Add last_accessed information to User and expose for robot accounts

Fixes https://jira.coreos.com/browse/QUAY-848
2018-03-12 20:30:19 -04:00 · 2018-03-12 20:30:19 -04:00 · 2ea13e86a0
commit 2ea13e86a0
parent f1da3c452f
13 changed files with 143 additions and 67 deletions
--- a/data/model/user.py
+++ b/data/model/user.py
@ -173,7 +173,7 @@ def change_username(user_id, new_username):
    user = db_for_update(User.select().where(User.id == user_id)).get()

    # Rename the robots
-    for robot in db_for_update(_list_entity_robots(user.username)):
+    for robot in db_for_update(_list_entity_robots(user.username, include_metadata=False)):
      _, robot_shortname = parse_robot_username(robot.username)
      new_robot_name = format_robot_username(new_username, robot_shortname)
      robot.username = new_robot_name
@ -264,15 +264,10 @@ def create_robot(robot_shortname, parent, description='', unstructured_metadata=


 def get_or_create_robot_metadata(robot):
-  try:
-    return RobotAccountMetadata.get(robot_account=robot)
-  except RobotAccountMetadata.DoesNotExist:
-    try:
-      return RobotAccountMetadata.create(robot_account=robot, description='',
-                                         unstructured_json='{}')
-    except IntegrityError:
-      return RobotAccountMetadata.get(robot_account=robot)
-  
+  defaults = dict(description='', unstructured_json='{}')
+  metadata, _ = RobotAccountMetadata.get_or_create(robot_account=robot, defaults=defaults)
+  return metadata
+

 def update_robot_metadata(robot, description='', unstructured_json=None):
  """ Updates the description and user-specified unstructured metadata associated
@ -281,13 +276,7 @@ def update_robot_metadata(robot, description='', unstructured_json=None):
  metadata.description = description
  metadata.unstructured_json = unstructured_json or metadata.unstructured_json or {}
  metadata.save()
-
-
-def get_robot(robot_shortname, parent):
-  robot_username = format_robot_username(parent.username, robot_shortname)
-  robot = lookup_robot(robot_username)
-  return robot, robot.email
-
+  

 def get_robot_and_metadata(robot_shortname, parent):
  robot_username = format_robot_username(parent.username, robot_shortname)
@ -360,6 +349,9 @@ def verify_robot(robot_username, password):
  if not owner.enabled:
    raise InvalidRobotException('This user has been disabled. Please contact your administrator.')

+  # Mark that the robot was accessed.
+  _basequery.update_last_accessed(robot)
+
  return robot

 def regenerate_robot_token(robot_shortname, parent):
@ -394,22 +386,27 @@ def list_namespace_robots(namespace):
  return _list_entity_robots(namespace)


-def _list_entity_robots(entity_name):
+def _list_entity_robots(entity_name, include_metadata=True):
  """ Return the list of robots for the specified entity. This MUST return a query, not a
      materialized list so that callers can use db_for_update.
-      """
-  return (User
-          .select(User, FederatedLogin, RobotAccountMetadata)
-          .join(FederatedLogin)
-          .switch(User)
-          .join(RobotAccountMetadata, JOIN_LEFT_OUTER)
-          .where(User.robot == True, User.username ** (entity_name + '+%')))
+  """
+  query = (User
+           .select(User, FederatedLogin)
+           .join(FederatedLogin)
+           .where(User.robot == True, User.username ** (entity_name + '+%')))
+
+  if include_metadata:
+    query = (query.switch(User)
+                  .join(RobotAccountMetadata, JOIN_LEFT_OUTER)
+                  .select(User, FederatedLogin, RobotAccountMetadata))
+
+  return query


 def list_entity_robot_permission_teams(entity_name, include_permissions=False):
  query = (_list_entity_robots(entity_name))

-  fields = [User.username, User.creation_date, FederatedLogin.service_ident,
+  fields = [User.username, User.creation_date, User.last_accessed, FederatedLogin.service_ident,
            RobotAccountMetadata.description, RobotAccountMetadata.unstructured_json]
  if include_permissions:
    query = (query
@ -484,6 +481,10 @@ def verify_federated_login(service_id, service_ident):
             .switch(FederatedLogin).join(User)
             .where(FederatedLogin.service_ident == service_ident, LoginService.name == service_id)
             .get())
+
+    # Mark that the user was accessed.
+    _basequery.update_last_accessed(found.user)
+
    return found.user
  except FederatedLogin.DoesNotExist:
    return None
@ -749,6 +750,9 @@ def verify_user(username_or_email, password):
       .where(User.id == fetched.id)
       .execute())

+    # Mark that the user was accessed.
+    _basequery.update_last_accessed(fetched)
+
    # Return the valid user.
    return fetched

@ -990,10 +994,10 @@ def get_pull_credentials(robotname):
    return None

  return {
-      'username': robot.username,
-      'password': login_info.service_ident,
-      'registry': '%s://%s/v1/' % (config.app_config['PREFERRED_URL_SCHEME'],
-                                   config.app_config['SERVER_HOSTNAME']),
+    'username': robot.username,
+    'password': login_info.service_ident,
+    'registry': '%s://%s/v1/' % (config.app_config['PREFERRED_URL_SCHEME'],
+                                 config.app_config['SERVER_HOSTNAME']),
  }

 def get_region_locations(user):