def convert_user_to_organization(user_obj, admin_user):
if user_obj.robot:
raise DataModelException("Cannot convert a robot into an organization")
with db_transaction():
# Change the user to an organization and disable this account for login.
user_obj.organization = True
user_obj.password_hash = None
user_obj.save()
# Clear any federated auth pointing to this user.
FederatedLogin.delete().where(
FederatedLogin.user == user_obj).execute()
# Delete any user-specific permissions on repositories.
(RepositoryPermission.delete().where(
RepositoryPermission.user == user_obj).execute())
# Create a team for the owners
owners_team = team.create_team("owners", user_obj, "admin")
# Add the user who will admin the org to the owners team
team.add_user_to_team(admin_user, owners_team)
return user_obj
def detach_external_login(user, service_name):
try:
service = LoginService.get(name=service_name)
except LoginService.DoesNotExist:
return
FederatedLogin.delete().where(FederatedLogin.user == user,
FederatedLogin.service == service).execute()
def _delete_user_linked_data(user):
if user.organization:
# Delete the organization's teams.
with db_transaction():
for team in Team.select().where(Team.organization == user):
team.delete_instance(recursive=True)
# Delete any OAuth approvals and tokens associated with the user.
with db_transaction():
for app in OAuthApplication.select().where(
OAuthApplication.organization == user):
app.delete_instance(recursive=True)
else:
# Remove the user from any teams in which they are a member.
TeamMember.delete().where(TeamMember.user == user).execute()
# Delete any repository buildtriggers where the user is the connected user.
with db_transaction():
triggers = RepositoryBuildTrigger.select().where(
RepositoryBuildTrigger.connected_user == user)
for trigger in triggers:
trigger.delete_instance(recursive=True, delete_nullable=False)
with db_transaction():
quotas = namespacequota.get_namespace_quota_list(user.username)
for quota in quotas:
namespacequota.delete_namespace_quota(quota)
# Delete any mirrors with robots owned by this user.
with db_transaction():
robots = list(list_namespace_robots(user.username))
RepoMirrorConfig.delete().where(
RepoMirrorConfig.internal_robot << robots).execute()
# Delete any robots owned by this user.
with db_transaction():
robots = list(list_namespace_robots(user.username))
for robot in robots:
robot.delete_instance(recursive=True, delete_nullable=True)
# Null out any service key approvals. We technically lose information here, but its better than
# falling and only occurs if a superuser is being deleted.
ServiceKeyApproval.update(approver=None).where(
ServiceKeyApproval.approver == user).execute()
# Delete any federated user links.
FederatedLogin.delete().where(FederatedLogin.user == user).execute()
