[mailman3] Add migration script for Fedora auth provider

This will add migration script for Fedora auth provider. This is only needed when updating to Fedora auth provider using OpenID Connect. Signed-off-by: Michal Konecny <mkonecny@redhat.com>
2024-04-25 13:52:38 +02:00 · 2024-04-25 13:52:38 +02:00 · a8cd5dfff3
commit a8cd5dfff3
parent 9d3fb794e1
2 changed files with 56 additions and 0 deletions
--- a/roles/mailman3/files/migrate_fedora_auth.py
+++ b/roles/mailman3/files/migrate_fedora_auth.py
@ -0,0 +1,55 @@
 #!/usr/bin/python3
 """
 This script is to migrate users from OpenID Fedora auth provider to newer
 OpendID Connect Fedora auth provider.
 The provider is in django_mailman3 package
 https://packages.fedoraproject.org/pkgs/python-django-mailman3/
 The migration scripts changes UID in socialaccount_socialaccount table
 in hyperkitty DB from `http://<username>.id.fedoraproject.org/` to simple
 `<username>`.
 """
 import psycopg2
 import re
 import sys
 SOCIALACCOUNT_TABLE = "socialaccount_socialaccount"
 OPENID_REGEX = r"http://(.+).id.fedoraproject.org/"
 # Read the database information from mailman config
 sys.path.append('/etc/mailman3')
 import settings
 database_settings = settings.DATABASES.get("default")
 conn = psycopg2.connect(
        host=database_settings["HOST"],
        user=database_settings["USER"],
        password=database_settings["PASSWORD"],
        port=database_settings["PORT"],
        dbname=database_settings["NAME"],
        )
 try:
    with conn.cursor() as cursor:
        # Obtain all users with fedora provider
        cursor.execute("SELECT id, uid FROM {} WHERE provider='fedora'".format(SOCIALACCOUNT_TABLE))
        rows = cursor.fetchall()
        update_data = []
        for row in rows:
            result = re.search(OPENID_REGEX, row[1])
            if result:
                update_data.append((row[0], result.group(1)))
                #print("old_uid: '{0}' -> new_uid: '{1}'".format(row[1], result.group(1)))
            #else:
            #    print("User {0} seems to be already migrated".format(row[1]))
        print("Obtained {0}, will update {1}".format(len(rows), len(update_data)))
        # Update uid for the retrieved users
        for row in update_data:
            cursor.execute("UPDATE {0} SET uid = '{1}' WHERE id = {2}".format(SOCIALACCOUNT_TABLE, row[1], row[0]))
        conn.commit()
    print("Updated rows: {}".format(len(update_data)))
 except (Exception, psycopg2.DatabaseError) as error:
    print(error)
--- a/roles/mailman3/tasks/main.yml
+++ b/roles/mailman3/tasks/main.yml
@ -427,6 +427,7 @@
  tags: mailman
  with_items:
  - mailman-sar.py
  - migrate_fedora_auth.py
 - name: Install the staging-sync script
  ansible.builtin.copy: