Adopt internal DAB RBAC Permission model (#14994)

3 files changed, 5 insertions, 39 deletions

diff --git a/awx/main/migrations/0190_add_django_permissions.py b/awx/main/migrations/0190_add_django_permissions.py
index 540c1c6b40..d8e3406e24 100644
--- a/awx/main/migrations/0190_add_django_permissions.py
+++ b/awx/main/migrations/0190_add_django_permissions.py
@@ -83,19 +83,4 @@ class Migration(migrations.Migration):
                 'permissions': [('use_instancegroup', 'Can use instance group in a preference list of a resource')],
             },
         ),
-        migrations.CreateModel(
-            name='DABPermission',
-            fields=[
-                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
-                ('name', models.CharField(max_length=255, verbose_name='name')),
-                ('codename', models.CharField(max_length=100, verbose_name='codename')),
-                ('content_type', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='contenttypes.contenttype', verbose_name='content type')),
-            ],
-            options={
-                'verbose_name': 'permission',
-                'verbose_name_plural': 'permissions',
-                'ordering': ['content_type__model', 'codename'],
-                'unique_together': {('content_type', 'codename')},
-            },
-        ),
     ]
diff --git a/awx/main/migrations/_dab_rbac.py b/awx/main/migrations/_dab_rbac.py
index 1920653186..10d78351cd 100644
--- a/awx/main/migrations/_dab_rbac.py
+++ b/awx/main/migrations/_dab_rbac.py
@@ -4,7 +4,8 @@ import logging
 from django.apps import apps as global_apps
 from django.db.models import ForeignKey
 from django.utils.timezone import now
-from ansible_base.rbac.migrations._utils import give_permissions, create_custom_permissions
+from ansible_base.rbac.migrations._utils import give_permissions
+from ansible_base.rbac.management import create_dab_permissions
 
 from awx.main.fields import ImplicitRoleField
 from awx.main.constants import role_name_to_perm_mapping
@@ -14,7 +15,7 @@ logger = logging.getLogger('awx.main.migrations._dab_rbac')
 
 
 def create_permissions_as_operation(apps, schema_editor):
-    create_custom_permissions(global_apps.get_app_config("main"))
+    create_dab_permissions(global_apps.get_app_config("main"), apps=apps)
 
 
 """
@@ -108,7 +109,7 @@ def get_descendents(f, children_map):
 
 
 def get_permissions_for_role(role_field, children_map, apps):
-    Permission = apps.get_model('auth', 'Permission')
+    Permission = apps.get_model('dab_rbac', 'DABPermission')
     ContentType = apps.get_model('contenttypes', 'ContentType')
 
     perm_list = []
@@ -145,7 +146,7 @@ def migrate_to_new_rbac(apps, schema_editor):
     Role = apps.get_model('main', 'Role')
     RoleDefinition = apps.get_model('dab_rbac', 'RoleDefinition')
     RoleUserAssignment = apps.get_model('dab_rbac', 'RoleUserAssignment')
-    Permission = apps.get_model('auth', 'Permission')
+    Permission = apps.get_model('dab_rbac', 'DABPermission')
     migration_time = now()
 
     # remove add premissions that are not valid for migrations from old versions
diff --git a/awx/main/models/organization.py b/awx/main/models/organization.py
index e543a91f80..8ff422364d 100644
--- a/awx/main/models/organization.py
+++ b/awx/main/models/organization.py
@@ -216,23 +216,3 @@ if not hasattr(User, 'get_absolute_url'):
         return reverse('api:user_detail', kwargs={'pk': user.pk}, request=request)
 
     User.add_to_class('get_absolute_url', user_get_absolute_url)
-
-
-class DABPermission(models.Model):
-    """
-    This is a partial copy of auth.Permission to be used by DAB RBAC lib
-    and in order to be consistent with other applications
-    """
-
-    name = models.CharField("name", max_length=255)
-    content_type = models.ForeignKey(ContentType, models.CASCADE, verbose_name="content type")
-    codename = models.CharField("codename", max_length=100)
-
-    class Meta:
-        verbose_name = "permission"
-        verbose_name_plural = "permissions"
-        unique_together = [["content_type", "codename"]]
-        ordering = ["content_type__model", "codename"]
-
-    def __str__(self):
-        return f"<{self.__class__.__name__}: {self.codename}>"