Subtle tweaks to the api and a fix for one bug where teams could be added to repository permissions through the API even if they were not part of the org.

2013-11-07 12:54:21 -05:00 · 2013-11-07 12:54:21 -05:00 · ff7cd2f0a5
commit ff7cd2f0a5
parent d064af2800
2 changed files with 35 additions and 59 deletions
--- a/data/model.py
+++ b/data/model.py
@ -149,7 +149,11 @@ def remove_team(org_name, team_name, removed_by_username):


 def add_user_to_team(user, team):
-  return TeamMember.create(user=user, team=team)
+  try:
+    return TeamMember.create(user=user, team=team)
+  except Exception:
+    raise DataModelException('Unable to add user \'%s\' to team: \'%s\'' %
+                             (user.username, team.name))


 def remove_user_from_team(org_name, team_name, username, removed_by_username):
@ -164,7 +168,7 @@ def remove_user_from_team(org_name, team_name, username, removed_by_username):

  if not found:
    raise DataModelException('User %s does not belong to team %s' %
-                             (username, teamname))
+                             (username, team_name))

  if username == removed_by_username:
    admin_team_query = __get_user_admin_teams(org_name, team_name, username)
@ -722,15 +726,13 @@ def delete_team_permission(team_name, namespace_name, repository_name):
  fetched[0].delete_instance()


-def __set_entity_repo_permission(entity_id, entity_table, entity_id_property,
-                                 permission_entity_property, namespace_name,
-                                 repository_name, role_name):
-  entity = entity_table.get(entity_id_property == entity_id)
+def __set_entity_repo_permission(entity, permission_entity_property,
+                                 namespace_name, repository_name, role_name):
  repo = Repository.get(Repository.name == repository_name,
                        Repository.namespace == namespace_name)
  new_role = Role.get(Role.name == role_name)

-  # Fetch any existing permission for this user on the repo
+  # Fetch any existing permission for this entity on the repo
  try:
    entity_attr = getattr(RepositoryPermission, permission_entity_property)
    perm = RepositoryPermission.get(entity_attr == entity,
@ -750,16 +752,21 @@ def set_user_repo_permission(username, namespace_name, repository_name,
  if username == namespace_name:
    raise DataModelException('Namespace owner must always be admin.')

-  return __set_entity_repo_permission(username, User, User.username, 'user',
-                                      namespace_name, repository_name,
-                                      role_name)
+  user = User.get(User.username == username)
+  return __set_entity_repo_permission(user, 'user', namespace_name,
+                                      repository_name, role_name)


 def set_team_repo_permission(team_name, namespace_name, repository_name,
                             role_name):
-  return __set_entity_repo_permission(team_name, Team, Team.name, 'team',
-                                      namespace_name, repository_name,
-                                      role_name)
+  team = list(Team.select().join(User).where(Team.name == team_name,
+                                             User.username == namespace_name))
+  if not team:
+    raise DataModelException('No team \'%s\' in organization \'%s\'.' %
+                             (team_name, namespace_name))
+
+  return __set_entity_repo_permission(team[0], 'team', namespace_name,
+                                      repository_name, role_name)


 def purge_repository(namespace_name, repository_name):