Mercurial > p > roundup > code
view tools/migrate-queries.py @ 7809:be6cb2e0d471
feat: add support for rotating jwt keys
This allows jwt_secret to have multiple ',' separated secrets. The
first/leftmost should be used to sign new JWTs. All of them are used
(starting from left/newest) to try to verify a JWT.
If the first secret is < 32 chars in length JWTs are disabled. If any
of the other secrets are < 32 chars, the configuration code causes the
software to exit. This prevents insecure (too short) secrets from
being used.
Updated doc examples and tests.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Thu, 14 Mar 2024 19:04:19 -0400 |
| parents | 64b05e24dbd8 |
| children | fed0f839c260 |
line wrap: on
line source
#! /usr/bin/env python ''' migrate-queries <instance-home> [<instance-home> *] Migrate old queries in the specified instances to Roundup 0.6.0+ by removing the leading ? from their URLs. 0.6.0+ queries do not carry a leading ?; it is added by the 0.6.0 templating, so old queries lead to query URLs with a double leading ?? and a consequent 404 Not Found. ''' from __future__ import print_function __author__ = 'James Kew <jkew@mediabright.co.uk>' import sys import roundup.instance if len(sys.argv) == 1: print(__doc__) sys.exit(1) # Iterate over all instance homes specified in argv. for home in sys.argv[1:]: # Do some basic exception handling to catch bad arguments. try: instance = roundup.instance.open(home) except: print('Cannot open instance home directory %s!' % home) continue db = instance.open('admin') db.tx_Source = "cli" print('Migrating active queries in %s (%s):'%( instance.config.TRACKER_NAME, home)) for query in db.query.list(): url = db.query.get(query, 'url') if url[0] == '?': url = url[1:] print(' Migrating query%s (%s)'%(query, db.query.get(query, 'name'))) db.query.set(query, url=url) db.commit() db.close()