From 04c5c569b245b17d02a80cd9fac8475fdf59779c Mon Sep 17 00:00:00 2001 From: Arpad Borsos Date: Fri, 14 Feb 2025 12:31:27 +0100 Subject: [PATCH] Add `owner` to `eraseRepository` mutation Adding this as an optional input field, meaning it is backwards compatible, and falls back to the existing logic of using the currently logged in user as the target owner. When specified, it will erase the repository belonging to the given `owner`. --- .../tests/mutation/test_erase_repository.py | 32 +++++++++++++++++++ .../erase_repository/erase_repository.graphql | 1 + .../erase_repository/erase_repository.py | 9 +++--- 3 files changed, 38 insertions(+), 4 deletions(-) diff --git a/graphql_api/tests/mutation/test_erase_repository.py b/graphql_api/tests/mutation/test_erase_repository.py index 782ce00594..0f455e12b5 100644 --- a/graphql_api/tests/mutation/test_erase_repository.py +++ b/graphql_api/tests/mutation/test_erase_repository.py @@ -22,6 +22,10 @@ class EraseRepositoryTests(GraphQLTestHelper, TransactionTestCase): def setUp(self): self.org = OwnerFactory(username="codecov", service="github") + self.non_admin_user = OwnerFactory(organizations=[self.org.ownerid]) + self.admin_user = OwnerFactory(organizations=[self.org.ownerid]) + self.org.add_admin(self.admin_user) + self.repo = RepositoryFactory(author=self.org, name="gazebo", active=True) def test_when_authenticated(self): @@ -92,3 +96,31 @@ def test_when_self_hosted_admin(self, is_admin_owner): ) assert data == {"eraseRepository": None} + + def test_when_other_admin(self): + data = self.gql_request( + query, + owner=self.admin_user, + variables={ + "input": { + "owner": "codecov", + "repoName": "gazebo", + } + }, + ) + + assert data == {"eraseRepository": None} + + def test_when_not_other_admin(self): + data = self.gql_request( + query, + owner=self.non_admin_user, + variables={ + "input": { + "owner": "codecov", + "repoName": "gazebo", + } + }, + ) + + assert data["eraseRepository"]["error"]["__typename"] == "UnauthorizedError" diff --git a/graphql_api/types/mutation/erase_repository/erase_repository.graphql b/graphql_api/types/mutation/erase_repository/erase_repository.graphql index 80d4225a8b..e7025a58fa 100644 --- a/graphql_api/types/mutation/erase_repository/erase_repository.graphql +++ b/graphql_api/types/mutation/erase_repository/erase_repository.graphql @@ -5,5 +5,6 @@ type EraseRepositoryPayload { } input EraseRepositoryInput { + owner: String repoName: String! } \ No newline at end of file diff --git a/graphql_api/types/mutation/erase_repository/erase_repository.py b/graphql_api/types/mutation/erase_repository/erase_repository.py index eb5f07fe9c..d321ce611f 100644 --- a/graphql_api/types/mutation/erase_repository/erase_repository.py +++ b/graphql_api/types/mutation/erase_repository/erase_repository.py @@ -1,4 +1,4 @@ -from typing import Any, Dict +from typing import Any from ariadne import UnionType from graphql import GraphQLResolveInfo @@ -13,13 +13,14 @@ @wrap_error_handling_mutation @require_authenticated async def resolve_erase_repository( - _: Any, info: GraphQLResolveInfo, input: Dict[str, Any] + _: Any, info: GraphQLResolveInfo, input: dict[str, Any] ) -> None: command = info.context["executor"].get_command("repository") current_owner = info.context["request"].current_owner + + owner_username = input.get("owner") or current_owner.username repo_name = input.get("repo_name") - # TODO: change the graphql mutation to allow working on other owners - owner_username = current_owner.username + await command.erase_repository(owner_username, repo_name) return None