quay/util/fixuseradmin.py

import argparse
import sys

from app import app
from data.database import Namespace, Repository, RepositoryPermission, Role
from data.model.permission import get_user_repo_permissions
from data.model.user import get_active_users, get_nonrobot_user

DESCRIPTION = '''
Fix user repositories missing admin permissions for owning user.
'''

parser = argparse.ArgumentParser(description=DESCRIPTION)
parser.add_argument('users', nargs='*', help='Users to check')
parser.add_argument('-a', '--all', action='store_true', help='Check all users')
parser.add_argument('-n', '--dry-run', action='store_true', help="Don't act")

ADMIN = Role.get(name='admin')


def repos_for_namespace(namespace):
    return (Repository
            .select(Repository.id, Repository.name, Namespace.username)
            .join(Namespace)
            .where(Namespace.username == namespace))


def has_admin(user, repo):
    perms = get_user_repo_permissions(user, repo)
    return any(p.role == ADMIN for p in perms)


def get_users(all_users=False, users_list=None):
    if all_users:
        return get_active_users(disabled=False)

    return map(get_nonrobot_user, users_list)


def ensure_admin(user, repos, dry_run=False):
    repos = [repo for repo in repos if not has_admin(user, repo)]

    for repo in repos:
        print('User {} missing admin on: {}'.format(user.username, repo.name))

        if not dry_run:
            RepositoryPermission.create(user=user, repository=repo, role=ADMIN)
            print('Granted {} admin on: {}'.format(user.username, repo.name))

    return len(repos)


def main():
    args = parser.parse_args()
    found = 0

    if not args.all and len(args.users) == 0:
        sys.exit('Need a list of users or --all')

    for user in get_users(all_users=args.all, users_list=args.users):
        if user is not None:
            repos = repos_for_namespace(user.username)
            found += ensure_admin(user, repos, dry_run=args.dry_run)

    print('\nFound {} user repos missing admin'
          ' permissions for owner.'.format(found))


if __name__ == '__main__':
    main()
initial import for Open Source 🎉 2019-11-12 16:09:47 +00:00			`import argparse`
			`import sys`

			`from app import app`
			`from data.database import Namespace, Repository, RepositoryPermission, Role`
			`from data.model.permission import get_user_repo_permissions`
			`from data.model.user import get_active_users, get_nonrobot_user`

			`DESCRIPTION = '''`
			`Fix user repositories missing admin permissions for owning user.`
			`'''`

			`parser = argparse.ArgumentParser(description=DESCRIPTION)`
			`parser.add_argument('users', nargs='*', help='Users to check')`
			`parser.add_argument('-a', '--all', action='store_true', help='Check all users')`
			`parser.add_argument('-n', '--dry-run', action='store_true', help="Don't act")`

			`ADMIN = Role.get(name='admin')`


			`def repos_for_namespace(namespace):`
			`return (Repository`
			`.select(Repository.id, Repository.name, Namespace.username)`
			`.join(Namespace)`
			`.where(Namespace.username == namespace))`


			`def has_admin(user, repo):`
			`perms = get_user_repo_permissions(user, repo)`
			`return any(p.role == ADMIN for p in perms)`


			`def get_users(all_users=False, users_list=None):`
			`if all_users:`
			`return get_active_users(disabled=False)`

			`return map(get_nonrobot_user, users_list)`


			`def ensure_admin(user, repos, dry_run=False):`
			`repos = [repo for repo in repos if not has_admin(user, repo)]`

			`for repo in repos:`
			`print('User {} missing admin on: {}'.format(user.username, repo.name))`

			`if not dry_run:`
			`RepositoryPermission.create(user=user, repository=repo, role=ADMIN)`
			`print('Granted {} admin on: {}'.format(user.username, repo.name))`

			`return len(repos)`


			`def main():`
			`args = parser.parse_args()`
			`found = 0`

			`if not args.all and len(args.users) == 0:`
			`sys.exit('Need a list of users or --all')`

			`for user in get_users(all_users=args.all, users_list=args.users):`
			`if user is not None:`
			`repos = repos_for_namespace(user.username)`
			`found += ensure_admin(user, repos, dry_run=args.dry_run)`

			`print('\nFound {} user repos missing admin'`
			`' permissions for owner.'.format(found))`


			`if __name__ == '__main__':`
			`main()`