def regenerate_robot_token(robot_shortname, parent):
robot_username = format_robot_username(parent.username, robot_shortname)
robot, metadata = lookup_robot_and_metadata(robot_username)
password = random_string_generator(length=64)()
robot.email = str(uuid4())
robot.uuid = str(uuid4())
service = LoginService.get(name="quayrobot")
login = FederatedLogin.get(FederatedLogin.user == robot,
FederatedLogin.service == service)
login.service_ident = "robot:%s" % (robot.id)
try:
token_data = RobotAccountToken.get(robot_account=robot)
except RobotAccountToken.DoesNotExist:
token_data = RobotAccountToken.create(robot_account=robot)
token_data.token = password
with db_transaction():
token_data.save()
login.save()
robot.save()
return robot, password, metadata
def change_username(user_id, new_username):
(username_valid, username_issue) = validate_username(new_username)
if not username_valid:
raise InvalidUsernameException("Invalid username %s: %s" %
(new_username, username_issue))
with db_transaction():
# Reload the user for update
user = db_for_update(User.select().where(User.id == user_id)).get()
# Rename the robots
for robot in db_for_update(
_list_entity_robots(user.username,
include_metadata=False,
include_token=False)):
_, robot_shortname = parse_robot_username(robot.username)
new_robot_name = format_robot_username(new_username,
robot_shortname)
robot.username = new_robot_name
robot.save()
# Rename the user
user.username = new_username
user.save()
# Remove any prompts for username.
remove_user_prompt(user, "confirm_username")
return user
def create_robot(robot_shortname, parent, description="", unstructured_metadata=None):
(username_valid, username_issue) = validate_username(robot_shortname)
if not username_valid:
raise InvalidRobotException(
"The name for the robot '%s' is invalid: %s" % (robot_shortname, username_issue)
)
username = format_robot_username(parent.username, robot_shortname)
try:
User.get(User.username == username)
msg = "Existing robot with name: %s" % username
logger.info(msg)
raise InvalidRobotException(msg)
except User.DoesNotExist:
pass
service = LoginService.get(name="quayrobot")
try:
with db_transaction():
created = User.create(username=username, email=str(uuid.uuid4()), robot=True)
token = random_string_generator(length=64)()
RobotAccountToken.create(robot_account=created, token=token, fully_migrated=True)
FederatedLogin.create(
user=created, service=service, service_ident="robot:%s" % created.id
)
RobotAccountMetadata.create(
robot_account=created,
description=description[0:255],
unstructured_json=unstructured_metadata or {},
)
return created, token
except Exception as ex:
raise DataModelException(ex.message)
def get_robot_and_metadata(robot_shortname, parent):
"""
Returns a tuple of the robot matching the given shortname, its token, and its metadata.
"""
robot_username = format_robot_username(parent.username, robot_shortname)
robot, metadata = lookup_robot_and_metadata(robot_username)
token = retrieve_robot_token(robot)
return robot, token, metadata
def delete(self, robot_shortname):
"""
Delete an existing robot.
"""
parent = get_authenticated_user()
model.delete_robot(format_robot_username(parent.username, robot_shortname))
log_action("delete_robot", parent.username, {"robot": robot_shortname})
return "", 204
def delete(self, orgname, robot_shortname):
""" Delete an existing organization robot. """
permission = AdministerOrganizationPermission(orgname)
if permission.can():
model.delete_robot(format_robot_username(orgname, robot_shortname))
log_action("delete_robot", orgname, {"robot": robot_shortname})
return "", 204
raise Unauthorized()
def delete(self, orgname, robot_shortname):
"""
Delete an existing organization robot.
"""
permission = AdministerOrganizationPermission(orgname)
if permission.can():
robot_username = format_robot_username(orgname, robot_shortname)
if not model.robot_has_mirror(robot_username):
model.delete_robot(robot_username)
log_action("delete_robot", orgname, {"robot": robot_shortname})
return "", 204
else:
raise request_error(message="Robot is being used by a mirror")
raise Unauthorized()
def delete(self, robot_shortname):
"""
Delete an existing robot.
"""
parent = get_authenticated_user()
robot_username = format_robot_username(parent.username,
robot_shortname)
if not model.robot_has_mirror(robot_username):
model.delete_robot(robot_username)
log_action("delete_robot", parent.username,
{"robot": robot_shortname})
return "", 204
else:
raise request_error(message="Robot is being used by a mirror")
def _get_matching_users(username_prefix,
robot_namespace=None,
organization=None,
limit=20,
exact_matches_only=False):
user_search = prefix_search(User.username, username_prefix)
if exact_matches_only:
user_search = User.username == username_prefix
direct_user_query = user_search & (User.organization
== False) & (User.robot == False)
if robot_namespace:
robot_prefix = format_robot_username(robot_namespace, username_prefix)
robot_search = prefix_search(User.username, robot_prefix)
direct_user_query = (robot_search &
(User.robot == True)) | direct_user_query
query = (User.select(User.id, User.username,
User.email, User.robot).group_by(
User.id, User.username, User.email,
User.robot).where(direct_user_query))
if organization:
query = (query.select(User.id, User.username, User.email, User.robot,
fn.Sum(Team.id)).join(
TeamMember, JOIN.LEFT_OUTER).join(
Team,
JOIN.LEFT_OUTER,
on=((Team.id == TeamMember.team) &
(Team.organization == organization)),
).order_by(User.robot.desc()))
class MatchingUserResult(object):
def __init__(self, *args):
self.id = args[0]
self.username = args[1]
self.email = args[2]
self.robot = args[3]
if organization:
self.is_org_member = args[3] != None
else:
self.is_org_member = None
return (MatchingUserResult(*args) for args in query.tuples().limit(limit))