bstein/bstein-dev-home
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

portal: honor keycloak rotation completion

Browse Source
This commit is contained in:
Brad Stein 2026-01-23 03:35:07 -03:00
parent 1b6e58f782
commit 27ece883cd
1 changed files with 16 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
backend/atlas_portal/routes/access_requests.py
View File

@ -1056,18 +1056,23 @@ def register(app) -> None:
actions_list: list[str] = [] actions_list: list[str] = []
if isinstance(actions, list): if isinstance(actions, list):
actions_list = [a for a in actions if isinstance(a, str)] actions_list = [a for a in actions if isinstance(a, str)]
if "UPDATE_PASSWORD" not in actions_list:
actions_list.append("UPDATE_PASSWORD")
admin_client().update_user_safe(user_id, {"requiredActions": actions_list})
conn.execute( rotation_requested = _password_rotation_requested(conn, code)
""" already_rotated = rotation_requested and "UPDATE_PASSWORD" not in actions_list
INSERT INTO access_request_onboarding_artifacts (request_code, artifact, value_hash)
VALUES (%s, %s, NOW()::text) if not already_rotated:
ON CONFLICT (request_code, artifact) DO NOTHING if "UPDATE_PASSWORD" not in actions_list:
""", actions_list.append("UPDATE_PASSWORD")
(code, _KEYCLOAK_PASSWORD_ROTATION_REQUESTED_ARTIFACT), admin_client().update_user_safe(user_id, {"requiredActions": actions_list})
) if not rotation_requested:
conn.execute(
"""
INSERT INTO access_request_onboarding_artifacts (request_code, artifact, value_hash)
VALUES (%s, %s, NOW()::text)
ON CONFLICT (request_code, artifact) DO NOTHING
""",
(code, _KEYCLOAK_PASSWORD_ROTATION_REQUESTED_ARTIFACT),
)
onboarding_payload = _onboarding_payload(conn, code, request_username) onboarding_payload = _onboarding_payload(conn, code, request_username)
except Exception: except Exception: