vbatts/quay
Archived
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Add a secondary tab to Teams for managing org members

Browse source 
Also adds the ability to completely remove a user from an organization (repo permissions and teams), in a single click

Fixes #212
This commit is contained in:
Joseph Schorr 2015-07-02 17:04:12 +03:00
parent cb238f8764
commit 3a59c99b08
8 changed files with 373 additions and 105 deletions
Download patch file Download diff file Expand all files Collapse all files

67
endpoints/api/organization.py
View file

@ -230,7 +230,7 @@ class OrganizationMemberList(ApiResource):
@require_scope(scopes.ORG_ADMIN)
@nickname('getOrganizationMembers')
def get(self, orgname):
""" List the members of the specified organization. """
""" List the human members of the specified organization. """
permission = AdministerOrganizationPermission(orgname)
if permission.can():
try:
@ -242,21 +242,41 @@ class OrganizationMemberList(ApiResource):
# will return an entry for *every team* a member is on, so we will have
# duplicate keys (which is why we pre-build the dictionary).
members_dict = {}
members = model.get_organization_members_with_teams(org)
members = model.list_organization_members_by_teams(org)
for member in members:
if member.user.robot:
continue
if not member.user.username in members_dict:
members_dict[member.user.username] = {'name': member.user.username,
'kind': 'user',
'is_robot': member.user.robot,
'teams': []}
member_data = {
'name': member.user.username,
'kind': 'user',
'avatar': avatar.get_data_for_user(member.user),
'teams': [],
'repositories': []
}
members_dict[member.user.username]['teams'].append(member.team.name)
members_dict[member.user.username] = member_data
return {'members': members_dict}
members_dict[member.user.username]['teams'].append({
'name': member.team.name,
'avatar': avatar.get_data_for_team(member.team),
})
# Loop to add direct repository permissions.
for permission in model.list_organization_member_permissions(org):
username = permission.user.username
if not username in members_dict:
continue
members_dict[username]['repositories'].append(permission.repository.name)
return {'members': members_dict.values()}
raise Unauthorized()
@resource('/v1/organization/<orgname>/members/<membername>')
@path_param('orgname', 'The name of the organization')
@path_param('membername', 'The username of the organization member')
@ -264,31 +284,26 @@ class OrganizationMember(ApiResource):
""" Resource for managing individual organization members. """
@require_scope(scopes.ORG_ADMIN)
@nickname('getOrganizationMember')
def get(self, orgname, membername):
""" Get information on the specific organization member. """
@nickname('removeOrganizationMember')
def delete(self, orgname, membername):
""" Removes a member from an organization, revoking all its repository
priviledges and removing it from all teams in the organization.
"""
permission = AdministerOrganizationPermission(orgname)
if permission.can():
# Lookup the user.
user = model.get_nonrobot_user(membername)
if not user:
raise NotFound()
try:
org = model.get_organization(orgname)
except model.InvalidOrganizationException:
raise NotFound()
member_dict = None
member_teams = model.get_organization_members_with_teams(org, membername=membername)
for member in member_teams:
if not member_dict:
member_dict = {'name': member.user.username,
'kind': 'user',
'is_robot': member.user.robot,
'teams': []}
member_dict['teams'].append(member.team.name)
if not member_dict:
raise NotFound()
return {'member': member_dict}
# Remove the user from the organization.
model.remove_organization_member(org, user)
return 'Deleted', 204
raise Unauthorized()