-
Notifications
You must be signed in to change notification settings - Fork 3.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix leaving the organization #6422
Conversation
allow { | ||
input.scope == utils.DELETE | ||
input.resource.is_active | ||
utils.is_sandbox |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@kirill-sizov, In case of deleting a membership, the environment will never be a sandbox. https://github.com/opencv/cvat/blob/9148234a159c5d5e193e1fcd785ed7010bf950b7/cvat/apps/iam/permissions.py#L61C29-L61C29
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM, but if tests are not supposed to be in this PR need to create an issue for it just to not forget about it
Codecov Report
@@ Coverage Diff @@
## develop #6422 +/- ##
===========================================
- Coverage 82.50% 82.49% -0.01%
===========================================
Files 370 370
Lines 39861 39862 +1
Branches 3559 3560 +1
===========================================
Hits 32886 32886
- Misses 6975 6976 +1
|
cvat/apps/iam/rules/memberships.rego
Outdated
input.resource.user.id == input.auth.user.id | ||
not { | ||
organizations.OWNER, | ||
organizations.MAINTAINER |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@Marishka17 , why cannot maintainer leave the organization?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The idea behind the rule was a maintainer cannot delete another maintainer. Maintainers should be possible to leave the organization for sure.
…cv/cvat into mk/fix_ability_to_leave_org
@nmanovic, Could you please take a look? |
@klakhov , could you please look at the PR? I don't like window.location.reload(). Can we avoid it? |
Users should have the option to leave the organization.
Motivation and context
Users should have the option to leave the organization.
How has this been tested?
Added REST API tests, updated OPA tests
Checklist
develop
branch- [ ] I have updated the documentation accordingly- [ ] I have linked related issues (see GitHub docs)(cvat-canvas,
cvat-core,
cvat-data and
cvat-ui)
License
Feel free to contact the maintainers if that's a concern.