[ADD] runbot_merge: automatic reviewer de-provisioning

When an employee sadly leaves Odoo,
the Odoo production database (odoo.com) will call these routes
in order to remove the reviewer rights automatically.

So a user who no longer works for Odoo can't "r+" Github PRs.

This is related to odoo/internal#617
This commit is contained in:
Denis Ledoux 2019-12-09 18:14:17 +01:00 committed by Xavier Morel
parent e65859c161
commit d0138712bd
2 changed files with 35 additions and 0 deletions

View File

@ -8,6 +8,7 @@ import werkzeug.exceptions
from odoo.http import Controller, request, route
from . import dashboard
from . import reviewer_provisioning
from .. import utils, github
_logger = logging.getLogger(__name__)

View File

@ -0,0 +1,34 @@
# -*- coding: utf-8 -*-
from odoo import http
from odoo.http import request
try:
from odoo.addons.saas_worker.util import from_role
except ImportError:
def from_role(_):
return lambda _: None
class MergebotReviewerProvisioning(http.Controller):
@from_role('accounts')
@http.route(['/runbot_merge/get_reviewers'], type='json', auth='public')
def fetch_reviewers(self, **kwargs):
partners = request.env['res.partner'].sudo().search(['|', ('self_reviewer', '=', True), ('reviewer', '=', True)])
return partners.mapped('github_login')
@from_role('accounts')
@http.route(['/runbot_merge/remove_reviewers'], type='json', auth='public', methods=['POST'])
def update_reviewers(self, github_logins, **kwargs):
partners = request.env['res.partner'].sudo().search([('github_login', 'in', github_logins)])
# remove reviewer flag from the partner
partners.write({
'reviewer': False,
'self_reviewer': False,
})
# Assign the linked users as portal users
partners.mapped('user_ids').write({
'groups_id': [(6, 0, [request.env.ref('base.group_portal').id])]
})