diff --git a/pagure/lib/__init__.py b/pagure/lib/__init__.py index 064b1b3..8dd2e09 100644 --- a/pagure/lib/__init__.py +++ b/pagure/lib/__init__.py @@ -1812,12 +1812,18 @@ def search_groups(session, pattern=None, group_name=None, group_type=None): return query.all() -def add_user_to_group(session, username, group, user): +def add_user_to_group(session, username, group, user, is_admin): ''' Add the specified user to the given group. ''' new_user = search_user(session, username=username) if not new_user: - raise PagureException('No user `%s` found' % username) + raise pagure.exceptions.PagureException( + 'No user `%s` found' % username) + + user = search_user(session, username=user) + if not group.group_name in user.groups and not is_admin: + raise pagure.exceptions.PagureException( + 'You are not allowed to add user to this group') for guser in group.users: if guser.username == new_user.username: @@ -1833,6 +1839,64 @@ def add_user_to_group(session, username, group, user): return 'User `%s` added.' % new_user.username +def delete_user_of_group(session, username, groupname, user, is_admin): + ''' Removes the specified user from the given group. + ''' + group_obj = search_groups(session, group_name=groupname) + + if not group_obj: + raise pagure.exceptions.PagureException( + 'No group `%s` found' % groupname) + + drop_user = search_user(session, username=username) + if not drop_user: + raise pagure.exceptions.PagureException( + 'No user `%s` found' % username) + + user = search_user(session, username=user) + if not group_obj.group_name in user.groups and not is_admin: + raise pagure.exceptions.PagureException( + 'You are not allowed to remove user from this group') + + if drop_user.username == group_obj.creator.username: + raise pagure.exceptions.PagureException( + 'The creator of a group cannot be removed') + + user_grp = get_user_group(session, drop_user.id, group_obj.id) + session.delete(user_grp) + session.flush() + + +def add_group(session, group_name, group_type, user, is_admin): + ''' Creates a new group with the given information. + ''' + + group_types = ['user'] + if is_admin: + group_types = [ + grp.group_type + for grp in get_group_types(session) + ] + + if not is_admin: + group_type = 'user' + + if group_type not in group_types: + raise pagure.exceptions.PagureException( + 'Invalide type for this group') + + user = search_user(session, username=user) + + grp = pagure.lib.model.PagureGroup( + group_name=group_name, + group_type=group_type, + user_id=user.id, + ) + pagure.SESSION.add(grp) + + return add_user_to_group(session, user.username, grp, user.username) + + def get_group(session, group): ''' Return a specific group for the specified group name. diff --git a/pagure/ui/groups.py b/pagure/ui/groups.py index 4555aee..8d2b867 100644 --- a/pagure/ui/groups.py +++ b/pagure/ui/groups.py @@ -59,18 +59,16 @@ def view_group(group): form = pagure.forms.AddUserForm() if pagure.authenticated() and form.validate_on_submit(): - if not group.group_name in flask.g.fas_user.groups and \ - not pagure.is_admin(): - flask.flash('Action restricted', 'error') - return flask.redirect( - flask.url_for('.view_group', group=group.group_name)) - username = form.user.data try: msg = pagure.lib.add_user_to_group( - pagure.SESSION, username, group, - flask.g.fas_user.username) + pagure.SESSION, + username=username, + group=group, + user=flask.g.fas_user.username, + admin=pagure.is_admin(), + ) pagure.SESSION.commit() flask.flash(msg) except pagure.exceptions.PagureException, err: @@ -102,32 +100,34 @@ def view_group(group): def group_user_delete(user, group): """ Delete an user from a certain group """ - # Add new user to the group if asked form = pagure.forms.ConfirmationForm() if form.validate_on_submit(): - group_obj = pagure.lib.search_groups( - pagure.SESSION, group_name=group) - - if not group_obj: - flask.flash('No group `%s` found' % group, 'error') - return flask.redirect(flask.url_for('.view_group', group=group)) - - user = pagure.lib.search_user(pagure.SESSION, username=user) - if not user: - flask.flash('No user `%s` found' % user, 'error') - return flask.redirect(flask.url_for('.view_group', group=group)) - - if user == group_obj.creator: - flask.flash('The creator of a group cannot be removed', 'error') - return flask.redirect(flask.url_for('.view_group', group=group)) - user_grp = pagure.lib.get_user_group( - pagure.SESSION, user.id, group_obj.id) - pagure.SESSION.delete(user_grp) - - pagure.SESSION.commit() - flask.flash( - 'User `%s` removed from the group `%s`' % (user.user, group)) + try: + msg = pagure.lib.delete_user_of_group( + pagure.SESSION, + username=user, + groupname=group, + user=flask.g.fas_user.username, + is_admin=pagure.is_admin() + ) + pagure.SESSION.commit() + flask.flash(msg) + except pagure.exceptions.PagureException, err: + pagure.SESSION.rollback() + flask.flash(err.message, 'error') + return flask.redirect( + flask.url_for('.view_group', group=group)) + except SQLAlchemyError as err: + pagure.SESSION.rollback() + flask.flash( + 'Could not remove user `%s` from the group `%s`.' % ( + user.user, group), + 'error') + pagure.APP.logger.debug( + 'Could not remove user `%s` from the group `%s`.' % ( + user.user, group)) + pagure.APP.logger.exception(err) return flask.redirect(flask.url_for('.view_group', group=group)) @@ -182,16 +182,15 @@ def add_group(): form.group_type.data = 'user' if form.validate_on_submit(): - grp = pagure.lib.model.PagureGroup( - group_name=form.group_name.data, - group_type=form.group_type.data, - user_id=user.id, - ) - pagure.SESSION.add(grp) - - msg = pagure.lib.add_user_to_group( - pagure.SESSION, user.username, grp, user.username) + try: + msg = pagure.lib.add_group( + session=pagure.SESSION, + group_name=form.group_name.data, + group_type=form.group_type.data, + user=flask.g.fas_user.username, + is_admin=pagure.is_admin(), + ) pagure.SESSION.commit() flask.flash('Group `%s` created.' % grp.group_name) flask.flash(msg)