Merge remote-tracking branch 'upstream/master'

.bowerrc

@@ -1,3 +1,3 @@
 {
-  "directory": "bower_components"
+    "directory": "bower_components"
 }

.jshintrc

@@ -1,29 +1,29 @@
 {
-  "bitwise": true,
+  "node": true,
   "browser": true,
+  "esnext": true,
+  "bitwise": true,
   "camelcase": false,
   "curly": true,
   "eqeqeq": true,
-  "esnext": true,
-  "globals": {
-    "_": false,
-    "angular": false,
-    "d3": false,
-    "moment": false,
-    "self": false,
-    "toaster": false
-  },
   "immed": true,
   "indent": 2,
   "latedef": false,
   "newcap": false,
   "noarg": true,
-  "node": true,
   "quotmark": "single",
   "regexp": true,
-  "smarttabs": true,
+  "undef": true,
+  "unused": true,
   "strict": true,
   "trailing": true,
-  "undef": true,
-  "unused": true
+  "smarttabs": true,
+  "globals": {
+    "angular": false,
+    "moment": false,
+    "toaster": false,
+    "d3": false,
+    "self": false,
+    "_": false
+  }
 }

.pre-commit-config.yaml

@@ -4,12 +4,6 @@
     -   id: trailing-whitespace
     -   id: flake8
     -   id: check-merge-conflict
-    -   id: pretty-format-json
-    -   id: check-ast
-    -   id: check-case-conflict
-    -   id: check-yaml
-    -   id: autopep8-wrapper
-
 -   repo: git://github.com/pre-commit/mirrors-jshint
     sha: v2.9.5
     hooks:

bower.json

@@ -1,39 +1,50 @@
 {
+  "name": "lemur",
+  "repository": {
+    "type": "git",
+    "url": "git://github.com/netflix/lemur.git"
+  },
+  "private": true,
   "dependencies": {
+    "jquery": "~2.2.0",
+    "angular-wizard": "~0.4.0",
     "angular": "1.4.9",
-    "angular-animate": "~1.4.9",
+    "json3": "~3.3",
+    "es5-shim": "~4.5.0",
+    "bootstrap": "~3.3.6",
     "angular-bootstrap": "~1.1.1",
-    "angular-chart.js": "~0.8.8",
-    "angular-clipboard": "~1.3.0",
-    "angular-file-saver": "~1.0.1",
+    "angular-animate": "~1.4.9",
+    "restangular": "~1.5.1",
+    "ng-table": "~0.8.3",
+    "moment": "~2.11.1",
     "angular-loading-bar": "~0.8.0",
     "angular-moment": "~0.10.3",
-    "angular-sanitize": "~1.5.0",
+    "moment-range": "~2.1.0",
+    "angular-clipboard": "~1.3.0",
+    "angularjs-toaster": "~1.0.0",
+    "angular-chart.js": "~0.8.8",
+    "ngletteravatar": "~4.0.0",
+    "bootswatch": "~3.3.6",
+    "fontawesome": "~4.5.0",
+    "satellizer": "~0.13.4",
+    "angular-ui-router": "~0.2.15",
+    "font-awesome": "~4.5.0",
+    "lodash": "~4.0.1",
+    "underscore": "~1.8.3",
     "angular-smart-table": "2.1.8",
     "angular-strap": ">= 2.2.2",
-    "angular-translate": "^2.9.0",
-    "angular-ui-router": "~0.2.15",
-    "angular-ui-select": "~0.17.1",
-    "angular-ui-switch": "~0.1.0",
     "angular-underscore": "^0.5.0",
-    "angular-wizard": "~0.4.0",
-    "angularjs-toaster": "~1.0.0",
-    "bootstrap": "~3.3.6",
-    "bootswatch": "~3.3.6",
-    "d3": "^3.5.17",
-    "es5-shim": "~4.5.0",
-    "font-awesome": "~4.5.0",
-    "fontawesome": "~4.5.0",
-    "jquery": "~2.2.0",
-    "json3": "~3.3",
-    "lodash": "~4.0.1",
-    "moment": "~2.11.1",
-    "moment-range": "~2.1.0",
-    "ng-table": "~0.8.3",
-    "ngletteravatar": "~4.0.0",
-    "restangular": "~1.5.1",
-    "satellizer": "~0.13.4",
-    "underscore": "~1.8.3"
+    "angular-translate": "^2.9.0",
+    "angular-ui-switch": "~0.1.0",
+    "angular-sanitize": "~1.5.0",
+    "angular-file-saver": "~1.0.1",
+    "angular-ui-select": "~0.17.1",
+    "d3": "^3.5.17"
+  },
+  "resolutions": {
+    "moment": ">=2.8.0 <2.11.0",
+    "lodash": ">=1.3.0 <2.5.0",
+    "angular": "1.4.9"
   },
   "ignore": [
     "**/.*",
@@ -41,16 +52,5 @@
     "bower_components",
     "test",
     "tests"
-  ],
-  "name": "lemur",
-  "private": true,
-  "repository": {
-    "type": "git",
-    "url": "git://github.com/netflix/lemur.git"
-  },
-  "resolutions": {
-    "angular": "1.4.9",
-    "lodash": ">=1.3.0 <2.5.0",
-    "moment": ">=2.8.0 <2.11.0"
-  }
+  ]
 }

docs/administration.rst

@@ -313,7 +313,7 @@ LDAP support requires the pyldap python library, which also depends on the follo
 To configure the use of an LDAP server, a number of settings need to be configured in `lemur.conf.py`.
 
 Here is an example LDAP configuration stanza you can add to your config. Adjust to suit your environment of course.
-
+ 
 .. code-block:: python
 
         LDAP_AUTH = True

docs/conf.py

@@ -203,21 +203,21 @@ htmlhelp_basename = 'lemurdoc'
 # -- Options for LaTeX output ---------------------------------------------
 
 latex_elements = {
-    # The paper size ('letterpaper' or 'a4paper').
-    # 'papersize': 'letterpaper',
+# The paper size ('letterpaper' or 'a4paper').
+#'papersize': 'letterpaper',
 
-    # The font size ('10pt', '11pt' or '12pt').
-    # 'pointsize': '10pt',
+# The font size ('10pt', '11pt' or '12pt').
+#'pointsize': '10pt',
 
-    # Additional stuff for the LaTeX preamble.
-    # 'preamble': '',
+# Additional stuff for the LaTeX preamble.
+#'preamble': '',
 }
 
 # Grouping the document tree into LaTeX files. List of tuples
 # (source start file, target name, title,
 #  author, documentclass [howto, manual, or own class]).
 latex_documents = [
-    ('index', 'lemur.tex', u'Lemur Documentation',
+  ('index', 'lemur.tex', u'Lemur Documentation',
    u'Kevin Glisson', 'manual'),
 ]
 
@@ -261,7 +261,7 @@ man_pages = [
 # (source start file, target name, title, author,
 #  dir menu entry, description, category)
 texinfo_documents = [
-    ('index', 'Lemur', u'Lemur Documentation',
+  ('index', 'Lemur', u'Lemur Documentation',
    u'Kevin Glisson', 'Lemur', 'SSL Certificate Management',
    'Miscellaneous'),
 ]

docs/production/index.rst

@@ -217,23 +217,23 @@ An example apache config::
         # HSTS (mod_headers is required) (15768000 seconds = 6 months)
         Header always set Strict-Transport-Security "max-age=15768000"
         ...
-
+        
      # Set the lemur DocumentRoot to static/dist
      DocumentRoot /www/lemur/lemur/static/dist
-
+     
      # Uncomment to force http 1.0 connections to proxy
      # SetEnv force-proxy-request-1.0 1
-
+     
      #Don't keep proxy connections alive
      SetEnv proxy-nokeepalive 1
-
+     
      # Only need to do reverse proxy
      ProxyRequests Off
-
+     
      # Proxy requests to the api to the lemur service (and sanitize redirects from it)
      ProxyPass "/api" "http://127.0.0.1:8000/api"
      ProxyPassReverse "/api" "http://127.0.0.1:8000/api"
-
+     
     </VirtualHost>
 
 Also included in the configurations above are several best practices when it comes to deploying TLS. Things like enabling

gulp/build.js

@@ -240,8 +240,8 @@ gulp.task('addUrlContextPath',['addUrlContextPath:revreplace'], function(){
       .pipe(gulpif(urlContextPathExists, replace('angular/', argv.urlContextPath + '/angular/')))
       .pipe(gulp.dest(function(file){
         return file.base;
-      }));
-  });
+      }))
+  })
 });
 
 gulp.task('addUrlContextPath:revision', function(){
@@ -249,16 +249,16 @@ gulp.task('addUrlContextPath:revision', function(){
     .pipe(rev())
     .pipe(gulp.dest('lemur/static/dist'))
     .pipe(rev.manifest())
-    .pipe(gulp.dest('lemur/static/dist'));
-});
+    .pipe(gulp.dest('lemur/static/dist'))
+})
 
 gulp.task('addUrlContextPath:revreplace', ['addUrlContextPath:revision'], function(){
-  var manifest = gulp.src('lemur/static/dist/rev-manifest.json');
+  var manifest = gulp.src("lemur/static/dist/rev-manifest.json");
   var urlContextPathExists = argv.urlContextPath ? true : false;
-  return gulp.src('lemur/static/dist/index.html')
+  return gulp.src( "lemur/static/dist/index.html")
     .pipe(gulpif(urlContextPathExists, revReplace({prefix: argv.urlContextPath + '/', manifest: manifest}, revReplace({manifest: manifest}))))
     .pipe(gulp.dest('lemur/static/dist'));
-});
+})
 
 
 gulp.task('build', ['build:ngviews', 'build:inject', 'build:images', 'build:fonts', 'build:html', 'build:extras']);

gulp/karma.conf.js

@@ -1,12 +1,10 @@
-'use strict';
 // Contents of: config/karma.conf.js
-
 module.exports = function (config) {
   config.set({
     basePath : '../',
 
     // Fix for "JASMINE is not supported anymore" warning
-    frameworks : ['jasmine'],
+    frameworks : ["jasmine"],
 
     files : [
       'app/lib/angular/angular.js',

gulp/server.js

@@ -3,7 +3,7 @@
 var gulp = require('gulp');
 
 var browserSync = require('browser-sync');
-require('http-proxy');
+var httpProxy = require('http-proxy');
 
 /* This configuration allow you to configure browser sync to proxy your backend */
 /*

lemur/auth/ldap.py

@@ -18,7 +18,6 @@ class LdapPrincipal():
     """
     Provides methods for authenticating against an LDAP server.
     """
-
     def __init__(self, args):
         self._ldap_validate_conf()
         # setup ldap config

lemur/auth/views.py

@@ -211,7 +211,6 @@ class Login(Resource):
     on your uses cases but. It is important to not that there is currently no build in method to revoke a users token \
     and force re-authentication.
     """
-
     def __init__(self):
         self.reqparse = reqparse.RequestParser()
         super(Login, self).__init__()
@@ -283,10 +282,10 @@ class Login(Resource):
                     metrics.send('login', 'counter', 1, metric_tags={'status': SUCCESS_METRIC_STATUS})
                     return dict(token=create_token(user))
             except Exception as e:
-                current_app.logger.error("ldap error: {0}".format(e))
-                ldap_message = 'ldap error: %s' % e
-                metrics.send('login', 'counter', 1, metric_tags={'status': FAILURE_METRIC_STATUS})
-                return dict(message=ldap_message), 403
+                    current_app.logger.error("ldap error: {0}".format(e))
+                    ldap_message = 'ldap error: %s' % e
+                    metrics.send('login', 'counter', 1, metric_tags={'status': FAILURE_METRIC_STATUS})
+                    return dict(message=ldap_message), 403
 
         # if not valid user - no certificates for you
         metrics.send('login', 'counter', 1, metric_tags={'status': FAILURE_METRIC_STATUS})
@@ -303,7 +302,6 @@ class Ping(Resource):
     provider uses for its callbacks.
     2. Add or change the Lemur AngularJS Configuration to point to your new provider
     """
-
     def __init__(self):
         self.reqparse = reqparse.RequestParser()
         super(Ping, self).__init__()

lemur/authorities/views.py

@@ -25,7 +25,6 @@ api = Api(mod)
 
 class AuthoritiesList(AuthenticatedResource):
     """ Defines the 'authorities' endpoint """
-
     def __init__(self):
         self.reqparse = reqparse.RequestParser()
         super(AuthoritiesList, self).__init__()

lemur/common/fields.py

@@ -25,7 +25,6 @@ class Hex(Field):
     """
     A hex formatted string.
     """
-
     def _serialize(self, value, attr, obj):
         if value:
             value = hex(int(value))[2:].upper()
@@ -318,7 +317,6 @@ class SubjectAlternativeNameExtension(Field):
     :param kwargs: The same keyword arguments that :class:`Field` receives.
 
     """
-
     def _serialize(self, value, attr, obj):
         general_names = []
         name_type = None

lemur/defaults/views.py

@@ -19,7 +19,6 @@ api = Api(mod)
 
 class LemurDefaults(AuthenticatedResource):
     """ Defines the 'defaults' endpoint """
-
     def __init__(self):
         super(LemurDefaults)
 

lemur/destinations/views.py

@@ -24,7 +24,6 @@ api = Api(mod)
 
 class DestinationsList(AuthenticatedResource):
     """ Defines the 'destinations' endpoint """
-
     def __init__(self):
         self.reqparse = reqparse.RequestParser()
         super(DestinationsList, self).__init__()
@@ -336,7 +335,6 @@ class Destinations(AuthenticatedResource):
 
 class CertificateDestinations(AuthenticatedResource):
     """ Defines the 'certificate/<int:certificate_id/destinations'' endpoint """
-
     def __init__(self):
         super(CertificateDestinations, self).__init__()
 
@@ -409,7 +407,6 @@ class CertificateDestinations(AuthenticatedResource):
 
 class DestinationsStats(AuthenticatedResource):
     """ Defines the 'certificates' stats endpoint """
-
     def __init__(self):
         self.reqparse = reqparse.RequestParser()
         super(DestinationsStats, self).__init__()

lemur/domains/views.py

@@ -25,7 +25,6 @@ api = Api(mod)
 
 class DomainsList(AuthenticatedResource):
     """ Defines the 'domains' endpoint """
-
     def __init__(self):
         super(DomainsList, self).__init__()
 
@@ -213,7 +212,6 @@ class Domains(AuthenticatedResource):
 
 class CertificateDomains(AuthenticatedResource):
     """ Defines the 'domains' endpoint """
-
     def __init__(self):
         super(CertificateDomains, self).__init__()
 

lemur/endpoints/views.py

@@ -22,7 +22,6 @@ api = Api(mod)
 
 class EndpointsList(AuthenticatedResource):
     """ Defines the 'endpoints' endpoint """
-
     def __init__(self):
         self.reqparse = reqparse.RequestParser()
         super(EndpointsList, self).__init__()

lemur/logs/views.py

@@ -23,7 +23,6 @@ api = Api(mod)
 
 class LogsList(AuthenticatedResource):
     """ Defines the 'logs' endpoint """
-
     def __init__(self):
         self.reqparse = reqparse.RequestParser()
         super(LogsList, self).__init__()

lemur/migrations/env.py

@@ -69,8 +69,8 @@ def run_migrations_online():
     finally:
         connection.close()
 
-
 if context.is_offline_mode():
     run_migrations_offline()
 else:
     run_migrations_online()
+

lemur/migrations/versions/29d8c8455c86_.py

@@ -19,35 +19,35 @@ def upgrade():
     ### commands auto generated by Alembic - please adjust! ###
     op.create_table('ciphers',
     sa.Column('id', sa.Integer(), nullable=False),
-        sa.Column('name', sa.String(length=128), nullable=False),
-        sa.PrimaryKeyConstraint('id')
+    sa.Column('name', sa.String(length=128), nullable=False),
+    sa.PrimaryKeyConstraint('id')
     )
     op.create_table('policy',
     sa.Column('id', sa.Integer(), nullable=False),
-        sa.Column('name', sa.String(length=128), nullable=True),
-        sa.PrimaryKeyConstraint('id')
+    sa.Column('name', sa.String(length=128), nullable=True),
+    sa.PrimaryKeyConstraint('id')
     )
     op.create_table('policies_ciphers',
     sa.Column('cipher_id', sa.Integer(), nullable=True),
-        sa.Column('policy_id', sa.Integer(), nullable=True),
-        sa.ForeignKeyConstraint(['cipher_id'], ['ciphers.id'], ),
-        sa.ForeignKeyConstraint(['policy_id'], ['policy.id'], )
+    sa.Column('policy_id', sa.Integer(), nullable=True),
+    sa.ForeignKeyConstraint(['cipher_id'], ['ciphers.id'], ),
+    sa.ForeignKeyConstraint(['policy_id'], ['policy.id'], )
     )
     op.create_index('policies_ciphers_ix', 'policies_ciphers', ['cipher_id', 'policy_id'], unique=False)
     op.create_table('endpoints',
     sa.Column('id', sa.Integer(), nullable=False),
-        sa.Column('owner', sa.String(length=128), nullable=True),
-        sa.Column('name', sa.String(length=128), nullable=True),
-        sa.Column('dnsname', sa.String(length=256), nullable=True),
-        sa.Column('type', sa.String(length=128), nullable=True),
-        sa.Column('active', sa.Boolean(), nullable=True),
-        sa.Column('port', sa.Integer(), nullable=True),
-        sa.Column('date_created', sa.DateTime(), server_default=sa.text(u'now()'), nullable=False),
-        sa.Column('policy_id', sa.Integer(), nullable=True),
-        sa.Column('certificate_id', sa.Integer(), nullable=True),
-        sa.ForeignKeyConstraint(['certificate_id'], ['certificates.id'], ),
-        sa.ForeignKeyConstraint(['policy_id'], ['policy.id'], ),
-        sa.PrimaryKeyConstraint('id')
+    sa.Column('owner', sa.String(length=128), nullable=True),
+    sa.Column('name', sa.String(length=128), nullable=True),
+    sa.Column('dnsname', sa.String(length=256), nullable=True),
+    sa.Column('type', sa.String(length=128), nullable=True),
+    sa.Column('active', sa.Boolean(), nullable=True),
+    sa.Column('port', sa.Integer(), nullable=True),
+    sa.Column('date_created', sa.DateTime(), server_default=sa.text(u'now()'), nullable=False),
+    sa.Column('policy_id', sa.Integer(), nullable=True),
+    sa.Column('certificate_id', sa.Integer(), nullable=True),
+    sa.ForeignKeyConstraint(['certificate_id'], ['certificates.id'], ),
+    sa.ForeignKeyConstraint(['policy_id'], ['policy.id'], ),
+    sa.PrimaryKeyConstraint('id')
     )
     ### end Alembic commands ###
 

lemur/migrations/versions/33de094da890_.py

@@ -14,14 +14,13 @@ from alembic import op
 import sqlalchemy as sa
 from sqlalchemy.dialects import postgresql
 
-
 def upgrade():
     ### commands auto generated by Alembic - please adjust! ###
     op.create_table('certificate_replacement_associations',
     sa.Column('replaced_certificate_id', sa.Integer(), nullable=True),
-        sa.Column('certificate_id', sa.Integer(), nullable=True),
-        sa.ForeignKeyConstraint(['certificate_id'], ['certificates.id'], ondelete='cascade'),
-        sa.ForeignKeyConstraint(['replaced_certificate_id'], ['certificates.id'], ondelete='cascade')
+    sa.Column('certificate_id', sa.Integer(), nullable=True),
+    sa.ForeignKeyConstraint(['certificate_id'], ['certificates.id'], ondelete='cascade'),
+    sa.ForeignKeyConstraint(['replaced_certificate_id'], ['certificates.id'], ondelete='cascade')
     )
     ### end Alembic commands ###
 

lemur/migrations/versions/3adfdd6598df_.py

@@ -74,7 +74,6 @@ def upgrade():
     print("Creating dns_providers_id foreign key on pending_certs table")
     op.create_foreign_key(None, 'pending_certs', 'dns_providers', ['dns_provider_id'], ['id'], ondelete='CASCADE')
 
-
 def downgrade():
     print("Removing dns_providers_id foreign key on pending_certs table")
     op.drop_constraint(None, 'pending_certs', type_='foreignkey')

lemur/migrations/versions/412b22cb656a_.py

@@ -19,16 +19,16 @@ def upgrade():
     ### commands auto generated by Alembic - please adjust! ###
     op.create_table('roles_authorities',
     sa.Column('authority_id', sa.Integer(), nullable=True),
-        sa.Column('role_id', sa.Integer(), nullable=True),
-        sa.ForeignKeyConstraint(['authority_id'], ['authorities.id'], ),
-        sa.ForeignKeyConstraint(['role_id'], ['roles.id'], )
+    sa.Column('role_id', sa.Integer(), nullable=True),
+    sa.ForeignKeyConstraint(['authority_id'], ['authorities.id'], ),
+    sa.ForeignKeyConstraint(['role_id'], ['roles.id'], )
     )
     op.create_index('roles_authorities_ix', 'roles_authorities', ['authority_id', 'role_id'], unique=True)
     op.create_table('roles_certificates',
     sa.Column('certificate_id', sa.Integer(), nullable=True),
-        sa.Column('role_id', sa.Integer(), nullable=True),
-        sa.ForeignKeyConstraint(['certificate_id'], ['certificates.id'], ),
-        sa.ForeignKeyConstraint(['role_id'], ['roles.id'], )
+    sa.Column('role_id', sa.Integer(), nullable=True),
+    sa.ForeignKeyConstraint(['certificate_id'], ['certificates.id'], ),
+    sa.ForeignKeyConstraint(['role_id'], ['roles.id'], )
     )
     op.create_index('roles_certificates_ix', 'roles_certificates', ['certificate_id', 'role_id'], unique=True)
     op.create_index('certificate_associations_ix', 'certificate_associations', ['domain_id', 'certificate_id'], unique=True)

lemur/migrations/versions/4c50b903d1ae_.py

@@ -14,7 +14,6 @@ from alembic import op
 import sqlalchemy as sa
 from sqlalchemy.dialects import postgresql
 
-
 def upgrade():
     ### commands auto generated by Alembic - please adjust! ###
     op.add_column('domains', sa.Column('sensitive', sa.Boolean(), nullable=True))

lemur/migrations/versions/556ceb3e3c3e_.py

@@ -16,69 +16,68 @@ from lemur.utils import Vault
 from sqlalchemy.dialects import postgresql
 from sqlalchemy_utils import ArrowType
 
-
 def upgrade():
     # ### commands auto generated by Alembic - please adjust! ###
     op.create_table('pending_certs',
     sa.Column('id', sa.Integer(), nullable=False),
-        sa.Column('external_id', sa.String(length=128), nullable=True),
-        sa.Column('owner', sa.String(length=128), nullable=False),
-        sa.Column('name', sa.String(length=256), nullable=True),
-        sa.Column('description', sa.String(length=1024), nullable=True),
-        sa.Column('notify', sa.Boolean(), nullable=True),
-        sa.Column('number_attempts', sa.Integer(), nullable=True),
-        sa.Column('rename', sa.Boolean(), nullable=True),
-        sa.Column('cn', sa.String(length=128), nullable=True),
-        sa.Column('csr', sa.Text(), nullable=False),
-        sa.Column('chain', sa.Text(), nullable=True),
-        sa.Column('private_key', Vault(), nullable=True),
-        sa.Column('date_created', ArrowType(), server_default=sa.text('now()'), nullable=False),
-        sa.Column('status', sa.String(length=128), nullable=True),
-        sa.Column('rotation', sa.Boolean(), nullable=True),
-        sa.Column('user_id', sa.Integer(), nullable=True),
-        sa.Column('authority_id', sa.Integer(), nullable=True),
-        sa.Column('root_authority_id', sa.Integer(), nullable=True),
-        sa.Column('rotation_policy_id', sa.Integer(), nullable=True),
-        sa.ForeignKeyConstraint(['authority_id'], ['authorities.id'], ondelete='CASCADE'),
-        sa.ForeignKeyConstraint(['root_authority_id'], ['authorities.id'], ondelete='CASCADE'),
-        sa.ForeignKeyConstraint(['rotation_policy_id'], ['rotation_policies.id'], ),
-        sa.ForeignKeyConstraint(['user_id'], ['users.id'], ),
-        sa.PrimaryKeyConstraint('id'),
-        sa.UniqueConstraint('name')
+    sa.Column('external_id', sa.String(length=128), nullable=True),
+    sa.Column('owner', sa.String(length=128), nullable=False),
+    sa.Column('name', sa.String(length=256), nullable=True),
+    sa.Column('description', sa.String(length=1024), nullable=True),
+    sa.Column('notify', sa.Boolean(), nullable=True),
+    sa.Column('number_attempts', sa.Integer(), nullable=True),
+    sa.Column('rename', sa.Boolean(), nullable=True),
+    sa.Column('cn', sa.String(length=128), nullable=True),
+    sa.Column('csr', sa.Text(), nullable=False),
+    sa.Column('chain', sa.Text(), nullable=True),
+    sa.Column('private_key', Vault(), nullable=True),
+    sa.Column('date_created', ArrowType(), server_default=sa.text('now()'), nullable=False),
+    sa.Column('status', sa.String(length=128), nullable=True),
+    sa.Column('rotation', sa.Boolean(), nullable=True),
+    sa.Column('user_id', sa.Integer(), nullable=True),
+    sa.Column('authority_id', sa.Integer(), nullable=True),
+    sa.Column('root_authority_id', sa.Integer(), nullable=True),
+    sa.Column('rotation_policy_id', sa.Integer(), nullable=True),
+    sa.ForeignKeyConstraint(['authority_id'], ['authorities.id'], ondelete='CASCADE'),
+    sa.ForeignKeyConstraint(['root_authority_id'], ['authorities.id'], ondelete='CASCADE'),
+    sa.ForeignKeyConstraint(['rotation_policy_id'], ['rotation_policies.id'], ),
+    sa.ForeignKeyConstraint(['user_id'], ['users.id'], ),
+    sa.PrimaryKeyConstraint('id'),
+    sa.UniqueConstraint('name')
     )
     op.create_table('pending_cert_destination_associations',
     sa.Column('destination_id', sa.Integer(), nullable=True),
-        sa.Column('pending_cert_id', sa.Integer(), nullable=True),
-        sa.ForeignKeyConstraint(['destination_id'], ['destinations.id'], ondelete='cascade'),
-        sa.ForeignKeyConstraint(['pending_cert_id'], ['pending_certs.id'], ondelete='cascade')
+    sa.Column('pending_cert_id', sa.Integer(), nullable=True),
+    sa.ForeignKeyConstraint(['destination_id'], ['destinations.id'], ondelete='cascade'),
+    sa.ForeignKeyConstraint(['pending_cert_id'], ['pending_certs.id'], ondelete='cascade')
     )
     op.create_index('pending_cert_destination_associations_ix', 'pending_cert_destination_associations', ['destination_id', 'pending_cert_id'], unique=False)
     op.create_table('pending_cert_notification_associations',
     sa.Column('notification_id', sa.Integer(), nullable=True),
-        sa.Column('pending_cert_id', sa.Integer(), nullable=True),
-        sa.ForeignKeyConstraint(['notification_id'], ['notifications.id'], ondelete='cascade'),
-        sa.ForeignKeyConstraint(['pending_cert_id'], ['pending_certs.id'], ondelete='cascade')
+    sa.Column('pending_cert_id', sa.Integer(), nullable=True),
+    sa.ForeignKeyConstraint(['notification_id'], ['notifications.id'], ondelete='cascade'),
+    sa.ForeignKeyConstraint(['pending_cert_id'], ['pending_certs.id'], ondelete='cascade')
     )
     op.create_index('pending_cert_notification_associations_ix', 'pending_cert_notification_associations', ['notification_id', 'pending_cert_id'], unique=False)
     op.create_table('pending_cert_replacement_associations',
     sa.Column('replaced_certificate_id', sa.Integer(), nullable=True),
-        sa.Column('pending_cert_id', sa.Integer(), nullable=True),
-        sa.ForeignKeyConstraint(['pending_cert_id'], ['pending_certs.id'], ondelete='cascade'),
-        sa.ForeignKeyConstraint(['replaced_certificate_id'], ['certificates.id'], ondelete='cascade')
+    sa.Column('pending_cert_id', sa.Integer(), nullable=True),
+    sa.ForeignKeyConstraint(['pending_cert_id'], ['pending_certs.id'], ondelete='cascade'),
+    sa.ForeignKeyConstraint(['replaced_certificate_id'], ['certificates.id'], ondelete='cascade')
     )
     op.create_index('pending_cert_replacement_associations_ix', 'pending_cert_replacement_associations', ['replaced_certificate_id', 'pending_cert_id'], unique=False)
     op.create_table('pending_cert_role_associations',
     sa.Column('pending_cert_id', sa.Integer(), nullable=True),
-        sa.Column('role_id', sa.Integer(), nullable=True),
-        sa.ForeignKeyConstraint(['pending_cert_id'], ['pending_certs.id'], ),
-        sa.ForeignKeyConstraint(['role_id'], ['roles.id'], )
+    sa.Column('role_id', sa.Integer(), nullable=True),
+    sa.ForeignKeyConstraint(['pending_cert_id'], ['pending_certs.id'], ),
+    sa.ForeignKeyConstraint(['role_id'], ['roles.id'], )
     )
     op.create_index('pending_cert_role_associations_ix', 'pending_cert_role_associations', ['pending_cert_id', 'role_id'], unique=False)
     op.create_table('pending_cert_source_associations',
     sa.Column('source_id', sa.Integer(), nullable=True),
-        sa.Column('pending_cert_id', sa.Integer(), nullable=True),
-        sa.ForeignKeyConstraint(['pending_cert_id'], ['pending_certs.id'], ondelete='cascade'),
-        sa.ForeignKeyConstraint(['source_id'], ['sources.id'], ondelete='cascade')
+    sa.Column('pending_cert_id', sa.Integer(), nullable=True),
+    sa.ForeignKeyConstraint(['pending_cert_id'], ['pending_certs.id'], ondelete='cascade'),
+    sa.ForeignKeyConstraint(['source_id'], ['sources.id'], ondelete='cascade')
     )
     op.create_index('pending_cert_source_associations_ix', 'pending_cert_source_associations', ['source_id', 'pending_cert_id'], unique=False)
     # ### end Alembic commands ###

lemur/migrations/versions/5770674184de_.py

@@ -32,7 +32,7 @@ def upgrade():
         # If we've seen a pair already, delete the duplicates
         if seen.get("{}-{}".format(x.certificate_id, x.notification_id)):
             print("Deleting duplicate: {}".format(x))
-            d = session.query(certificate_notification_associations).filter(certificate_notification_associations.c.id == x.id)
+            d = session.query(certificate_notification_associations).filter(certificate_notification_associations.c.id==x.id)
             d.delete(synchronize_session=False)
         seen["{}-{}".format(x.certificate_id, x.notification_id)] = True
     db.session.commit()

lemur/migrations/versions/c05a8998b371_.py

@@ -14,17 +14,16 @@ from alembic import op
 import sqlalchemy as sa
 import sqlalchemy_utils
 
-
 def upgrade():
     op.create_table('api_keys',
     sa.Column('id', sa.Integer(), nullable=False),
-        sa.Column('name', sa.String(length=128), nullable=True),
-        sa.Column('user_id', sa.Integer(), nullable=False),
-        sa.Column('ttl', sa.BigInteger(), nullable=False),
-        sa.Column('issued_at', sa.BigInteger(), nullable=False),
-        sa.Column('revoked', sa.Boolean(), nullable=False),
-        sa.ForeignKeyConstraint(['user_id'], ['users.id'], ),
-        sa.PrimaryKeyConstraint('id')
+    sa.Column('name', sa.String(length=128), nullable=True),
+    sa.Column('user_id', sa.Integer(), nullable=False),
+    sa.Column('ttl', sa.BigInteger(), nullable=False),
+    sa.Column('issued_at', sa.BigInteger(), nullable=False),
+    sa.Column('revoked', sa.Boolean(), nullable=False),
+    sa.ForeignKeyConstraint(['user_id'], ['users.id'], ),
+    sa.PrimaryKeyConstraint('id')
     )
 
 

lemur/migrations/versions/ce547319f7be_.py

@@ -30,7 +30,6 @@ def upgrade():
     db.session.commit()
     db.session.flush()
 
-
 def downgrade():
     op.drop_column(TABLE, "id")
     db.session.commit()

lemur/migrations/versions/e3691fc396e9_.py

@@ -14,18 +14,17 @@ from alembic import op
 import sqlalchemy as sa
 import sqlalchemy_utils
 
-
 def upgrade():
     ### commands auto generated by Alembic - please adjust! ###
     op.create_table('logs',
     sa.Column('id', sa.Integer(), nullable=False),
-        sa.Column('certificate_id', sa.Integer(), nullable=True),
-        sa.Column('log_type', sa.Enum('key_view', name='log_type'), nullable=False),
-        sa.Column('logged_at', sqlalchemy_utils.types.arrow.ArrowType(), server_default=sa.text('now()'), nullable=False),
-        sa.Column('user_id', sa.Integer(), nullable=False),
-        sa.ForeignKeyConstraint(['certificate_id'], ['certificates.id'], ),
-        sa.ForeignKeyConstraint(['user_id'], ['users.id'], ),
-        sa.PrimaryKeyConstraint('id')
+    sa.Column('certificate_id', sa.Integer(), nullable=True),
+    sa.Column('log_type', sa.Enum('key_view', name='log_type'), nullable=False),
+    sa.Column('logged_at', sqlalchemy_utils.types.arrow.ArrowType(), server_default=sa.text('now()'), nullable=False),
+    sa.Column('user_id', sa.Integer(), nullable=False),
+    sa.ForeignKeyConstraint(['certificate_id'], ['certificates.id'], ),
+    sa.ForeignKeyConstraint(['user_id'], ['users.id'], ),
+    sa.PrimaryKeyConstraint('id')
     )
     ### end Alembic commands ###
 

lemur/notifications/views.py

@@ -23,7 +23,6 @@ api = Api(mod)
 
 class NotificationsList(AuthenticatedResource):
     """ Defines the 'notifications' endpoint """
-
     def __init__(self):
         self.reqparse = reqparse.RequestParser()
         super(NotificationsList, self).__init__()
@@ -349,7 +348,6 @@ class Notifications(AuthenticatedResource):
 
 class CertificateNotifications(AuthenticatedResource):
     """ Defines the 'certificate/<int:certificate_id/notifications'' endpoint """
-
     def __init__(self):
         super(CertificateNotifications, self).__init__()
 

lemur/plugins/views.py

@@ -21,7 +21,6 @@ api = Api(mod)
 
 class PluginsList(AuthenticatedResource):
     """ Defines the 'plugins' endpoint """
-
     def __init__(self):
         self.reqparse = reqparse.RequestParser()
         super(PluginsList, self).__init__()
@@ -81,7 +80,6 @@ class PluginsList(AuthenticatedResource):
 
 class Plugins(AuthenticatedResource):
     """ Defines the 'plugins' endpoint """
-
     def __init__(self):
         super(Plugins, self).__init__()
 

lemur/roles/views.py

@@ -26,7 +26,6 @@ api = Api(mod)
 
 class RolesList(AuthenticatedResource):
     """ Defines the 'roles' endpoint """
-
     def __init__(self):
         self.reqparse = reqparse.RequestParser()
         super(RolesList, self).__init__()
@@ -310,7 +309,6 @@ class Roles(AuthenticatedResource):
 
 class UserRolesList(AuthenticatedResource):
     """ Defines the 'roles' endpoint """
-
     def __init__(self):
         self.reqparse = reqparse.RequestParser()
         super(UserRolesList, self).__init__()
@@ -370,7 +368,6 @@ class UserRolesList(AuthenticatedResource):
 
 class AuthorityRolesList(AuthenticatedResource):
     """ Defines the 'roles' endpoint """
-
     def __init__(self):
         self.reqparse = reqparse.RequestParser()
         super(AuthorityRolesList, self).__init__()

lemur/sources/views.py

@@ -24,7 +24,6 @@ api = Api(mod)
 
 class SourcesList(AuthenticatedResource):
     """ Defines the 'sources' endpoint """
-
     def __init__(self):
         self.reqparse = reqparse.RequestParser()
         super(SourcesList, self).__init__()
@@ -282,7 +281,6 @@ class Sources(AuthenticatedResource):
 
 class CertificateSources(AuthenticatedResource):
     """ Defines the 'certificate/<int:certificate_id/sources'' endpoint """
-
     def __init__(self):
         super(CertificateSources, self).__init__()
 

lemur/static/app/angular/destinations/destination/destination.tpl.html

@@ -42,7 +42,7 @@
             {{ item.name | titleCase }}
           </label>
           <div class="col-sm-10">
-            <input name="sub" ng-if="item.type == 'int'" type="number" ng-pattern="item.validation?item.validation:'^[0-9]+$'"
+            <input name="sub" ng-if="item.type == 'int'" type="number" ng-pattern="item.validation?item.validation:'^[0-9]+$'" 
                    class="form-control" ng-model="item.value"/>
             <select name="sub" ng-if="item.type == 'select'" class="form-control" ng-options="i for i in item.available"
                     ng-model="item.value"></select>

lemur/static/app/angular/dns_providers/dns_provider/dns_provider.tpl.html

@@ -42,7 +42,7 @@
             {{ item.name | titleCase }}
           </label>
           <div class="col-sm-10">
-            <input name="sub" ng-if="item.type == 'int'" type="number" ng-pattern="item.validation?item.validation:'^[0-9]+$'"
+            <input name="sub" ng-if="item.type == 'int'" type="number" ng-pattern="item.validation?item.validation:'^[0-9]+$'" 
                    class="form-control" ng-model="item.value"/>
             <select name="sub" ng-if="item.type == 'select'" class="form-control" ng-options="i for i in item.available"
                     ng-model="item.value"></select>

lemur/tests/js/.jshintrc

@@ -1,10 +1,23 @@
 {
-  "bitwise": true,
+  "node": true,
   "browser": true,
+  "esnext": true,
+  "bitwise": true,
   "camelcase": true,
   "curly": true,
   "eqeqeq": true,
-  "esnext": true,
+  "immed": true,
+  "indent": 2,
+  "latedef": true,
+  "newcap": true,
+  "noarg": true,
+  "quotmark": "single",
+  "regexp": true,
+  "undef": true,
+  "unused": true,
+  "strict": true,
+  "trailing": true,
+  "smarttabs": true,
   "globals": {
     "after": false,
     "afterEach": false,
@@ -18,18 +31,6 @@
     "it": false,
     "jasmine": false,
     "spyOn": false
-  },
-  "immed": true,
-  "indent": 2,
-  "latedef": true,
-  "newcap": true,
-  "noarg": true,
-  "node": true,
-  "quotmark": "single",
-  "regexp": true,
-  "smarttabs": true,
-  "strict": true,
-  "trailing": true,
-  "undef": true,
-  "unused": true
+  }
 }
+

lemur/tests/test_ldap.py

@@ -1,5 +1,5 @@
 import pytest
-from lemur.auth.ldap import *  # noqa
+from lemur.auth.ldap import * # noqa
 from mock import patch, MagicMock
 
 

lemur/users/views.py

@@ -27,7 +27,6 @@ api = Api(mod)
 
 class UsersList(AuthenticatedResource):
     """ Defines the 'users' endpoint """
-
     def __init__(self):
         self.reqparse = reqparse.RequestParser()
         super(UsersList, self).__init__()

package.json

@@ -1,4 +1,10 @@
 {
+  "name": "Lemur",
+  "private": true,
+  "repository": {
+    "type": "git",
+    "url": "git://github.com/netflix/lemur.git"
+  },
   "dependencies": {
     "bower": "^1.8.2",
     "browser-sync": "^2.3.1",
@@ -45,22 +51,16 @@
     "uglify-save-license": "^0.4.1",
     "yargs": "^7.0.2"
   },
+  "scripts": {
+    "postinstall": "node_modules/.bin/bower install --allow-root --config.interactive=false",
+    "pretest": "npm install && npm run build_static",
+    "build_static": "gulp build",
+    "prelint": "npm install",
+    "lint": "jshint lemur/static/app/",
+    "test": "gulp test"
+  },
   "devDependencies": {
     "jshint": "^2.8.0",
     "karma-chrome-launcher": "^2.0.0"
-  },
-  "name": "Lemur",
-  "private": true,
-  "repository": {
-    "type": "git",
-    "url": "git://github.com/netflix/lemur.git"
-  },
-  "scripts": {
-    "build_static": "gulp build",
-    "lint": "jshint lemur/static/app/",
-    "postinstall": "node_modules/.bin/bower install --allow-root --config.interactive=false",
-    "prelint": "npm install",
-    "pretest": "npm install && npm run build_static",
-    "test": "gulp test"
   }
 }

requirements-dev.txt

@@ -24,7 +24,7 @@ requests-toolbelt==0.8.0  # via twine
 requests==2.19.1          # via requests-toolbelt, twine
 six==1.11.0               # via cfgv, pre-commit
 toml==0.9.4               # via pre-commit
-tqdm==4.25.0              # via twine
+tqdm==4.24.0              # via twine
 twine==1.11.0
 urllib3==1.23             # via requests
 virtualenv==16.0.0        # via pre-commit

requirements-docs.txt

@@ -79,7 +79,7 @@ s3transfer==0.1.13
 six==1.11.0
 snowballstemmer==1.2.1    # via sphinx
 sphinx-rtd-theme==0.4.1
-sphinx==1.7.7
+sphinx==1.7.6
 sphinxcontrib-httpdomain==1.7.0
 sphinxcontrib-websupport==1.1.0  # via sphinx
 sqlalchemy-utils==0.33.3

requirements-tests.txt

@@ -8,9 +8,9 @@ asn1crypto==0.24.0        # via cryptography
 atomicwrites==1.1.5       # via pytest
 attrs==18.1.0             # via pytest
 aws-xray-sdk==0.95        # via moto
-boto3==1.7.82             # via moto
+boto3==1.7.79             # via moto
 boto==2.49.0              # via moto
-botocore==1.10.82         # via boto3, moto, s3transfer
+botocore==1.10.79         # via boto3, moto, s3transfer
 certifi==2018.8.13        # via requests
 cffi==1.11.5              # via cryptography
 chardet==3.0.4            # via requests
@@ -47,7 +47,7 @@ pycryptodome==3.6.6       # via python-jose
 pyflakes==2.0.0
 pytest-flask==0.10.0
 pytest-mock==1.10.0
-pytest==3.7.2
+pytest==3.7.1
 python-dateutil==2.7.3    # via botocore, faker, freezegun, moto
 python-jose==2.0.2        # via moto
 pytz==2018.5              # via moto
@@ -59,7 +59,7 @@ s3transfer==0.1.13        # via boto3
 six==1.11.0               # via cryptography, docker, docker-pycreds, faker, freezegun, mock, more-itertools, moto, pytest, python-dateutil, python-jose, requests-mock, responses, websocket-client
 text-unidecode==1.2       # via faker
 urllib3==1.23             # via requests
-websocket-client==0.51.0  # via docker
+websocket-client==0.49.0  # via docker
 werkzeug==0.14.1          # via flask, moto, pytest-flask
 wrapt==1.10.11            # via aws-xray-sdk
 xmltodict==0.11.0         # via moto

requirements.txt

@@ -13,8 +13,8 @@ asn1crypto==0.24.0        # via cryptography
 asyncpool==1.0
 bcrypt==3.1.4             # via flask-bcrypt, paramiko
 blinker==1.4              # via flask-mail, flask-principal, raven
-boto3==1.7.82
-botocore==1.10.82         # via boto3, s3transfer
+boto3==1.7.79
+botocore==1.10.79         # via boto3, s3transfer
 certifi==2018.8.13
 cffi==1.11.5              # via bcrypt, cryptography, pynacl
 chardet==3.0.4            # via requests
@@ -73,7 +73,7 @@ retrying==1.3.3
 s3transfer==0.1.13        # via boto3
 six==1.11.0
 sqlalchemy-utils==0.33.3
-sqlalchemy==1.2.11        # via alembic, flask-sqlalchemy, marshmallow-sqlalchemy, sqlalchemy-utils
+sqlalchemy==1.2.10        # via alembic, flask-sqlalchemy, marshmallow-sqlalchemy, sqlalchemy-utils
 tabulate==0.8.2
 urllib3==1.23             # via requests
 werkzeug==0.14.1          # via flask

setup.py

@@ -59,7 +59,6 @@ class SmartInstall(install):
     If the package indicator is missing, this will also force a run of
     `build_static` which is required for JavaScript assets and other things.
     """
-
     def _needs_static(self):
         return not os.path.exists(os.path.join(ROOT, 'lemur/static/dist'))