Allow Users to be moderators and for field to be set via Admin dashboard #5249
Conversation
crwilcox
changed the title
|
I opened this early, my mistake, I am currently working on tests. |
|
Tests have been run. Also verified the admin portal and setting/unsetting admin. |
|
At this point the current state is that you can be a moderator and attempts to post to most all endpoints will fail. Yet to be done is to make the buttons disabled to make it clear what moderators can/can't do. |
|
@crwilcox Mind saving that last commit for a separate PR? I was just about to leave some comments on the current status of this. |
warehouse/migrations/versions/3db69c05dd11_add_field_on_user_model_for_is_moderator.py
Outdated
Show resolved
Hide resolved
warehouse/accounts/services.py
Outdated
| ): | ||
|
|
||
| user = User( | ||
| username=username, | ||
| name=name, | ||
| password=self.hasher.hash(password), | ||
| is_active=is_active, | ||
| is_superuser=is_superuser, | ||
| is_superuser=False, |
There was a problem hiding this comment.
After removing the defaults from the interface, I noticed that the default isn't respected with db.Model. This is possibly a bug. This is what you will see if you don't have these lines
self = <sqlalchemy.dialects.postgresql.psycopg2.PGDialect_psycopg2 object at 0x7f5f8020e668>, cursor = <cursor object at 0x7f5f7f5ec618; closed: -1>
statement = 'INSERT INTO users (username, name, password, is_active, disabled_for) VALUES (%(username)s, %(name)s, %(password)s, %(is_active)s, %(disabled_for)s) RETURNING users.id'
parameters = {'disabled_for': None, 'is_active': False, 'name': 'test_name', 'password': '$argon2i$v=19$m=1024,t=6,p=6$dG5NSWltzfn//3/vnbP23g$+7Alw6BCiPsC38K1JMkDmw', ...}
context = <sqlalchemy.dialects.postgresql.psycopg2.PGExecutionContext_psycopg2 object at 0x7f5f7ea9bd30>
def do_execute(self, cursor, statement, parameters, context=None):
> cursor.execute(statement, parameters)
E sqlalchemy.exc.IntegrityError: (psycopg2.IntegrityError) null value in column "is_superuser" violates not-null constraint
E DETAIL: Failing row contains ($argon2i$v=19$m=1024,t=6,p=6$dG5NSWltzfn//3/vnbP23g$+7Alw6BCiPsC..., 2019-01-09 17:31:33.509108, null, test_user, test_name, f, 2019-01-09 17:31:33.509108, d, 2019-01-09 17:31:33.509108, b4bc1a89-aaf5-47a9-8b25-84a4f6c0d734, null, f).
E [SQL: 'INSERT INTO users (username, name, password, is_active, disabled_for) VALUES (%(username)s, %(name)s, %(password)s, %(is_active)s, %(disabled_for)s) RETURNING users.id'] [parameters: {'username': 'test_user', 'name': 'test_name', 'password': '$argon2i$v=19$m=1024,t=6,p=6$dG5NSWltzfn//3/vnbP23g$+7Alw6BCiPsC38K1JMkDmw', 'is_active': False, 'disabled_for': None}] (Background on this error at: http://sqlalche.me/e/gkpj)
../lib/python3.6/site-packages/sqlalchemy/engine/default.py:509: IntegrityError
There was a problem hiding this comment.
The issue is that compare_server_default is off by default, so an auto-migration for this change wouldn't actually add the defaults. I fixed this in #5275.
There was a problem hiding this comment.
Thanks @di I will rebase on my end and correct :)
|
@crwilcox Looks like the "nuke user" button on the User page needs to be conditionally disabled (or really, the whole "Actions" box can go away):
|
|
@di , latest push fixes that button to disable. |
As part of address #4011 one task is:
Add a new field/migration to the User model, as well as corresponding UI in /admin for administrators to toggle this flag for users;