Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
Open sidebar
feudal
feudalBackend
Commits
4780bd9b
Commit
4780bd9b
authored
Nov 23, 2018
by
Lukas Burgey
Browse files
Fix deletion and removal of ssh keys
Closes
#7
parent
b16c2eef
Changes
4
Hide whitespace changes
Inline
Side-by-side
feudal/backend/migrations/0026_deploymentstate_pending.py
deleted
100644 → 0
View file @
b16c2eef
# Generated by Django 2.1.3 on 2018-11-22 22:15
from
django.db
import
migrations
,
models
class
Migration
(
migrations
.
Migration
):
dependencies
=
[
(
'backend'
,
'0025_auto_20181121_1149'
),
]
operations
=
[
migrations
.
AddField
(
model_name
=
'deploymentstate'
,
name
=
'pending'
,
field
=
models
.
BooleanField
(
default
=
False
,
editable
=
False
),
),
]
feudal/backend/models/__init__.py
View file @
4780bd9b
...
...
@@ -707,6 +707,7 @@ class CredentialState(models.Model):
def
set
(
self
,
state
):
if
state
==
NOT_DEPLOYED
and
self
.
_credential_deleted
:
self
.
_delete_state
()
return
if
state
==
self
.
state
:
return
...
...
@@ -720,6 +721,7 @@ class CredentialState(models.Model):
if
self
.
state
==
NOT_DEPLOYED
:
self
.
_delete_state
()
LOGGER
.
debug
(
'related credential: %s'
,
self
.
credential
)
self
.
state_target
=
NOT_DEPLOYED
self
.
_credential_deleted
=
True
self
.
save
()
...
...
@@ -729,8 +731,11 @@ class CredentialState(models.Model):
def
_delete_state
(
self
):
LOGGER
.
debug
(
self
.
msg
(
'Deleted'
))
credential
=
self
.
credential
self
.
delete
()
credential
.
try_delete_key
()
def
msg
(
self
,
message
):
return
'{} - {}'
.
format
(
self
,
message
)
...
...
feudal/backend/models/users.py
View file @
4780bd9b
...
...
@@ -210,7 +210,7 @@ class User(AbstractUser):
# oidcuser: deploy the according credentials
if
self
.
user_type
==
'oidcuser'
:
#for dep in self.deployments.all():
#
for dep in self.deployments.all():
# dep.activate()
pass
...
...
@@ -306,15 +306,13 @@ class User(AbstractUser):
# is the idp key still present?
if
idp_key_name
not
in
userinfo
:
key
.
delete_key
()
self
.
user_changed_key_removed
(
key
)
self
.
user_remove_key
(
key
)
return
True
# is the idp key changed?
if
key
.
key
!=
unity_key_value
:
key
.
delete_key
()
self
.
user_changed_key_removed
(
key
)
self
.
user_remove_key
(
key
)
new_key
=
SSHPublicKey
(
name
=
unity_key_name
,
...
...
@@ -376,7 +374,10 @@ class User(AbstractUser):
for
dep
in
self
.
deployments
.
all
():
dep
.
user_credential_added
(
key
)
def
user_changed_key_removed
(
self
,
key
):
def
user_remove_key
(
self
,
key
):
if
key
.
delete_key
():
return
LOGGER
.
debug
(
'user_changed_key_removed: %s %s'
,
self
,
key
)
for
dep
in
self
.
deployments
.
all
():
...
...
@@ -424,15 +425,26 @@ class SSHPublicKey(models.Model):
def
value
(
self
):
return
self
.
key
#
does not really delete the key
#
returns true if the deletion is final
def
delete_key
(
self
):
LOGGER
.
debug
(
'delete_key: %s'
,
self
.
name
)
if
self
.
try_delete_key
():
return
True
LOGGER
.
debug
(
self
.
msg
(
'Deletion started'
))
self
.
user
=
None
self
.
key
=
''
self
.
deleted
=
True
self
.
save
()
return
False
# if this key has no credential states anymore we _really_ delete it
def
try_delete_key
(
self
):
if
not
self
.
credential_states
.
filter
(
state
=
'deployed'
).
exists
():
LOGGER
.
info
(
self
.
msg
(
'Final deletion'
))
self
.
delete
()
return
True
LOGGER
.
debug
(
'delete_key: need to inform clients about deletion'
)
return
False
def
__str__
(
self
):
if
self
.
deleted
:
...
...
feudal/backend/views/webpage.py
View file @
4780bd9b
...
...
@@ -57,11 +57,7 @@ class SSHPublicKeyView(views.APIView):
id
=
request
.
data
[
'id'
],
)
# we do not delete ssh keys directly, as we need to keep track
# of them until all clients have also deleted them
key
.
delete_key
()
request
.
user
.
user_changed_key_removed
(
key
)
request
.
user
.
user_remove_key
(
key
)
return
Response
({
'deleted'
:
True
,
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment