Merge pull request #31 from kevgliss/keys
Switch to relying on the configuration key in the configuration file
This commit is contained in:
commit
c78daa24d6
|
@ -5,19 +5,17 @@
|
||||||
:license: Apache, see LICENSE for more details.
|
:license: Apache, see LICENSE for more details.
|
||||||
.. moduleauthor:: Kevin Glisson <kglisson@netflix.com>
|
.. moduleauthor:: Kevin Glisson <kglisson@netflix.com>
|
||||||
"""
|
"""
|
||||||
import os
|
|
||||||
import datetime
|
import datetime
|
||||||
|
from flask import current_app
|
||||||
|
|
||||||
from cryptography import x509
|
from cryptography import x509
|
||||||
from cryptography.hazmat.backends import default_backend
|
from cryptography.hazmat.backends import default_backend
|
||||||
|
|
||||||
from flask import current_app
|
|
||||||
|
|
||||||
from sqlalchemy.orm import relationship
|
from sqlalchemy.orm import relationship
|
||||||
from sqlalchemy import event, Integer, ForeignKey, String, DateTime, PassiveDefault, func, Column, Text, Boolean
|
from sqlalchemy import event, Integer, ForeignKey, String, DateTime, PassiveDefault, func, Column, Text, Boolean
|
||||||
|
|
||||||
from sqlalchemy_utils import EncryptedType
|
from sqlalchemy_utils import EncryptedType
|
||||||
|
|
||||||
|
from lemur.utils import get_key
|
||||||
from lemur.database import db
|
from lemur.database import db
|
||||||
from lemur.plugins.base import plugins
|
from lemur.plugins.base import plugins
|
||||||
|
|
||||||
|
@ -211,7 +209,7 @@ class Certificate(db.Model):
|
||||||
id = Column(Integer, primary_key=True)
|
id = Column(Integer, primary_key=True)
|
||||||
owner = Column(String(128))
|
owner = Column(String(128))
|
||||||
body = Column(Text())
|
body = Column(Text())
|
||||||
private_key = Column(EncryptedType(String, os.environ.get('LEMUR_ENCRYPTION_KEY')))
|
private_key = Column(EncryptedType(String, get_key))
|
||||||
status = Column(String(128))
|
status = Column(String(128))
|
||||||
deleted = Column(Boolean, index=True)
|
deleted = Column(Boolean, index=True)
|
||||||
name = Column(String(128))
|
name = Column(String(128))
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
"""
|
"""
|
||||||
.. module: models
|
.. module: lemur.roles.models
|
||||||
:platform: unix
|
:platform: unix
|
||||||
:synopsis: This module contains all of the models need to create a role within Lemur
|
:synopsis: This module contains all of the models need to create a role within Lemur
|
||||||
|
|
||||||
|
@ -9,13 +9,12 @@
|
||||||
.. moduleauthor:: Kevin Glisson <kglisson@netflix.com>
|
.. moduleauthor:: Kevin Glisson <kglisson@netflix.com>
|
||||||
|
|
||||||
"""
|
"""
|
||||||
import os
|
|
||||||
from sqlalchemy.orm import relationship
|
from sqlalchemy.orm import relationship
|
||||||
from sqlalchemy import Column, Integer, String, Text, ForeignKey
|
from sqlalchemy import Column, Integer, String, Text, ForeignKey
|
||||||
|
|
||||||
from sqlalchemy_utils import EncryptedType
|
from sqlalchemy_utils import EncryptedType
|
||||||
|
|
||||||
from lemur.database import db
|
from lemur.database import db
|
||||||
|
from lemur.utils import get_key
|
||||||
from lemur.models import roles_users
|
from lemur.models import roles_users
|
||||||
|
|
||||||
|
|
||||||
|
@ -24,15 +23,8 @@ class Role(db.Model):
|
||||||
id = Column(Integer, primary_key=True)
|
id = Column(Integer, primary_key=True)
|
||||||
name = Column(String(128), unique=True)
|
name = Column(String(128), unique=True)
|
||||||
username = Column(String(128))
|
username = Column(String(128))
|
||||||
password = Column(EncryptedType(String, os.environ.get('LEMUR_ENCRYPTION_KEY')))
|
password = Column(EncryptedType(String, get_key))
|
||||||
description = Column(Text)
|
description = Column(Text)
|
||||||
authority_id = Column(Integer, ForeignKey('authorities.id'))
|
authority_id = Column(Integer, ForeignKey('authorities.id'))
|
||||||
user_id = Column(Integer, ForeignKey('users.id'))
|
user_id = Column(Integer, ForeignKey('users.id'))
|
||||||
users = relationship("User", secondary=roles_users, passive_deletes=True, backref="role", cascade='all,delete')
|
users = relationship("User", secondary=roles_users, passive_deletes=True, backref="role", cascade='all,delete')
|
||||||
|
|
||||||
def as_dict(self):
|
|
||||||
return {c.name: getattr(self, c.name) for c in self.__table__.columns}
|
|
||||||
|
|
||||||
def serialize(self):
|
|
||||||
blob = self.as_dict()
|
|
||||||
return blob
|
|
||||||
|
|
|
@ -0,0 +1,20 @@
|
||||||
|
"""
|
||||||
|
.. module: lemur.utils
|
||||||
|
:platform: Unix
|
||||||
|
:copyright: (c) 2015 by Netflix Inc., see AUTHORS for more
|
||||||
|
:license: Apache, see LICENSE for more details.
|
||||||
|
.. moduleauthor:: Kevin Glisson <kglisson@netflix.com>
|
||||||
|
"""
|
||||||
|
from flask import current_app
|
||||||
|
|
||||||
|
|
||||||
|
def get_key():
|
||||||
|
"""
|
||||||
|
Gets the current encryption key
|
||||||
|
|
||||||
|
:return:
|
||||||
|
"""
|
||||||
|
try:
|
||||||
|
return current_app.config.get('LEMUR_ENCRYPTION_KEY')
|
||||||
|
except RuntimeError:
|
||||||
|
return ''
|
Loading…
Reference in New Issue