This repository has been archived on 2020-03-24. You can view files and clone it, but cannot push or open issues or pull requests.
quay/data/migrations/versions/c059b952ed76_remove_unencrypted_fields_and_data.py

83 lines
3.3 KiB
Python
Raw Normal View History

2019-11-12 16:09:47 +00:00
"""Remove unencrypted fields and data
Revision ID: c059b952ed76
Revises: 703298a825c2
Create Date: 2019-08-19 16:31:00.952773
"""
# revision identifiers, used by Alembic.
revision = 'c059b952ed76'
down_revision = '703298a825c2'
import uuid
from alembic import op as original_op
from data.migrations.progress import ProgressWrapper
import sqlalchemy as sa
from data.database import FederatedLogin, User, RobotAccountToken
def upgrade(tables, tester, progress_reporter):
op = ProgressWrapper(original_op, progress_reporter)
# ### commands auto generated by Alembic - please adjust! ###
op.drop_index('oauthaccesstoken_refresh_token', table_name='oauthaccesstoken')
op.drop_column(u'oauthaccesstoken', 'refresh_token')
op.drop_column('accesstoken', 'code')
op.drop_column('appspecificauthtoken', 'token_code')
op.drop_column('oauthaccesstoken', 'access_token')
op.drop_column('oauthapplication', 'client_secret')
op.drop_column('oauthauthorizationcode', 'code')
op.drop_column('repositorybuildtrigger', 'private_key')
op.drop_column('repositorybuildtrigger', 'auth_token')
# ### end Alembic commands ###
# Overwrite all plaintext robot credentials.
while True:
try:
robot_account_token = RobotAccountToken.get(fully_migrated=False)
robot_account = robot_account_token.robot_account
robot_account.email = str(uuid.uuid4())
robot_account.save()
federated_login = FederatedLogin.get(user=robot_account)
federated_login.service_ident = 'robot:%s' % robot_account.id
federated_login.save()
robot_account_token.fully_migrated = True
robot_account_token.save()
except RobotAccountToken.DoesNotExist:
break
def downgrade(tables, tester, progress_reporter):
op = ProgressWrapper(original_op, progress_reporter)
# ### commands auto generated by Alembic - please adjust! ###
op.add_column(u'oauthaccesstoken', sa.Column('refresh_token', sa.String(length=255), nullable=True))
op.create_index('oauthaccesstoken_refresh_token', 'oauthaccesstoken', ['refresh_token'], unique=False)
op.add_column('repositorybuildtrigger', sa.Column('auth_token', sa.String(length=255), nullable=True))
op.add_column('repositorybuildtrigger', sa.Column('private_key', sa.Text(), nullable=True))
op.add_column('oauthauthorizationcode', sa.Column('code', sa.String(length=255), nullable=True))
op.create_index('oauthauthorizationcode_code', 'oauthauthorizationcode', ['code'], unique=True)
op.add_column('oauthapplication', sa.Column('client_secret', sa.String(length=255), nullable=True))
op.add_column('oauthaccesstoken', sa.Column('access_token', sa.String(length=255), nullable=True))
op.create_index('oauthaccesstoken_access_token', 'oauthaccesstoken', ['access_token'], unique=False)
op.add_column('appspecificauthtoken', sa.Column('token_code', sa.String(length=255), nullable=True))
op.create_index('appspecificauthtoken_token_code', 'appspecificauthtoken', ['token_code'], unique=True)
op.add_column('accesstoken', sa.Column('code', sa.String(length=255), nullable=True))
op.create_index('accesstoken_code', 'accesstoken', ['code'], unique=True)
# ### end Alembic commands ###