This repository has been archived on 2020-03-24. You can view files and clone it, but cannot push or open issues or pull requests.
quay/util/fixuseradmin.py
2019-11-12 11:09:47 -05:00

70 lines
2 KiB
Python

import argparse
import sys
from app import app
from data.database import Namespace, Repository, RepositoryPermission, Role
from data.model.permission import get_user_repo_permissions
from data.model.user import get_active_users, get_nonrobot_user
DESCRIPTION = '''
Fix user repositories missing admin permissions for owning user.
'''
parser = argparse.ArgumentParser(description=DESCRIPTION)
parser.add_argument('users', nargs='*', help='Users to check')
parser.add_argument('-a', '--all', action='store_true', help='Check all users')
parser.add_argument('-n', '--dry-run', action='store_true', help="Don't act")
ADMIN = Role.get(name='admin')
def repos_for_namespace(namespace):
return (Repository
.select(Repository.id, Repository.name, Namespace.username)
.join(Namespace)
.where(Namespace.username == namespace))
def has_admin(user, repo):
perms = get_user_repo_permissions(user, repo)
return any(p.role == ADMIN for p in perms)
def get_users(all_users=False, users_list=None):
if all_users:
return get_active_users(disabled=False)
return map(get_nonrobot_user, users_list)
def ensure_admin(user, repos, dry_run=False):
repos = [repo for repo in repos if not has_admin(user, repo)]
for repo in repos:
print('User {} missing admin on: {}'.format(user.username, repo.name))
if not dry_run:
RepositoryPermission.create(user=user, repository=repo, role=ADMIN)
print('Granted {} admin on: {}'.format(user.username, repo.name))
return len(repos)
def main():
args = parser.parse_args()
found = 0
if not args.all and len(args.users) == 0:
sys.exit('Need a list of users or --all')
for user in get_users(all_users=args.all, users_list=args.users):
if user is not None:
repos = repos_for_namespace(user.username)
found += ensure_admin(user, repos, dry_run=args.dry_run)
print('\nFound {} user repos missing admin'
' permissions for owner.'.format(found))
if __name__ == '__main__':
main()