def refresh_api_secret(user, resource, table):
"""Refresh the resource API Secret. """
resource_name = table.name[0:-1]
where_clause = sql.and_(
table.c.etag == resource['etag'],
table.c.id == resource['id'],
)
values = {
'api_secret': signature.gen_secret(),
'etag': utils.gen_etag()
}
query = table.update().where(where_clause).values(**values)
result = flask.g.db_conn.execute(query)
if not result.rowcount:
raise dci_exc.DCIConflict(resource_name, resource['id'])
res = flask.jsonify(({'id': resource['id'], 'etag': resource['etag'],
'api_secret': values['api_secret']}))
res.headers.add_header('ETag', values['etag'])
return res
def create_feeders(user):
values = v1_utils.common_values_dict(user)
values.update(schemas.feeder.post(flask.request.json))
if not user.is_in_team(values['team_id']):
raise auth.UNAUTHORIZED
values.update({
# XXX(fc): this should be populated as a default value from the
# model, but we don't return values from the database :(
'api_secret': signature.gen_secret(),
'role_id': auth.get_role_id('FEEDER'),
'data': values.get('data', {}),
})
query = _TABLE.insert().values(**values)
try:
flask.g.db_conn.execute(query)
except sa_exc.IntegrityError:
raise dci_exc.DCICreationConflict(_TABLE.name, 'name')
return flask.Response(json.dumps({'feeder': values}),
201,
headers={'ETag': values['etag']},
content_type='application/json')
def create_feeders(user):
values = flask.request.json
check_json_is_valid(create_feeder_schema, values)
values.update(v1_utils.common_values_dict())
if user.is_not_epm() and user.is_not_super_admin():
raise dci_exc.Unauthorized()
values.update({
# XXX(fc): this should be populated as a default value from the
# model, but we don't return values from the database :(
'api_secret': signature.gen_secret(),
'data': values.get('data', {}),
})
query = _TABLE.insert().values(**values)
try:
flask.g.db_conn.execute(query)
except sa_exc.IntegrityError:
raise dci_exc.DCICreationConflict(_TABLE.name, 'name')
return flask.Response(json.dumps({'feeder': values}),
201,
headers={'ETag': values['etag']},
content_type='application/json')
def create_remotecis(user):
values = v1_utils.common_values_dict(user)
values.update(schemas.remoteci.post(flask.request.json))
# If it's not a super admin nor belongs to the same team_id
if not (auth.is_admin(user)
or auth.is_in_team(user, values.get('team_id'))):
raise auth.UNAUTHORIZED
values.update({
'data': values.get('data', {}),
# XXX(fc): this should be populated as a default value from the
# model, but we don't return values from the database :(
'api_secret': signature.gen_secret(),
})
query = _TABLE.insert().values(**values)
try:
flask.g.db_conn.execute(query)
except sa_exc.IntegrityError:
raise dci_exc.DCICreationConflict(_TABLE.name, 'name')
return flask.Response(json.dumps({'remoteci': values}),
201,
headers={'ETag': values['etag']},
content_type='application/json')
def put_api_secret(user, r_id):
# get If-Match header
if_match_etag = utils.check_and_get_etag(flask.request.headers)
remoteci = v1_utils.verify_existence_and_get(r_id, _TABLE)
if not (auth.is_admin(user) or auth.is_in_team(user, remoteci['team_id'])):
raise auth.UNAUTHORIZED
where_clause = sql.and_(
_TABLE.c.etag == if_match_etag,
_TABLE.c.id == r_id,
)
values = {'api_secret': signature.gen_secret(), 'etag': utils.gen_etag()}
query = (_TABLE.update().where(where_clause).values(**values))
result = flask.g.db_conn.execute(query)
if not result.rowcount:
raise dci_exc.DCIConflict('RemoteCI', r_id)
res = flask.jsonify(({
'id': r_id,
'etag': values['etag'],
'api_secret': values['api_secret']
}))
res.headers.add_header('ETag', values['etag'])
return res
def test_gen_secret():
assert len(signature.gen_secret()) == 64
assert len(signature.gen_secret(128)) == 128
assert signature.gen_secret() != signature.gen_secret()