Added script to add users to admin groups of projects they created.

For now, can only be run on individual users, identified by email address. ./manage.py sync_project_groups user@domain true Replace 'true' with 'false' to just see the status and not update the DB.
2016-07-06 12:49:51 +02:00 · 2016-07-06 12:49:51 +02:00 · 5b60dad831
commit 5b60dad831
parent 57e2f01153
1 changed files with 51 additions and 0 deletions
--- a/pillar/manage.py
+++ b/pillar/manage.py
@ -940,5 +940,56 @@ def sync_role_groups(do_revoke_groups):

    print('%i bad and %i ok users seen.' % (bad_users, ok_users))

+
+@manager.command
+def sync_project_groups(user_email, fix):
+    """Gives the user access to their self-created projects."""
+
+    if fix.lower() not in {'true', 'false'}:
+        print('Use either "true" or "false" as second argument.')
+        print('When passing "false", only a report is produced.')
+        print('when passing "true", group membership is fixed.')
+        raise SystemExit()
+    fix = fix.lower() == 'true'
+
+    users_coll = app.data.driver.db['users']
+    proj_coll = app.data.driver.db['projects']
+    groups_coll = app.data.driver.db['groups']
+
+    user = users_coll.find_one({'email': user_email}, projection={'_id': 1,
+                                                                  'groups': 1})
+    user_groups = set(user['groups'])
+    user_id = user['_id']
+    log.info('Updating projects for user %s', user_id)
+
+    ok_groups = missing_groups = 0
+    for proj in proj_coll.find({'user': user_id}):
+        project_id = proj['_id']
+        log.info('Investigating project %s (%s)', project_id, proj['name'])
+
+        # Find the admin group
+        admin_group = groups_coll.find_one({'name': str(project_id)}, projection={'_id': 1})
+        if admin_group is None:
+            log.warning('No admin group for project %s', project_id)
+            continue
+        group_id = admin_group['_id']
+
+        # Check membership
+        if group_id not in user_groups:
+            log.info('Missing group membership')
+            missing_groups += 1
+            user_groups.add(group_id)
+        else:
+            ok_groups += 1
+
+    log.info('User was missing %i group memberships; %i projects were ok.',
+             missing_groups, ok_groups)
+
+    if missing_groups > 0 and fix:
+        log.info('Updating database.')
+        result = users_coll.update_one({'_id': user_id},
+                                       {'$set': {'groups': list(user_groups)}})
+        log.info('Updated %i user.', result.modified_count)
+
 if __name__ == '__main__':
    manager.run()