Skip to content

Commit dbdcc9b

Browse files
tomklapiscaktomklapiscak
committed
remove confusing manage_apikey computed property
1 parent 9cf9fce commit dbdcc9b

1 file changed

Lines changed: 11 additions & 22 deletions

File tree

src/mas/devops/users.py

Lines changed: 11 additions & 22 deletions
Original file line numberDiff line numberDiff line change
@@ -65,8 +65,6 @@ def __init__(self, mas_instance_id: str, mas_workspace_id: str, k8s_client: clie
6565
self._manage_internal_ca_pem_file_path = None
6666
self._manage_internal_client_pem_file_path = None
6767

68-
self._manage_maxadmin_api_key = None
69-
7068
self._mas_workspace_application_ids = None
7169

7270
@property
@@ -169,12 +167,6 @@ def manage_internal_ca_pem_file_path(self):
169167
self._manage_internal_ca_pem_file_path = pem_file.name
170168
return self._manage_internal_ca_pem_file_path
171169

172-
@property
173-
def manage_maxadmin_api_key(self):
174-
if self._manage_maxadmin_api_key is None:
175-
self._manage_maxadmin_api_key = self.create_or_get_manage_api_key_for_user(MASUserUtils.MAXADMIN, temporary=True)
176-
return self._manage_maxadmin_api_key
177-
178170
@property
179171
def mas_workspace_application_ids(self):
180172
if self._mas_workspace_application_ids is None:
@@ -626,11 +618,7 @@ def delete_manage_api_key(self, manage_api_key):
626618
raise Exception(response.text)
627619
# {"Error":{"extendedError":{"moreInfo":{"href":"https:\/\/masdev.manage.tgk01.apps.noble4.cp.fyre.ibm.com\/maximo\/api\/error\/messages\/BMXAA8727E"}},"reasonCode":"BMXAA8727E","message":"The OSLC resource MXAPIAPIKEY with the ID _WmxvZlZLNVl2V3dGa1FseUJoKzJ4ZzQzSEd1bmRUamdWcTFiV1hWMGQ5QnAyNHQxQm53TmVFRWtVbmN4YkI2alZSTlp3eElsQko2bElNSCJzcCJ1M3hiNlE9PQ-- was not found as it does not exist in the system. In the database, verify whether the resource for the ID exists.","statusCode":"404"}}
628620

629-
if manage_api_key["userid"] == MASUserUtils.MAXADMIN:
630-
# clear any cached _manage_maxadmin_api_key if necessary
631-
self._manage_maxadmin_api_key = None
632-
633-
def get_manage_group_id(self, group_name):
621+
def get_manage_group_id(self, group_name, manage_api_key):
634622
self.logger.debug(f"Getting ID for Manage group {group_name}")
635623
url = f"{self.manage_api_url_internal}/maximo/api/os/mxapigroup"
636624
querystring = {
@@ -641,7 +629,7 @@ def get_manage_group_id(self, group_name):
641629
}
642630
headers = {
643631
"Accept": "application/json",
644-
"apikey": self.manage_maxadmin_api_key["apikey"], # <--- careful, don't log headers as-is (apikey is sensitive)
632+
"apikey": manage_api_key["apikey"], # <--- careful, don't log headers as-is (apikey is sensitive)
645633
}
646634
response = requests.get(
647635
url,
@@ -659,9 +647,9 @@ def get_manage_group_id(self, group_name):
659647

660648
return None
661649

662-
def is_user_in_manage_group(self, group_name, user_id):
650+
def is_user_in_manage_group(self, group_name, user_id, manage_api_key):
663651

664-
group_id = self.get_manage_group_id(group_name)
652+
group_id = self.get_manage_group_id(group_name, manage_api_key)
665653

666654
url = f"{self.manage_api_url_internal}/maximo/api/os/mxapigroup/{group_id}/groupuser"
667655
querystring = {
@@ -670,7 +658,7 @@ def is_user_in_manage_group(self, group_name, user_id):
670658
}
671659
headers = {
672660
"Accept": "application/json",
673-
"apikey": self.manage_maxadmin_api_key["apikey"], # <--- careful, don't log headers as-is (apikey is sensitive)
661+
"apikey": manage_api_key["apikey"], # <--- careful, don't log headers as-is (apikey is sensitive)
674662
}
675663

676664
response = requests.get(
@@ -686,18 +674,18 @@ def is_user_in_manage_group(self, group_name, user_id):
686674

687675
raise Exception(f"{response.status_code} {response.text}")
688676

689-
def add_user_to_manage_group(self, user_id, group_name):
677+
def add_user_to_manage_group(self, user_id, group_name, manage_api_key):
690678
'''
691679
No-op if user_id is already a member of the manage security group
692680
'''
693681

694-
if self.is_user_in_manage_group(group_name, user_id):
682+
if self.is_user_in_manage_group(group_name, user_id, manage_api_key):
695683
self.logger.info(f"User {user_id} is already a member of Manage Security Group {group_name}")
696684
return None
697685

698686
self.logger.info(f"Adding user {user_id} to Manage group {group_name}")
699687

700-
group_id = self.get_manage_group_id(group_name)
688+
group_id = self.get_manage_group_id(group_name, manage_api_key)
701689

702690
url = f"{self.manage_api_url_internal}/maximo/api/os/mxapigroup/{group_id}"
703691
querystring = {
@@ -708,7 +696,7 @@ def add_user_to_manage_group(self, user_id, group_name):
708696
"Accept": "application/json",
709697
"x-method-override": "PATCH",
710698
"patchtype": "MERGE",
711-
"apikey": self.manage_maxadmin_api_key["apikey"], # <--- careful, don't log headers as-is (apikey is sensitive)
699+
"apikey": manage_api_key["apikey"], # <--- careful, don't log headers as-is (apikey is sensitive)
712700
}
713701
payload = {
714702
"groupuser": [
@@ -956,8 +944,9 @@ def create_initial_user_for_saas(self, user, user_type):
956944
self.check_user_sync(user_id, mas_application_id)
957945

958946
if "manage" in self.mas_workspace_application_ids:
947+
maxadmin_manage_api_key = self.create_or_get_manage_api_key_for_user(MASUserUtils.MAXADMIN, temporary=True)
959948
for manage_security_group in manage_security_groups:
960-
self.add_user_to_manage_group(user_id, manage_security_group)
949+
self.add_user_to_manage_group(user_id, manage_security_group, maxadmin_manage_api_key)
961950

962951
# Unused (but potentially useful) methods
963952
# ----------------------------------------

0 commit comments

Comments
 (0)