update

add nix flake make a restart
2023-10-09 21:58:44 +02:00 · 2023-10-09 21:58:44 +02:00 · eee18c1785
commit eee18c1785
parent 536668d8b9
24 changed files with 509 additions and 231 deletions
--- a/lenticular_cloud/migrations/versions/old/0518a8625b50_remove_ldap_add_rest_to_db.py
+++ b/lenticular_cloud/migrations/versions/old/0518a8625b50_remove_ldap_add_rest_to_db.py
@ -0,0 +1,88 @@
+"""remove ldap, add rest to db
+
+Revision ID: 0518a8625b50
+Revises: 52a21983d2a8
+Create Date: 2022-06-17 13:15:33.450531
+
+"""
+from alembic import op
+import sqlalchemy as sa
+from flask import current_app
+from lenticular_cloud.model import User
+import logging
+
+
+# revision identifiers, used by Alembic.
+revision = '0518a8625b50'
+down_revision = '52a21983d2a8'
+branch_labels = None
+depends_on = None
+
+
+def upgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    op.create_table('app_token',
+    sa.Column('id', sa.Integer(), nullable=False),
+    sa.Column('service_name', sa.String(), nullable=False),
+    sa.Column('token', sa.String(), nullable=False),
+    sa.Column('name', sa.String(), nullable=False),
+    sa.PrimaryKeyConstraint('id')
+    )
+    op.create_table('group',
+    sa.Column('id', sa.Integer(), nullable=False),
+    sa.Column('name', sa.String(), nullable=False),
+    sa.PrimaryKeyConstraint('id'),
+    sa.UniqueConstraint('name')
+    )
+    op.drop_table('user_sign_up')
+    op.add_column('user', sa.Column('password_hashed', sa.String(), server_default="", nullable=False))
+    op.add_column('user', sa.Column('enabled', sa.Boolean(), server_default="false", nullable=True))
+    # ### end Alembic commands ###
+    try:
+        from ldap3_orm import AttrDef, EntryBase as _EntryBase, ObjectDef, EntryType
+        from ldap3_orm import Reader
+        from ldap3 import Connection, Server, ALL
+
+        app = current_app
+        server = Server(app.config['LDAP_URL'], get_info=ALL)
+        ldap_conn = Connection(server, app.config['LDAP_BIND_DN'], app.config['LDAP_BIND_PW'], auto_bind=True) # TODO auto_bind read docu
+        base_dn = app.config['LDAP_BASE_DN']
+        object_def = ObjectDef(["inetOrgPerson"], ldap_conn)
+        user_base_dn = f"ou=users,{base_dn}"
+
+
+
+        op.execute(User.__table__.update().values({'enabled': True}))
+        conn = op.get_bind()
+        users = conn.execute(User.__table__.select())
+
+        for user in users:
+            print(f"migrating user {user.username}")
+            reader = Reader(ldap_conn, object_def, user_base_dn, f'(uid={user.username})')
+            result = reader.search()
+            if len(result) == 0:
+                print(f"WARNING: could not migrate user {user.username}")
+                continue
+            ldap_object = result[0]
+            password_hashed = ldap_object.userPassword[0].decode().replace('{CRYPT}','')
+            op.execute(User.__table__.update().values({'password_hashed': password_hashed}).where(User.id == user.id))
+    except ModuleNotFoundError:
+        print("ignore import warning")
+
+
+
+def downgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    op.drop_column('user', 'enabled')
+    op.drop_column('user', 'password_hashed')
+    op.create_table('user_sign_up',
+    sa.Column('id', sa.INTEGER(), nullable=False),
+    sa.Column('username', sa.VARCHAR(), nullable=False),
+    sa.Column('password', sa.VARCHAR(), nullable=False),
+    sa.Column('alternative_email', sa.VARCHAR(), nullable=True),
+    sa.Column('created_at', sa.DATETIME(), nullable=False),
+    sa.PrimaryKeyConstraint('id')
+    )
+    op.drop_table('group')
+    op.drop_table('app_token')
+    # ### end Alembic commands ###
--- a/lenticular_cloud/migrations/versions/old/0f217e90cd07_fix_app_token.py
+++ b/lenticular_cloud/migrations/versions/old/0f217e90cd07_fix_app_token.py
@ -0,0 +1,48 @@
+"""fix app token
+
+Revision ID: 0f217e90cd07
+Revises: 0518a8625b50
+Create Date: 2022-06-18 23:24:12.687324
+
+"""
+from alembic import op
+import sqlalchemy as sa
+
+
+# revision identifiers, used by Alembic.
+revision = '0f217e90cd07'
+down_revision = '0518a8625b50'
+branch_labels = None
+depends_on = None
+
+
+def upgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    with op.batch_alter_table('app_token') as batch_op:
+        batch_op.add_column(sa.Column('user_id', sa.Uuid, nullable=False))
+        batch_op.add_column(sa.Column('last_used', sa.DateTime(), nullable=True))
+    op.create_foreign_key(None, 'app_token', 'user', ['user_id'], ['id'])
+    tmp_table = sa.Table('_alembic_tmp_user', sa.MetaData())
+    op.execute(sa.schema.DropTable(tmp_table, if_exists=True))
+    with op.batch_alter_table('user') as batch_op:
+        batch_op.alter_column('enabled',
+               existing_type=sa.BOOLEAN(),
+               nullable=False,
+               existing_server_default=sa.text("'false'"))
+    # ### end Alembic commands ###
+
+
+def downgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    tmp_table = sa.Table('_alembic_tmp_user', sa.MetaData())
+    op.execute(sa.schema.DropTable(tmp_table, if_exists=True))
+    with op.batch_alter_table('user') as batch_op:
+        batch_op.alter_column('enabled',
+               existing_type=sa.BOOLEAN(),
+               nullable=True,
+               existing_server_default=sa.text("'false'"))
+    op.drop_column('totp', 'last_used')
+    op.drop_constraint(None, 'app_token', type_='foreignkey')
+    op.drop_column('app_token', 'last_used')
+    op.drop_column('app_token', 'user_id')
+    # ### end Alembic commands ###
--- a/lenticular_cloud/migrations/versions/old/52a21983d2a8_add_webauthn.py
+++ b/lenticular_cloud/migrations/versions/old/52a21983d2a8_add_webauthn.py
@ -0,0 +1,37 @@
+"""add webauthn
+
+Revision ID: 52a21983d2a8
+Revises: ff2f2e871dfc
+Create Date: 2022-02-20 17:00:04.531393
+
+"""
+from alembic import op
+import sqlalchemy as sa
+
+
+# revision identifiers, used by Alembic.
+revision = '52a21983d2a8'
+down_revision = 'ff2f2e871dfc'
+branch_labels = None
+depends_on = None
+
+
+def upgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    op.create_table('webauthn_credential',
+    sa.Column('id', sa.Integer(), nullable=False),
+    sa.Column('user_id', sa.Uuid(), nullable=False),
+    sa.Column('user_handle', sa.String(length=64), nullable=False),
+    sa.Column('credential_data', sa.LargeBinary(), nullable=False),
+    sa.Column('name', sa.String(length=250), nullable=True),
+    sa.Column('registered', sa.DateTime(), nullable=True),
+    sa.ForeignKeyConstraint(['user_id'], ['user.id'], ondelete='CASCADE'),
+    sa.PrimaryKeyConstraint('id')
+    )
+    # ### end Alembic commands ###
+
+
+def downgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    op.drop_table('webauthn_credential')
+    # ### end Alembic commands ###
--- a/lenticular_cloud/migrations/versions/old/ff2f2e871dfc_init.py
+++ b/lenticular_cloud/migrations/versions/old/ff2f2e871dfc_init.py
@ -0,0 +1,74 @@
+"""init
+
+Revision ID: ff2f2e871dfc
+Revises: 
+Create Date: 2022-02-20 16:56:13.258209
+
+"""
+from alembic import op
+import sqlalchemy as sa
+from sqlalchemy import engine_from_config
+from sqlalchemy.engine import reflection
+
+
+
+# revision identifiers, used by Alembic.
+revision = 'ff2f2e871dfc'
+down_revision = None
+branch_labels = None
+depends_on = None
+
+
+def upgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+
+    # init sate, migrate from non versioned db schema
+    # by checking if tables exist
+    
+    config = op.get_context().config
+    engine = engine_from_config(
+        config.get_section(config.config_ini_section), prefix="sqlalchemy."
+    )
+    inspector = reflection.Inspector.from_engine(engine)
+    tables = inspector.get_table_names()
+
+    if 'user' not in tables:
+        op.create_table('user',
+        sa.Column('id', sa.String(length=36), nullable=False),
+        sa.Column('username', sa.String(), nullable=False),
+        sa.Column('alternative_email', sa.String(), nullable=True),
+        sa.Column('created_at', sa.DateTime(), nullable=False),
+        sa.Column('modified_at', sa.DateTime(), nullable=False),
+        sa.Column('last_login', sa.DateTime(), nullable=True),
+        sa.PrimaryKeyConstraint('id'),
+        sa.UniqueConstraint('username')
+        )
+    if 'user_sign_up' not in tables:
+        op.create_table('user_sign_up',
+        sa.Column('id', sa.Integer(), nullable=False),
+        sa.Column('username', sa.String(), nullable=False),
+        sa.Column('password', sa.String(), nullable=False),
+        sa.Column('alternative_email', sa.String(), nullable=True),
+        sa.Column('created_at', sa.DateTime(), nullable=False),
+        sa.PrimaryKeyConstraint('id')
+        )
+    if 'totp' not in tables:
+        op.create_table('totp',
+        sa.Column('id', sa.Integer(), nullable=False),
+        sa.Column('secret', sa.String(), nullable=False),
+        sa.Column('name', sa.String(), nullable=False),
+        sa.Column('created_at', sa.DateTime(), nullable=False),
+        sa.Column('user_id', sa.String(length=36), nullable=False),
+        sa.ForeignKeyConstraint(['user_id'], ['user.id'], ),
+        sa.PrimaryKeyConstraint('id')
+        )
+    # ### end Alembic commands ###
+
+
+def downgrade():
+    pass
+    # ### commands auto generated by Alembic - please adjust! ###
+    #op.drop_table('totp')
+    #op.drop_table('user_sign_up')
+    #op.drop_table('user')
+    # ### end Alembic commands ###