From aa4ff6a52982022ce109b4ca5c8b70a8c06218e8 Mon Sep 17 00:00:00 2001
From: Pierre-Yves Chibon <pingou@pingoured.fr>
Date: Aug 07 2017 12:31:41 +0000
Subject: Make project.users not be viewonly so users can be removed from a project


Basically with this line the relationship was read only while the code
was expecting a read/write relationship to remove the link between and
user and a project.

Fixes https://pagure.io/fedora-infrastructure/issue/6198

Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>

---

diff --git a/pagure/lib/model.py b/pagure/lib/model.py
index 5191a91..a3be8b0 100644
--- a/pagure/lib/model.py
+++ b/pagure/lib/model.py
@@ -384,7 +384,6 @@ class Project(BASE):
         primaryjoin="projects.c.id==user_projects.c.project_id",
         secondaryjoin="users.c.id==user_projects.c.user_id",
         backref='co_projects',
-        viewonly=True
     )
 
     admins = relation(
diff --git a/tests/test_pagure_flask_ui_repo.py b/tests/test_pagure_flask_ui_repo.py
index 767a415..7d0a2d6 100644
--- a/tests/test_pagure_flask_ui_repo.py
+++ b/tests/test_pagure_flask_ui_repo.py
@@ -670,6 +670,7 @@ class PagureFlaskRepotests(tests.Modeltests):
 
         # Add an user to a project
         repo = pagure.get_authorized_project(self.session, 'test')
+        self.assertEqual(len(repo.users), 0)
         msg = pagure.lib.add_user_to_project(
             session=self.session,
             project=repo,
@@ -678,6 +679,7 @@ class PagureFlaskRepotests(tests.Modeltests):
         )
         self.session.commit()
         self.assertEqual(msg, 'User added')
+        self.assertEqual(len(repo.users), 1)
 
         with tests.user_set(pagure.APP, user):
             output = self.app.post('/test/dropuser/2', follow_redirects=True)
@@ -687,6 +689,9 @@ class PagureFlaskRepotests(tests.Modeltests):
             self.assertIn('<h3>Settings for test</h3>', output.data)
             self.assertNotIn(
                 '</button>\n                      User removed', output.data)
+            self.assertIn('action="/test/dropuser/2">', output.data)
+            repo = pagure.get_authorized_project(self.session, 'test')
+            self.assertEqual(len(repo.users), 1)
 
             data = {'csrf_token': csrf_token}
             output = self.app.post(
@@ -697,6 +702,9 @@ class PagureFlaskRepotests(tests.Modeltests):
             self.assertIn('<h3>Settings for test</h3>', output.data)
             self.assertIn(
                 '</button>\n                      User removed', output.data)
+            self.assertNotIn('action="/test/dropuser/2">', output.data)
+            repo = pagure.get_authorized_project(self.session, 'test')
+            self.assertEqual(len(repo.users), 0)
 
 
     @patch('pagure.ui.repo.admin_session_timedout')