Adds cloud_id and claimed_until columns to the application_roles table
so that rows can be locked when they're being processed and updated with
relevant Azure information when processing is finished. Since the
claimed_until column is now common to a few different models, I've also
moved it to a mixin.
Renames Python classes that refer to Upload to something to FileService.
We added this change because these classes now handle downloading as
well as uploading.
This is a temporary fix to avoid spending too much time trying to use app.config variables in a Form class field descriptions and labels. This is tech debt and should be fixed in the future.
This fixes a bug I introduced with commit
6edc7b138b
The value for SESSION_COOKIE_SECURE was being read in as a truthy string
every time. In order for it to be interpreted correctly, we need to map
it to a boolean.
Currently the create call will be consumed by on-demand requests from the frontend, and the 2 stage create will be used by the enviroment management group provisioning to verify an initial subscription was created.
In some functions, we redirect a user based on a parameter in a query
string. This commit adds a function that checks to see if a given url
matches a url pattern of a view function. This will help us ensure that
the url passed as the next parameter isn't malicious.
The tenant ID should be hashed and used as the key for the JSON blob of
relevant creds for any given tenant. Azure CSP interface methods that
need to source creds should call the internal `_source_creds` method,
either with a `tenant_id` or no parameters. That method will source the
creds. If a tenant ID is provided, it will source them from the Key
Vault. If not provided, it will return the default creds for the app
registration in the home tenant.
This script is for bootstrapping the initial database. It can be run via
a container, but requires that a Postgres superuser's credentials be
provided via our normal config. That way the superuser can provision a
less-privileged user for the application's database connection.
- Fixes LGTM warnings for an unused import and equality comparisons to
None in SQLAlchemy filters.
- Removes part of a unit test asserting that the claimed_until locking
mechanism works correctly. If I recall correctly, this does not work
in unit tests because the test takes place inside a transaction, and
the database provider does evaluate the current time until the
transaction is written.
