Merge pull request #3181 from hosseinsh/removing-outdated-language

cleaning up outdated language
2020-10-12 10:29:30 -07:00 · 2020-10-12 10:29:30 -07:00 · 5aa37b48d3
parent 896d1af0f7 5db1d31668
commit 5aa37b48d3
6 changed files with 16 additions and 16 deletions
--- a/docker/src/lemur.conf.py
+++ b/docker/src/lemur.conf.py
@ -24,7 +24,7 @@ LEMUR_TOKEN_SECRET = repr(os.environ.get('LEMUR_TOKEN_SECRET',
 LEMUR_ENCRYPTION_KEYS = repr(os.environ.get('LEMUR_ENCRYPTION_KEYS',
                                            base64.b64encode(get_random_secret(32).encode('utf8'))))

-LEMUR_WHITELISTED_DOMAINS = []
+LEMUR_ALLOWED_DOMAINS = []

 LEMUR_EMAIL = ''
 LEMUR_SECURITY_TEAM_EMAIL = []
--- a/docs/administration.rst
+++ b/docs/administration.rst
@ -100,7 +100,7 @@ Specifying the `SQLALCHEMY_MAX_OVERFLOW` to 0 will enforce limit to not create c

        Specifies whether to allow certificates created by Lemur to expire on weekends. Default is True.

-.. data:: LEMUR_WHITELISTED_DOMAINS
+.. data:: LEMUR_ALLOWED_DOMAINS
    :noindex:

        List of regular expressions for domain restrictions; if the list is not empty, normal users can only issue
--- a/lemur/common/validators.py
+++ b/lemur/common/validators.py
@ -22,7 +22,7 @@ def common_name(value):

 def sensitive_domain(domain):
    """
-    Checks if user has the admin role, the domain does not match sensitive domains and whitelisted domain patterns.
+    Checks if user has the admin role, the domain does not match sensitive domains and allowed domain patterns.
    :param domain: domain name (str)
    :return:
    """
@ -30,10 +30,10 @@ def sensitive_domain(domain):
        # User has permission, no need to check anything
        return

-    whitelist = current_app.config.get("LEMUR_WHITELISTED_DOMAINS", [])
-    if whitelist and not any(re.match(pattern, domain) for pattern in whitelist):
+    allowlist = current_app.config.get("LEMUR_ALLOWED_DOMAINS", [])
+    if allowlist and not any(re.match(pattern, domain) for pattern in allowlist):
        raise ValidationError(
-            "Domain {0} does not match whitelisted domain patterns. "
+            "Domain {0} does not match allowed domain patterns. "
            "Contact an administrator to issue the certificate.".format(domain)
        )

--- a/lemur/manage.py
+++ b/lemur/manage.py
@ -95,7 +95,7 @@ LEMUR_TOKEN_SECRET = '{secret_token}'
 LEMUR_ENCRYPTION_KEYS = '{encryption_key}'

 # List of domain regular expressions that non-admin users can issue
-LEMUR_WHITELISTED_DOMAINS = []
+LEMUR_ALLOWED_DOMAINS = []

 # Mail Server

--- a/lemur/tests/conf.py
+++ b/lemur/tests/conf.py
@ -36,7 +36,7 @@ LEMUR_ENCRYPTION_KEYS = base64.urlsafe_b64encode(get_random_secret(length=32).en


 # List of domain regular expressions that non-admin users can issue
-LEMUR_WHITELISTED_DOMAINS = [
+LEMUR_ALLOWED_DOMAINS = [
    r"^[a-zA-Z0-9-]+\.example\.com$",
    r"^[a-zA-Z0-9-]+\.example\.org$",
    r"^example\d+\.long\.com$",
--- a/lemur/tests/test_certificates.py
+++ b/lemur/tests/test_certificates.py
@ -400,7 +400,7 @@ def test_certificate_cn_admin(client, authority, logged_in_admin):
    from lemur.certificates.schemas import CertificateInputSchema

    input_data = {
-        "commonName": "*.admin-overrides-whitelist.com",
+        "commonName": "*.admin-overrides-allowlist.com",
        "owner": "jim@example.com",
        "authority": {"id": authority.id},
        "description": "testtestest",
@ -461,7 +461,7 @@ def test_certificate_incative_authority(client, authority, session, logged_in_us


 def test_certificate_disallowed_names(client, authority, session, logged_in_user):
-    """The CN and SAN are disallowed by LEMUR_WHITELISTED_DOMAINS."""
+    """The CN and SAN are disallowed by LEMUR_ALLOWED_DOMAINS."""
    from lemur.certificates.schemas import CertificateInputSchema

    input_data = {
@ -484,10 +484,10 @@ def test_certificate_disallowed_names(client, authority, session, logged_in_user

    data, errors = CertificateInputSchema().load(input_data)
    assert errors["common_name"][0].startswith(
-        "Domain *.example.com does not match whitelisted domain patterns"
+        "Domain *.example.com does not match allowed domain patterns"
    )
    assert errors["extensions"]["sub_alt_names"]["names"][0].startswith(
-        "Domain evilhacker.org does not match whitelisted domain patterns"
+        "Domain evilhacker.org does not match allowed domain patterns"
    )


@ -674,7 +674,7 @@ def test_csr_empty_san(client):


 def test_csr_disallowed_cn(client, logged_in_user):
-    """Domain name CN is disallowed via LEMUR_WHITELISTED_DOMAINS."""
+    """Domain name CN is disallowed via LEMUR_ALLOWED_DOMAINS."""
    from lemur.common import validators

    request, pkey = create_csr(
@ -683,12 +683,12 @@ def test_csr_disallowed_cn(client, logged_in_user):
    with pytest.raises(ValidationError) as err:
        validators.csr(request)
    assert str(err.value).startswith(
-        "Domain evilhacker.org does not match whitelisted domain patterns"
+        "Domain evilhacker.org does not match allowed domain patterns"
    )


 def test_csr_disallowed_san(client, logged_in_user):
-    """SAN name is disallowed by LEMUR_WHITELISTED_DOMAINS."""
+    """SAN name is disallowed by LEMUR_ALLOWED_DOMAINS."""
    from lemur.common import validators

    request, pkey = create_csr(
@ -704,7 +704,7 @@ def test_csr_disallowed_san(client, logged_in_user):
    with pytest.raises(ValidationError) as err:
        validators.csr(request)
    assert str(err.value).startswith(
-        "Domain evilhacker.org does not match whitelisted domain patterns"
+        "Domain evilhacker.org does not match allowed domain patterns"
    )