You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@kibble.apache.org by hu...@apache.org on 2017/10/20 13:35:32 UTC
[kibble] 08/12: shouldn't be able to accidentally remove oneself
This is an automated email from the ASF dual-hosted git repository.
humbedooh pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/kibble.git
commit 9b54d2e5d19b8d026a92b88c1a62018b305cf974
Author: Daniel Gruno <hu...@apache.org>
AuthorDate: Fri Oct 20 15:15:59 2017 +0200
shouldn't be able to accidentally remove oneself
---
api/pages/org/members.py | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/api/pages/org/members.py b/api/pages/org/members.py
index 2d82d27..d57338f 100644
--- a/api/pages/org/members.py
+++ b/api/pages/org/members.py
@@ -188,6 +188,10 @@ def run(API, environ, indata, session):
isadmin = indata.get('admin', False)
orgid = session.user['defaultOrganisation'] or "apache"
+ # We can't remove ourselves!
+ if memberid == session.user['email']:
+ raise API.exception(403, "You can't remove yourself from an organisation.")
+
# Make sure the org exists
if not session.DB.ES.exists(index=session.DB.dbname, doc_type='organisation', id = orgid):
raise API.exception(403, "No such organisation!")
--
To stop receiving notification emails like this one, please contact
"commits@kibble.apache.org" <co...@kibble.apache.org>.