Commit db09a0fe authored by Alexander Pace's avatar Alexander Pace
Browse files

adding two auth migrations

parent d570d1c7
Pipeline #191981 failed with stages
in 4 minutes and 16 seconds
# Generated by Django 2.2.10 on 2020-07-01 19:40
from django.db import migrations, models
from django.conf import settings
ROBOTS = [
{
'username' : 'rebecca.ewing.robot',
'first_name' : '',
'last_name' : 'Catalog Writer Robot', # Note that the last_name acts as a display
'email' : 'rebecca.ewing@ligo.org',
'dns' : [
"/DC=org/DC=cilogon/C=US/O=LIGO/OU=Robots/CN=git.ligo.org/CN=catalogdevcron/CN=Rebecca Ewing/CN=UID:rebecca.ewing.robot",
]
},
]
def create_robots(apps, schema_editor):
User = apps.get_model('auth', 'User')
X509Cert = apps.get_model('ligoauth', 'X509Cert')
AuthGroup = apps.get_model('ligoauth', 'AuthGroup')
lvc_group = AuthGroup.objects.get(name=settings.LVC_GROUP)
robot_group = AuthGroup.objects.get(name='robot_accounts')
for entry in ROBOTS:
user, created = User.objects.get_or_create(username=entry['username'])
if created:
user.first_name = entry['first_name']
user.last_name = entry['last_name']
user.email = entry['email']
user.is_active = True
user.is_staff = False
user.is_superuser = False
user.save()
# Create the cert objects and link them to our user.
for dn in entry['dns']:
cert, created = X509Cert.objects.get_or_create(subject=dn,
user=user)
# Add our user to the LVC group. This permission is required to
# do most things, but may *NOT* always be appropriate. It may
# also be necessary to give the robotic user permission to populate
# a particular pipeline.
lvc_group.user_set.add(user)
# Add user to robot accounts
robot_group.user_set.add(user)
def delete_robots(apps, schema_editor):
User = apps.get_model('auth', 'User')
X509Cert = apps.get_model('ligoauth', 'X509Cert')
for entry in ROBOTS:
for dn in entry['dns']:
X509Cert.objects.get(subject=dn).delete()
User.objects.get(username=entry['username']).delete()
class Migration(migrations.Migration):
dependencies = [
('ligoauth', '0071_dmacleod_robot'),
]
operations = [
migrations.RunPython(create_robots, delete_robots),
]
# -*- coding: utf-8 -*-
# Generated by alex on 2021-02-17
from __future__ import unicode_literals
from django.db import migrations
# detchar is on a tear getting new certs, so I'm doing three
# at once.
gracedb_account = 'detchar'
alex_urban = 'alexander.urban.robot'
new_certs = ['/DC=org/DC=cilogon/C=US/O=LIGO/OU=Robots/CN=detchar.ligo.caltech.edu/CN=detchar/CN=Robert Bruntz/CN=UID:robert.bruntz.robot',
'/DC=org/DC=cilogon/C=US/O=LIGO/OU=Robots/CN=detchar.ligo-la.caltech.edu/CN=detchar-la/CN=Robert Bruntz/CN=UID:robert.bruntz.robot',
'/DC=org/DC=cilogon/C=US/O=LIGO/OU=Robots/CN=detchar.ligo.caltech.edu/CN=detchar_cit/CN=Robert Bruntz/CN=UID:robert.bruntz.robot',
'/DC=org/DC=cilogon/C=US/O=LIGO/OU=Robots/CN=detchar.ligo-wa.caltech.edu/CN=detchar_ligo-wa/CN=Robert Bruntz/CN=UID:robert.bruntz.robot',
]
def add_cert(apps, schema_editor):
RobotUser = apps.get_model('auth', 'User')
# Get user
user = RobotUser.objects.get(username=gracedb_account)
# delete old certificates:
alex_certs= user.x509cert_set.filter(subject__contains=alex_urban)
alex_certs.delete()
# Create new certificates
for cert in new_certs:
user.x509cert_set.create(subject=cert)
def delete_cert(apps, schema_editor):
RobotUser = apps.get_model('auth', 'User')
# Get user
user = RobotUser.objects.get(username=gracedb_account)
# Delete new certificates
for cert in new_certs:
cert = user.x509cert_set.get(subject=cert)
cert.delete()
class Migration(migrations.Migration):
dependencies = [
('ligoauth', '0072_catalogdevcron_robot'),
]
operations = [
migrations.RunPython(add_cert, delete_cert),
]
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment