hazza/jupyterhub
1
0
Fork 0
mirror of https://github.com/jupyterhub/jupyterhub.git synced 2025-10-15 14:03:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

[WIP] Update old revisions to support new table

Browse Source
This commit is contained in:
Duc Trung Le
2023-03-06 23:15:29 +01:00
committed by Duc Trung LE
parent 5bb4b70ab1
commit d251b705e8
3 changed files with 25 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
jupyterhub/alembic/versions/3c2384c5aae1_add_from_config_column_to_the_services_.py
View File

@@ -21,7 +21,7 @@ def upgrade():
if 'services' in tables: if 'services' in tables:
op.add_column( op.add_column(
'services', 'services',
sa.Column('from_config', sa.Boolean, default=True), sa.Column('from_config', sa.Boolean, nullable=True, default=True),
) )
op.execute('UPDATE services SET from_config = true') op.execute('UPDATE services SET from_config = true')

27
jupyterhub/alembic/versions/651f5419b74d_api_token_scopes.py
View File

@@ -13,16 +13,35 @@ depends_on = None
import sqlalchemy as sa import sqlalchemy as sa
from alembic import op from alembic import op
from sqlalchemy import Column, ForeignKey, Table from sqlalchemy import Column, ForeignKey, Table, text
from sqlalchemy.orm import relationship from sqlalchemy.orm import relationship
from sqlalchemy.orm.session import Session from sqlalchemy.orm.session import Session
from jupyterhub import orm, roles, scopes from jupyterhub import orm, roles
def access_scopes(oauth_client: orm.OAuthClient, db: Session):
"""Return scope(s) required to access an oauth client
This is a clone of `scopes.access_scopes` without using
the `orm.Service`
"""
scopes = set()
if oauth_client.identifier == "jupyterhub":
return frozenset()
spawner = oauth_client.spawner
if spawner:
scopes.add(f"access:servers!server={spawner.user.name}/{spawner.name}")
else:
statement = f"SELECT * FROM services WHERE oauth_client_id = '{oauth_client.identifier}'"
service = db.execute(text(statement)).fetchall()
if len(service) > 0:
scopes.add(f"access:services!service={service.name}")
return frozenset(scopes)
def upgrade(): def upgrade():
c = op.get_bind() c = op.get_bind()
tables = sa.inspect(c.engine).get_table_names() tables = sa.inspect(c.engine).get_table_names()
# oauth codes are short lived, no need to upgrade them # oauth codes are short lived, no need to upgrade them
@@ -100,7 +119,7 @@ def upgrade():
db = Session(bind=c) db = Session(bind=c)
for oauth_client in db.query(orm.OAuthClient): for oauth_client in db.query(orm.OAuthClient):
allowed_scopes = set(roles.roles_to_scopes(oauth_client.allowed_roles)) allowed_scopes = set(roles.roles_to_scopes(oauth_client.allowed_roles))
allowed_scopes.update(scopes.access_scopes(oauth_client)) allowed_scopes.update(access_scopes(oauth_client, db))
oauth_client.allowed_scopes = sorted(allowed_scopes) oauth_client.allowed_scopes = sorted(allowed_scopes)
db.commit() db.commit()
# drop token-role relationship # drop token-role relationship

2
jupyterhub/orm.py
View File

@@ -417,7 +417,7 @@ class Service(Base):
), ),
) )
from_config = Column(Boolean, default=True) from_config = Column(Boolean, default=True, nullable=True)
oauth_client = relationship( oauth_client = relationship(
'OAuthClient', 'OAuthClient',