From 3dae8d40f5163e6406d3a4a44b13fe6ab11dd6e3 Mon Sep 17 00:00:00 2001
From: Tanner Prestegard <tanner.prestegard@ligo.org>
Date: Tue, 18 Dec 2018 09:09:39 -0600
Subject: [PATCH] Update iDQ certificates

---
 .../migrations/0019_update_idq_certs.py       | 58 +++++++++++++++++++
 1 file changed, 58 insertions(+)
 create mode 100644 gracedb/ligoauth/migrations/0019_update_idq_certs.py

diff --git a/gracedb/ligoauth/migrations/0019_update_idq_certs.py b/gracedb/ligoauth/migrations/0019_update_idq_certs.py
new file mode 100644
index 000000000..66a636670
--- /dev/null
+++ b/gracedb/ligoauth/migrations/0019_update_idq_certs.py
@@ -0,0 +1,58 @@
+# -*- coding: utf-8 -*-
+# Generated by Django 1.11.16 on 2018-12-14 15:55
+from __future__ import unicode_literals
+
+from django.db import migrations
+
+ACCOUNTS = {
+    'idq-wa': {
+        'old_cert': '/DC=org/DC=ligo/O=LIGO/OU=Services/CN=idqLHO/ldas-grid.ligo-wa.caltech.edu',
+        'new_cert': '/DC=org/DC=cilogon/C=US/O=LIGO/OU=Robots/CN=ldas-grid.ligo-wa.caltech.edu/CN=idq-lho/CN=Reed Essick/CN=UID:reed.essick.robot',
+    },
+    'idq-la': {
+        'old_cert': '/DC=org/DC=ligo/O=LIGO/OU=Services/CN=idqLLO/ldas-grid.ligo-la.caltech.edu',
+        'new_cert': '/DC=org/DC=cilogon/C=US/O=LIGO/OU=Robots/CN=ldas-grid.ligo-la.caltech.edu/CN=idq-llo/CN=Reed Essick/CN=UID:reed.essick.robot',
+    },
+}
+
+
+def update_certs(apps, schema_editor):
+    User = apps.get_model('auth', 'User')
+
+    for user, certs in ACCOUNTS.iteritems():
+        # Get user
+        user = User.objects.get(username=user)
+
+        # Create new certificate
+        user.x509cert_set.create(subject=certs['new_cert'])
+
+        # Delete old certificate
+        old_cert = user.x509cert_set.get(subject=certs['old_cert'])
+        old_cert.delete()
+
+
+def revert_certs(apps, schema_editor):
+    User = apps.get_model('auth', 'User')
+    X509Cert = apps.get_model('ligoauth', 'X509Cert')
+
+    for user, certs in ACCOUNTS.iteritems():
+        # Get user
+        user = User.objects.get(username=user)
+
+        # Create old certificate
+        user.x509cert_set.create(subject=certs['old_cert'])
+
+        # Delete new certificate
+        old_cert = user.x509cert_set.get(subject=certs['new_cert'])
+        old_cert.delete()
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('ligoauth', '0018_update_cds_llo_certs'),
+    ]
+
+    operations = [
+        migrations.RunPython(update_certs, revert_certs),
+    ]
-- 
GitLab