vbatts/quay
Archived
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

clear notifications on delete/replace service_key

Browse source
This commit is contained in:
Jimmy Zelinskie 2016-03-29 17:16:51 -04:00 committed by Jimmy Zelinskie
parent 42b5196b21
commit 0ec54fc70e
2 changed files with 21 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

34
data/model/service_keys.py
View file

@ -25,18 +25,15 @@ def _gc_expired(service):
_stale_unapproved_keys_clause(service)).execute() _stale_unapproved_keys_clause(service)).execute()
def create_service_key(name, kid, service, jwk, metadata, expiration_date): def _notify_superusers(key):
sk = ServiceKey.create(name=name, kid=kid, service=service, jwk=jwk, metadata=metadata,
expiration_date=expiration_date)
notification_metadata = { notification_metadata = {
'name': name, 'name': key.name,
'kid': kid, 'kid': key.kid,
'service': service, 'service': key.service,
'jwk': jwk, 'jwk': key.jwk,
'metadata': metadata, 'metadata': key.metadata,
'created_date': sk.created_date, 'created_date': key.created_date,
'expiration_date': expiration_date, 'expiration_date': key.expiration_date,
} }
superusers = User.select().where(User.username << app.config['SUPER_USERS']) superusers = User.select().where(User.username << app.config['SUPER_USERS'])
@ -44,15 +41,21 @@ def create_service_key(name, kid, service, jwk, metadata, expiration_date):
# TODO(jzelinskie): create notification type in the database migration # TODO(jzelinskie): create notification type in the database migration
# I already put it in initdb # I already put it in initdb
create_notification('service_key_submitted', superuser, metadata=notification_metadata, create_notification('service_key_submitted', superuser, metadata=notification_metadata,
lookup_path='/service_key_approval/{0}'.format(kid)) lookup_path='/service_key_approval/{0}'.format(key.kid))
def create_service_key(name, kid, service, jwk, metadata, expiration_date):
key = ServiceKey.create(name=name, kid=kid, service=service, jwk=jwk, metadata=metadata,
expiration_date=expiration_date)
_notify_superusers(key)
_gc_expired(service) _gc_expired(service)
def replace_service_key(kid, jwk, metadata, expiration_date): def replace_service_key(old_kid, kid, jwk, metadata, expiration_date):
try: try:
with db_transaction(): with db_transaction():
key = db_for_update(ServiceKey.select().where(ServiceKey.kid == kid)).get() key = db_for_update(ServiceKey.select().where(ServiceKey.kid == old_kid)).get()
metadata = key.metadata.update(metadata) metadata = key.metadata.update(metadata)
ServiceKey.create(name=key.name, kid=kid, service=key.service, jwk=jwk, ServiceKey.create(name=key.name, kid=kid, service=key.service, jwk=jwk,
metadata=metadata, expiration_date=expiration_date, approval=key.approval) metadata=metadata, expiration_date=expiration_date, approval=key.approval)
@ -60,6 +63,8 @@ def replace_service_key(kid, jwk, metadata, expiration_date):
except ServiceKey.DoesNotExist: except ServiceKey.DoesNotExist:
raise ServiceKeyDoesNotExist raise ServiceKeyDoesNotExist
_notify_superusers(key)
delete_all_notifications_by_path_prefix('/service_key_approval/{0}'.format(old_kid))
_gc_expired(key.service) _gc_expired(key.service)
@ -84,6 +89,7 @@ def delete_service_key(service, kid):
except ServiceKey.DoesNotExist: except ServiceKey.DoesNotExist:
raise ServiceKeyDoesNotExist() raise ServiceKeyDoesNotExist()
delete_all_notifications_by_path_prefix('/service_key_approval/{0}'.format(kid))
_gc_expired(service) _gc_expired(service)

2
endpoints/key_server.py
View file

@ -115,7 +115,7 @@ def put_service_keys(service, kid):
_validate_jwt(encoded_jwt, signer_jwk, service) _validate_jwt(encoded_jwt, signer_jwk, service)
try: try:
data.model.service_keys.replace_service_key(kid, jwk, metadata, expiration_date) data.model.service_keys.replace_service_key(signer_key.kid, kid, jwk, metadata, expiration_date)
except data.model.ServiceKeyDoesNotExist: except data.model.ServiceKeyDoesNotExist:
abort(404) abort(404)