Merge pull request #31 from kevgliss/keys

Switch to relying on the configuration key in the configuration file
This commit is contained in:
kevgliss 2015-08-08 16:18:38 -07:00
commit c78daa24d6
3 changed files with 26 additions and 16 deletions

View File

@ -5,19 +5,17 @@
:license: Apache, see LICENSE for more details.
.. moduleauthor:: Kevin Glisson <kglisson@netflix.com>
"""
import os
import datetime
from flask import current_app
from cryptography import x509
from cryptography.hazmat.backends import default_backend
from flask import current_app
from sqlalchemy.orm import relationship
from sqlalchemy import event, Integer, ForeignKey, String, DateTime, PassiveDefault, func, Column, Text, Boolean
from sqlalchemy_utils import EncryptedType
from lemur.utils import get_key
from lemur.database import db
from lemur.plugins.base import plugins
@ -211,7 +209,7 @@ class Certificate(db.Model):
id = Column(Integer, primary_key=True)
owner = Column(String(128))
body = Column(Text())
private_key = Column(EncryptedType(String, os.environ.get('LEMUR_ENCRYPTION_KEY')))
private_key = Column(EncryptedType(String, get_key))
status = Column(String(128))
deleted = Column(Boolean, index=True)
name = Column(String(128))

View File

@ -1,5 +1,5 @@
"""
.. module: models
.. module: lemur.roles.models
:platform: unix
:synopsis: This module contains all of the models need to create a role within Lemur
@ -9,13 +9,12 @@
.. moduleauthor:: Kevin Glisson <kglisson@netflix.com>
"""
import os
from sqlalchemy.orm import relationship
from sqlalchemy import Column, Integer, String, Text, ForeignKey
from sqlalchemy_utils import EncryptedType
from lemur.database import db
from lemur.utils import get_key
from lemur.models import roles_users
@ -24,15 +23,8 @@ class Role(db.Model):
id = Column(Integer, primary_key=True)
name = Column(String(128), unique=True)
username = Column(String(128))
password = Column(EncryptedType(String, os.environ.get('LEMUR_ENCRYPTION_KEY')))
password = Column(EncryptedType(String, get_key))
description = Column(Text)
authority_id = Column(Integer, ForeignKey('authorities.id'))
user_id = Column(Integer, ForeignKey('users.id'))
users = relationship("User", secondary=roles_users, passive_deletes=True, backref="role", cascade='all,delete')
def as_dict(self):
return {c.name: getattr(self, c.name) for c in self.__table__.columns}
def serialize(self):
blob = self.as_dict()
return blob

20
lemur/utils.py Normal file
View File

@ -0,0 +1,20 @@
"""
.. module: lemur.utils
:platform: Unix
:copyright: (c) 2015 by Netflix Inc., see AUTHORS for more
:license: Apache, see LICENSE for more details.
.. moduleauthor:: Kevin Glisson <kglisson@netflix.com>
"""
from flask import current_app
def get_key():
"""
Gets the current encryption key
:return:
"""
try:
return current_app.config.get('LEMUR_ENCRYPTION_KEY')
except RuntimeError:
return ''