Adding the ability to specify a per-certificate rotation policy. (#851)

lemur/policies/cli.py

@@ -0,0 +1,24 @@
+"""
+.. module: lemur.policies.cli
+    :platform: Unix
+    :copyright: (c) 2017 by Netflix Inc., see AUTHORS for more
+    :license: Apache, see LICENSE for more details.
+.. moduleauthor:: Kevin Glisson <kglisson@netflix.com>
+"""
+from flask_script import Manager
+from lemur.policies import service as policy_service
+
+
+manager = Manager(usage="Handles all policy related tasks.")
+
+
+@manager.option('-d', '--days', dest='days', help='Number of days before expiration.')
+@manager.option('-n', '--name', dest='name', help='Policy name.')
+def create(days, name):
+    """
+    Create a new certificate rotation policy
+    :return:
+    """
+    print("[+] Creating a new certificate rotation policy.")
+    policy_service.create(days=days, name=name)
+    print("[+] Successfully created a new certificate rotation policy")

lemur/policies/models.py

@@ -0,0 +1,21 @@
+"""
+.. module: lemur.policies.models
+    :platform: unix
+    :synopsis: This module contains all of the models need to create a certificate policy within Lemur.
+    :copyright: (c) 2017 by Netflix Inc., see AUTHORS for more
+    :license: Apache, see LICENSE for more details.
+.. moduleauthor:: Kevin Glisson <kglisson@netflix.com>
+"""
+from sqlalchemy import Column, Integer, String
+
+from lemur.database import db
+
+
+class RotationPolicy(db.Model):
+    __tablename__ = 'rotation_policies'
+    id = Column(Integer, primary_key=True)
+    name = Column(String)
+    days = Column(Integer)
+
+    def __repr__(self):
+        return "RotationPolicy(days={days}, name={name})".format(days=self.days, name=self.name)

lemur/policies/schemas.py

@@ -0,0 +1,19 @@
+"""
+.. module: lemur.policies.schemas
+    :platform: unix
+    :copyright: (c) 2017 by Netflix Inc., see AUTHORS for more
+    :license: Apache, see LICENSE for more details.
+.. moduleauthor:: Kevin Glisson <kglisson@netflix.com>
+"""
+from marshmallow import fields
+
+from lemur.common.schema import LemurOutputSchema
+
+
+class RotationPolicyOutputSchema(LemurOutputSchema):
+    id = fields.Integer()
+    days = fields.Integer()
+
+
+class RotationPolicyNestedOutputSchema(RotationPolicyOutputSchema):
+    pass

lemur/policies/service.py

@@ -0,0 +1,62 @@
+"""
+.. module: lemur.policies.service
+    :platform: Unix
+    :copyright: (c) 2017 by Netflix Inc., see AUTHORS for more
+    :license: Apache, see LICENSE for more details.
+.. moduleauthor:: Kevin Glisson <kglisson@netflix.com>
+"""
+from lemur import database
+from lemur.policies.models import RotationPolicy
+
+
+def get(policy_id):
+    """
+    Retrieves policy by its ID.
+    :param policy_id:
+    :return:
+    """
+    return database.get(RotationPolicy, policy_id)
+
+
+def delete(policy_id):
+    """
+    Delete a rotation policy.
+    :param policy_id:
+    :return:
+    """
+    database.delete(get(policy_id))
+
+
+def get_all_policies():
+    """
+    Retrieves all rotation policies.
+    :return:
+    """
+    return RotationPolicy.query.all()
+
+
+def create(**kwargs):
+    """
+    Creates a new rotation policy.
+
+    :param kwargs:
+    :return:
+    """
+    policy = RotationPolicy(**kwargs)
+    database.create(policy)
+    return policy
+
+
+def update(policy_id, **kwargs):
+    """
+    Updates a policy.
+    :param policy_id:
+    :param kwargs:
+    :return:
+    """
+    policy = get(policy_id)
+
+    for key, value in kwargs.items():
+        setattr(policy, key, value)
+
+    return database.update(policy)