summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRicky Zhou <ricky@fedoraproject.org>2008-03-13 02:47:03 (GMT)
committerRicky Zhou <ricky@fedoraproject.org>2008-03-13 02:47:03 (GMT)
commitc30cf1839eb3249c20ed711a88db28e04a2249d4 (patch)
treebb7a10ff5b386bdbedf064ac3c688a6f3ada89d4
parent1e445f921f95f3e60be6b2a131e506832e5ff184 (diff)
downloadfedora-infrastructure-c30cf1839eb3249c20ed711a88db28e04a2249d4.zip
fedora-infrastructure-c30cf1839eb3249c20ed711a88db28e04a2249d4.tar.gz
fedora-infrastructure-c30cf1839eb3249c20ed711a88db28e04a2249d4.tar.xz
Get auto-approve working.
-rw-r--r--fas/fas.cfg2
-rw-r--r--fas/fas/auth.py11
-rw-r--r--fas/fas/cla.py26
-rw-r--r--fas/fas/group.py1
-rw-r--r--fas/fas/model.py37
-rw-r--r--fas/fas/user.py1
6 files changed, 50 insertions, 28 deletions
diff --git a/fas/fas.cfg b/fas/fas.cfg
index 2bb9e44..a297ef0 100644
--- a/fas/fas.cfg
+++ b/fas/fas.cfg
@@ -34,7 +34,7 @@ openssl_ou = "Upload Files"
# Groups that automatically grant membership to other groups
# Format: 'group1:a,b,c|group2:d,e,f'
-auto_approve_groups = 'cvsextras:fedorabugs|cla_dell:cla_done|cla_fedora:cla_done|cla_redhat:cla_done|cla_ibm:cla_done'
+auto_approve_groups = 'cvsextras:fedorabugs|cla_fedora:cla_done|cla_redhat:cla_done|cla_dell:cla_done|cla_ibm:cla_done'
# This is where all of your settings go for your development environment # Settings that are the same for both development and production
# (such as template engine, encodings, etc.) all go in
diff --git a/fas/fas/auth.py b/fas/fas/auth.py
index 9963b4a..6f1f622 100644
--- a/fas/fas/auth.py
+++ b/fas/fas/auth.py
@@ -60,14 +60,19 @@ def canSponsorGroup(person, group):
return False
except:
return False
+
def isApproved(person, group):
'''
Returns True if the user is an approved member of a group
'''
- if group in person.approved_memberships:
- return True
- else:
+ try:
+ if person.group_roles[group.name].role_status == 'approved':
+ return True
+ else:
+ return False
+ except KeyError:
return False
+ return False
def CLADone(person):
'''
diff --git a/fas/fas/cla.py b/fas/fas/cla.py
index e7f5785..a4aea00 100644
--- a/fas/fas/cla.py
+++ b/fas/fas/cla.py
@@ -49,21 +49,8 @@ class CLA(controllers.Controller):
if not person.telephone or \
not person.postal_address or \
not person.gpg_keyid:
- turbogears.flash(_('To sign the CLA we must have your telephone number, postal address and gpg key id. Please ensure they have been filled out'))
+ turbogears.flash(_('To sign the CLA we must have your telephone number, postal address and GPG key ID. Please ensure they have been filled out.'))
turbogears.redirect('/user/edit/%s' % username)
-
- # Disable click-through CLA for now
- #if type == 'click':
- # if signedCLAPrivs(person):
- # turbogears.flash(_('You have already signed the CLA, so it is unnecessary to complete the Click-through CLA.'))
- # turbogears.redirect('/cla/')
- # return dict()
- # if clickedCLAPrivs(person):
- # turbogears.flash(_('You have already completed the Click-through CLA.'))
- # turbogears.redirect('/cla/')
- # return dict()
- # turbogears.redirect('/cla/')
- # return dict()
if type == 'sign':
if CLADone(person):
turbogears.flash(_('You have already signed the CLA.'))
@@ -156,13 +143,11 @@ class CLA(controllers.Controller):
turbogears.flash(_('The text "I agree" was not found in the CLA.'))
turbogears.redirect('/cla/view/sign')
return dict()
-
- # Everything is correct.
try:
+ # Everything is correct.
person.apply(group, person) # Apply...
session.flush()
- person.sponsor(group, person) # Approve...
- session.flush()
+ person.sponsor(group, person) # Sponsor!
except:
# TODO: If apply succeeds and sponsor fails, the user has
# to remove themselves from the CLA group before they can
@@ -171,11 +156,6 @@ class CLA(controllers.Controller):
turbogears.redirect('/cla/view/sign')
return dict()
else:
- try:
- clickgroup = Groups.by_name(config.get('cla_click_group'))
- person.remove(cilckgroup, person)
- except:
- pass
message = turbomail.Message(config.get('accounts_email'), config.get('legal_cla_email'), 'Fedora ICLA completed')
message.plain = '''
Fedora user %(username)s has signed a completed ICLA using their published GPG key, ID %(gpg_keyid)s,
diff --git a/fas/fas/group.py b/fas/fas/group.py
index d32c6b3..acb84e8 100644
--- a/fas/fas/group.py
+++ b/fas/fas/group.py
@@ -328,6 +328,7 @@ Please go to %(url)s to take action.
turbogears.redirect('/group/view/%s' % group.name)
return dict()
else:
+ target.sponsor(group, person)
try:
target.sponsor(group, person)
except fas.SponsorError, e:
diff --git a/fas/fas/model.py b/fas/fas/model.py
index b3ecb85..e36d373 100644
--- a/fas/fas/model.py
+++ b/fas/fas/model.py
@@ -39,9 +39,11 @@ from sqlalchemy.orm.collections import column_mapped_collection, attribute_mappe
from sqlalchemy.ext.associationproxy import association_proxy
from sqlalchemy import select, and_
+from sqlalchemy.exceptions import InvalidRequestError
+
from turbogears.database import session
-from turbogears import identity
+from turbogears import identity, config
import turbogears
@@ -174,6 +176,39 @@ class People(SABase):
role.role_status = 'approved'
role.sponsor_id = requester.id
role.approval = datetime.now(pytz.utc)
+ cls._handle_auto_add(group, requester)
+
+ def _handle_auto_add(cls, group, requester):
+ """
+ Handle automatic group approvals
+ """
+ auto_approve_groups = config.get('auto_approve_groups')
+ associations = auto_approve_groups.split('|')
+ approve_group_queue = []
+ for association in associations:
+ (groupname, approve_groups) = association.split(':', 1)
+ if groupname == group.name:
+ approve_group_queue.extend(approve_groups.split(','))
+ for groupname in approve_group_queue:
+ approve_group = Groups.by_name(groupname)
+ cls._auto_add(approve_group, requester)
+
+ def _auto_add(cls, group, requester):
+ """
+ Ensure that a person is approved in a group
+ """
+ try:
+ role = PersonRoles.query.filter_by(member=cls, group=group).one()
+ if role.role_status != 'approved':
+ role.role_status = 'approved'
+ role.sponsor_id = requester.id
+ role.approval = datetime.now(pytz.utc)
+ except InvalidRequestError:
+ role = PersonRoles()
+ role.role_status = 'approved'
+ role.role_type = 'user'
+ role.member = cls
+ role.group = group
def remove(cls, group, requester):
if not group in cls.memberships:
diff --git a/fas/fas/user.py b/fas/fas/user.py
index 9a2f265..8e7e75a 100644
--- a/fas/fas/user.py
+++ b/fas/fas/user.py
@@ -469,6 +469,7 @@ forward to working with you!
person.password = newpass['hash']
Log(author_id=person.id, description='Password changed')
turbogears.flash(_("Your password has been changed."))
+ turbogears.redirect('/user/view/%s' % turbogears.identity.current.user_name)
except:
Log(author_id=person.id, description='Password change failed!')
turbogears.flash(_("Your password could not be changed."))