From 32ef793c4d2c1c1b1144c559b3a039c2ad76dc31 Mon Sep 17 00:00:00 2001 From: kevgliss Date: Sat, 8 Aug 2015 16:12:29 -0700 Subject: [PATCH] Switch to relying on the configuration key in the configuration file --- lemur/certificates/models.py | 8 +++----- lemur/roles/models.py | 14 +++----------- lemur/utils.py | 20 ++++++++++++++++++++ 3 files changed, 26 insertions(+), 16 deletions(-) create mode 100644 lemur/utils.py diff --git a/lemur/certificates/models.py b/lemur/certificates/models.py index 8c254024..5fb6f6e1 100644 --- a/lemur/certificates/models.py +++ b/lemur/certificates/models.py @@ -5,19 +5,17 @@ :license: Apache, see LICENSE for more details. .. moduleauthor:: Kevin Glisson """ -import os import datetime +from flask import current_app from cryptography import x509 from cryptography.hazmat.backends import default_backend - -from flask import current_app - from sqlalchemy.orm import relationship from sqlalchemy import event, Integer, ForeignKey, String, DateTime, PassiveDefault, func, Column, Text, Boolean from sqlalchemy_utils import EncryptedType +from lemur.utils import get_key from lemur.database import db from lemur.plugins.base import plugins @@ -211,7 +209,7 @@ class Certificate(db.Model): id = Column(Integer, primary_key=True) owner = Column(String(128)) body = Column(Text()) - private_key = Column(EncryptedType(String, os.environ.get('LEMUR_ENCRYPTION_KEY'))) + private_key = Column(EncryptedType(String, get_key)) status = Column(String(128)) deleted = Column(Boolean, index=True) name = Column(String(128)) diff --git a/lemur/roles/models.py b/lemur/roles/models.py index 08781c6c..8b32865f 100644 --- a/lemur/roles/models.py +++ b/lemur/roles/models.py @@ -1,5 +1,5 @@ """ -.. module: models +.. module: lemur.roles.models :platform: unix :synopsis: This module contains all of the models need to create a role within Lemur @@ -9,13 +9,12 @@ .. moduleauthor:: Kevin Glisson """ -import os from sqlalchemy.orm import relationship from sqlalchemy import Column, Integer, String, Text, ForeignKey from sqlalchemy_utils import EncryptedType - from lemur.database import db +from lemur.utils import get_key from lemur.models import roles_users @@ -24,15 +23,8 @@ class Role(db.Model): id = Column(Integer, primary_key=True) name = Column(String(128), unique=True) username = Column(String(128)) - password = Column(EncryptedType(String, os.environ.get('LEMUR_ENCRYPTION_KEY'))) + password = Column(EncryptedType(String, get_key)) description = Column(Text) authority_id = Column(Integer, ForeignKey('authorities.id')) user_id = Column(Integer, ForeignKey('users.id')) users = relationship("User", secondary=roles_users, passive_deletes=True, backref="role", cascade='all,delete') - - def as_dict(self): - return {c.name: getattr(self, c.name) for c in self.__table__.columns} - - def serialize(self): - blob = self.as_dict() - return blob diff --git a/lemur/utils.py b/lemur/utils.py new file mode 100644 index 00000000..d59d235d --- /dev/null +++ b/lemur/utils.py @@ -0,0 +1,20 @@ +""" +.. module: lemur.utils + :platform: Unix + :copyright: (c) 2015 by Netflix Inc., see AUTHORS for more + :license: Apache, see LICENSE for more details. +.. moduleauthor:: Kevin Glisson +""" +from flask import current_app + + +def get_key(): + """ + Gets the current encryption key + + :return: + """ + try: + return current_app.config.get('LEMUR_ENCRYPTION_KEY') + except RuntimeError: + return ''