This avoids re-loading objects from the database in our
chain of permission checking, wherever possible.
access.py is equiped to handle object references instead
of pk ints, and permissions.py is changed to pass those refs.
* license_module_switch:
Hide eula if stub license is used
Fix up some issues on feature validation for licenses
Remove any references to internal licensing utilities
Switch out existing obfuscated license with external module
This adds a test to replicate the scenario reported about
bugs in activity stream entry generation in cascade delete
chains. Also puts a new string in the entry that uses the
deleted objects's primary key.
1. You delete something.
2. A signal is generated to record an activity stream deletion.
3. The process of deleting that activity stream deletion attempts to
look up a related field which has been deleted (in the meantime) via
a cascade.
see: #6721
see: #7022
This creates a new fallback license module called StubLicense that
will be used in the event that the tower_license module is not
installed.
All existing license mechanisms are routed through the get_licenser()
util method
This change _only_ injects `AWS_TASK_ENV` into `os.environ`; it's up to
underlying libraries to be good citizens and actually respect things
like `HTTPS_PROXY`.
see: #3508
* use tower-expect command to determine job status when running
the isolated heartbeat playbook
* grok JSON output of playbook to obtain result information
* run playbook against multiple isolated hosts at the same time
(addresses scalability concerns)
modern Tower deployments (both production and dev container-based)
always build ansible and Tower in separate, distinct virtualenvs, not
the global site-packages
This moves the container-based code location and venvs.
The goal here is that the paths of Tower source for isolated
vs normal nodes matches (both in prod and local development) so that we
don't have to add a bunch of additional bwrap argument logic for
<location-of-isolated-tower-venv>.
bubblewrap is creating a mount tree from a namespace outside the one it's
creating. Absolute symlinks will not resolve properly, causing errors.
Filed @ https://github.com/projectatomic/bubblewrap/issues/195, but
this should work around it without side effects.
* release_3.1.3: (52 commits)
ack fact scan messages
making ldap user/group search fields into codemirror instances
removing UI parsing for LDAP User and Group Search fields
Allow exception view to accept all valid HTTP methods.
Restore ability of parsing extra_vars string for provisioning callback.
Fix up backup/restore role broken in f7a8e45809758322d9ee41c5305850dd70ed5faf
Stop / start ansible-tower-service during restores
value_to_python should encode lookup fields as ascii
fix brace interpolation on standard out pane
Adjust some hardcoded usages of 'awx' to use 'aw_user' and 'aw_group'.
Pull Spanish updates from Zanata
Temporarily grant awx user createdb role
Stop giving ownership of backups to postgres
don't display chunked lines'
Add dropdown li truncation with ellipsis
CTiT -> adhoc modules should allow the user to add new modules
Remove task that was replacing the supervisor systemd tmp file
Fix failing supervisorctl commands on RH-based distros
Give ownership of the supervisor socket to awx
Setting for external log emissions cert verification
...
* Extend scm credential type to support username and password for
redhat portal accounts
* Update project update playbook to work with remote insights server
We probably do get this value as unicode originally but when we store
it, due to a recently fixed bug it will come out as *not* unicode.
So things were accidentally working because py2 smtplib uses hmac
which won't accept unicode.
This change adds a flag to encrypt_field that forces it to skip the
utf8 fixup from before for narrow use cases.
