PR#265: DB: drop UserInfo table - fedora-qa/blockerbugs

fedora-qa / blockerbugs

#265 DB: drop UserInfo table

Closed a year ago by kparal. Opened a year ago by kparal.

drop-userinfo into develop

DB: drop UserInfo table

Kamil Páral • a year ago

bccf454

alembic/versions/23daad4f64e1_drop_userinfo.py

file added

+34

		`@@ -0,0 +1,34 @@`
		`+ """Drop UserInfo`
		`+`
		`+ Revision ID: 23daad4f64e1`
		`+ Revises: f8c29e9793f4`
		`+ Create Date: 2023-01-24 14:57:21.730021`
		`+ """`
		`+ import sqlalchemy as sa`
		`+ from alembic import op`
		`+`
		`+ # revision identifiers, used by Alembic.`
		`+ revision = '23daad4f64e1'`
		`+ down_revision = 'f8c29e9793f4'`
		`+`
		`+`
		`+ def upgrade():`
		`+ # We no longer need the UserInfo table. Bugzilla credentials are not checked at the moment (and`
		`+ # even if we start to use them again, we'll probably don't need to validate them), and API keys`
		`+ # are not used at all.`
		`+ op.drop_table('user_info')`
		`+`
		`+`
		`+ def downgrade():`
		`+ # ### commands auto generated by Alembic - please adjust! ###`
		`+ op.create_table(`
		`+ 'user_info',`
		`+ sa.Column('id', sa.INTEGER(), autoincrement=True, nullable=False),`
		`+ sa.Column('fas_login', sa.VARCHAR(length=255), autoincrement=False, nullable=True),`
		`+ sa.Column('bz_user', sa.VARCHAR(length=255), autoincrement=False, nullable=True),`
		`+ sa.Column('api_key_hash', sa.VARCHAR(length=255), autoincrement=False, nullable=True),`
		`+ sa.PrimaryKeyConstraint('id', name='pk_user_info'),`
		`+ sa.UniqueConstraint('api_key_hash', name='uq_user_info_api_key_hash'),`
		`+ sa.UniqueConstraint('bz_user', name='uq_user_info_bz_user'),`
		`+ sa.UniqueConstraint('fas_login', name='uq_user_info_fas_login')`
		`+ )`

blockerbugs/controllers/admin/__init__.py

file modified

-47

		`@@ -27,7 +27,6 @@`
		`import flask_admin`
		`from blockerbugs import app, db`
		`from blockerbugs.models.release import Release`
		`- from blockerbugs.models.userinfo import UserInfo`
		`from blockerbugs.models.milestone import Milestone`
		`from blockerbugs.controllers.admin.auth import FasAuthModelView`
		`from blockerbugs.controllers.users import check_admin_rights`
		`@@ -91,52 +90,6 @@`
		`return False`
		`return True`

		`- class UserInfoView(FasAuthModelView):`
		`- column_exclude_list = form_excluded_columns = ('api_key_hash', )`
		`-`
		`- edit_template = 'admin/edit_userinfo.html'`
		`-`
		`- def on_model_change(self, form, model, is_created):`
		`- if not model.bz_user:`
		`- model.bz_user = None`
		`-`
		`-`
		`- @flask_admin.expose('/generate_api_key/', methods=('GET', ))`
		`- def generate_api_key(self):`
		`- """`
		`- Generate user api key.`
		`- """`
		`- return_url = request.args.get('url') or url_for('.index_view')`
		`-`
		`- if not self.can_edit:`
		`- return redirect(return_url)`
		`-`
		`- id = request.args.get('id')`
		`- if id is None:`
		`- return redirect(return_url)`
		`-`
		`- model = self.get_one(id)`
		`-`
		`- if model is None:`
		`- return redirect(return_url)`
		`-`
		`- try:`
		`- api_key = model.generate_api_key()`
		`- self.session.add(model)`
		`- self.session.commit()`
		`- except Exception as ex:`
		`- flash(gettext('Failed to generate API key. %(error)s', error=str(ex)),`
		`- 'error')`
		`- logging.exception('Failed to generate api key')`
		`- self.session.rollback()`
		`- return False`
		`-`
		`- return self.render('admin/generate_api_key.html',`
		`- client_id=model.fas_login,`
		`- api_key=api_key,`
		`- return_url=return_url)`
		`-`

		`admin.add_view(MilestoneView(Milestone, db.session))`
		`admin.add_view(ReleaseView(Release, db.session))`
		`- admin.add_view(UserInfoView(UserInfo, db.session))`

blockerbugs/controllers/api/utils.py

file modified

+2 -14

		`@@ -22,16 +22,14 @@`

		`import json`
		`import datetime`
		`- from functools import wraps`

		`import hmac`
		`import hashlib`

		`- from flask import Response, request`
		`+ from flask import Response`

		`from blockerbugs import app`
		`- from blockerbugs.models.userinfo import UserInfo`
		`- from .errors import MalformedJSONError, NoSuchObjectError, AuthFailedError`
		`+ from .errors import MalformedJSONError, NoSuchObjectError`


		`class JsonEncoder(json.JSONEncoder):`
		`@@ -93,16 +91,6 @@`
		`raise NoSuchObjectError(obj_type=model.__name__)`
		`return rv`

		`- def check_api_rights(f):`
		`- @wraps(f)`
		`- def decorated_function(args, *kwargs):`
		`- headers = request.headers`
		`- user_info = UserInfo.query.filter_by(fas_login=headers.get('X-Auth-User')).first()`
		`- if user_info and user_info.check_api_key(headers.get('X-Auth-Key')):`
		`- return f(args, *kwargs)`
		`- raise AuthFailedError()`
		`- return decorated_function`
		`-`

		`def check_signature(headers, payload):`
		`key = bytes(app.config['PAGURE_REPO_WEBHOOK_KEY'], encoding="ascii")`

blockerbugs/models/userinfo.py

file removed

-61

		`@@ -1,61 +0,0 @@`
		`- # Copyright 2013, Red Hat, Inc`
		`- #`
		`- # This program is free software; you can redistribute it and/or modify`
		`- # it under the terms of the GNU General Public License as published by`
		`- # the Free Software Foundation; either version 2 of the License, or`
		`- # (at your option) any later version.`
		`- #`
		`- # This program is distributed in the hope that it will be useful,`
		`- # but WITHOUT ANY WARRANTY; without even the implied warranty of`
		`- # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
		`- # GNU General Public License for more details.`
		`- #`
		`- # You should have received a copy of the GNU General Public License along`
		`- # with this program; if not, write to the Free Software Foundation, Inc.,`
		`- # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.`
		`- #`
		`- # Authors:`
		`- # Martin Krizek <mkrizek@redhat.com>`
		`-`
		`- """ORM class for various user related information"""`
		`-`
		`- import string`
		`- import random`
		`- import crypt`
		`-`
		`- from blockerbugs import db, BaseModel`
		`-`
		`- # FIXME: This is not needed anymore after https://pagure.io/fedora-qa/blockerbugs/issue/230`
		`- # It also supports storing and checking API keys, but we don't use it anywhere.`
		`- # Get rid of this table?`
		`-`
		`- class UserInfo(BaseModel):`
		`- id = db.Column(db.Integer, primary_key=True)`
		`- fas_login = db.Column(db.String(255), unique=True)`
		`- bz_user = db.Column(db.String(255), unique=True)`
		`- api_key_hash = db.Column(db.String(255), unique=True)`
		`-`
		`-`
		`- def __init__(self, fas_login=None, bz_user=None):`
		`- self.fas_login = fas_login`
		`- self.bz_user = bz_user`
		`-`
		`- def generate_api_key(self):`
		`- def _random_string(length=16, chars=string.ascii_letters):`
		`- return ''.join(random.choice(chars) for _ in range(length))`
		`-`
		`- salt = '$6$%s$' % _random_string() #SHA-512, man crypt 3`
		`- password = _random_string()`
		`- self.api_key_hash = crypt.crypt(password, salt)`
		`- return password`
		`-`
		`- def check_api_key(self, key):`
		`- if not self.api_key_hash:`
		`- return False`
		`- if self.api_key_hash == crypt.crypt(key, self.api_key_hash):`
		`- return True`
		`- return False`
		`-`
		`-`
		`- def __repr__(self):`
		`- return '<userinfo %d: %s>' % (self.fas_login, self.bz_user)`

blockerbugs/templates/admin/edit_userinfo.html

file removed

-14

		`@@ -1,14 +0,0 @@`
		`- {% extends 'admin/model/edit.html' %}`
		`-`
		`- {% block body %}`
		`- {% call lib.form_tag() %}`
		`- {{ lib.render_form_fields(form, form_opts=form_widget_args) }}`
		`- <div class="control-group">`
		`- <div class="controls">`
		`- <a href="{{ url_for('.generate_api_key', id=request.args.get('id')) }}"`
		`- class="btn btn-large">Generate new api key</a>`
		`- </div>`
		`- </div>`
		`- {{ lib.render_form_buttons(return_url) }}`
		`- {% endcall %}`
		`- {% endblock %}`

blockerbugs/templates/admin/generate_api_key.html

file removed

-32

		`@@ -1,32 +0,0 @@`
		`- {% extends 'admin/master.html' %}`
		`-`
		`- {% block body %}`
		`-`
		`- <form class="form-horizontal">`
		`- <fieldset>`
		`-`
		`- <div class="control-group">`
		`- <div class="control-label">`
		`- Client ID`
		`- </div>`
		`- <div class="controls">`
		`- <div>`
		`- <input type="text" readonly value="{{ client_id }}">`
		`- </div>`
		`- </div>`
		`- </div>`
		`-`
		`- <div class="control-group">`
		`- <div class="control-label">`
		`- API Key`
		`- </div>`
		`- <div class="controls">`
		`- <div>`
		`- <input type="text" readonly value="{{ api_key }}">`
		`- </div>`
		`- </div>`
		`- </div>`
		`-`
		`- </fieldset>`
		`- </form>`
		`- {% endblock %}`

testing/test_api.py

file modified

-5

		`@@ -10,7 +10,6 @@`
		`from blockerbugs import app`
		`from blockerbugs.models.milestone import Milestone`
		`from blockerbugs.models.bug import Bug`
		`- from blockerbugs.models.userinfo import UserInfo`
		`from testing.test_controllers import add_release, add_milestone, \`
		`add_bug, add_update`
		`from blockerbugs.controllers.api import api, errors`
		`@@ -72,10 +71,6 @@`
		`'topic': 'issue.comment.added',`
		`}`

		`- self.api_user = UserInfo('api_user')`
		`- passwd = self.api_user.generate_api_key()`
		`- self.headers = {'X-Auth-User': 'api_user', 'X-Auth-Key': passwd}`
		`- db.session.add(self.api_user)`
		`db.session.commit()`

		`# === run method ===`

kparal commented a year ago

We no longer need the UserInfo table. Bugzilla credentials are not checked at
the moment (and even if we start to use them again, we'll probably don't need to
validate them), and API keys are not used at all.

This also solves a DeprecationWarning that the crypt module (used inside
UserInfo) will be removed from Python soon.