fix(key): ssh key name has to be unique now - migration included that appends a number

helgi · helgi · commit d3a1ba1c2827 · 2016-10-03T10:55:03.000-07:00
Fixes #1023
diff --git a/rootfs/api/migrations/0019_auto_20160930_2351.py b/rootfs/api/migrations/0019_auto_20160930_2351.py
@@ -0,0 +1,40 @@
+# -*- coding: utf-8 -*-
+# Generated by Django 1.10 on 2016-09-30 23:51
+from __future__ import unicode_literals
+
+from django.db import migrations, models
+from django.db.models import Count
+
+
+def fix_duplicate_keys(apps, schema_editor):
+    Keys = apps.get_model("api", "Key")
+
+    # find duplicates
+    duplicates = Keys.objects.values('id') \
+                            .annotate(Count('id')) \
+                            .order_by() \
+                            .filter(id__count__gt=1)
+    for dup in duplicates:
+        # update all duplicates
+        inc = 1
+        for key in Keys.objects.filter(id=dup['id']):
+            key_id = '{}-{}'.format(key.id, inc)
+            key.id = key_id
+            key.save()
+            inc += 1
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('api', '0018_auto_20160908_1748'),
+    ]
+
+    operations = [
+        migrations.RunPython(fix_duplicate_keys),
+        migrations.AlterField(
+            model_name='key',
+            name='id',
+            field=models.CharField(max_length=128, unique=True),
+        ),
+    ]
diff --git a/rootfs/api/models/key.py b/rootfs/api/models/key.py
@@ -20,7 +20,7 @@ class Key(UuidAuditedModel):
     """An SSH public key."""
 
     owner = models.ForeignKey(settings.AUTH_USER_MODEL, on_delete=models.CASCADE)
-    id = models.CharField(max_length=128)
+    id = models.CharField(max_length=128, unique=True)
     public = models.TextField(
         unique=True, validators=[validate_base64],
         error_messages={
diff --git a/rootfs/api/tests/test_hooks.py b/rootfs/api/tests/test_hooks.py
@@ -68,7 +68,7 @@ def test_key_hook(self, mock_requests):
         public = response.data['public']
 
         # Create another keys
-        body = {'id': str(self.user), 'public': RSA_PUBKEY2}
+        body = {'id': str(self.user) + '-2', 'public': RSA_PUBKEY2}
         response = self.client.post('/v2/keys', body)
         self.assertEqual(response.status_code, 201, response.data)
         public2 = response.data['public']
diff --git a/rootfs/api/tests/test_key.py b/rootfs/api/tests/test_key.py
@@ -107,29 +107,43 @@ def test_bad_key(self):
         response = self._check_bad_key(BAD_KEY)
         self.assertEqual(response.data, {'public': ['Key contains invalid base64 chars']})
 
-    def _check_duplicate_key(self, pubkey, pubkey2):
+    def _check_duplicate_fingerprint(self, pubkey, pubkey2):
         """
         Test that a user cannot add a duplicate key
         """
         url = '/v2/keys'
+        # initial key
         body = {'id': 'mykey@box.local', 'public': pubkey}
         response = self.client.post(url, body)
         self.assertEqual(response.status_code, 201, response.data)
-        response = self.client.post(url, body)
-        self.assertEqual(response.status_code, 400, response.data)
+
         # test that adding a key with the same fingerprint fails
         body = {'id': 'mykey2@box.local', 'public': pubkey}
         response = self.client.post(url, body)
         self.assertEqual(response.status_code, 400, response.data)
-        body = {'id': 'mykey2@box.local', 'public': pubkey2}
+        self.assertEqual(response.data, {'public': ['Public Key is already in use']}, response.data)  # noqa
+
+        body = {'id': 'mykey3@box.local', 'public': pubkey2}
         response = self.client.post(url, body)
         self.assertEqual(response.status_code, 201, response.data)
 
     def test_rsa_duplicate_key(self):
-        self._check_duplicate_key(RSA_PUBKEY, RSA_PUBKEY2)
+        self._check_duplicate_fingerprint(RSA_PUBKEY, RSA_PUBKEY2)
 
     def test_ecdsa_duplicate_key(self):
-        self._check_duplicate_key(ECDSA_PUBKEY, ECDSA_PUBKEY2)
+        self._check_duplicate_fingerprint(ECDSA_PUBKEY, ECDSA_PUBKEY2)
+
+    def test_duplicate_id(self):
+        url = '/v2/keys'
+        body = {'id': 'duplicae@box.local', 'public': RSA_PUBKEY}
+        response = self.client.post(url, body)
+        self.assertEqual(response.status_code, 201, response.data)
+
+        # same name, diff key
+        body = {'id': 'duplicae@box.local', 'public': RSA_PUBKEY2}
+        response = self.client.post(url, body)
+        self.assertEqual(response.status_code, 400, response.data)
+        self.assertEqual(response.data, {'id': ['SSH Key with this id already exists.']}, response.data)  # noqa
 
     def test_rsa_key_str(self):
         """Test the text representation of a key"""
