Merge branch 'master' into master

2018-04-26 09:16:31 -07:00 · 2018-04-26 09:16:31 -07:00 · c5cb01bd33
parent efd5836e43 e09b7eb978
commit c5cb01bd33
3 changed files with 26 additions and 10 deletions
--- a/lemur/factory.py
+++ b/lemur/factory.py
@ -124,8 +124,10 @@ def configure_extensions(app):
    smtp_mail.init_app(app)
    metrics.init_app(app)
    sentry.init_app(app)
-    app.config['CORS_HEADERS'] = 'Content-Type'
-    cors.init_app(app, resources=r'/api/*', headers='Content-Type', origin='*', supports_credentials=True)
+
+    if app.config['CORS']:
+        app.config['CORS_HEADERS'] = 'Content-Type'
+        cors.init_app(app, resources=r'/api/*', headers='Content-Type', origin='*', supports_credentials=True)


 def configure_blueprints(app, blueprints):
--- a/lemur/manage.py
+++ b/lemur/manage.py
@ -208,16 +208,16 @@ class InitializeApp(Command):
        if operator_role:
            sys.stdout.write("[-] Operator role already created, skipping...!\n")
        else:
-            # we create an admin role
+            # we create an operator role
            operator_role = role_service.create('operator', description='This is the Lemur operator role.')
            sys.stdout.write("[+] Created 'operator' role\n")

        read_only_role = role_service.get_by_name('read-only')

        if read_only_role:
-            sys.stdout.write("[-] Operator role already created, skipping...!\n")
+            sys.stdout.write("[-] Read only role already created, skipping...!\n")
        else:
-            # we create an admin role
+            # we create an read only role
            read_only_role = role_service.create('read-only', description='This is the Lemur read only role.')
            sys.stdout.write("[+] Created 'read-only' role\n")

@ -251,12 +251,17 @@ class InitializeApp(Command):
        recipients = current_app.config.get('LEMUR_SECURITY_TEAM_EMAIL')
        notification_service.create_default_expiration_notifications("DEFAULT_SECURITY", recipients=recipients)

-        days = current_app.config.get("LEMUR_DEFAULT_ROTATION_INTERVAL", 30)
-        sys.stdout.write("[+] Creating default certificate rotation policy of {days} days before issuance.\n".format(
-            days=days
-        ))
+        _DEFAULT_ROTATION_INTERVAL = 'default'
+        default_rotation_interval = policy_service.get_by_name(_DEFAULT_ROTATION_INTERVAL)
+
+        if default_rotation_interval:
+            sys.stdout.write("[-] Default rotation interval policy already created, skipping...!\n")
+        else:
+            days = current_app.config.get("LEMUR_DEFAULT_ROTATION_INTERVAL", 30)
+            sys.stdout.write("[+] Creating default certificate rotation policy of {days} days before issuance.\n".format(
+                days=days))
+            policy_service.create(days=days, name=_DEFAULT_ROTATION_INTERVAL)

-        policy_service.create(days=days, name='default')
        sys.stdout.write("[/] Done!\n")


--- a/lemur/policies/service.py
+++ b/lemur/policies/service.py
@ -18,6 +18,15 @@ def get(policy_id):
    return database.get(RotationPolicy, policy_id)


+def get_by_name(policy_name):
+    """
+    Retrieves policy by its name.
+    :param policy_name:
+    :return:
+    """
+    return database.get_all(RotationPolicy, policy_name, field='name').all()
+
+
 def delete(policy_id):
    """
    Delete a rotation policy.