From c82be66c2447a42a4b17b41d07ebe846ff8359ba Mon Sep 17 00:00:00 2001
From: Tanner Prestegard <tanner.prestegard@ligo.org>
Date: Tue, 18 Dec 2018 14:49:03 -0600
Subject: [PATCH] Remove old dashboard X509 certificates

---
 .../0020_remove_old_dashboard_certs.py        | 51 +++++++++++++++++++
 1 file changed, 51 insertions(+)
 create mode 100644 gracedb/ligoauth/migrations/0020_remove_old_dashboard_certs.py

diff --git a/gracedb/ligoauth/migrations/0020_remove_old_dashboard_certs.py b/gracedb/ligoauth/migrations/0020_remove_old_dashboard_certs.py
new file mode 100644
index 000000000..ab16a6f31
--- /dev/null
+++ b/gracedb/ligoauth/migrations/0020_remove_old_dashboard_certs.py
@@ -0,0 +1,51 @@
+# -*- coding: utf-8 -*-
+# Generated by Django 1.11.16 on 2018-12-18 20:47
+from __future__ import unicode_literals
+
+from django.db import migrations
+
+ACCOUNT = {
+    'username': 'nagios',
+    'old_certs': [
+        '/DC=org/DC=doegrids/OU=Services/CN=nagios/sentry.phys.uwm.edu',
+        '/DC=org/DC=ligo/O=LIGO/OU=Services/CN=nagios/sentry.phys.uwm.edu',
+        '/DC=org/DC=ligo/O=LIGO/OU=Services/CN=nagios/gracedb.cgca.uwm.edu',
+        '/DC=org/DC=ligo/O=LIGO/OU=Services/CN=nagios/dashboard.cgca.uwm.edu',
+    ],
+}
+
+
+def remove_certs(apps, schema_editor):
+    RobotUser = apps.get_model('ligoauth', 'RobotUser')
+    X509Cert = apps.get_model('ligoauth', 'X509Cert')
+
+    # Get user
+    user = RobotUser.objects.get(username=ACCOUNT['username'])
+
+    # Remove old certs
+    for subject in ACCOUNT['old_certs']:
+        cert = user.x509cert_set.get(subject=subject)
+        cert.delete()
+
+
+def add_certs(apps, schema_editor):
+    RobotUser = apps.get_model('ligoauth', 'RobotUser')
+    X509Cert = apps.get_model('ligoauth', 'X509Cert')
+
+    # Get user
+    user = RobotUser.objects.get(username=ACCOUNT['username'])
+
+    # Re-create old certs
+    for subject in ACCOUNT['old_certs']:
+        cert = user.x509cert_set.create(subject=subject)
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('ligoauth', '0019_update_idq_certs'),
+    ]
+
+    operations = [
+        migrations.RunPython(remove_certs, add_certs),
+    ]
-- 
GitLab