def detach_token(serial,
application,
hostname=None,
machine_id=None,
resolver_name=None):
"""
Delete a machine token.
Also deletes the corresponding MachineTokenOptions
You need to provide either the hostname or the (machine_id,
resolver_name) of the machine, from which you want to detach the
token.
:param serial: The serial number of the token
:type serial: string
:param application: The name of the application - something like ssh or luks
:type application: basestring
:param hostname: The hostname of the machine
If the hostname is not unique, an exception is raised.
:type hostname: basestring
:param machine_id: The machine ID of the machine
:type machine_id: basestring
:param resolver_name: The resolver_name of the machine
:type resolver_name: basestring
:param options: additional options
:return: the new MachineToken Object
"""
token_id = get_token_id(serial)
if machine_id == ANY_MACHINE and resolver_name == NO_RESOLVER:
# We have attached a token to any machine, like with offline
machineresolver_id = None
# For later handling we need to reset the machine_id and the resovler_name:
machine_id = None
resolver_name = None
elif hostname or machine_id or resolver_name:
# Only if we have a specific machine, we need to determine these values,
# otherwise we are using None.
machine_id, resolver_name = _get_host_identifier(
hostname, machine_id, resolver_name)
machineresolver_id = get_machineresolver_id(resolver_name)
else:
# No specific machine given.
machineresolver_id = None
mtids = get_machinetoken_ids(machine_id, resolver_name, serial,
application)
# Delete MachineTokenOptions
for mtid in mtids:
MachineTokenOptions.query.filter(
MachineTokenOptions.machinetoken_id == mtid).delete()
# Delete MachineToken
r = MachineToken.query.filter(
and_(MachineToken.token_id == token_id,
MachineToken.machine_id == machine_id,
MachineToken.machineresolver_id == machineresolver_id,
MachineToken.application == application)).delete()
db.session.commit()
return r
def list_machine_tokens(hostname=None,
machine_id=None,
resolver_name=None,
serial=None,
application=None,
params=None):
"""
Returns a list of tokens assigned to the given machine.
:return: JSON of all tokens connected to machines with the corresponding
application.
"""
res = []
if hostname or machine_id or resolver_name:
machine_id, resolver_name = _get_host_identifier(
hostname, machine_id, resolver_name)
machineresolver_id = get_machineresolver_id(resolver_name)
sql_query = MachineToken.query.filter(
and_(MachineToken.machine_id == machine_id,
MachineToken.machineresolver_id == machineresolver_id))
else:
# If we have no specific machine defined, we find all applications/serials
sql_query = MachineToken.query.filter()
if application:
sql_query = sql_query.filter(MachineToken.application == application)
if serial:
token_id = get_token_id(serial)
sql_query = sql_query.filter(MachineToken.token_id == token_id)
for row in sql_query.all():
# row.token contains the database token
option_list = row.option_list
options = {}
for option in option_list:
options[option.mt_key] = option.mt_value
res.append({
"serial": row.token.serial,
"machine_id": machine_id,
"resolver": resolver_name,
"type": row.token.tokentype,
"application": row.application,
"options": options
})
return res
def detach_token(serial,
application,
hostname=None,
machine_id=None,
resolver_name=None):
"""
Delete a machine token.
Also deletes the corresponding MachineTokenOptions
You need to provide either the hostname or the (machine_id,
resolver_name) of the machine, from which you want to detach the
token.
:param serial: The serial number of the token
:type serial: string
:param application: The name of the application - something like ssh or luks
:type application: basestring
:param hostname: The hostname of the machine
If the hostname is not unique, an exception is raised.
:type hostname: basestring
:param machine_id: The machine ID of the machine
:type machine_id: basestring
:param resolver_name: The resolver_name of the machine
:type resolver_name: basestring
:param options: addtional options
:return: the new MachineToken Object
"""
machine_id, resolver_name = _get_host_identifier(hostname, machine_id,
resolver_name)
mtid = get_machinetoken_id(machine_id, resolver_name, serial, application)
token_id = get_token_id(serial)
machineresolver_id = get_machineresolver_id(resolver_name)
# Delete MachineTokenOptions
# Delete MachineToken
MachineTokenOptions.query.filter(
MachineTokenOptions.machinetoken_id == mtid).delete()
r = MachineToken.query.filter(
and_(MachineToken.token_id == token_id,
MachineToken.machine_id == machine_id,
MachineToken.machineresolver_id == machineresolver_id,
MachineToken.application == application)).delete()
db.session.commit()
return r
def list_machine_tokens(hostname=None,
machine_id=None,
resolver_name=None,
serial=None,
application=None,
params=None):
"""
Returns a list of tokens assigned to the given machine.
:return: JSON of all tokens connected to machines with the corresponding
application.
"""
res = []
machine_id, resolver_name = _get_host_identifier(hostname, machine_id,
resolver_name)
machineresolver_id = get_machineresolver_id(resolver_name)
sql_query = MachineToken.query.filter(and_(MachineToken.machine_id ==
machine_id,
MachineToken.machineresolver_id == machineresolver_id))
if application:
sql_query = sql_query.filter(MachineToken.application == application)
if serial:
token_id = get_token_id(serial)
sql_query = sql_query.filter(MachineToken.token_id == token_id)
for row in sql_query.all():
# row.token contains the database token
option_list = row.option_list
options = {}
for option in option_list:
options[option.mt_key] = option.mt_value
res.append({"serial": row.token.serial,
"machine_id": machine_id,
"resolver": resolver_name,
"type": row.token.tokentype,
"application": row.application,
"options": options})
return res
def detach_token(serial, application, hostname=None, machine_id=None,
resolver_name=None):
"""
Delete a machine token.
Also deletes the corresponding MachineTokenOptions
You need to provide either the hostname or the (machine_id,
resolver_name) of the machine, from which you want to detach the
token.
:param serial: The serial number of the token
:type serial: string
:param application: The name of the application - something like ssh or luks
:type application: basestring
:param hostname: The hostname of the machine
If the hostname is not unique, an exception is raised.
:type hostname: basestring
:param machine_id: The machine ID of the machine
:type machine_id: basestring
:param resolver_name: The resolver_name of the machine
:type resolver_name: basestring
:param options: addtional options
:return: the new MachineToken Object
"""
machine_id, resolver_name = _get_host_identifier(hostname, machine_id,
resolver_name)
mtid = get_machinetoken_id(machine_id, resolver_name, serial,
application)
token_id = get_token_id(serial)
machineresolver_id = get_machineresolver_id(resolver_name)
# Delete MachineTokenOptions
# Delete MachineToken
MachineTokenOptions.query.filter(MachineTokenOptions.machinetoken_id == mtid).delete()
r = MachineToken.query.filter(and_(MachineToken.token_id == token_id,
MachineToken.machine_id == machine_id,
MachineToken.machineresolver_id == machineresolver_id,
MachineToken.application == application)).delete()
db.session.commit()
return r
