Fix the problem where a user's admin priviledges can be revoked with defaults.
This commit is contained in:
parent
56e0df0d58
commit
489c900cfd
1 changed files with 25 additions and 12 deletions
|
@ -341,9 +341,11 @@ def list_federated_logins(user):
|
||||||
def create_confirm_email_code(user, new_email=None):
|
def create_confirm_email_code(user, new_email=None):
|
||||||
if new_email:
|
if new_email:
|
||||||
if not validate_email(new_email):
|
if not validate_email(new_email):
|
||||||
raise InvalidEmailAddressException('Invalid email address: %s' % new_email)
|
raise InvalidEmailAddressException('Invalid email address: %s' %
|
||||||
|
new_email)
|
||||||
|
|
||||||
code = EmailConfirmation.create(user=user, email_confirm=True, new_email=new_email)
|
code = EmailConfirmation.create(user=user, email_confirm=True,
|
||||||
|
new_email=new_email)
|
||||||
return code
|
return code
|
||||||
|
|
||||||
|
|
||||||
|
@ -461,7 +463,8 @@ def get_matching_users(username_prefix, robot_namespace=None,
|
||||||
|
|
||||||
def verify_user(username_or_email, password):
|
def verify_user(username_or_email, password):
|
||||||
try:
|
try:
|
||||||
fetched = User.get((User.username == username_or_email) | (User.email == username_or_email))
|
fetched = User.get((User.username == username_or_email) |
|
||||||
|
(User.email == username_or_email))
|
||||||
except User.DoesNotExist:
|
except User.DoesNotExist:
|
||||||
return None
|
return None
|
||||||
|
|
||||||
|
@ -532,18 +535,24 @@ def get_user_teams_within_org(username, organization):
|
||||||
User.username == username)
|
User.username == username)
|
||||||
|
|
||||||
|
|
||||||
def get_visible_repository_count(username=None, include_public=True, sort=False, namespace=None):
|
def get_visible_repository_count(username=None, include_public=True,
|
||||||
return get_visible_repository_internal(username=username, include_public=include_public,
|
|
||||||
sort=sort, namespace=namespace, get_count=True)
|
|
||||||
|
|
||||||
def get_visible_repositories(username=None, include_public=True, page=None, limit=None,
|
|
||||||
sort=False, namespace=None):
|
sort=False, namespace=None):
|
||||||
return get_visible_repository_internal(username=username, include_public=include_public, page=page,
|
return get_visible_repository_internal(username=username,
|
||||||
limit=limit, sort=sort, namespace=namespace, get_count=False)
|
include_public=include_public,
|
||||||
|
sort=sort, namespace=namespace,
|
||||||
|
get_count=True)
|
||||||
|
|
||||||
|
def get_visible_repositories(username=None, include_public=True, page=None,
|
||||||
|
limit=None, sort=False, namespace=None):
|
||||||
|
return get_visible_repository_internal(username=username,
|
||||||
|
include_public=include_public,
|
||||||
|
page=page, limit=limit, sort=sort,
|
||||||
|
namespace=namespace, get_count=False)
|
||||||
|
|
||||||
|
|
||||||
def get_visible_repository_internal(username=None, include_public=True, limit=None, page=None,
|
def get_visible_repository_internal(username=None, include_public=True,
|
||||||
sort=False, namespace=None, get_count=False):
|
limit=None, page=None, sort=False,
|
||||||
|
namespace=None, get_count=False):
|
||||||
if not username and not include_public:
|
if not username and not include_public:
|
||||||
return []
|
return []
|
||||||
|
|
||||||
|
@ -842,6 +851,10 @@ def create_repository(namespace, name, creating_user, visibility='private'):
|
||||||
PermissionPrototype.delegate_team >> None))
|
PermissionPrototype.delegate_team >> None))
|
||||||
|
|
||||||
def create_user_permission(user, repo, role):
|
def create_user_permission(user, repo, role):
|
||||||
|
# The creating user always gets admin anyway
|
||||||
|
if user.username == creating_user.username:
|
||||||
|
return
|
||||||
|
|
||||||
RepositoryPermission.create(user=user, repository=repo, role=role)
|
RepositoryPermission.create(user=user, repository=repo, role=role)
|
||||||
|
|
||||||
__apply_default_permissions(repo, user_protos, 'username',
|
__apply_default_permissions(repo, user_protos, 'username',
|
||||||
|
|
Reference in a new issue