Fix the problem where users in normal repos are marked as outside of the organization.

This commit is contained in:
yackob03 2013-11-05 17:10:14 -05:00
parent 22dd031f91
commit a1476b32ea
4 changed files with 57 additions and 24 deletions

View file

@ -246,7 +246,7 @@ def get_matching_users(username_prefix, organization=None):
if organization:
self.is_org_member = (args[1] == organization.username)
else:
self.is_org_member = False
self.is_org_member = None
return (MatchingUserResult(*args) for args in query.tuples().limit(10))

View file

@ -229,12 +229,16 @@ def get_matching_entities(prefix):
}
def user_view(user):
return {
user_json = {
'name': user.username,
'kind': 'user',
'is_org_member': user.is_org_member,
}
if user.is_org_member is not None:
user_json['is_org_member'] = user.is_org_member
return user_json
team_data = [team_view(team) for team in teams]
user_data = [user_view(user) for user in users]
return jsonify({
@ -704,18 +708,17 @@ def request_repo_build(namespace, repository):
abort(403) # Permissions denied
def role_view_org(repo_perm_obj, org_member):
return {
'role': repo_perm_obj.role.name,
'is_org_member': org_member,
}
def role_view(repo_perm_obj):
return {
'role': repo_perm_obj.role.name,
}
def wrap_role_view_org(role_json, org_member):
role_json['is_org_member'] = org_member
return role_json
@app.route('/api/repository/<path:repository>/image/', methods=['GET'])
@parse_repository_name
def list_repository_images(namespace, repository):
@ -817,16 +820,26 @@ def list_repo_team_permissions(namespace, repository):
def list_repo_user_permissions(namespace, repository):
permission = AdministerRepositoryPermission(namespace, repository)
if permission.can():
# Determine how to wrap the permissions
role_view_func = role_view
try:
model.get_organization(namespace) # Will raise an error if not org
org_members = model.get_organization_member_set(namespace)
def wrapped_role_view(repo_perm):
unwrapped = role_view(repo_perm)
return wrap_role_view_org(unwrapped,
repo_perm.user.username in org_members)
role_view_func = wrapped_role_view
except model.InvalidOrganizationException:
# This repository isn't under an org
pass
repo_perms = model.get_all_repo_users(namespace, repository)
org_members = model.get_organization_member_set(namespace)
def process_perm(repo_perm):
return (repo_perm.user.username,
role_view_org(repo_perm,
repo_perm.user.username in org_members))
return jsonify({
'permissions': dict(process_perm(perm) for perm in repo_perms)
'permissions': {perm.user.username: role_view_func(perm)
for perm in repo_perms}
})
abort(403) # Permission denied
@ -842,8 +855,18 @@ def get_user_permissions(namespace, repository, username):
permission = AdministerRepositoryPermission(namespace, repository)
if permission.can():
perm = model.get_user_reponame_permission(username, namespace, repository)
org_members = model.get_organization_member_set(namespace)
return jsonify(role_view_org(perm, perm.user.username in org_members))
perm_view = role_view(perm)
try:
model.get_organization(namespace)
org_members = model.get_organization_member_set(namespace)
perm_view = wrap_role_view_org(perm_view,
perm.user.username in org_members)
except model.InvalidOrganizationException:
# This repository is not part of an organization
pass
return jsonify(perm_view)
abort(403) # Permission denied
@ -882,8 +905,18 @@ def change_user_permissions(namespace, repository, username):
logger.warning('User tried to remove themselves as admin.')
abort(409)
org_members = model.get_organization_member_set(namespace)
resp = jsonify(role_view_org(perm, perm.user.username in org_members))
perm_view = role_view(perm)
try:
model.get_organization(namespace)
org_members = model.get_organization_member_set(namespace)
perm_view = wrap_role_view_org(perm_view,
perm.user.username in org_members)
except model.InvalidOrganizationException:
# This repository is not part of an organization
pass
resp = jsonify(perm_view)
if request.method == 'POST':
resp.status_code = 201
return resp

View file

@ -422,7 +422,7 @@ quayApp.directive('entitySearch', function () {
}
template += '<span class="name">' + datum.value + '</span>';
if (!datum.entity.is_org_member) {
if (datum.entity.is_org_member !== undefined && !datum.entity.is_org_member) {
template += '<div class="alert-warning warning">This user is outside your organization</div>';
}

View file

@ -54,10 +54,10 @@
<!-- User Permissions -->
<tr ng-repeat="(name, permission) in permissions['user']">
<td class="{{ 'user entity ' + (permission.is_org_member ? '' : 'outside') }}">
<td class="{{ 'user entity ' + (permission.is_org_member? '' : 'outside') }}">
<i class="fa fa-user"></i>
<span>{{name}}</span>
<i class="fa fa-exclamation-triangle" ng-show="!permission.is_org_member" data-trigger="hover" bs-popover="{'content': 'This user is not a member of the organization'}"></i>
<i class="fa fa-exclamation-triangle" ng-show="permission.is_org_member !== undefined && !permission.is_org_member" data-trigger="hover" bs-popover="{'content': 'This user is not a member of the organization'}"></i>
</td>
<td class="user-permissions">
<div class="btn-group btn-group-sm">