diff --git a/docs/api/api.rst b/docs/api/api.rst --- a/docs/api/api.rst +++ b/docs/api/api.rst @@ -283,7 +283,8 @@ OUTPUT:: add_user_to_users_group ----------------------- -Adds a user to a users group. This command can be executed only using api_key +Adds a user to a users group. If user exists in that group success will be +`false`. This command can be executed only using api_key belonging to user with admin rights @@ -300,7 +301,36 @@ OUTPUT:: result: { "id": "", - "msg": "created new users group member" + "success": True|False # depends on if member is in group + "msg": "added member to users group | + User is already in that group" + } + error: null + + +remove_user_from_users_group +---------------------------- + +Removes a user from a users group. If user is not in given group success will +be `false`. This command can be executed only +using api_key belonging to user with admin rights + + +INPUT:: + + api_key : "" + method : "remove_user_from_users_group" + args: { + "group_name" : "", + "username" : "" + } + +OUTPUT:: + + result: { + "success": True|False, # depends on if member is in group + "msg": "removed member from users group | + User wasn't in group" } error: null diff --git a/rhodecode/controllers/api/api.py b/rhodecode/controllers/api/api.py --- a/rhodecode/controllers/api/api.py +++ b/rhodecode/controllers/api/api.py @@ -92,8 +92,8 @@ class ApiController(JSONRPCController): """ user = User.get_by_username(username) - if not user: - return None + if user is None: + return user return dict( id=user.user_id, @@ -258,18 +258,52 @@ class ApiController(JSONRPCController): if not users_group: raise JSONRPCError('unknown users group %s' % group_name) - try: - user = User.get_by_username(username) - except NoResultFound: + user = User.get_by_username(username) + if user is None: raise JSONRPCError('unknown user %s' % username) ugm = UsersGroupModel().add_user_to_group(users_group, user) + success = True if ugm != True else False + msg = 'added member %s to users group %s' % (username, group_name) + msg = msg if success else 'User is already in that group' Session.commit() - return dict(id=ugm.users_group_member_id, - msg='created new users group member') + + return dict( + id=ugm.users_group_member_id if ugm != True else None, + success=success, + msg=msg + ) except Exception: log.error(traceback.format_exc()) - raise JSONRPCError('failed to create users group member') + raise JSONRPCError('failed to add users group member') + + @HasPermissionAllDecorator('hg.admin') + def remove_user_from_users_group(self, apiuser, group_name, username): + """ + Remove user from a group + + :param apiuser + :param group_name + :param username + """ + + try: + users_group = UsersGroup.get_by_group_name(group_name) + if not users_group: + raise JSONRPCError('unknown users group %s' % group_name) + + user = User.get_by_username(username) + if user is None: + raise JSONRPCError('unknown user %s' % username) + + success = UsersGroupModel().remove_user_from_group(users_group, user) + msg = 'removed member %s from users group %s' % (username, group_name) + msg = msg if success else "User wasn't in group" + Session.commit() + return dict(success=success, msg=msg) + except Exception: + log.error(traceback.format_exc()) + raise JSONRPCError('failed to remove user from group') @HasPermissionAnyDecorator('hg.admin') def get_repo(self, apiuser, repo_name): @@ -386,10 +420,9 @@ class ApiController(JSONRPCController): """ try: - try: - owner = User.get_by_username(owner_name) - except NoResultFound: - raise JSONRPCError('unknown user %s' % owner) + owner = User.get_by_username(owner_name) + if owner is None: + raise JSONRPCError('unknown user %s' % owner_name) if Repository.get_by_repo_name(repo_name): raise JSONRPCError("repo %s already exist" % repo_name) diff --git a/rhodecode/model/users_group.py b/rhodecode/model/users_group.py --- a/rhodecode/model/users_group.py +++ b/rhodecode/model/users_group.py @@ -29,7 +29,7 @@ import traceback from rhodecode.model import BaseModel from rhodecode.model.db import UsersGroupMember, UsersGroup,\ - UsersGroupRepoToPerm, Permission, UsersGroupToPerm + UsersGroupRepoToPerm, Permission, UsersGroupToPerm, User from rhodecode.lib.exceptions import UsersGroupsAssignedException log = logging.getLogger(__name__) @@ -37,6 +37,9 @@ log = logging.getLogger(__name__) class UsersGroupModel(BaseModel): + def __get_user(self, user): + return self._get_instance(User, user, callback=User.get_by_username) + def __get_users_group(self, users_group): return self._get_instance(UsersGroup, users_group, callback=UsersGroup.get_by_group_name) @@ -111,10 +114,13 @@ class UsersGroupModel(BaseModel): raise def add_user_to_group(self, users_group, user): + users_group = self.__get_users_group(users_group) + user = self.__get_user(user) + for m in users_group.members: u = m.user if u.user_id == user.user_id: - return m + return True try: users_group_member = UsersGroupMember() @@ -130,6 +136,28 @@ class UsersGroupModel(BaseModel): log.error(traceback.format_exc()) raise + def remove_user_from_group(self, users_group, user): + users_group = self.__get_users_group(users_group) + user = self.__get_user(user) + + users_group_member = None + for m in users_group.members: + if m.user.user_id == user.user_id: + # Found this user's membership row + users_group_member = m + break + + if users_group_member: + try: + self.sa.delete(users_group_member) + return True + except: + log.error(traceback.format_exc()) + raise + else: + # User isn't in that group + return False + def has_perm(self, users_group, perm): users_group = self.__get_users_group(users_group) perm = self.__get_perm(perm)