Commit abef1bb0 authored by Alper Akgun's avatar Alper Akgun

Merge branch 'mmj-post-deploy-for-u2f-to-webauthn-migration' into 'master'

Migrate remaining U2fRegistration to WebauthnRegistration

See merge request gitlab-org/gitlab!74671
parents b829a07d 453758b6
# frozen_string_literal: true
class MigrateRemainingU2fRegistrations < Gitlab::Database::Migration[1.0]
BATCH_SIZE = 100
disable_ddl_transaction!
def up
# We expect only a few number of records satisfying these conditions.
# on gitlab.com database, this number is 70 as on 17th Nov, 2021.
define_batchable_model('u2f_registrations')
.joins("LEFT JOIN webauthn_registrations ON webauthn_registrations.u2f_registration_id = u2f_registrations.id")
.where(webauthn_registrations: { u2f_registration_id: nil })
.each_batch(of: BATCH_SIZE) do |batch, index|
batch.each do |record|
Gitlab::BackgroundMigration::MigrateU2fWebauthn.new.perform(record.id, record.id)
rescue StandardError => e
Gitlab::ErrorTracking.track_exception(e, u2f_registration_id: record.id)
end
end
end
def down
# no-op
end
end
d6b0ca9d1e88e9e531ee0da5c82723309d746b6d83ea5dfb8326d3cc718a31b6
\ No newline at end of file
# frozen_string_literal: true
require 'spec_helper'
require_migration!
RSpec.describe MigrateRemainingU2fRegistrations, :migration do
let(:u2f_registrations) { table(:u2f_registrations) }
let(:webauthn_registrations) { table(:webauthn_registrations) }
let(:users) { table(:users) }
let(:user) { users.create!(email: 'email@email.com', name: 'foo', username: 'foo', projects_limit: 0) }
before do
create_u2f_registration(1, 'reg1')
create_u2f_registration(2, 'reg2')
create_u2f_registration(3, '')
create_u2f_registration(4, nil)
webauthn_registrations.create!({ name: 'reg1', u2f_registration_id: 1, credential_xid: '', public_key: '', user_id: user.id })
end
it 'correctly migrates u2f registrations previously not migrated' do
expect { migrate! }.to change { webauthn_registrations.count }.from(1).to(4)
end
it 'migrates all valid u2f registrations depite errors' do
create_u2f_registration(5, 'reg3', 'invalid!')
create_u2f_registration(6, 'reg4')
expect { migrate! }.to change { webauthn_registrations.count }.from(1).to(5)
end
def create_u2f_registration(id, name, public_key = nil)
device = U2F::FakeU2F.new(FFaker::BaconIpsum.characters(5), { key_handle: SecureRandom.random_bytes(255) })
public_key ||= Base64.strict_encode64(device.origin_public_key_raw)
u2f_registrations.create!({ id: id,
certificate: Base64.strict_encode64(device.cert_raw),
key_handle: U2F.urlsafe_encode64(device.key_handle_raw),
public_key: public_key,
counter: 5,
name: name,
user_id: user.id })
end
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment