From 3e5db9eedbe1f1e58589a61226d1f013546bf750 Mon Sep 17 00:00:00 2001 From: Zach Seils Date: Tue, 24 Apr 2018 19:55:26 -0400 Subject: [PATCH] Check for default rotation policy before updating db (#1223) --- lemur/manage.py | 15 ++++++++++----- lemur/policies/service.py | 9 +++++++++ 2 files changed, 19 insertions(+), 5 deletions(-) diff --git a/lemur/manage.py b/lemur/manage.py index 0079adb4..655b1827 100755 --- a/lemur/manage.py +++ b/lemur/manage.py @@ -251,12 +251,17 @@ class InitializeApp(Command): recipients = current_app.config.get('LEMUR_SECURITY_TEAM_EMAIL') notification_service.create_default_expiration_notifications("DEFAULT_SECURITY", recipients=recipients) - days = current_app.config.get("LEMUR_DEFAULT_ROTATION_INTERVAL", 30) - sys.stdout.write("[+] Creating default certificate rotation policy of {days} days before issuance.\n".format( - days=days - )) + _DEFAULT_ROTATION_INTERVAL = 'default' + default_rotation_interval = policy_service.get_by_name(_DEFAULT_ROTATION_INTERVAL) + + if default_rotation_interval: + sys.stdout.write("[-] Default rotation interval policy already created, skipping...!\n") + else: + days = current_app.config.get("LEMUR_DEFAULT_ROTATION_INTERVAL", 30) + sys.stdout.write("[+] Creating default certificate rotation policy of {days} days before issuance.\n".format( + days=days)) + policy_service.create(days=days, name=_DEFAULT_ROTATION_INTERVAL) - policy_service.create(days=days, name='default') sys.stdout.write("[/] Done!\n") diff --git a/lemur/policies/service.py b/lemur/policies/service.py index 603fb3af..c6719a03 100644 --- a/lemur/policies/service.py +++ b/lemur/policies/service.py @@ -18,6 +18,15 @@ def get(policy_id): return database.get(RotationPolicy, policy_id) +def get_by_name(policy_name): + """ + Retrieves policy by its name. + :param policy_name: + :return: + """ + return database.get_all(RotationPolicy, policy_name, field='name').all() + + def delete(policy_id): """ Delete a rotation policy.