Merge pull request #213 from coreos-inc/orgmember
Add a secondary tab to Teams for managing org members
This commit is contained in:
Jimmy Zelinskie
commit
cf4800c06c
8 changed files with 373 additions and 105 deletions
|
|
@ -1966,19 +1966,19 @@ class TestPermissionPrototypeBuynlargeL24b(ApiTestCase):
|
|||
class TestOrganizationMemberBuynlargeDevtable(ApiTestCase):
|
||||
def setUp(self):
|
||||
ApiTestCase.setUp(self)
|
||||
self._set_url(OrganizationMember, orgname="buynlarge", membername="devtable")
|
||||
self._set_url(OrganizationMember, orgname="buynlarge", membername="someuser")
|
||||
|
||||
def test_get_anonymous(self):
|
||||
self._run_test('GET', 401, None, None)
|
||||
def test_delete_anonymous(self):
|
||||
self._run_test('DELETE', 401, None, None)
|
||||
|
||||
def test_get_freshuser(self):
|
||||
self._run_test('GET', 403, 'freshuser', None)
|
||||
def test_delete_freshuser(self):
|
||||
self._run_test('DELETE', 403, 'freshuser', None)
|
||||
|
||||
def test_get_reader(self):
|
||||
self._run_test('GET', 403, 'reader', None)
|
||||
def test_delete_reader(self):
|
||||
self._run_test('DELETE', 403, 'reader', None)
|
||||
|
||||
def test_get_devtable(self):
|
||||
self._run_test('GET', 200, 'devtable', None)
|
||||
def test_delete_devtable(self):
|
||||
self._run_test('DELETE', 404, 'devtable', None)
|
||||
|
||||
|
||||
class TestOrgRobotBuynlargeZ7pd(ApiTestCase):
|
||||
|
|
|
|||
|
|
@ -802,28 +802,76 @@ class TestUpdateOrganizationPrototypes(ApiTestCase):
|
|||
self.assertEquals('admin', json['role'])
|
||||
|
||||
|
||||
class TestGetOrganiaztionMembers(ApiTestCase):
|
||||
class TestGetOrganizationMembers(ApiTestCase):
|
||||
def test_getmembers(self):
|
||||
self.login(ADMIN_ACCESS_USER)
|
||||
|
||||
json = self.getJsonResponse(OrganizationMemberList,
|
||||
params=dict(orgname=ORGANIZATION))
|
||||
|
||||
assert ADMIN_ACCESS_USER in json['members']
|
||||
assert READ_ACCESS_USER in json['members']
|
||||
assert not NO_ACCESS_USER in json['members']
|
||||
membernames = [member['name'] for member in json['members']]
|
||||
assert ADMIN_ACCESS_USER in membernames
|
||||
assert READ_ACCESS_USER in membernames
|
||||
assert not NO_ACCESS_USER in membernames
|
||||
|
||||
def test_getspecificmember(self):
|
||||
|
||||
class TestRemoveOrganizationMember(ApiTestCase):
|
||||
def test_try_remove_only_admin(self):
|
||||
self.login(ADMIN_ACCESS_USER)
|
||||
|
||||
json = self.getJsonResponse(OrganizationMember,
|
||||
params=dict(orgname=ORGANIZATION,
|
||||
membername=ADMIN_ACCESS_USER))
|
||||
self.deleteResponse(OrganizationMember,
|
||||
params=dict(orgname=ORGANIZATION, membername=ADMIN_ACCESS_USER),
|
||||
expected_code=400)
|
||||
|
||||
self.assertEquals(ADMIN_ACCESS_USER, json['member']['name'])
|
||||
self.assertEquals('user', json['member']['kind'])
|
||||
def test_remove_member(self):
|
||||
self.login(ADMIN_ACCESS_USER)
|
||||
|
||||
assert 'owners' in json['member']['teams']
|
||||
json = self.getJsonResponse(OrganizationMemberList,
|
||||
params=dict(orgname=ORGANIZATION))
|
||||
|
||||
membernames = [member['name'] for member in json['members']]
|
||||
assert ADMIN_ACCESS_USER in membernames
|
||||
assert READ_ACCESS_USER in membernames
|
||||
|
||||
self.deleteResponse(OrganizationMember,
|
||||
params=dict(orgname=ORGANIZATION, membername=READ_ACCESS_USER))
|
||||
|
||||
json = self.getJsonResponse(OrganizationMemberList,
|
||||
params=dict(orgname=ORGANIZATION))
|
||||
|
||||
membernames = [member['name'] for member in json['members']]
|
||||
assert ADMIN_ACCESS_USER in membernames
|
||||
assert not READ_ACCESS_USER in membernames
|
||||
|
||||
|
||||
def test_remove_member_repo_permission(self):
|
||||
self.login(ADMIN_ACCESS_USER)
|
||||
|
||||
# Add read user as a direct permission on the admin user's repo.
|
||||
model.set_user_repo_permission(READ_ACCESS_USER, ADMIN_ACCESS_USER, 'simple', 'read')
|
||||
|
||||
# Verify the user has a permission on the admin user's repo.
|
||||
admin_perms = [p.user.username for p in model.get_all_repo_users(ADMIN_ACCESS_USER, 'simple')]
|
||||
assert READ_ACCESS_USER in admin_perms
|
||||
|
||||
# Add read user as a direct permission on the org repo.
|
||||
model.set_user_repo_permission(READ_ACCESS_USER, ORGANIZATION, ORG_REPO, 'read')
|
||||
|
||||
# Verify the user has a permission on the org repo.
|
||||
org_perms = [p.user.username for p in model.get_all_repo_users(ORGANIZATION, ORG_REPO)]
|
||||
assert READ_ACCESS_USER in org_perms
|
||||
|
||||
# Remove the user from the org.
|
||||
self.deleteResponse(OrganizationMember,
|
||||
params=dict(orgname=ORGANIZATION, membername=READ_ACCESS_USER))
|
||||
|
||||
# Verify that the user's permission on the org repo is gone, but it is still
|
||||
# present on the other repo.
|
||||
org_perms = [p.user.username for p in model.get_all_repo_users(ORGANIZATION, ORG_REPO)]
|
||||
assert not READ_ACCESS_USER in org_perms
|
||||
|
||||
admin_perms = [p.user.username for p in model.get_all_repo_users(ADMIN_ACCESS_USER, 'simple')]
|
||||
assert READ_ACCESS_USER in admin_perms
|
||||
|
||||
|
||||
class TestGetOrganizationPrivateAllowed(ApiTestCase):
|
||||
|
|
|
|||
Reference in a new issue