_role='admin_role',
|
||||
resource_field='resource',
|
||||
permissions = {'scm_update': True}
|
||||
)
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user