[idp] overload django cleanup management command to clean all cleanable models
This commit is contained in:
parent
0b8bc506bc
commit
b8c006b9e1
|
@ -1,5 +1,14 @@
|
|||
from datetime import date, timedelta
|
||||
|
||||
from django.db import models
|
||||
from django.utils.translation import ugettext as _
|
||||
from django.conf import settings
|
||||
|
||||
class AuthenticationEventManager(models.Manager):
|
||||
def cleanup(self):
|
||||
expire = getattr(settings, 'AUTHENTICATION_EVENT_EXPIRATION',
|
||||
3600*24*7)
|
||||
self.filter(when__lt=date.today()-timedelta(seconds=expire)).delete()
|
||||
|
||||
class AuthenticationEvent(models.Model):
|
||||
'''Record authentication events whatever the source'''
|
||||
|
@ -8,5 +17,8 @@ class AuthenticationEvent(models.Model):
|
|||
how = models.CharField(max_length = 10)
|
||||
nonce = models.CharField(max_length = 255)
|
||||
|
||||
objects = AuthenticationEventManager()
|
||||
|
||||
def __unicode__(self):
|
||||
return _('Authentication of %(who)s by %(how)s at %(when)s') % self.__dict__
|
||||
return _('Authentication of %(who)s by %(how)s at %(when)s') % \
|
||||
self.__dict__
|
||||
|
|
|
@ -9,6 +9,11 @@ class CasTicketManager(models.Manager):
|
|||
'''
|
||||
self.filter(expire__gte=datetime.now()).delete()
|
||||
|
||||
def cleanup(self):
|
||||
# Keep them 4 minutes
|
||||
expire = getattr(settings, 'CAS_TICKET_EXPIRATION', 240)
|
||||
self.filter(when__lt=date.today()-timedelta(seconds=expire).delete()
|
||||
|
||||
class CasTicket(models.Model):
|
||||
'''Session ticket with a CAS 1.0 or 2.0 consumer'''
|
||||
|
||||
|
|
|
@ -84,11 +84,19 @@ class Association(models.Model):
|
|||
lifetime=association.lifetime,
|
||||
assoc_type=association.assoc_type).save()
|
||||
|
||||
class NonceManager(models.Manager):
|
||||
def cleanup(self):
|
||||
expire = openid.store.nonce.SKEW
|
||||
now = calendar.timegm(datetime.datetime.now().utctimetuple())
|
||||
self.filter(timestamp__lt=now-expire).delete()
|
||||
|
||||
class Nonce(models.Model):
|
||||
salt = models.CharField(max_length=40)
|
||||
server_url = models.CharField(max_length=2047)
|
||||
timestamp = models.IntegerField()
|
||||
|
||||
objects = NonceManager()
|
||||
|
||||
class Meta:
|
||||
unique_together = ('server_url', 'salt')
|
||||
|
||||
|
|
|
@ -0,0 +1,26 @@
|
|||
import datetime
|
||||
import sys
|
||||
|
||||
from django.core.management.base import NoArgsCommand
|
||||
from django.db import models
|
||||
import django.core.management.commands.cleanup as cleanup
|
||||
|
||||
class Command(NoArgsCommand):
|
||||
help = """Can be run as a cronjob or directly to clean out old data from the \
|
||||
database. It calls the cleanup() method of manager classes."""
|
||||
|
||||
def cleanup(self):
|
||||
all_models = [ ]
|
||||
for app in models.get_apps():
|
||||
all_models += [ m for m in models.get_models(app) ]
|
||||
for model in all_models:
|
||||
manager = getattr(model, 'objects', None)
|
||||
if manager is None:
|
||||
continue
|
||||
cleanup = getattr(manager, 'cleanup', None)
|
||||
if callable(cleanup):
|
||||
manager.cleanup()
|
||||
|
||||
def handle_noargs(self, **options):
|
||||
self.cleanup()
|
||||
cleanup.Command().execute(**options)
|
|
@ -4,6 +4,7 @@ import xml.etree.ElementTree as etree
|
|||
import hashlib
|
||||
import binascii
|
||||
import base64
|
||||
from datetime import datetime, timedelta
|
||||
|
||||
import lasso
|
||||
from django.db import models
|
||||
|
@ -13,6 +14,7 @@ from django.core.exceptions import ValidationError
|
|||
from django.core.files.storage import FileSystemStorage
|
||||
from django.utils.translation import ugettext as _
|
||||
from django.core.exceptions import ObjectDoesNotExist, MultipleObjectsReturned
|
||||
from django.utils.importlib import import_module
|
||||
|
||||
from fields import *
|
||||
|
||||
|
@ -353,6 +355,20 @@ class LibertyIdentityDump(models.Model):
|
|||
user = models.ForeignKey(User, unique = True)
|
||||
identity_dump = models.TextField(blank = True)
|
||||
|
||||
class SessionLinkedManager(models.Manager):
|
||||
def cleanup(self):
|
||||
engine = import_module(settings.SESSION_ENGINE)
|
||||
store = engine.SessionStore()
|
||||
for o in self.all():
|
||||
key = o.django_session_key
|
||||
if not store.exists(key):
|
||||
o.delete()
|
||||
else:
|
||||
session = engine.SessionStore(session_key=key)
|
||||
if session.get_expiry_date() >= datetime.now():
|
||||
store.delete(key)
|
||||
o.delete()
|
||||
|
||||
class LibertySessionDump(models.Model):
|
||||
'''Store lasso session object dump.
|
||||
|
||||
|
@ -361,6 +377,8 @@ class LibertySessionDump(models.Model):
|
|||
django_session_key = models.CharField(max_length = 40)
|
||||
session_dump = models.TextField(blank = True)
|
||||
|
||||
objects = SessionLinkedManager()
|
||||
|
||||
class LibertyManageDump(models.Model):
|
||||
'''Store lasso manage dump
|
||||
|
||||
|
@ -369,6 +387,15 @@ class LibertyManageDump(models.Model):
|
|||
django_session_key = models.CharField(max_length = 40)
|
||||
manage_dump = models.TextField(blank = True)
|
||||
|
||||
objects = SessionLinkedManager()
|
||||
|
||||
class LibertyArtifactManager(models.Manager):
|
||||
def cleanup(self):
|
||||
# keep artifacts 10 minutes
|
||||
expire = getattr(settings, 'SAML2_ARTIFACT_EXPIRATION', 600)
|
||||
before = datetime.now()-timedelta(seconds=expire)
|
||||
self.filter(creation__lt=before).delete()
|
||||
|
||||
class LibertyArtifact(models.Model):
|
||||
"""Store an artifact and the associated XML content"""
|
||||
creation = models.DateTimeField(auto_now_add=True)
|
||||
|
@ -377,12 +404,21 @@ class LibertyArtifact(models.Model):
|
|||
django_session_key = models.CharField(max_length = 40)
|
||||
provider_id = models.CharField(max_length = 80)
|
||||
|
||||
objects = LibertyArtifactManager()
|
||||
|
||||
def nameid2kwargs(name_id):
|
||||
return { 'name_id_qualifier': name_id.nameQualifier,
|
||||
'name_id_sp_name_qualifier': name_id.spNameQualifier,
|
||||
'name_id_content': name_id.content,
|
||||
'name_id_format': name_id.format }
|
||||
|
||||
class LibertyAssertionManager(models.Manager):
|
||||
def cleanup(self):
|
||||
# keep assertions 1 week
|
||||
expire = getattr(settings, 'SAML2_ASSERTION_EXPIRATION', 3600*24*7)
|
||||
before = datetime.now()-timedelta(seconds=expire)
|
||||
self.filter(creation__lt=before).delete()
|
||||
|
||||
class LibertyAssertion(models.Model):
|
||||
assertion_id = models.CharField(max_length = 50)
|
||||
provider_id = models.CharField(max_length = 80)
|
||||
|
@ -448,6 +484,8 @@ class LibertySession(models.Model):
|
|||
verbose_name = _("SPNameQualifier"), null = True)
|
||||
creation = models.DateTimeField(auto_now_add=True)
|
||||
|
||||
objects = SessionLinkedManager()
|
||||
|
||||
def __init__(self, *args, **kwargs):
|
||||
saml2_assertion = kwargs.pop('saml2_assertion', None)
|
||||
if saml2_assertion:
|
||||
|
|
Loading…
Reference in New Issue