This is an automated email from the ASF dual-hosted git repository. wave pushed a commit to branch use-session-asf-uid-for-ssh-keys-tokens in repository https://gitbox.apache.org/repos/asf/tooling-trusted-releases.git
commit 233e8d06e204f1dc5c632a5aa9301e6a7dcde054 Author: Dave Fisher <[email protected]> AuthorDate: Wed Mar 4 14:41:00 2026 -0800 Use session asf_uid when adding ssh key and pat --- atr/api/__init__.py | 2 +- atr/post/keys.py | 2 +- atr/post/tokens.py | 1 - atr/storage/writers/ssh.py | 4 ++-- atr/storage/writers/tokens.py | 6 +++--- 5 files changed, 7 insertions(+), 8 deletions(-) diff --git a/atr/api/__init__.py b/atr/api/__init__.py index d911a7d9..168d9fec 100644 --- a/atr/api/__init__.py +++ b/atr/api/__init__.py @@ -1136,7 +1136,7 @@ async def ssh_key_add(data: models.api.SshKeyAddArgs) -> DictResponse: asf_uid = _jwt_asf_uid() async with storage.write(asf_uid) as write: wafc = write.as_foundation_committer() - fingerprint = await wafc.ssh.add_key(data.text, asf_uid) + fingerprint = await wafc.ssh.add_key(data.text) return models.api.SshKeyAddResults( endpoint="/ssh-key/add", fingerprint=fingerprint, diff --git a/atr/post/keys.py b/atr/post/keys.py index 6a3939c4..581d5e2b 100644 --- a/atr/post/keys.py +++ b/atr/post/keys.py @@ -199,7 +199,7 @@ async def ssh_add( try: async with storage.write(session) as write: wafc = write.as_foundation_committer() - fingerprint = await wafc.ssh.add_key(add_ssh_key_form.key, session.uid) + fingerprint = await wafc.ssh.add_key(add_ssh_key_form.key) await quart.flash(f"SSH key added successfully: {fingerprint}", "success") except util.SshFingerprintError as e: diff --git a/atr/post/tokens.py b/atr/post/tokens.py index 3f8abd08..74c93fc9 100644 --- a/atr/post/tokens.py +++ b/atr/post/tokens.py @@ -72,7 +72,6 @@ async def _add_token(session: web.Committer, add_form: shared.tokens.AddTokenFor async with storage.write() as write: wafc = write.as_foundation_committer() await wafc.tokens.add_token( - session.uid, token_hash, created, expires, diff --git a/atr/storage/writers/ssh.py b/atr/storage/writers/ssh.py index 555a173c..c3afa1d1 100644 --- a/atr/storage/writers/ssh.py +++ b/atr/storage/writers/ssh.py @@ -51,9 +51,9 @@ class FoundationCommitter(GeneralPublic): raise storage.AccessError("Not authorized") self.__asf_uid = asf_uid - async def add_key(self, key: str, asf_uid: str) -> str: + async def add_key(self, key: str) -> str: fingerprint = util.key_ssh_fingerprint(key) - self.__data.add(sql.SSHKey(fingerprint=fingerprint, key=key, asf_uid=asf_uid)) + self.__data.add(sql.SSHKey(fingerprint=fingerprint, key=key, asf_uid=self.__asf_uid)) await self.__data.commit() return fingerprint diff --git a/atr/storage/writers/tokens.py b/atr/storage/writers/tokens.py index cfb28d1c..9a0dab53 100644 --- a/atr/storage/writers/tokens.py +++ b/atr/storage/writers/tokens.py @@ -61,12 +61,12 @@ class FoundationCommitter(GeneralPublic): self.__asf_uid = asf_uid async def add_token( - self, uid: str, token_hash: str, created: datetime.datetime, expires: datetime.datetime, label: str | None + self, token_hash: str, created: datetime.datetime, expires: datetime.datetime, label: str | None ) -> sql.PersonalAccessToken: if not label: raise ValueError("Label is required") pat = sql.PersonalAccessToken( - asfuid=uid, + asfuid=self.__asf_uid, token_hash=token_hash, created=created, expires=expires, @@ -76,7 +76,7 @@ class FoundationCommitter(GeneralPublic): await self.__data.commit() message = mail.Message( email_sender=NOREPLY_EMAIL_ADDRESS, - email_recipient=f"{uid}@apache.org", + email_recipient=f"{self.__asf_uid}@apache.org", subject="New API Token Created", body=f"A new API token called '{label}' was created for your account. " "If you did not create this token, please revoke it immediately.", --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
