Merge pull request #6246 from wwitzel3/issue-5756

Create /inventories/N/update_inventory_sources endpoint.

awx/api/permissions.py

@@ -16,8 +16,8 @@ from awx.main.utils import get_object_or_400
 logger = logging.getLogger('awx.api.permissions')
 
 __all__ = ['ModelAccessPermission', 'JobTemplateCallbackPermission',
-           'TaskPermission', 'ProjectUpdatePermission', 'UserPermission',
-           'IsSuperUser']
+           'TaskPermission', 'ProjectUpdatePermission', 'InventoryInventorySourcesUpdatePermission',
+           'UserPermission', 'IsSuperUser']
 
 
 class ModelAccessPermission(permissions.BasePermission):
@@ -200,6 +200,12 @@ class ProjectUpdatePermission(ModelAccessPermission):
         return check_user_access(request.user, view.model, 'start', project)
 
 
+class InventoryInventorySourcesUpdatePermission(ModelAccessPermission):
+    def check_post_permissions(self, request, view, obj=None):
+        inventory = get_object_or_400(view.model, pk=view.kwargs['pk'])
+        return check_user_access(request.user, view.model, 'update', inventory)
+
+
 class UserPermission(ModelAccessPermission):
     def check_post_permissions(self, request, view, obj=None):
         if not request.data:

awx/api/serializers.py

@@ -1123,6 +1123,7 @@ class InventorySerializer(BaseSerializerWithVariables):
             script        = self.reverse('api:inventory_script_view',       kwargs={'pk': obj.pk}),
             tree          = self.reverse('api:inventory_tree_view',         kwargs={'pk': obj.pk}),
             inventory_sources = self.reverse('api:inventory_inventory_sources_list', kwargs={'pk': obj.pk}),
+            update_inventory_sources = self.reverse('api:inventory_inventory_sources_update', kwargs={'pk': obj.pk}),
             activity_stream = self.reverse('api:inventory_activity_stream_list', kwargs={'pk': obj.pk}),
             job_templates = self.reverse('api:inventory_job_template_list', kwargs={'pk': obj.pk}),
             scan_job_templates = self.reverse('api:inventory_scan_job_template_list', kwargs={'pk': obj.pk}),

awx/api/urls.py

@@ -94,6 +94,7 @@ inventory_urls = patterns('awx.api.views',
     url(r'^(?P<pk>[0-9]+)/script/$',                    'inventory_script_view'),
     url(r'^(?P<pk>[0-9]+)/tree/$',                      'inventory_tree_view'),
     url(r'^(?P<pk>[0-9]+)/inventory_sources/$',         'inventory_inventory_sources_list'),
+    url(r'^(?P<pk>[0-9]+)/update_inventory_sources/$',   'inventory_inventory_sources_update'),
     url(r'^(?P<pk>[0-9]+)/activity_stream/$',           'inventory_activity_stream_list'),
     url(r'^(?P<pk>[0-9]+)/job_templates/$',             'inventory_job_template_list'),
     url(r'^(?P<pk>[0-9]+)/scan_job_templates/$',        'inventory_scan_job_template_list'),

awx/api/views.py

@@ -2405,6 +2405,51 @@ class InventoryInventorySourcesList(SubListCreateAPIView):
     new_in_14 = True
 
 
+class InventoryInventorySourcesUpdate(RetrieveAPIView):
+    view_name = _('Inventory Sources Update')
+
+    model = Inventory
+    serializer_class = InventorySourceUpdateSerializer
+    permission_classes = (InventoryInventorySourcesUpdatePermission,)
+    is_job_start = True
+    new_in_320 = True
+
+    def retrieve(self, request, *args, **kwargs):
+        inventory = self.get_object()
+        update_data = []
+        for inventory_source in inventory.inventory_sources.all():
+            details = {'inventory_source': inventory_source.pk,
+                       'can_update': inventory_source.can_update}
+            update_data.append(details)
+        return Response(update_data)
+
+    def post(self, request, *args, **kwargs):
+        inventory = self.get_object()
+        update_data = []
+        for inventory_source in inventory.inventory_sources.all():
+            details = {'inventory_source': inventory_source.pk, 'status': None}
+            can_update = inventory_source.can_update
+            project_update = False
+
+            if inventory_source.source == 'scm' and inventory_source.update_on_project_update:
+                if not request.user or not request.user.can_access(Project, 'start', inventory_source.source_project):
+                    details['status'] = 'You do not have permission to update project `{}`'.format(inventory_source.source_project.name)
+                    can_update = False
+                else:
+                    project_update = True
+
+            if can_update:
+                if project_update:
+                    details['project_update'] = inventory_source.source_project.update().id
+                details['status'] = 'started'
+                details['inventory_update'] = inventory_source.update().id
+            else:
+                if not details.get('status'):
+                    details['status'] = 'Could not start because `can_update` returned False'
+            update_data.append(details)
+        return Response(update_data, status=status.HTTP_202_ACCEPTED)
+
+
 class InventorySourceList(ListCreateAPIView):
 
     model = InventorySource
@@ -2523,7 +2568,7 @@ class InventorySourceUpdateView(RetrieveAPIView):
         obj = self.get_object()
         if obj.can_update:
             if obj.source == 'scm' and obj.update_on_project_update:
-                if not self.request.user or self.request.user.can_access(self.model, 'update', obj):
+                if not self.request.user or not self.request.user.can_access(Project, 'start', obj.source_project):
                     raise PermissionDenied(detail=_(
                         'You do not have permission to update project `{}`.'.format(obj.source_project.name)))
                 return self._build_update_response(obj.source_project.update(), request)