Basic functionality for saving the parent model

AlanCoding · AlanCoding · commit 288b18fd5abc · 2025-06-30T22:45:27.000-04:00
diff --git a/ansible_base/rbac/management/create_types.py b/ansible_base/rbac/management/create_types.py
@@ -1,10 +1,13 @@
+import logging
 from typing import Type
 
 from django.apps import apps as global_apps
 from django.db import DEFAULT_DB_ALIAS, models
 
 from ansible_base.rbac import permission_registry
 
+logger = logging.getLogger(__name__)
+
 
 def get_local_DAB_contenttypes(using: str, ct_model: Type[models.Model], service: str) -> dict[tuple[str, str], models.Model]:
     # This should work in migration scenarios, but other code checks for existence of it on manager
@@ -44,4 +47,14 @@ def create_DAB_contenttypes(
     DABContentType.objects.using(using).bulk_create(cts)
     if verbosity >= 2:
         for ct in cts:
-            print("Adding DAB content type " f"'{ct.service}:{ct.app_label} | {ct.model}'")
+            logger.debug("Adding DAB content type " f"'{ct.service}:{ct.app_label} | {ct.model}'")
+
+    for ct in DABContentType.objects.all():
+        if not permission_registry.is_registered(ct.model_class()):
+            logger.warning(f'{ct.model} is a stale content type in DAB RBAC')
+            continue
+        if parent_model := permission_registry.get_parent_model(ct.model_class()):
+            parent_content_type = DABContentType.objects.get_for_model(parent_model)
+            if ct.parent_content_type != parent_content_type:
+                ct.parent_content_type = parent_content_type
+                ct.save(update_fields=['parent_content_type'])
diff --git a/ansible_base/rbac/migrations/0004_remote_permissions_additions.py b/ansible_base/rbac/migrations/0004_remote_permissions_additions.py
@@ -27,7 +27,8 @@ class Migration(migrations.Migration):
                 (
                     'app_label',
                     models.CharField(
-                        help_text='Django app that the model is in. This is an internal technical detail that does not affect API use.', max_length=100
+                        help_text='Django app that the model is in. This is an internal technical detail that does not affect API use.',
+                        max_length=100
                     ),
                 ),
                 (
@@ -37,6 +38,15 @@ class Migration(migrations.Migration):
                         max_length=100,
                     ),
                 ),
+                (
+                    'parent_content_type',
+                    models.ForeignKey(
+                        help_text='Parent model within the RBAC system. Being assigned to a role in objects of the parent model can confer permissions to child objects.',
+                        null=True,
+                        on_delete=models.deletion.SET_NULL,
+                        to='dab_rbac.dabcontenttype'
+                    )
+                )
             ],
             options={
                 'unique_together': {('service', 'app_label', 'model')},
diff --git a/ansible_base/rbac/models/content_type.py b/ansible_base/rbac/models/content_type.py
@@ -157,6 +157,12 @@ class DABContentType(django_models.Model):
         max_length=100,
         help_text=_("Name of the type according to the Django ORM Meta model_name convention. Comes from the python class, but lowercase with no spaces."),
     )
+    parent_content_type = django_models.ForeignKey(
+        "self",
+        null=True,
+        help_text=_("Parent model within the RBAC system. Being assigned to a role in objects of the parent model can confer permissions to child objects."),
+        on_delete=django_models.SET_NULL,
+    )
 
     objects = DABContentTypeManager()
 
