initdb: add unapproved service key
This commit is contained in:
Jimmy Zelinskie
Jimmy Zelinskie
parent
fb1dca4e94
commit
b0dac1d27e
2 changed files with 24 additions and 20 deletions
44
initdb.py
44
initdb.py
|
|
@ -156,30 +156,31 @@ def __create_subtree(with_storage, repo, structure, creator_username, parent, ta
|
|||
__create_subtree(with_storage, repo, subtree, creator_username, new_image, tag_map)
|
||||
|
||||
|
||||
def __generate_service_key(name, user, timestamp, approval_type, expiration=None, metadata=None):
|
||||
def __generate_service_key(kid, name, user, timestamp, approval_type, expiration=None,
|
||||
metadata=None):
|
||||
private_key = RSA.generate(1024)
|
||||
jwk = RSAKey(key=private_key.publickey()).serialize()
|
||||
kid = sha256(json.dumps(canonicalize(jwk), separators=(',', ':'))).hexdigest()
|
||||
|
||||
metadata = metadata or {}
|
||||
model.service_keys.create_service_key(name, kid, 'sample_service', jwk, metadata, expiration)
|
||||
model.service_keys.approve_service_key(kid, user, approval_type,
|
||||
notes='The **test** apporval')
|
||||
if approval_type is not None:
|
||||
model.service_keys.approve_service_key(kid, user, approval_type,
|
||||
notes='The **test** apporval')
|
||||
|
||||
key_metadata = {
|
||||
'kid': kid,
|
||||
'preshared': True,
|
||||
'service': 'sample_service',
|
||||
'name': name,
|
||||
'expiration_date': expiration,
|
||||
'auto_approved': True
|
||||
}
|
||||
key_metadata = {
|
||||
'kid': kid,
|
||||
'preshared': True,
|
||||
'service': 'sample_service',
|
||||
'name': name,
|
||||
'expiration_date': expiration,
|
||||
'auto_approved': True
|
||||
}
|
||||
|
||||
model.log.log_action('service_key_approve', None, performer=user,
|
||||
timestamp=timestamp, metadata=key_metadata)
|
||||
model.log.log_action('service_key_approve', None, performer=user,
|
||||
timestamp=timestamp, metadata=key_metadata)
|
||||
|
||||
model.log.log_action('service_key_create', None, performer=user,
|
||||
timestamp=timestamp, metadata=key_metadata)
|
||||
model.log.log_action('service_key_create', None, performer=user,
|
||||
timestamp=timestamp, metadata=key_metadata)
|
||||
|
||||
|
||||
def __generate_repository(with_storage, user_obj, name, description, is_public, permissions, structure):
|
||||
|
|
@ -653,11 +654,14 @@ def populate_database(minimal=False, with_storage=False):
|
|||
six_ago = today - timedelta(5)
|
||||
four_ago = today - timedelta(4)
|
||||
|
||||
__generate_service_key('somesamplekey', new_user_1, today, ServiceKeyApprovalType.SUPERUSER)
|
||||
__generate_service_key('someexpiringkey', new_user_1, week_ago, ServiceKeyApprovalType.SUPERUSER,
|
||||
today + timedelta(14))
|
||||
__generate_service_key('kid1', 'somesamplekey', new_user_1, today,
|
||||
ServiceKeyApprovalType.SUPERUSER)
|
||||
__generate_service_key('kid2', 'someexpiringkey', new_user_1, week_ago,
|
||||
ServiceKeyApprovalType.SUPERUSER, today + timedelta(14))
|
||||
|
||||
__generate_service_key('autorotatingkey', new_user_1, six_ago,
|
||||
__generate_service_key('kid3', 'unapprovedkey', new_user_1, today, None)
|
||||
|
||||
__generate_service_key('kid4', 'autorotatingkey', new_user_1, six_ago,
|
||||
ServiceKeyApprovalType.KEY_ROTATION, today + timedelta(1),
|
||||
dict(rotation_ttl=timedelta(hours=12).total_seconds()))
|
||||
|
||||
|
|
|
|||
Binary file not shown.
Reference in a new issue