Merge branch 'master' into better-emails

data/model/legacy.py

@@ -12,6 +12,7 @@ from util.backoff import exponential_backoff
 
 
 EXPONENTIAL_BACKOFF_SCALE = timedelta(seconds=1)
+PRESUMED_DEAD_BUILD_AGE = timedelta(days=15)
 
 
 logger = logging.getLogger(__name__)
@@ -48,6 +49,9 @@ class InvalidRobotException(DataModelException):
 class InvalidTeamException(DataModelException):
   pass
 
+class InvalidTeamMemberException(DataModelException):
+  pass
+
 
 class InvalidPasswordException(DataModelException):
   pass
@@ -73,6 +77,10 @@ class TooManyUsersException(DataModelException):
   pass
 
 
+class UserAlreadyInTeam(DataModelException):
+  pass
+
+
 class TooManyLoginAttemptsException(Exception):
   def __init__(self, message, retry_after):
     super(TooManyLoginAttemptsException, self).__init__(message)
@@ -332,12 +340,42 @@ def remove_team(org_name, team_name, removed_by_username):
   team.delete_instance(recursive=True, delete_nullable=True)
 
 
+def add_or_invite_to_team(inviter, team, user=None, email=None):
+  # If the user is a member of the organization, then we simply add the
+  # user directly to the team. Otherwise, an invite is created for the user/email.
+  # We return None if the user was directly added and the invite object if the user was invited.  
+  requires_invite = True
+  if user:
+    orgname = team.organization.username
+
+    # If the user is part of the organization (or a robot), then no invite is required.
+    if user.robot:
+      requires_invite = False
+      if not user.username.startswith(orgname + '+'):
+        raise InvalidTeamMemberException('Cannot add the specified robot to this team, ' +
+                                         'as it is not a member of the organization')
+    else:      
+      Org = User.alias()
+      found = User.select(User.username)
+      found = found.where(User.username == user.username).join(TeamMember).join(Team)
+      found = found.join(Org, on=(Org.username == orgname)).limit(1)
+      requires_invite = not any(found)
+
+  # If we have a valid user and no invite is required, simply add the user to the team.
+  if user and not requires_invite:
+    add_user_to_team(user, team)
+    return None
+
+  email_address = email if not user else None
+  return TeamMemberInvite.create(user=user, email=email_address, team=team, inviter=inviter)
+
+
 def add_user_to_team(user, team):
   try:
     return TeamMember.create(user=user, team=team)
   except Exception:
-    raise DataModelException('Unable to add user \'%s\' to team: \'%s\'' %
-                             (user.username, team.name))
+    raise UserAlreadyInTeam('User \'%s\' is already a member of team \'%s\'' %
+                            (user.username, team.name))
 
 
 def remove_user_from_team(org_name, team_name, username, removed_by_username):
@@ -512,6 +550,13 @@ def get_user(username):
     return None
 
 
+def get_user_or_org(username):
+  try:
+    return User.get(User.username == username, User.robot == False)
+  except User.DoesNotExist:
+    return None
+
+
 def get_user_or_org_by_customer_id(customer_id):
   try:
     return User.get(User.stripe_id == customer_id)
@@ -635,6 +680,10 @@ def get_organization_team_members(teamid):
   query = joined.where(Team.id == teamid)
   return query
 
+def get_organization_team_member_invites(teamid):
+  joined = TeamMemberInvite.select().join(Team).join(User)
+  query = joined.where(Team.id == teamid)
+  return query
 
 def get_organization_member_set(orgname):
   Org = User.alias()
@@ -1824,6 +1873,32 @@ def delete_notifications_by_kind(target, kind_name):
   Notification.delete().where(Notification.target == target,
                               Notification.kind == kind_ref).execute()
 
+def delete_matching_notifications(target, kind_name, **kwargs):
+  kind_ref = NotificationKind.get(name=kind_name)
+
+  # Load all notifications for the user with the given kind.
+  notifications = Notification.select().where(
+      Notification.target == target,
+      Notification.kind == kind_ref)
+
+  # For each, match the metadata to the specified values.
+  for notification in notifications:
+    matches = True
+    try:
+      metadata = json.loads(notification.metadata_json)
+    except:
+      continue
+
+    for (key, value) in kwargs.iteritems():
+      if not key in metadata or metadata[key] != value:
+        matches = False
+        break
+
+    if not matches:
+      continue
+
+    notification.delete_instance()
+
 
 def get_active_users():
   return User.select().where(User.organization == False, User.robot == False)
@@ -1831,6 +1906,16 @@ def get_active_users():
 def get_active_user_count():
   return get_active_users().count()
 
+
+def detach_external_login(user, service_name):
+  try:
+    service = LoginService.get(name = service_name)
+  except LoginService.DoesNotExist:
+    return
+
+  FederatedLogin.delete().where(FederatedLogin.user == user,
+                                FederatedLogin.service == service).execute()
+
 def delete_user(user):
   user.delete_instance(recursive=True, delete_nullable=True)
 
@@ -1879,3 +1964,72 @@ def confirm_email_authorization_for_repo(code):
   found.save()
 
   return found
+
+
+def delete_team_email_invite(team, email):
+  found = TeamMemberInvite.get(TeamMemberInvite.email == email, TeamMemberInvite.team == team)
+  found.delete_instance()
+
+def delete_team_user_invite(team, user):
+  try:
+    found = TeamMemberInvite.get(TeamMemberInvite.user == user, TeamMemberInvite.team == team)
+  except TeamMemberInvite.DoesNotExist:
+    return False
+
+  found.delete_instance()
+  return True
+
+def lookup_team_invites(user):
+  return TeamMemberInvite.select().where(TeamMemberInvite.user == user)
+
+def lookup_team_invite(code, user=None):
+ # Lookup the invite code.
+  try:
+    found = TeamMemberInvite.get(TeamMemberInvite.invite_token == code)
+  except TeamMemberInvite.DoesNotExist:
+    raise DataModelException('Invalid confirmation code.')
+
+  if user and found.user != user:
+    raise DataModelException('Invalid confirmation code.')    
+
+  return found
+
+def delete_team_invite(code, user=None):
+  found = lookup_team_invite(code, user)
+
+  team = found.team
+  inviter = found.inviter
+
+  found.delete_instance()
+
+  return (team, inviter)
+
+
+def confirm_team_invite(code, user):
+  found = lookup_team_invite(code)
+
+  # If the invite is for a specific user, we have to confirm that here.
+  if found.user is not None and found.user != user:
+    message = """This invite is intended for user "%s". 
+                 Please login to that account and try again.""" % found.user.username
+    raise DataModelException(message)
+
+  # Add the user to the team.
+  try:
+    add_user_to_team(user, found.team)
+  except UserAlreadyInTeam:
+    # Ignore.
+    pass
+
+  # Delete the invite and return the team.
+  team = found.team
+  inviter = found.inviter
+  found.delete_instance()
+  return (team, inviter)
+
+def archivable_buildlogs_query():
+  presumed_dead_date = datetime.utcnow() - PRESUMED_DEAD_BUILD_AGE
+  return (RepositoryBuild.select()
+    .where((RepositoryBuild.phase == BUILD_PHASE.COMPLETE) |
+           (RepositoryBuild.phase == BUILD_PHASE.ERROR) |
+           (RepositoryBuild.started < presumed_dead_date), RepositoryBuild.logs_archived == False))

data/model/oauth.py

@@ -46,7 +46,7 @@ class DatabaseAuthorizationProvider(AuthorizationProvider):
   def validate_redirect_uri(self, client_id, redirect_uri):
     try:
       app = OAuthApplication.get(client_id=client_id)
-      if app.redirect_uri and redirect_uri.startswith(app.redirect_uri):
+      if app.redirect_uri and redirect_uri and redirect_uri.startswith(app.redirect_uri):
         return True
       return False
     except OAuthApplication.DoesNotExist: