add/remove user from cg
This commit is contained in:
Mike McLean
parent
77e26b7e19
commit
91c877d359
4 changed files with 107 additions and 16 deletions
8
cli/koji
8
cli/koji
|
|
@ -3867,6 +3867,13 @@ def _print_histline(entry, **kwargs):
|
|||
fmt = "user %(user.name)s added to group %(group.name)s"
|
||||
else:
|
||||
fmt = "user %(user.name)s removed from group %(group.name)s"
|
||||
elif table == 'cg_users':
|
||||
if edit:
|
||||
fmt = "user %(user.name)s re-added to content generator %(content_generator.name)s"
|
||||
elif create:
|
||||
fmt = "user %(user.name)s added to content generator %(content_generator.name)s"
|
||||
else:
|
||||
fmt = "user %(user.name)s removed from content generator %(content_generator.name)s"
|
||||
elif table == 'tag_packages':
|
||||
if edit:
|
||||
fmt = "package list entry for %(package.name)s in %(tag.name)s updated"
|
||||
|
|
@ -3995,6 +4002,7 @@ def _print_histline(entry, **kwargs):
|
|||
_table_keys = {
|
||||
'user_perms' : ['user_id', 'perm_id'],
|
||||
'user_groups' : ['user_id', 'group_id'],
|
||||
'cg_users' : ['user_id', 'cg_id'],
|
||||
'tag_inheritance' : ['tag_id', 'parent_id'],
|
||||
'tag_config' : ['tag_id'],
|
||||
'build_target_config' : ['build_target_id'],
|
||||
|
|
|
|||
|
|
@ -10,11 +10,22 @@ CREATE TABLE content_generator (
|
|||
) WITHOUT OIDS;
|
||||
|
||||
CREATE TABLE cg_users (
|
||||
cg_id INTEGER NOT NULL REFERENCES content_generator (id),
|
||||
user_id INTEGER NOT NULL REFERENCES users (id),
|
||||
PRIMARY KEY (cg_id, user_id)
|
||||
cg_id INTEGER NOT NULL REFERENCES content_generator (id),
|
||||
user_id INTEGER NOT NULL REFERENCES users (id),
|
||||
-- versioned
|
||||
create_event INTEGER NOT NULL REFERENCES events(id) DEFAULT get_event(),
|
||||
revoke_event INTEGER REFERENCES events(id),
|
||||
creator_id INTEGER NOT NULL REFERENCES users(id),
|
||||
revoker_id INTEGER REFERENCES users(id),
|
||||
active BOOLEAN DEFAULT 'true' CHECK (active),
|
||||
CONSTRAINT active_revoke_sane CHECK (
|
||||
(active IS NULL AND revoke_event IS NOT NULL AND revoker_id IS NOT NULL)
|
||||
OR (active IS NOT NULL AND revoke_event IS NULL AND revoker_id IS NULL)),
|
||||
PRIMARY KEY (create_event, cg_id, user_id),
|
||||
UNIQUE (cg_id, user_id, active)
|
||||
) WITHOUT OIDS;
|
||||
|
||||
|
||||
CREATE TABLE buildroot_tools_info (
|
||||
buildroot_id INTEGER NOT NULL REFERENCES buildroot(id),
|
||||
tool TEXT NOT NULL,
|
||||
|
|
@ -78,6 +89,7 @@ ALTER TABLE buildroot ADD COLUMN cg_id INTEGER REFERENCES content_generator (id)
|
|||
ALTER TABLE buildroot ADD COLUMN cg_version TEXT;
|
||||
ALTER TABLE buildroot ADD COLUMN container_type TEXT;
|
||||
ALTER TABLE buildroot ADD COLUMN host_os TEXT;
|
||||
ALTER TABLE buildroot ADD COLUMN host_arch TEXT;
|
||||
|
||||
SELECT now(), 'Altering buildroot table (altering columns)' as msg;
|
||||
ALTER TABLE buildroot RENAME arch TO container_arch;
|
||||
|
|
|
|||
|
|
@ -476,11 +476,21 @@ CREATE TABLE content_generator (
|
|||
name TEXT
|
||||
) WITHOUT OIDS;
|
||||
|
||||
|
||||
CREATE TABLE cg_users (
|
||||
cg_id INTEGER NOT NULL REFERENCES content_generator (id),
|
||||
user_id INTEGER NOT NULL REFERENCES users (id),
|
||||
PRIMARY KEY (cg_id, user_id)
|
||||
-- XXX: should we version this?
|
||||
-- versioned - see earlier description of versioning
|
||||
create_event INTEGER NOT NULL REFERENCES events(id) DEFAULT get_event(),
|
||||
revoke_event INTEGER REFERENCES events(id),
|
||||
creator_id INTEGER NOT NULL REFERENCES users(id),
|
||||
revoker_id INTEGER REFERENCES users(id),
|
||||
active BOOLEAN DEFAULT 'true' CHECK (active),
|
||||
CONSTRAINT active_revoke_sane CHECK (
|
||||
(active IS NULL AND revoke_event IS NOT NULL AND revoker_id IS NOT NULL)
|
||||
OR (active IS NOT NULL AND revoke_event IS NULL AND revoker_id IS NULL)),
|
||||
PRIMARY KEY (create_event, cg_id, user_id),
|
||||
UNIQUE (cg_id, user_id, active)
|
||||
) WITHOUT OIDS;
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -3164,27 +3164,38 @@ def get_external_repo_list(tag_info, event=None):
|
|||
seen_repos[tag_repo['external_repo_id']] = 1
|
||||
return repos
|
||||
|
||||
def get_user(userInfo=None,strict=False):
|
||||
"""Return information about a user. userInfo may be either a str
|
||||
(Kerberos principal) or an int (user id). A map will be returned with the
|
||||
following keys:
|
||||
|
||||
def get_user(userInfo=None, strict=False):
|
||||
"""Return information about a user.
|
||||
|
||||
userInfo may be either a str (Kerberos principal or name) or an int (user id).
|
||||
|
||||
A map will be returned with the following keys:
|
||||
id: user id
|
||||
name: user name
|
||||
status: user status (int), may be null
|
||||
usertype: user type (int), 0 person, 1 for host, may be null
|
||||
krb_principal: the user's Kerberos principal"""
|
||||
krb_principal: the user's Kerberos principal
|
||||
"""
|
||||
if userInfo is None:
|
||||
userInfo = context.session.user_id
|
||||
#will still be None if not logged in
|
||||
fields = ('id', 'name', 'status', 'usertype', 'krb_principal')
|
||||
q = """SELECT %s FROM users WHERE""" % ', '.join(fields)
|
||||
if userInfo is None:
|
||||
# not logged in
|
||||
raise koji.GenericError("No user provided")
|
||||
fields = ['id', 'name', 'status', 'usertype', 'krb_principal']
|
||||
#fields, aliases = zip(*fields.items())
|
||||
data = {'info' : userInfo}
|
||||
if isinstance(userInfo, int) or isinstance(userInfo, long):
|
||||
q += """ id = %(userInfo)i"""
|
||||
clauses = ['id = %(info)i']
|
||||
elif isinstance(userInfo, str):
|
||||
q += """ (krb_principal = %(userInfo)s or name = %(userInfo)s)"""
|
||||
clauses = ['krb_principal = %(info)s OR name = %(info)s']
|
||||
else:
|
||||
raise koji.GenericError, 'invalid type for userInfo: %s' % type(userInfo)
|
||||
return _singleRow(q,locals(),fields,strict=strict)
|
||||
query = QueryProcessor(tables=['users'], columns=fields,
|
||||
clauses=clauses, values=data)
|
||||
user = query.executeOne()
|
||||
return user
|
||||
|
||||
|
||||
def find_build_id(X, strict=False):
|
||||
if isinstance(X,int) or isinstance(X,long):
|
||||
|
|
@ -5615,6 +5626,7 @@ def query_history(tables=None, **kwargs):
|
|||
table_fields = {
|
||||
'user_perms' : ['user_id', 'perm_id'],
|
||||
'user_groups' : ['user_id', 'group_id'],
|
||||
'cg_users' : ['user_id', 'cg_id'],
|
||||
'tag_inheritance' : ['tag_id', 'parent_id', 'priority', 'maxdepth', 'intransitive', 'noconfig', 'pkg_filter'],
|
||||
'tag_config' : ['tag_id', 'arches', 'perm_id', 'locked', 'maven_support', 'maven_include_all'],
|
||||
'build_target_config' : ['build_target_id', 'build_tag', 'dest_tag'],
|
||||
|
|
@ -5632,6 +5644,7 @@ def query_history(tables=None, **kwargs):
|
|||
#field : [table, join-alias, alias]
|
||||
'user_id' : ['users', 'users', 'user'],
|
||||
'perm_id' : ['permissions', 'permission'],
|
||||
'cg_id' : ['content_generator'],
|
||||
#group_id is overloaded (special case below)
|
||||
'tag_id' : ['tag'],
|
||||
'parent_id' : ['tag', 'parent'],
|
||||
|
|
@ -6417,6 +6430,33 @@ def set_user_status(user, status):
|
|||
raise koji.GenericError, 'invalid user ID: %i' % user_id
|
||||
|
||||
|
||||
def add_user_to_cg(user, cg):
|
||||
"""Associate a user with a content generator"""
|
||||
|
||||
context.session.assertPerm('admin')
|
||||
user = get_user(user, strict=True)
|
||||
cg = lookup_name('content_generator', cg, strict=True)
|
||||
ins = InsertProcessor('cg_users')
|
||||
ins.set(cg_id=cg['id'], user_id=user['id'])
|
||||
ins.make_create()
|
||||
if ins.dup_check():
|
||||
raise koji.GenericError("User already associated with content generator")
|
||||
ins.execute()
|
||||
|
||||
|
||||
def remove_user_from_cg(user, cg):
|
||||
"""De-associate a user with a content generator"""
|
||||
|
||||
context.session.assertPerm('admin')
|
||||
user = get_user(user, strict=True)
|
||||
cg = lookup_name('content_generator', cg, strict=True)
|
||||
data = {'user_id': user['id'], 'cg_id' : cg['id']}
|
||||
update = UpdateProcessor('cg_users', values=data,
|
||||
clauses=["user_id = %(user_id)i", "cg_id = %(cg_id)i"])
|
||||
update.make_revoke()
|
||||
update.execute()
|
||||
|
||||
|
||||
def get_event():
|
||||
"""Get an event id for this transaction
|
||||
|
||||
|
|
@ -6487,6 +6527,24 @@ class InsertProcessor(object):
|
|||
self.data['create_event'] = event_id
|
||||
self.data['creator_id'] = user_id
|
||||
|
||||
def dup_check(self):
|
||||
"""Check to see if the insert duplicates an existing row"""
|
||||
if self.rawdata:
|
||||
logger.warning("Can't perform duplicate check")
|
||||
return None
|
||||
data = self.data.copy()
|
||||
if 'create_event' in self.data:
|
||||
# versioned table
|
||||
data['active'] = True
|
||||
del data['create_event']
|
||||
del data['creator_id']
|
||||
clauses = ["%s = %%(%s)s" % (k, k) for k in data]
|
||||
query = QueryProcessor(columns=data.keys(), tables=[self.table],
|
||||
clauses=clauses, values=data)
|
||||
if query.execute():
|
||||
return True
|
||||
return False
|
||||
|
||||
def execute(self):
|
||||
return _dml(str(self), self.data)
|
||||
|
||||
|
|
@ -8915,6 +8973,9 @@ class RootExports(object):
|
|||
raise koji.GenericError, 'unknown user: %s' % username
|
||||
set_user_status(user, koji.USER_STATUS['BLOCKED'])
|
||||
|
||||
addUserToCG = staticmethod(add_user_to_cg)
|
||||
removeUserFromCG = staticmethod(remove_user_from_cg)
|
||||
|
||||
#group management calls
|
||||
newGroup = staticmethod(new_group)
|
||||
addGroupMember = staticmethod(add_group_member)
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue