Team credentials listing.

2026-01-09 23:12:08 -03:30 · 2013-04-04 14:41:31 -04:00 · 2013-04-04 14:41:31 -04:00 · 0a306ee0ad
commit 0a306ee0ad
parent 2c2c26860f
3 changed files with 8 additions and 9 deletions
--- a/lib/main/models/init.py
+++ b/lib/main/models/init.py
@ -557,9 +557,8 @@ class Credential(CommonModelNameNotUnique):
            user_obj = User.objects.get(pk=data['user'])
            return UserHelper.can_user_administrate(user, user_obj)
        if 'team' in data:
-            raise Exception("FIXME")
-            #team_obj = Team.objects.get(pk=data['team'])
-            #return team_obj.organization.users.filter(admins__in = [user]).count()
+            team_obj = Team.objects.get(pk=data['team'])
+            return Team.can_user_administrate(user, team_obj)

    def get_absolute_url(self):
        import lib.urls
--- a/lib/main/tests/projects.py
+++ b/lib/main/tests/projects.py
@ -308,15 +308,15 @@ class ProjectsTest(BaseTest):
        self.post(team_creds, data=new_credentials, expect=401, auth=self.get_invalid_credentials())
        self.post(team_creds, data=new_credentials, expect=201, auth=self.get_super_credentials())
        self.post(team_creds, data=new_credentials, expect=201, auth=self.get_normal_credentials())
-        self.post(team_creds, data=new_credentials, expect=201, auth=self.get_other_credentials())
+        self.post(team_creds, data=new_credentials, expect=403, auth=self.get_other_credentials())
        self.post(team_creds, data=new_credentials, expect=403, auth=self.get_nobody_credentials())

        # can list credentials on a user
        self.get(other_creds, expect=401)
        self.get(other_creds, expect=401, auth=self.get_invalid_credentials())
-        self.get(other_creds, expect=201, auth=self.get_super_credentials())
-        self.get(other_creds, expect=201, auth=self.get_normal_credentials())
-        self.get(other_creds, expect=201, auth=self.get_other_credentials())
+        self.get(other_creds, expect=200, auth=self.get_super_credentials())
+        self.get(other_creds, expect=200, auth=self.get_normal_credentials())
+        self.get(other_creds, expect=200, auth=self.get_other_credentials())
        self.get(other_creds, expect=403, auth=self.get_nobody_credentials())

        # can list credentials on a team
--- a/lib/main/views.py
+++ b/lib/main/views.py
@ -229,7 +229,7 @@ class TeamsCredentialsList(BaseSubList):
        if not Team.can_user_read(self.request.user, team):
            raise PermissionDenied()
        project_credentials = Credential.objects.filter(
-            projects__teams__users__in = [ user ]
+            projects__team__users__in = [ user ]
        )
        return user.credentials.distinct() | project_credentials.distinct()

@ -370,7 +370,7 @@ class UsersCredentialsList(BaseSubList):
        if not UserHelper.can_user_administrate(self.request.user, user):
            raise PermissionDenied()
        project_credentials = Credential.objects.filter(
-            projects__teams__users__in = [ user ]
+            team__users__in = [ user ]
        )
        return user.credentials.distinct() | project_credentials.distinct()