Merge pull request #31 from kevgliss/keys

Switch to relying on the configuration key in the configuration file
This commit is contained in:
kevgliss 2015-08-08 16:18:38 -07:00
commit c78daa24d6
3 changed files with 26 additions and 16 deletions

View File

@ -5,19 +5,17 @@
:license: Apache, see LICENSE for more details. :license: Apache, see LICENSE for more details.
.. moduleauthor:: Kevin Glisson <kglisson@netflix.com> .. moduleauthor:: Kevin Glisson <kglisson@netflix.com>
""" """
import os
import datetime import datetime
from flask import current_app
from cryptography import x509 from cryptography import x509
from cryptography.hazmat.backends import default_backend from cryptography.hazmat.backends import default_backend
from flask import current_app
from sqlalchemy.orm import relationship from sqlalchemy.orm import relationship
from sqlalchemy import event, Integer, ForeignKey, String, DateTime, PassiveDefault, func, Column, Text, Boolean from sqlalchemy import event, Integer, ForeignKey, String, DateTime, PassiveDefault, func, Column, Text, Boolean
from sqlalchemy_utils import EncryptedType from sqlalchemy_utils import EncryptedType
from lemur.utils import get_key
from lemur.database import db from lemur.database import db
from lemur.plugins.base import plugins from lemur.plugins.base import plugins
@ -211,7 +209,7 @@ class Certificate(db.Model):
id = Column(Integer, primary_key=True) id = Column(Integer, primary_key=True)
owner = Column(String(128)) owner = Column(String(128))
body = Column(Text()) body = Column(Text())
private_key = Column(EncryptedType(String, os.environ.get('LEMUR_ENCRYPTION_KEY'))) private_key = Column(EncryptedType(String, get_key))
status = Column(String(128)) status = Column(String(128))
deleted = Column(Boolean, index=True) deleted = Column(Boolean, index=True)
name = Column(String(128)) name = Column(String(128))

View File

@ -1,5 +1,5 @@
""" """
.. module: models .. module: lemur.roles.models
:platform: unix :platform: unix
:synopsis: This module contains all of the models need to create a role within Lemur :synopsis: This module contains all of the models need to create a role within Lemur
@ -9,13 +9,12 @@
.. moduleauthor:: Kevin Glisson <kglisson@netflix.com> .. moduleauthor:: Kevin Glisson <kglisson@netflix.com>
""" """
import os
from sqlalchemy.orm import relationship from sqlalchemy.orm import relationship
from sqlalchemy import Column, Integer, String, Text, ForeignKey from sqlalchemy import Column, Integer, String, Text, ForeignKey
from sqlalchemy_utils import EncryptedType from sqlalchemy_utils import EncryptedType
from lemur.database import db from lemur.database import db
from lemur.utils import get_key
from lemur.models import roles_users from lemur.models import roles_users
@ -24,15 +23,8 @@ class Role(db.Model):
id = Column(Integer, primary_key=True) id = Column(Integer, primary_key=True)
name = Column(String(128), unique=True) name = Column(String(128), unique=True)
username = Column(String(128)) username = Column(String(128))
password = Column(EncryptedType(String, os.environ.get('LEMUR_ENCRYPTION_KEY'))) password = Column(EncryptedType(String, get_key))
description = Column(Text) description = Column(Text)
authority_id = Column(Integer, ForeignKey('authorities.id')) authority_id = Column(Integer, ForeignKey('authorities.id'))
user_id = Column(Integer, ForeignKey('users.id')) user_id = Column(Integer, ForeignKey('users.id'))
users = relationship("User", secondary=roles_users, passive_deletes=True, backref="role", cascade='all,delete') users = relationship("User", secondary=roles_users, passive_deletes=True, backref="role", cascade='all,delete')
def as_dict(self):
return {c.name: getattr(self, c.name) for c in self.__table__.columns}
def serialize(self):
blob = self.as_dict()
return blob

20
lemur/utils.py Normal file
View File

@ -0,0 +1,20 @@
"""
.. module: lemur.utils
:platform: Unix
:copyright: (c) 2015 by Netflix Inc., see AUTHORS for more
:license: Apache, see LICENSE for more details.
.. moduleauthor:: Kevin Glisson <kglisson@netflix.com>
"""
from flask import current_app
def get_key():
"""
Gets the current encryption key
:return:
"""
try:
return current_app.config.get('LEMUR_ENCRYPTION_KEY')
except RuntimeError:
return ''