Merge remote-tracking branch 'origin/master' into flake

selfprivacy_api/actions/ssh.py

@@ -49,19 +49,6 @@ def set_ssh_settings(
             data["ssh"]["passwordAuthentication"] = password_authentication
 
 
-def add_root_ssh_key(public_key: str):
-    with WriteUserData() as data:
-        if "ssh" not in data:
-            data["ssh"] = {}
-        if "rootKeys" not in data["ssh"]:
-            data["ssh"]["rootKeys"] = []
-        # Return 409 if key already in array
-        for key in data["ssh"]["rootKeys"]:
-            if key == public_key:
-                raise KeyAlreadyExists()
-        data["ssh"]["rootKeys"].append(public_key)
-
-
 class KeyAlreadyExists(Exception):
     """Key already exists"""
 

selfprivacy_api/backup/__init__.py

@@ -56,6 +56,8 @@ BACKUP_PROVIDER_ENVS = {
     "location": "BACKUP_LOCATION",
 }
 
+AUTOBACKUP_JOB_EXPIRATION_SECONDS = 60 * 60  # one hour
+
 
 class NotDeadError(AssertionError):
     """
@@ -316,6 +318,8 @@ class Backups:
             raise error
 
         Jobs.update(job, status=JobStatus.FINISHED)
+        if reason in [BackupReason.AUTO, BackupReason.PRE_RESTORE]:
+            Jobs.set_expiration(job, AUTOBACKUP_JOB_EXPIRATION_SECONDS)
         return snapshot
 
     @staticmethod

selfprivacy_api/dependencies.py

@@ -27,4 +27,4 @@ async def get_token_header(
 
 def get_api_version() -> str:
     """Get API version"""
-    return "2.4.1"
+    return "2.4.2"

selfprivacy_api/graphql/mutations/users_mutations.py

@@ -147,7 +147,7 @@ class UsersMutations:
         except InvalidPublicKey:
             return UserMutationReturn(
                 success=False,
-                message="Invalid key type. Only ssh-ed25519 and ssh-rsa are supported",
+                message="Invalid key type. Only ssh-ed25519, ssh-rsa and ecdsa are supported",
                 code=400,
             )
         except UserNotFound:

selfprivacy_api/jobs/__init__.py

@@ -224,6 +224,14 @@ class Jobs:
 
         return job
 
+    @staticmethod
+    def set_expiration(job: Job, expiration_seconds: int) -> Job:
+        redis = RedisPool().get_connection()
+        key = _redis_key_from_uuid(job.uid)
+        if redis.exists(key):
+            redis.expire(key, expiration_seconds)
+        return job
+
     @staticmethod
     def get_job(uid: str) -> typing.Optional[Job]:
         """

selfprivacy_api/utils/__init__.py

@@ -88,10 +88,12 @@ class ReadUserData(object):
 
 
 def validate_ssh_public_key(key):
-    """Validate SSH public key. It may be ssh-ed25519 or ssh-rsa."""
+    """Validate SSH public key.
+    It may be ssh-ed25519, ssh-rsa or ecdsa-sha2-nistp256."""
     if not key.startswith("ssh-ed25519"):
         if not key.startswith("ssh-rsa"):
-            return False
+            if not key.startswith("ecdsa-sha2-nistp256"):
+                return False
     return True
 
 

setup.py

@@ -2,7 +2,7 @@ from setuptools import setup, find_packages
 
 setup(
     name="selfprivacy_api",
-    version="2.4.1",
+    version="2.4.2",
     packages=find_packages(),
     scripts=[
         "selfprivacy_api/app.py",

tests/test_jobs.py

@@ -1,6 +1,7 @@
 # pylint: disable=redefined-outer-name
 # pylint: disable=unused-argument
 import pytest
+from time import sleep
 
 from selfprivacy_api.jobs import Jobs, JobStatus
 import selfprivacy_api.jobs as jobsmodule
@@ -49,6 +50,20 @@ def test_remove_get_nonexistent(jobs_with_one_job):
     assert jobs_with_one_job.get_job(uid_str) is None
 
 
+def test_set_zeroing_ttl(jobs_with_one_job):
+    test_job = jobs_with_one_job.get_jobs()[0]
+    jobs_with_one_job.set_expiration(test_job, 0)
+    assert jobs_with_one_job.get_jobs() == []
+
+
+def test_not_zeroing_ttl(jobs_with_one_job):
+    test_job = jobs_with_one_job.get_jobs()[0]
+    jobs_with_one_job.set_expiration(test_job, 1)
+    assert len(jobs_with_one_job.get_jobs()) == 1
+    sleep(1.2)
+    assert len(jobs_with_one_job.get_jobs()) == 0
+
+
 def test_jobs(jobs_with_one_job):
     jobs = jobs_with_one_job
     test_job = jobs_with_one_job.get_jobs()[0]