From 294d4849a233818b6a00cd704874228c9b1310e4 Mon Sep 17 00:00:00 2001 From: yackob03 Date: Thu, 7 Nov 2013 18:08:38 -0500 Subject: [PATCH] Prevent login on accounts that have been converted to organizations. Fix a bug in the tags api. --- data/model.py | 17 ++++++++++++----- 1 file changed, 12 insertions(+), 5 deletions(-) diff --git a/data/model.py b/data/model.py index 150bfb1a7..7a31c07f2 100644 --- a/data/model.py +++ b/data/model.py @@ -103,10 +103,13 @@ def convert_user_to_organization(user, admin_user): # Change the user to an organization. user.organization = True - # TODO: disable this account for login. - user.password = '' + # disable this account for login. + user.password_hash = None user.save() + # Clear any federated auth pointing to this user + FederatedLogin.delete().where(FederatedLogin.user == user).execute() + # Create a team for the owners owners_team = create_team('owners', user, 'admin') @@ -695,9 +698,13 @@ def delete_tag(namespace_name, repository_name, tag_name): def delete_all_repository_tags(namespace_name, repository_name): - repo = Repository.get(Repository.name == repository_name, - Repository.namespace == namespace_name) - RepositoryTag.delete().where(RepositoryTag.repository == repo) + try: + repo = Repository.get(Repository.name == repository_name, + Repository.namespace == namespace_name) + except Repository.DoesNotExist: + raise DataModelException('Invalid repository \'%s/%s\'' % + (namespace_name, repository_name)) + RepositoryTag.delete().where(RepositoryTag.repository == repo).execute() def __entity_permission_repo_query(entity_id, entity_table,