diff --git a/rbac/migration_tool/migrate.py b/rbac/migration_tool/migrate.py index e35aa1991..33f8db18e 100644 --- a/rbac/migration_tool/migrate.py +++ b/rbac/migration_tool/migrate.py @@ -21,7 +21,6 @@ from django.conf import settings from management.role.model import BindingMapping, Role, V2Role -from management.workspace.model import Workspace from migration_tool.models import V1group, V2rolebinding from migration_tool.sharedSystemRolesReplicatedRoleBindings import v1_role_to_v2_mapping from migration_tool.utils import create_relationship, output_relationships @@ -95,16 +94,16 @@ def migrate_role(role: Role, write_db: bool, root_workspace: str, default_worksp def migrate_workspace(tenant: Tenant, write_db: bool): """Migrate a workspace from v1 to v2.""" - root_workspace = Workspace.objects.create(name="root", description="Root workspace", tenant=tenant) + root_workspace = f"root-workspace-{tenant.org_id}" # Org id represents the default workspace for now relationships = [ - create_relationship("workspace", tenant.org_id, "workspace", str(root_workspace.uuid), "parent"), - create_relationship("workspace", str(root_workspace.uuid), "tenant", tenant.org_id, "parent"), + create_relationship("workspace", tenant.org_id, "workspace", root_workspace, "parent"), + create_relationship("workspace", root_workspace, "tenant", tenant.org_id, "parent"), ] # Include realm for tenant relationships.append(create_relationship("tenant", str(tenant.org_id), "realm", settings.ENV_NAME, "realm")) output_relationships(relationships, write_db) - return str(root_workspace.uuid), tenant.org_id + return root_workspace, tenant.org_id def migrate_users(tenant: Tenant, write_db: bool): diff --git a/tests/migration_tool/tests_migrate.py b/tests/migration_tool/tests_migrate.py index cc45e36e6..fae745078 100644 --- a/tests/migration_tool/tests_migrate.py +++ b/tests/migration_tool/tests_migrate.py @@ -97,7 +97,7 @@ def test_migration_of_data(self, logger_mock): self.assertEqual(BindingMapping.objects.count(), 3) org_id = self.tenant.org_id - root_workspace = Workspace.objects.get(name="root", tenant=self.tenant) + root_workspace_id = f"root-workspace-{self.tenant.org_id}" v2_role_a2 = self.role_a2.v2role_set.first() rolebinding_a2 = self.role_a2.bindingmapping_set.first() @@ -124,8 +124,8 @@ def test_migration_of_data(self, logger_mock): # Org relationships of self.tenant # the other org is not included since it is not specified in the orgs parameter ## Workspaces root and default - call(f"workspace:{org_id}#parent@workspace:{root_workspace.uuid}"), - call(f"workspace:{root_workspace.uuid}#parent@tenant:{org_id}"), + call(f"workspace:{org_id}#parent@workspace:{root_workspace_id}"), + call(f"workspace:{root_workspace_id}#parent@tenant:{org_id}"), ## Realm call(f"tenant:{org_id}#realm@realm:stage"), ## Users to tenant @@ -138,16 +138,16 @@ def test_migration_of_data(self, logger_mock): call(f"role_binding:{rolebinding_a2.id}#granted@role:{v2_role_a2.id}"), call(f"role:{v2_role_a2.id}#inventory_hosts_write@user:*"), call(f"role_binding:{rolebinding_a2.id}#subject@group:{self.group_a2.uuid}"), - call(f"workspace:{self.aws_account_id_1}#parent@workspace:{root_workspace.uuid}"), + call(f"workspace:{self.aws_account_id_1}#parent@workspace:{root_workspace_id}"), call(f"workspace:{self.aws_account_id_1}#user_grant@role_binding:{rolebinding_a2.id}"), ## Role binding to role_a3 call(f"role_binding:{rolebinding_a31.id}#granted@role:{v2_role_a31.id}"), call(f"role:{v2_role_a31.id}#inventory_hosts_write@user:*"), - call(f"workspace:{workspace_1}#parent@workspace:{root_workspace.uuid}"), + call(f"workspace:{workspace_1}#parent@workspace:{root_workspace_id}"), call(f"workspace:{workspace_1}#user_grant@role_binding:{rolebinding_a31.id}"), call(f"role_binding:{rolebinding_a32.id}#granted@role:{v2_role_a32.id}"), call(f"role:{v2_role_a32.id}#inventory_hosts_write@user:*"), - call(f"workspace:{workspace_2}#parent@workspace:{root_workspace.uuid}"), + call(f"workspace:{workspace_2}#parent@workspace:{root_workspace_id}"), call(f"workspace:{workspace_2}#user_grant@role_binding:{rolebinding_a32.id}"), ] logger_mock.info.assert_has_calls(tuples, any_order=True)