Deauth organizations when deauthing user

lib/hex/remote_converger.ex

@@ -255,7 +255,7 @@ defmodule Hex.RemoteConverger do
             end
           _ ->
             Mix.raise "Unknown repository #{inspect repo}, add new repositories " <>
-                      "with the `mix hex.repo` task"
+                      "with the `mix hex.repo add` task"
         end
     end
   end

lib/hex/repo.ex

@@ -30,12 +30,12 @@ defmodule Hex.Repo do
 
   defp unknown_repo_error("hexpm:" <> organization) do
     Mix.raise "Unknown organization #{inspect organization}, add new organizations " <>
-              "with the `mix hex.organization` task"
+              "with the `mix hex.organization auth` task"
   end
 
   defp unknown_repo_error(repo) do
     Mix.raise "Unknown repository #{inspect repo}, add new repositories " <>
-              "with the `mix hex.repo` task"
+              "with the `mix hex.repo add` task"
   end
 
   def get_package(repo, package, etag) do

lib/mix/tasks/hex.organization.ex

@@ -20,7 +20,7 @@ defmodule Mix.Tasks.Hex.Organization do
 
   ## Authorize an organization
 
-      mix hex.organization auth NAME
+      mix hex.organization auth ORGANIZATION
 
   ### Command line options
 
@@ -35,11 +35,11 @@ defmodule Mix.Tasks.Hex.Organization do
 
   ## Generate a repository autentication key
 
-  This command is useful to pre-generate keys for use with `mix hex.organization auth NAME --key KEY`
+  This command is useful to pre-generate keys for use with `mix hex.organization auth ORGANIZATION --key KEY`
   on CI servers or similar systems. It returns the hash of the generated key that you can pass to
-  `auth NAME --key KEY`. This key allows read-only access to the repository
+  `auth ORGANIZATION --key KEY`. This key allows read-only access to the repository
 
-      mix hex.organization key NAME
+      mix hex.organization key ORGANIZATION
 
   ## List all authorized organizations
 
@@ -65,8 +65,8 @@ defmodule Mix.Tasks.Hex.Organization do
         Mix.raise """
         Invalid arguments, expected one of:
 
-        mix hex.organization auth NAME
-        mix hex.organization deauth NAME
+        mix hex.organization auth ORGANIZATION
+        mix hex.organization deauth ORGANIZATION
         mix hex.organization list
         """
     end

lib/mix/tasks/hex.user.ex

@@ -24,9 +24,10 @@ defmodule Mix.Tasks.Hex.User do
   ### Deauthorize the user
 
   Deauthorizes the user from the local machine by removing the API key from the
-  Hex config.
+  Hex config. This task will also deauthorize all organizations unless `--skip-organizations`
+  is given.
 
-      mix hex.user deauth
+      mix hex.user deauth [--skip-organizations]
 
   ### Reencrypt API key
 
@@ -59,7 +60,7 @@ defmodule Mix.Tasks.Hex.User do
       mix hex.user reset password
   """
 
-  @switches [revoke_all: :boolean, revoke: :string, list: :boolean]
+  @switches [revoke_all: :boolean, revoke: :string, list: :boolean, skip_organizations: :boolean]
 
   def run(args) do
     Hex.start()
@@ -73,7 +74,7 @@ defmodule Mix.Tasks.Hex.User do
       ["auth"] ->
         create_key()
       ["deauth"] ->
-        deauth()
+        deauth(opts)
       ["passphrase"] ->
         passphrase()
       ["key"] ->
@@ -139,14 +140,29 @@ defmodule Mix.Tasks.Hex.User do
     end
   end
 
-  defp deauth() do
+  defp deauth(opts) do
     Mix.Tasks.Hex.update_key(nil)
+    unless opts[:skip_organizations] do
+      deauth_organizations()
+    end
 
     Hex.Shell.info "Authentication credentials removed from the local machine. " <>
                    "To authenticate again, run `mix hex.user auth` " <>
                    "or create a new user with `mix hex.user register`"
   end
 
+  defp deauth_organizations() do
+    read_repo_config()
+    |> Enum.reject(fn {name, _config} -> String.starts_with?(name, "hexpm:") end)
+    |> Enum.into(%{})
+    |> Hex.Config.update_repos()
+  end
+
+  defp read_repo_config() do
+    Hex.Config.read()
+    |> Hex.Config.read_repos()
+  end
+
   defp passphrase() do
     encrypted_key = Hex.State.fetch!(:api_key)
 

test/mix/tasks/hex.user_test.exs

@@ -43,15 +43,39 @@ defmodule Mix.Tasks.Hex.UserTest do
     end
   end
 
-  test "deauth" do
+  test "deauth user and organizations" do
     in_tmp fn ->
       Hex.State.put(:home, System.cwd!)
 
-      Mix.Tasks.Hex.update_key("key")
-      assert Hex.Config.read()[:encrypted_key] == "key"
+      auth = Hexpm.new_user("userdeauth1", "userdeauth1@mail.com", "password", "userdeauth1")
+      Hexpm.new_repo("myorguserdeauth1", auth)
+      Mix.Tasks.Hex.update_key(auth[:encrypted_key])
+      assert Hex.Config.read()[:encrypted_key] == auth[:encrypted_key]
+
+      send self(), {:mix_shell_input, :prompt, "password"}
+      Mix.Tasks.Hex.Organization.run(["auth", "myorguserdeauth1"])
 
       Mix.Tasks.Hex.User.run(["deauth"])
       refute Hex.Config.read()[:encrypted_key]
+      refute Hex.Config.read()[:"$repos"]["hexpm:myorguserdeauth1"]
+    end
+  end
+
+  test "deauth user but skip organizations" do
+    in_tmp fn ->
+      Hex.State.put(:home, System.cwd!)
+
+      auth = Hexpm.new_user("userdeauth2", "userdeauth2@mail.com", "password", "userdeauth2")
+      Hexpm.new_repo("myorguserdeauth2", auth)
+      Mix.Tasks.Hex.update_key(auth[:encrypted_key])
+      assert Hex.Config.read()[:encrypted_key] == auth[:encrypted_key]
+
+      send self(), {:mix_shell_input, :prompt, "password"}
+      Mix.Tasks.Hex.Organization.run(["auth", "myorguserdeauth2"])
+
+      Mix.Tasks.Hex.User.run(["deauth", "--skip-organizations"])
+      refute Hex.Config.read()[:encrypted_key]
+      assert Hex.Config.read()[:"$repos"]["hexpm:myorguserdeauth2"]
     end
   end