zulip/zerver/management/commands/knight.py

from __future__ import absolute_import

from django.core.management.base import BaseCommand, CommandError
from django.core.exceptions import ValidationError

from zerver.lib.actions import do_change_is_admin

from zerver.models import UserProfile

class Command(BaseCommand):
    help = """Give an existing user administrative permissions over their (own) Realm.

ONLY perform this on customer request from an authorized person.
"""

    def add_arguments(self, parser):
        parser.add_argument('-f', '--for-real',
                            dest='ack',
                            action="store_true",
                            default=False,
                            help='Acknowledgement that this is done according to policy.')
        parser.add_argument('--revoke',
                            dest='grant',
                            action="store_false",
                            default=True,
                            help='Remove an administrator\'s rights.')
        parser.add_argument('email', metavar='<email>', type=str,
                            help="email of user to knight")

    def handle(self, *args, **options):
        email = options['email']
        try:
            profile = UserProfile.objects.get(email=email)
        except ValidationError:
            raise CommandError("No such user.")

        if options['grant']:
            if profile.has_perm('administer', profile.realm):
                raise CommandError("User already has permission for this realm.")
            else:
                if options['ack']:
                    do_change_is_admin(profile, True)
                    print "Done!"
                else:
                    print "Would have made %s an administrator for %s" % (email, profile.realm.domain)
        else:
            if profile.has_perm('administer', profile.realm):
                if options['ack']:
                    do_change_is_admin(profile, False)
                    print "Done!"
                else:
                    print "Would have removed %s's administrator rights on %s" % (email,
                            profile.realm.domain)
            else:
                raise CommandError("User did not have permission for this realm!")
Add a management command to create realm administrators. (imported from commit ab2dd580a206f29086c0d5a4e717c1bfd65a7435) 2013-06-24 21:42:46 +02:00			`from __future__ import absolute_import`

			`from django.core.management.base import BaseCommand, CommandError`
			`from django.core.exceptions import ValidationError`

Have the "knight" command use actions.do_change_is_admin. Using the higher level function has the benefit of sending notifications to clients. (imported from commit d680e3305b216fec3462479c696e572d008ee4c2) 2014-01-22 19:27:00 +01:00			`from zerver.lib.actions import do_change_is_admin`
Add a management command to create realm administrators. (imported from commit ab2dd580a206f29086c0d5a4e717c1bfd65a7435) 2013-06-24 21:42:46 +02:00
Clean up some unused imports. (imported from commit 0c5d8e2a55ba1b8909ba807fee3afe863dcdc226) 2013-11-04 17:22:58 +01:00			`from zerver.models import UserProfile`
Add a management command to create realm administrators. (imported from commit ab2dd580a206f29086c0d5a4e717c1bfd65a7435) 2013-06-24 21:42:46 +02:00
			`class Command(BaseCommand):`
			`help = """Give an existing user administrative permissions over their (own) Realm.`

			`ONLY perform this on customer request from an authorized person.`
			`"""`

Django 1.8: declare positional arguments in management commands (imported from commit d9efca1376de92c8187d25f546c79fece8d2d8c6) 2015-08-21 02:10:41 +02:00			`def add_arguments(self, parser):`
			`parser.add_argument('-f', '--for-real',`
			`dest='ack',`
			`action="store_true",`
			`default=False,`
			`help='Acknowledgement that this is done according to policy.')`
			`parser.add_argument('--revoke',`
			`dest='grant',`
			`action="store_false",`
			`default=True,`
			`help='Remove an administrator\'s rights.')`
			`parser.add_argument('email', metavar='<email>', type=str,`
			`help="email of user to knight")`
Add a management command to create realm administrators. (imported from commit ab2dd580a206f29086c0d5a4e717c1bfd65a7435) 2013-06-24 21:42:46 +02:00
			`def handle(self, args, *options):`
Django 1.8: declare positional arguments in management commands (imported from commit d9efca1376de92c8187d25f546c79fece8d2d8c6) 2015-08-21 02:10:41 +02:00			`email = options['email']`
Add a management command to create realm administrators. (imported from commit ab2dd580a206f29086c0d5a4e717c1bfd65a7435) 2013-06-24 21:42:46 +02:00			`try:`
			`profile = UserProfile.objects.get(email=email)`
			`except ValidationError:`
			`raise CommandError("No such user.")`
Add a parameter to knight.py to remove user rights. (imported from commit 4527955f688298ba56296e9f24d42e33f7d04948) 2013-06-24 21:57:40 +02:00
			`if options['grant']:`
			`if profile.has_perm('administer', profile.realm):`
			`raise CommandError("User already has permission for this realm.")`
			`else:`
knight should dry-run unless you specify -f (imported from commit fd0e5af1d941c6fadcbc14ff7f86f71a170a503e) 2013-06-27 23:42:41 +02:00			`if options['ack']:`
Have the "knight" command use actions.do_change_is_admin. Using the higher level function has the benefit of sending notifications to clients. (imported from commit d680e3305b216fec3462479c696e572d008ee4c2) 2014-01-22 19:27:00 +01:00			`do_change_is_admin(profile, True)`
knight should dry-run unless you specify -f (imported from commit fd0e5af1d941c6fadcbc14ff7f86f71a170a503e) 2013-06-27 23:42:41 +02:00			`print "Done!"`
			`else:`
			`print "Would have made %s an administrator for %s" % (email, profile.realm.domain)`
Add a management command to create realm administrators. (imported from commit ab2dd580a206f29086c0d5a4e717c1bfd65a7435) 2013-06-24 21:42:46 +02:00			`else:`
Add a parameter to knight.py to remove user rights. (imported from commit 4527955f688298ba56296e9f24d42e33f7d04948) 2013-06-24 21:57:40 +02:00			`if profile.has_perm('administer', profile.realm):`
knight should dry-run unless you specify -f (imported from commit fd0e5af1d941c6fadcbc14ff7f86f71a170a503e) 2013-06-27 23:42:41 +02:00			`if options['ack']:`
Have the "knight" command use actions.do_change_is_admin. Using the higher level function has the benefit of sending notifications to clients. (imported from commit d680e3305b216fec3462479c696e572d008ee4c2) 2014-01-22 19:27:00 +01:00			`do_change_is_admin(profile, False)`
knight should dry-run unless you specify -f (imported from commit fd0e5af1d941c6fadcbc14ff7f86f71a170a503e) 2013-06-27 23:42:41 +02:00			`print "Done!"`
			`else:`
			`print "Would have removed %s's administrator rights on %s" % (email,`
			`profile.realm.domain)`
Add a parameter to knight.py to remove user rights. (imported from commit 4527955f688298ba56296e9f24d42e33f7d04948) 2013-06-24 21:57:40 +02:00			`else:`
			`raise CommandError("User did not have permission for this realm!")`