Closes #284 (#336)

lemur/certificates/models.py

@@ -9,8 +9,10 @@ import datetime
 
 from flask import current_app
 
-from sqlalchemy import event, Integer, ForeignKey, String, DateTime, PassiveDefault, func, Column, Text, Boolean
 from sqlalchemy.orm import relationship
+from sqlalchemy.sql.expression import case
+from sqlalchemy.ext.hybrid import hybrid_property
+from sqlalchemy import event, Integer, ForeignKey, String, DateTime, PassiveDefault, func, Column, Text, Boolean
 
 from lemur.database import db
 from lemur.models import certificate_associations, certificate_source_associations, \
@@ -73,6 +75,8 @@ class Certificate(db.Model):
                             secondaryjoin=id == certificate_replacement_associations.c.replaced_certificate_id,  # noqa
                             backref='replaced')
 
+    endpoints = relationship("Endpoint", backref='certificate')
+
     def __init__(self, **kwargs):
         cert = defaults.parse_certificate(kwargs['body'])
 
@@ -104,22 +108,33 @@ class Certificate(db.Model):
         for domain in defaults.domains(cert):
             self.domains.append(Domain(name=domain))
 
-    @property
-    def is_expired(self):
-        if self.not_after < datetime.datetime.now():
+    @hybrid_property
+    def expired(self):
+        if self.not_after <= datetime.datetime.now():
             return True
 
-    @property
-    def is_unused(self):
-        if self.elb_listeners.count() == 0:
+    @expired.expression
+    def expired(cls):
+        return case(
+            [
+                (cls.now_after <= datetime.datetime.now(), True)
+            ],
+            else_=False
+        )
+
+    @hybrid_property
+    def revoked(self):
+        if 'revoked' == self.status:
             return True
 
-    @property
-    def is_revoked(self):
-        # we might not yet know the condition of the cert
-        if self.status:
-            if 'revoked' in self.status:
-                return True
+    @revoked.expression
+    def revoked(cls):
+        return case(
+            [
+                (cls.status == 'revoked', True)
+            ],
+            else_=False
+        )
 
     def get_arn(self, account_number):
         """

lemur/certificates/schemas.py

@@ -10,7 +10,7 @@ from marshmallow import fields, validates_schema, post_load
 from marshmallow.exceptions import ValidationError
 
 from lemur.schemas import AssociatedAuthoritySchema, AssociatedDestinationSchema, AssociatedCertificateSchema, \
-    AssociatedNotificationSchema, PluginInputSchema, ExtensionSchema, AssociatedRoleSchema
+    AssociatedNotificationSchema, PluginInputSchema, ExtensionSchema, AssociatedRoleSchema, EndpointNestedOutputSchema
 
 from lemur.authorities.schemas import AuthorityNestedOutputSchema
 from lemur.destinations.schemas import DestinationNestedOutputSchema
@@ -120,7 +120,7 @@ class CertificateOutputSchema(LemurOutputSchema):
     replaces = fields.Nested(CertificateNestedOutputSchema, many=True)
     authority = fields.Nested(AuthorityNestedOutputSchema)
     roles = fields.Nested(RoleNestedOutputSchema, many=True)
-    endpoints = fields.List(fields.Dict(), missing=[])
+    endpoints = fields.Nested(EndpointNestedOutputSchema, many=True, missing=[])
 
 
 class CertificateUploadInputSchema(CertificateSchema):

lemur/certificates/service.py

@@ -177,6 +177,7 @@ def upload(**kwargs):
     """
     Allows for pre-made certificates to be imported into Lemur.
     """
+    from lemur.users import service as user_service
     roles = create_certificate_roles(**kwargs)
 
     if kwargs.get('roles'):
@@ -187,10 +188,14 @@ def upload(**kwargs):
     cert = Certificate(**kwargs)
 
     cert = database.create(cert)
-    g.user.certificates.append(cert)
 
-    database.update(cert)
-    return cert
+    try:
+        g.user.certificates.append(cert)
+    except AttributeError:
+        user = user_service.get_by_email('lemur@nobody')
+        user.certificates.append(cert)
+
+    return database.update(cert)
 
 
 def create(**kwargs):