cleaning up outdated phrases

2020-10-09 18:04:16 -07:00 · 2020-10-09 18:04:16 -07:00 · 770339f94c
parent 1d18f061f2
commit 770339f94c
6 changed files with 16 additions and 16 deletions
--- a/docker/src/lemur.conf.py
+++ b/docker/src/lemur.conf.py
@ -24,7 +24,7 @@ LEMUR_TOKEN_SECRET = repr(os.environ.get('LEMUR_TOKEN_SECRET',
 LEMUR_ENCRYPTION_KEYS = repr(os.environ.get('LEMUR_ENCRYPTION_KEYS',
                                            base64.b64encode(get_random_secret(32).encode('utf8'))))
-LEMUR_WHITELISTED_DOMAINS = []
+LEMUR_ALLOWED_DOMAINS = []
 LEMUR_EMAIL = ''
 LEMUR_SECURITY_TEAM_EMAIL = []
--- a/docs/administration.rst
+++ b/docs/administration.rst
@ -100,7 +100,7 @@ Specifying the `SQLALCHEMY_MAX_OVERFLOW` to 0 will enforce limit to not create c
        Specifies whether to allow certificates created by Lemur to expire on weekends. Default is True.
-.. data:: LEMUR_WHITELISTED_DOMAINS
+.. data:: LEMUR_ALLOWED_DOMAINS
    :noindex:
        List of regular expressions for domain restrictions; if the list is not empty, normal users can only issue
--- a/lemur/common/validators.py
+++ b/lemur/common/validators.py
@ -22,7 +22,7 @@ def common_name(value):
 def sensitive_domain(domain):
    """
-    Checks if user has the admin role, the domain does not match sensitive domains and whitelisted domain patterns.
+    Checks if user has the admin role, the domain does not match sensitive domains and allowed domain patterns.
    :param domain: domain name (str)
    :return:
    """
@ -30,10 +30,10 @@ def sensitive_domain(domain):
        # User has permission, no need to check anything
        return
-    whitelist = current_app.config.get("LEMUR_WHITELISTED_DOMAINS", [])
+    allowlist = current_app.config.get("LEMUR_ALLOWED_DOMAINS", [])
-    if whitelist and not any(re.match(pattern, domain) for pattern in whitelist):
+    if allowlist and not any(re.match(pattern, domain) for pattern in allowlist):
        raise ValidationError(
-            "Domain {0} does not match whitelisted domain patterns. "
+            "Domain {0} does not match allowed domain patterns. "
            "Contact an administrator to issue the certificate.".format(domain)
        )
--- a/lemur/manage.py
+++ b/lemur/manage.py
@ -95,7 +95,7 @@ LEMUR_TOKEN_SECRET = '{secret_token}'
 LEMUR_ENCRYPTION_KEYS = '{encryption_key}'
 # List of domain regular expressions that non-admin users can issue
-LEMUR_WHITELISTED_DOMAINS = []
+LEMUR_ALLOWED_DOMAINS = []
 # Mail Server
--- a/lemur/tests/conf.py
+++ b/lemur/tests/conf.py
@ -36,7 +36,7 @@ LEMUR_ENCRYPTION_KEYS = base64.urlsafe_b64encode(get_random_secret(length=32).en
 # List of domain regular expressions that non-admin users can issue
-LEMUR_WHITELISTED_DOMAINS = [
+LEMUR_ALLOWED_DOMAINS = [
    r"^[a-zA-Z0-9-]+\.example\.com$",
    r"^[a-zA-Z0-9-]+\.example\.org$",
    r"^example\d+\.long\.com$",
--- a/lemur/tests/test_certificates.py
+++ b/lemur/tests/test_certificates.py
@ -397,7 +397,7 @@ def test_certificate_cn_admin(client, authority, logged_in_admin):
    from lemur.certificates.schemas import CertificateInputSchema
    input_data = {
-        "commonName": "*.admin-overrides-whitelist.com",
+        "commonName": "*.admin-overrides-allowlist.com",
        "owner": "jim@example.com",
        "authority": {"id": authority.id},
        "description": "testtestest",
@ -458,7 +458,7 @@ def test_certificate_incative_authority(client, authority, session, logged_in_us
 def test_certificate_disallowed_names(client, authority, session, logged_in_user):
-    """The CN and SAN are disallowed by LEMUR_WHITELISTED_DOMAINS."""
+    """The CN and SAN are disallowed by LEMUR_ALLOWED_DOMAINS."""
    from lemur.certificates.schemas import CertificateInputSchema
    input_data = {
@ -481,10 +481,10 @@ def test_certificate_disallowed_names(client, authority, session, logged_in_user
    data, errors = CertificateInputSchema().load(input_data)
    assert errors["common_name"][0].startswith(
-        "Domain *.example.com does not match whitelisted domain patterns"
+        "Domain *.example.com does not match allowed domain patterns"
    )
    assert errors["extensions"]["sub_alt_names"]["names"][0].startswith(
-        "Domain evilhacker.org does not match whitelisted domain patterns"
+        "Domain evilhacker.org does not match allowed domain patterns"
    )
@ -671,7 +671,7 @@ def test_csr_empty_san(client):
 def test_csr_disallowed_cn(client, logged_in_user):
-    """Domain name CN is disallowed via LEMUR_WHITELISTED_DOMAINS."""
+    """Domain name CN is disallowed via LEMUR_ALLOWED_DOMAINS."""
    from lemur.common import validators
    request, pkey = create_csr(
@ -680,12 +680,12 @@ def test_csr_disallowed_cn(client, logged_in_user):
    with pytest.raises(ValidationError) as err:
        validators.csr(request)
    assert str(err.value).startswith(
-        "Domain evilhacker.org does not match whitelisted domain patterns"
+        "Domain evilhacker.org does not match allowed domain patterns"
    )
 def test_csr_disallowed_san(client, logged_in_user):
-    """SAN name is disallowed by LEMUR_WHITELISTED_DOMAINS."""
+    """SAN name is disallowed by LEMUR_ALLOWED_DOMAINS."""
    from lemur.common import validators
    request, pkey = create_csr(
@ -701,7 +701,7 @@ def test_csr_disallowed_san(client, logged_in_user):
    with pytest.raises(ValidationError) as err:
        validators.csr(request)
    assert str(err.value).startswith(
-        "Domain evilhacker.org does not match whitelisted domain patterns"
+        "Domain evilhacker.org does not match allowed domain patterns"
    )