def revoke_admin():
"""Form submission handler for revoking admin access to a build."""
build = g.build
form = forms.RemoveAdminForm()
if form.validate_on_submit():
user = models.User.query.get(form.user_id.data)
if not user:
logging.debug('User being revoked admin access does not exist.'
'id=%r, build_id=%r', form.user_id.data, build.id)
abort(400)
if user == current_user:
logging.debug('User trying to remove themself as admin. '
'id=%r, build_id=%r', user.id, build.id)
abort(400)
db.session.add(build)
db.session.add(user)
db.session.refresh(build, lockmode='update')
db.session.refresh(user, lockmode='update')
user_is_owner = build.owners.filter_by(id=user.id)
if not user_is_owner:
logging.debug('User being revoked admin access is not owner. '
'id=%r, build_id=%r.', user.id, build.id)
abort(400)
build.owners.remove(user)
save_admin_log(build, revoked_admin=True, message=user.email_address)
db.session.commit()
operations.UserOps(user.get_id()).evict()
return redirect(url_for('manage_admins', build_id=build.id))
def manage_admins():
"""Page for viewing and managing build admins."""
build = g.build
# Do not show cached data
db.session.add(build)
db.session.refresh(build)
add_form = forms.AddAdminForm()
if add_form.validate_on_submit():
invitation_user_id = '%s:%s' % (models.User.EMAIL_INVITATION,
add_form.email_address.data)
invitation_user = models.User.query.get(invitation_user_id)
if not invitation_user:
invitation_user = models.User(
id=invitation_user_id,
email_address=add_form.email_address.data)
db.session.add(invitation_user)
db.session.add(build)
db.session.add(invitation_user)
db.session.refresh(build, lockmode='update')
build.owners.append(invitation_user)
save_admin_log(build,
invited_new_admin=True,
message=invitation_user.email_address)
db.session.commit()
logging.info('Added user=%r as owner to build_id=%r',
invitation_user.id, build.id)
return redirect(url_for('manage_admins', build_id=build.id))
add_form.build_id.data = build.id
revoke_form_list = []
for user in build.owners:
form = forms.RemoveAdminForm()
form.user_id.data = user.id
form.build_id.data = build.id
form.revoke.data = True
revoke_form_list.append((user, form))
return render_template('view_admins.html',
build=build,
add_form=add_form,
revoke_form_list=revoke_form_list)