From 3fa3b452c0ca7bce56991227a8883dd521005e55 Mon Sep 17 00:00:00 2001
From: Gunnar Schaefer <gsfr@stanford.edu>
Date: Mon, 19 Oct 2015 22:03:35 -0700
Subject: [PATCH] remove user.root; rename user.wheel to user.root

---
 api/base.py           | 4 ++--
 api/schema.json       | 3 ---
 api/users.py          | 2 +-
 bootstrap.json.sample | 2 +-
 4 files changed, 4 insertions(+), 7 deletions(-)

diff --git a/api/base.py b/api/base.py
index 958d5149..af8906bc 100644
--- a/api/base.py
+++ b/api/base.py
@@ -96,13 +96,13 @@ class RequestHandler(webapp2.RequestHandler):
         elif drone_request:
             self.superuser_request = True
         else:
-            user = self.app.db.users.find_one({'_id': self.uid}, ['root', 'wheel'])
+            user = self.app.db.users.find_one({'_id': self.uid}, ['root'])
             if not user:
                 self.abort(403, 'user ' + self.uid + ' does not exist')
             if provider_avatar:
                 self.app.db.users.update_one({'_id': self.uid, 'avatar': None}, {'$set':{'avatar': provider_avatar, 'modified': request_start}})
                 self.app.db.users.update_one({'_id': self.uid, 'avatars.provider': {'$ne': provider_avatar}}, {'$set':{'avatars.provider': provider_avatar, 'modified': request_start}})
-            self.superuser_request = user.get('root') and user.get('wheel')
+            self.superuser_request = self.request.GET.get('root', '').lower() in ('1', 'true') and user.get('root')
 
     def dispatch(self):
         """dispatching and request forwarding"""
diff --git a/api/schema.json b/api/schema.json
index c0620339..32805e74 100644
--- a/api/schema.json
+++ b/api/schema.json
@@ -96,9 +96,6 @@
             },
             "root": {
                 "type": "boolean"
-            },
-            "wheel": {
-                "type": "boolean"
             }
         },
         "required": [
diff --git a/api/users.py b/api/users.py
index d9780aa7..09462e53 100644
--- a/api/users.py
+++ b/api/users.py
@@ -126,7 +126,7 @@ class User(base.RequestHandler):
             jsonschema.validate(json_body, self.put_schema)
         except (ValueError, jsonschema.ValidationError) as e:
             self.abort(400, e)
-        if _id == self.uid and 'wheel' in json_body and json_body['wheel'] != user['wheel']:
+        if _id == self.uid and 'root' in json_body and json_body['root'] != user['root']:
             self.abort(400, 'user cannot alter own superuser privilege')
         json_body['modified'] = datetime.datetime.utcnow()
         self.dbc.update_one({'_id': _id}, {'$set': util.mongo_dict(json_body)})
diff --git a/bootstrap.json.sample b/bootstrap.json.sample
index a70e1454..e85943b6 100644
--- a/bootstrap.json.sample
+++ b/bootstrap.json.sample
@@ -17,7 +17,7 @@
       "email": "user1@example.com",
       "firstname": "First",
       "lastname": "User",
-      "wheel": true
+      "root": true
     }
   ],
   "drones": [
-- 
GitLab