From e2a428b9f5f0ecf99c6b8611616a8ee2b7d6b1d0 Mon Sep 17 00:00:00 2001 From: Akita Noek Date: Mon, 15 Feb 2016 12:35:04 -0500 Subject: [PATCH] Removed resource_field ImplicitRoleField We just now assume that this field is always named 'resource' Completes functionality of #926, documentation next --- awx/main/fields.py | 11 ++++------- awx/main/models/credential.py | 2 -- awx/main/models/inventory.py | 6 ------ awx/main/models/jobs.py | 3 --- awx/main/models/organization.py | 6 ------ awx/main/models/projects.py | 4 ---- 6 files changed, 4 insertions(+), 28 deletions(-) diff --git a/awx/main/fields.py b/awx/main/fields.py index 54efd655fc..df0da42538 100644 --- a/awx/main/fields.py +++ b/awx/main/fields.py @@ -91,9 +91,8 @@ class ImplicitResourceField(models.ForeignKey): class ImplicitRoleDescriptor(ReverseSingleRelatedObjectDescriptor): """Descriptor Implict Role Fields. Auto-creates the appropriate role entry on first access""" - def __init__(self, role_name, resource_field, permissions, parent_role, *args, **kwargs): + def __init__(self, role_name, permissions, parent_role, *args, **kwargs): self.role_name = role_name - self.resource_field = resource_field self.permissions = permissions self.parent_role = parent_role @@ -143,10 +142,10 @@ class ImplicitRoleDescriptor(ReverseSingleRelatedObjectDescriptor): setattr(instance, self.field.name, role) instance.save(update_fields=[self.field.name,]) - if self.resource_field and self.permissions: + if self.permissions is not None: permissions = RolePermission( role=role, - resource=getattr(instance, self.resource_field) + resource=instance.resource ) if 'all' in self.permissions and self.permissions['all']: @@ -170,9 +169,8 @@ class ImplicitRoleDescriptor(ReverseSingleRelatedObjectDescriptor): class ImplicitRoleField(models.ForeignKey): """Implicitly creates a role entry for a resource""" - def __init__(self, role_name=None, resource_field=None, permissions=None, parent_role=None, *args, **kwargs): + def __init__(self, role_name=None, permissions=None, parent_role=None, *args, **kwargs): self.role_name = role_name - self.resource_field = resource_field self.permissions = permissions self.parent_role = parent_role @@ -187,7 +185,6 @@ class ImplicitRoleField(models.ForeignKey): self.name, ImplicitRoleDescriptor( self.role_name, - self.resource_field, self.permissions, self.parent_role, self diff --git a/awx/main/models/credential.py b/awx/main/models/credential.py index 5d1c0cab96..cf2dd262ed 100644 --- a/awx/main/models/credential.py +++ b/awx/main/models/credential.py @@ -158,12 +158,10 @@ class Credential(PasswordFieldsModel, CommonModelNameNotUnique, ResourceMixin): owner_role = ImplicitRoleField( role_name='Credential Owner', parent_role='team.admin_role', - resource_field='resource', permissions = {'all': True} ) usage_role = ImplicitRoleField( role_name='Credential User', - resource_field='resource', parent_role= 'team.member_role', permissions = {'use': True} ) diff --git a/awx/main/models/inventory.py b/awx/main/models/inventory.py index adaca41184..17b51ca923 100644 --- a/awx/main/models/inventory.py +++ b/awx/main/models/inventory.py @@ -96,13 +96,11 @@ class Inventory(CommonModel, ResourceMixin): admin_role = ImplicitRoleField( role_name='Inventory Administrator', parent_role='organization.admin_role', - resource_field='resource', permissions = {'all': True} ) auditor_role = ImplicitRoleField( role_name='Inventory Auditor', parent_role='organization.auditor_role', - resource_field='resource', permissions = {'read': True} ) updater_role = ImplicitRoleField( @@ -545,25 +543,21 @@ class Group(CommonModelNameNotUnique, ResourceMixin): admin_role = ImplicitRoleField( role_name='Inventory Group Administrator', parent_role=['inventory.admin_role', 'parents.admin_role'], - resource_field='resource', permissions = {'all': True} ) auditor_role = ImplicitRoleField( role_name='Inventory Group Auditor', parent_role=['inventory.auditor_role', 'parents.auditor_role'], - resource_field='resource', permissions = {'read': True} ) updater_role = ImplicitRoleField( role_name='Inventory Group Updater', parent_role=['inventory.updater_role', 'parents.updater_role'], - resource_field='resource', permissions = {'read': True, 'write': True, 'create': True, 'use': True}, ) executor_role = ImplicitRoleField( role_name='Inventory Group Executor', parent_role=['inventory.executor_role', 'parents.executor_role'], - resource_field='resource', permissions = {'read':True, 'execute':True}, ) diff --git a/awx/main/models/jobs.py b/awx/main/models/jobs.py index 3e0792dd65..c055ec6ed4 100644 --- a/awx/main/models/jobs.py +++ b/awx/main/models/jobs.py @@ -184,18 +184,15 @@ class JobTemplate(UnifiedJobTemplate, JobOptions, ResourceMixin): admin_role = ImplicitRoleField( role_name='Job Template Administrator', parent_role='project.admin_role', - resource_field='resource', permissions = {'all': True} ) auditor_role = ImplicitRoleField( role_name='Job Template Auditor', parent_role='project.auditor_role', - resource_field='resource', permissions = {'read': True} ) executor_role = ImplicitRoleField( role_name='Job Template Executor', - resource_field='resource', permissions = {'read': True, 'execute': True} ) diff --git a/awx/main/models/organization.py b/awx/main/models/organization.py index 2b974a6317..b08f068060 100644 --- a/awx/main/models/organization.py +++ b/awx/main/models/organization.py @@ -51,18 +51,15 @@ class Organization(CommonModel, ResourceMixin): admin_role = ImplicitRoleField( role_name='Organization Administrator', parent_role='singleton:System Administrator', - resource_field='resource', permissions = {'all': True} ) auditor_role = ImplicitRoleField( role_name='Organization Auditor', parent_role='singleton:System Auditor', - resource_field='resource', permissions = {'read': True} ) member_role = ImplicitRoleField( role_name='Organization Member', - resource_field='resource', permissions = {'read': True} ) @@ -110,19 +107,16 @@ class Team(CommonModelNameNotUnique, ResourceMixin): admin_role = ImplicitRoleField( role_name='Team Administrator', parent_role='organization.admin_role', - resource_field='resource', permissions = {'all': True} ) auditor_role = ImplicitRoleField( role_name='Team Auditor', parent_role='organization.auditor_role', - resource_field='resource', permissions = {'read': True} ) member_role = ImplicitRoleField( role_name='Team Member', parent_role='admin_role', - resource_field='resource', permissions = {'read':True}, ) diff --git a/awx/main/models/projects.py b/awx/main/models/projects.py index 0d3f628575..d0fd122584 100644 --- a/awx/main/models/projects.py +++ b/awx/main/models/projects.py @@ -210,24 +210,20 @@ class Project(UnifiedJobTemplate, ProjectOptions, ResourceMixin): admin_role = ImplicitRoleField( role_name='Project Administrator', parent_role='organizations.admin_role', - resource_field='resource', permissions = {'all': True} ) auditor_role = ImplicitRoleField( role_name='Project Auditor', parent_role='organizations.auditor_role', - resource_field='resource', permissions = {'read': True} ) member_role = ImplicitRoleField( role_name='Project Member', - resource_field='resource', permissions = {'read': True} ) scm_update_role = ImplicitRoleField( role_name='Project Updater', parent_role='admin_role', - resource_field='resource', permissions = {'scm_update': True} )