Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add rake task for openid_connect / CILogon cleanup #944

Merged
merged 3 commits into from
Nov 6, 2024
Merged

Add rake task for openid_connect / CILogon cleanup #944

Changes from 2 commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
7ae2c3b
Add rake task for openid_connect / CILogon cleanup
aaronskiba Nov 1, 2024
7f158a7
Make Rubocop happy
aaronskiba Nov 4, 2024
0a2b126
Update CHANGELOG.md
aaronskiba Nov 6, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
48 changes: 47 additions & 1 deletion lib/tasks/dmp_assistant_upgrade.rake
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,12 @@ namespace :dmp_assistant_upgrade do
p '------------------------------------------------------------------------'
handle_email_confirmations_for_existing_users
p 'Task completed: Handle email confirmations for existing users'
p 'All tasks completed successfully'
p 'Beginning task: Update `openid_connect` IdentifierScheme and its identifers'
p '------------------------------------------------------------------------'
if openid_scheme_and_its_identifiers_updated?
p 'Task completed: Update `openid_connect` IdentifierScheme and its identifers'
p 'All tasks completed successfully'
end
end
# rubocop:enable Naming/VariableNumber

Expand Down Expand Up @@ -53,4 +58,45 @@ namespace :dmp_assistant_upgrade do
def super_admin_perm_ids
[Perm.add_orgs.id, Perm.grant_api.id, Perm.change_affiliation.id]
end

# Returns a boolean indicating whether the task was executed successfully
def openid_scheme_and_its_identifiers_updated?
identifier_scheme = IdentifierScheme.includes(:identifiers)
.find_by!(name: 'openid_connect')
old_prefix = identifier_scheme.identifier_prefix
p "Updating identifier_prefix to '' for openid_connect IdentifierScheme"
p '------------------------------------------------------------------------'
begin
ensure_correct_identifier_prefix(old_prefix)
rescue StandardError => e
p "Error updating IdentifierScheme: #{e.message}"
return false
end

# Update identifier_prefix to '' for openid_connect
identifier_scheme.update!(identifier_prefix: '')
p "identifier_prefix updated from #{old_prefix} to '' for #{identifier_scheme.name} IdentifierScheme"
p "Updating prefixed value for identifiers with multiple occurences of 'cilogon'"
p '------------------------------------------------------------------------'
find_and_update_identifiers(identifier_scheme, old_prefix)
true
end

def ensure_correct_identifier_prefix(prefix)
expected_prefix = 'http://cilogon.org/serverE/users/'
error_msg = "Unexpected identifier_prefix! Expected #{expected_prefix} but got #{prefix}."
raise error_msg unless prefix == expected_prefix
end

def find_and_update_identifiers(identifier_scheme, old_prefix)
# `identifier_scheme.identifiers` == openid_connect-related identifiers
# Get identifiers where `.value` has both the old_prefix and multiple occurences of 'cilogon'
identifiers = identifier_scheme.identifiers.where('value ~* ?', "#{old_prefix}.+cilogon.+")
count = identifiers.count
p "(Found #{count} such identifiers)"
# identifier_scheme.identifier_prefix was initially used to prefix identifier.value
# Update by removing old_prefix from identifier.value
identifiers.each { |identifier| identifier.update!(value: identifier.value.delete_prefix(old_prefix)) }
p "Updated prefixed value from #{old_prefix} to '' for #{count} identifiers"
end
end
Loading