#265 DB: drop UserInfo table
Closed 2 years ago by kparal. Opened 2 years ago by kparal.

@@ -0,0 +1,34 @@ 

+ """Drop UserInfo

+ 

+ Revision ID: 23daad4f64e1

+ Revises: f8c29e9793f4

+ Create Date: 2023-01-24 14:57:21.730021

+ """

+ import sqlalchemy as sa

+ from alembic import op

+ 

+ # revision identifiers, used by Alembic.

+ revision = '23daad4f64e1'

+ down_revision = 'f8c29e9793f4'

+ 

+ 

+ def upgrade():

+     # We no longer need the UserInfo table. Bugzilla credentials are not checked at the moment (and

+     # even if we start to use them again, we'll probably don't need to validate them), and API keys

+     # are not used at all.

+     op.drop_table('user_info')

+ 

+ 

+ def downgrade():

+     # ### commands auto generated by Alembic - please adjust! ###

+     op.create_table(

+         'user_info',

+         sa.Column('id', sa.INTEGER(), autoincrement=True, nullable=False),

+         sa.Column('fas_login', sa.VARCHAR(length=255), autoincrement=False, nullable=True),

+         sa.Column('bz_user', sa.VARCHAR(length=255), autoincrement=False, nullable=True),

+         sa.Column('api_key_hash', sa.VARCHAR(length=255), autoincrement=False, nullable=True),

+         sa.PrimaryKeyConstraint('id', name='pk_user_info'),

+         sa.UniqueConstraint('api_key_hash', name='uq_user_info_api_key_hash'),

+         sa.UniqueConstraint('bz_user', name='uq_user_info_bz_user'),

+         sa.UniqueConstraint('fas_login', name='uq_user_info_fas_login')

+     )

@@ -27,7 +27,6 @@ 

  import flask_admin

  from blockerbugs import app, db

  from blockerbugs.models.release import Release

- from blockerbugs.models.userinfo import UserInfo

  from blockerbugs.models.milestone import Milestone

  from blockerbugs.controllers.admin.auth import FasAuthModelView

  from blockerbugs.controllers.users import check_admin_rights
@@ -91,52 +90,6 @@ 

              return False

          return True

  

- class UserInfoView(FasAuthModelView):

-     column_exclude_list = form_excluded_columns = ('api_key_hash', )

- 

-     edit_template = 'admin/edit_userinfo.html'

- 

-     def on_model_change(self, form, model, is_created):

-         if not model.bz_user:

-             model.bz_user = None

- 

- 

-     @flask_admin.expose('/generate_api_key/', methods=('GET', ))

-     def generate_api_key(self):

-         """

-             Generate user api key.

-         """

-         return_url = request.args.get('url') or url_for('.index_view')

- 

-         if not self.can_edit:

-             return redirect(return_url)

- 

-         id = request.args.get('id')

-         if id is None:

-             return redirect(return_url)

- 

-         model = self.get_one(id)

- 

-         if model is None:

-             return redirect(return_url)

- 

-         try:

-             api_key = model.generate_api_key()

-             self.session.add(model)

-             self.session.commit()

-         except Exception as ex:

-             flash(gettext('Failed to generate API key. %(error)s', error=str(ex)),

-                   'error')

-             logging.exception('Failed to generate api key')

-             self.session.rollback()

-             return False

- 

-         return self.render('admin/generate_api_key.html',

-                            client_id=model.fas_login,

-                            api_key=api_key,

-                            return_url=return_url)

- 

  

  admin.add_view(MilestoneView(Milestone, db.session))

  admin.add_view(ReleaseView(Release, db.session))

- admin.add_view(UserInfoView(UserInfo, db.session))

@@ -22,16 +22,14 @@ 

  

  import json

  import datetime

- from functools import wraps

  

  import hmac

  import hashlib

  

- from flask import Response, request

+ from flask import Response

  

  from blockerbugs import app

- from blockerbugs.models.userinfo import UserInfo

- from .errors import MalformedJSONError, NoSuchObjectError, AuthFailedError

+ from .errors import MalformedJSONError, NoSuchObjectError

  

  

  class JsonEncoder(json.JSONEncoder):
@@ -93,16 +91,6 @@ 

          raise NoSuchObjectError(obj_type=model.__name__)

      return rv

  

- def check_api_rights(f):

-     @wraps(f)

-     def decorated_function(*args, **kwargs):

-         headers = request.headers

-         user_info = UserInfo.query.filter_by(fas_login=headers.get('X-Auth-User')).first()

-         if user_info and user_info.check_api_key(headers.get('X-Auth-Key')):

-             return f(*args, **kwargs)

-         raise AuthFailedError()

-     return decorated_function

- 

  

  def check_signature(headers, payload):

      key = bytes(app.config['PAGURE_REPO_WEBHOOK_KEY'], encoding="ascii")

@@ -1,61 +0,0 @@ 

- # Copyright 2013, Red Hat, Inc

- #

- # This program is free software; you can redistribute it and/or modify

- # it under the terms of the GNU General Public License as published by

- # the Free Software Foundation; either version 2 of the License, or

- # (at your option) any later version.

- #

- # This program is distributed in the hope that it will be useful,

- # but WITHOUT ANY WARRANTY; without even the implied warranty of

- # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

- # GNU General Public License for more details.

- #

- # You should have received a copy of the GNU General Public License along

- # with this program; if not, write to the Free Software Foundation, Inc.,

- # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.

- #

- # Authors:

- #   Martin Krizek <mkrizek@redhat.com>

- 

- """ORM class for various user related information"""

- 

- import string

- import random

- import crypt

- 

- from blockerbugs import db, BaseModel

- 

- # FIXME: This is not needed anymore after https://pagure.io/fedora-qa/blockerbugs/issue/230

- # It also supports storing and checking API keys, but we don't use it anywhere.

- # Get rid of this table?

- 

- class UserInfo(BaseModel):

-     id = db.Column(db.Integer, primary_key=True)

-     fas_login = db.Column(db.String(255), unique=True)

-     bz_user = db.Column(db.String(255), unique=True)

-     api_key_hash = db.Column(db.String(255), unique=True)

- 

- 

-     def __init__(self, fas_login=None, bz_user=None):

-         self.fas_login = fas_login

-         self.bz_user = bz_user

- 

-     def generate_api_key(self):

-         def _random_string(length=16, chars=string.ascii_letters):

-             return ''.join(random.choice(chars) for _ in range(length))

- 

-         salt = '$6$%s$' % _random_string()  #SHA-512, man crypt 3

-         password = _random_string()

-         self.api_key_hash = crypt.crypt(password, salt)

-         return password

- 

-     def check_api_key(self, key):

-         if not self.api_key_hash:

-             return False

-         if self.api_key_hash == crypt.crypt(key, self.api_key_hash):

-             return True

-         return False

- 

- 

-     def __repr__(self):

-         return '<userinfo %d: %s>' % (self.fas_login, self.bz_user)

@@ -1,14 +0,0 @@ 

- {% extends 'admin/model/edit.html' %}

- 

- {% block body %}

-     {% call lib.form_tag() %}

-         {{ lib.render_form_fields(form, form_opts=form_widget_args) }}

-         <div class="control-group">

-             <div class="controls">

-                 <a href="{{ url_for('.generate_api_key', id=request.args.get('id')) }}"

-                    class="btn btn-large">Generate new api key</a>

-             </div>

-         </div>

-         {{ lib.render_form_buttons(return_url) }}

-     {% endcall %}

- {% endblock %}

@@ -1,32 +0,0 @@ 

- {% extends 'admin/master.html' %}

- 

- {% block body %}

- 

-     <form class="form-horizontal">

-     <fieldset>

- 

-         <div class="control-group">

-             <div class="control-label">

-                 Client ID

-             </div>

-             <div class="controls">

-                 <div>

-                     <input type="text" readonly value="{{ client_id }}">

-                 </div>

-             </div>

-         </div>

- 

-         <div class="control-group">

-             <div class="control-label">

-                 API Key

-             </div>

-             <div class="controls">

-                 <div>

-                     <input type="text" readonly value="{{ api_key }}">

-                 </div>

-             </div>

-         </div>

- 

-     </fieldset>

-     </form>

- {% endblock %}

file modified
-5
@@ -10,7 +10,6 @@ 

  from blockerbugs import app

  from blockerbugs.models.milestone import Milestone

  from blockerbugs.models.bug import Bug

- from blockerbugs.models.userinfo import UserInfo

  from testing.test_controllers import add_release, add_milestone, \

      add_bug, add_update

  from blockerbugs.controllers.api import api, errors
@@ -72,10 +71,6 @@ 

              'topic': 'issue.comment.added',

          }

  

-         self.api_user = UserInfo('api_user')

-         passwd = self.api_user.generate_api_key()

-         self.headers = {'X-Auth-User': 'api_user', 'X-Auth-Key': passwd}

-         db.session.add(self.api_user)

          db.session.commit()

  

          # === run method ===

We no longer need the UserInfo table. Bugzilla credentials are not checked at
the moment (and even if we start to use them again, we'll probably don't need to
validate them), and API keys are not used at all.

This also solves a DeprecationWarning that the crypt module (used inside
UserInfo) will be removed from Python soon.

Build succeeded.

Much code dropped, me likey!

Pull-Request has been closed by kparal

2 years ago