allura-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dill...@apache.org
Subject [allura] 03/03: [#8364] remove user roles if they are emptied
Date Wed, 09 Jun 2021 19:20:22 GMT
This is an automated email from the ASF dual-hosted git repository.

dill0wn pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/allura.git

commit dbeeea414d3c40172439117b533c14e46be9a102
Author: Dave Brondsema <dbrondsema@slashdotmedia.com>
AuthorDate: Thu May 27 10:35:08 2021 -0400

    [#8364] remove user roles if they are emptied
---
 Allura/allura/ext/admin/admin_main.py |  3 +++
 Allura/allura/model/auth.py           | 15 +++++++--------
 scripts/add_user_to_group.py          |  9 ++++++---
 3 files changed, 16 insertions(+), 11 deletions(-)

diff --git a/Allura/allura/ext/admin/admin_main.py b/Allura/allura/ext/admin/admin_main.py
index ae55943..064108e 100644
--- a/Allura/allura/ext/admin/admin_main.py
+++ b/Allura/allura/ext/admin/admin_main.py
@@ -1167,6 +1167,9 @@ class GroupsController(BaseController):
             return dict(error='%s (%s) is not in the group %s.' % (user.display_name, username,
group.name))
         M.AuditLog.log('remove user %s from %s', username, group.name)
         user_role.roles.remove(group._id)
+        if len(user_role.roles) == 0:
+            # user has no roles in this project any more, so don't leave a useless doc around
+            user_role.delete()
         g.post_event('project_updated')
         return dict()
 
diff --git a/Allura/allura/model/auth.py b/Allura/allura/model/auth.py
index 01b6572..3c678b3 100644
--- a/Allura/allura/model/auth.py
+++ b/Allura/allura/model/auth.py
@@ -829,14 +829,13 @@ class OldProjectRole(MappedClass):
 
 class ProjectRole(MappedClass):
     """
-    Per-project roles, called "Groups" in the UI.
-    This can be a proxy for a single user.  It can also inherit roles.
-
-    :var user_id: used if this role is for a single user
-    :var project_id:
-    :var name:
-    :var roles: a list of other :class:`ProjectRole` ``ObjectId`` values.  These roles are
delegated through the
-                current role.
+    The roles that a single user holds in a project.
+    Also the named roles (called "Groups" in the UI) are in this model (and can include other
named roles)
+
+    :var user_id: used if this role is for a single user.  Empty for named roles
+    :var project_id: the project id
+    :var name: named roles (like Admin, Developer, custom-names-too)
+    :var roles: a list of other :class:`ProjectRole` ``ObjectId`` values which this user/group
has access to
     """
 
     class __mongometa__:
diff --git a/scripts/add_user_to_group.py b/scripts/add_user_to_group.py
index f175faa..8c9a757 100644
--- a/scripts/add_user_to_group.py
+++ b/scripts/add_user_to_group.py
@@ -94,15 +94,18 @@ def update_project(options, user, project, replace_users=None):
 
     found_any_replace_users = False
     for replace_user in replace_users:
-        replace_user_roles = M.ProjectRole.by_user(replace_user, project=project, upsert=True).roles
-        if project_role._id not in replace_user_roles:
+        replace_user_perm = M.ProjectRole.by_user(replace_user, project=project)
+        if not replace_user_perm or project_role._id not in replace_user_perm.roles:
             log.info('Cannot replace %s they are not %s of %s', replace_user.username, options.group,
project.url())
             continue
         found_any_replace_users = True
         if options.dry_run:
             log.info('Would remove %s as %s of %s', replace_user.username, options.group,
project.url())
         else:
-            replace_user_roles.remove(project_role._id)
+            replace_user_perm.roles.remove(project_role._id)
+            if len(replace_user_perm.roles) == 0:
+                # user has no roles in this project any more, so don't leave a useless doc
around
+                replace_user_perm.delete()
             ThreadLocalORMSession.flush_all()
     if replace_users and not found_any_replace_users:
         log.info('Not adding %s since no replace-users found on %s', user.username, project.url())

Mime
View raw message