def __init__(self, config=None):
super(Audit, self).__init__(config)
self.name = "sqlaudit"
self.sign_data = not self.config.get("PI_AUDIT_NO_SIGN")
self.sign_object = None
self.verify_old_sig = self.config.get('PI_CHECK_OLD_SIGNATURES')
if self.sign_data:
self.read_keys(self.config.get("PI_AUDIT_KEY_PUBLIC"),
self.config.get("PI_AUDIT_KEY_PRIVATE"))
self.sign_object = Sign(self.private, self.public)
# Read column_length from the config file
config_column_length = self.config.get("PI_AUDIT_SQL_COLUMN_LENGTH",
{})
# fill the missing parts with the default from the models
self.custom_column_length = {
k:
(v if k not in config_column_length else config_column_length[k])
for k, v in column_length.items()
}
# We can use "sqlaudit" as the key because the SQLAudit connection
# string is fixed for a running privacyIDEA instance.
# In other words, we will not run into any problems with changing connect strings.
self.engine = get_engine(self.name, self._create_engine)
# create a configured "Session" class. ``scoped_session`` is not
# necessary because we do not share session objects among threads.
# We use it anyway as a safety measure.
Session = scoped_session(sessionmaker(bind=self.engine))
self.session = Session()
# Ensure that the connection gets returned to the pool when the request has
# been handled. This may close an already-closed session, but this is not a problem.
register_finalizer(self.session.close)
self.session._model_changes = {}
def __init__(self, config=None):
self.name = "sqlaudit"
self.config = config or {}
self.audit_data = {}
self.sign_data = not self.config.get("PI_AUDIT_NO_SIGN")
self.sign_object = None
self.verify_old_sig = self.config.get('PI_CHECK_OLD_SIGNATURES')
if self.sign_data:
self.read_keys(self.config.get("PI_AUDIT_KEY_PUBLIC"),
self.config.get("PI_AUDIT_KEY_PRIVATE"))
self.sign_object = Sign(self.private, self.public)
# We can use "sqlaudit" as the key because the SQLAudit connection
# string is fixed for a running privacyIDEA instance.
# In other words, we will not run into any problems with changing connect strings.
self.engine = get_engine(self.name, self._create_engine)
# create a configured "Session" class. ``scoped_session`` is not
# necessary because we do not share session objects among threads.
# We use it anyway as a safety measure.
Session = scoped_session(sessionmaker(bind=self.engine))
self.session = Session()
# Ensure that the connection gets returned to the pool when the request has
# been handled. This may close an already-closed session, but this is not a problem.
register_finalizer(self.session.close)
self.session._model_changes = {}
def __init__(self, config=None):
self.name = "sqlaudit"
self.config = config or {}
self.audit_data = {}
self.sign_data = not self.config.get("PI_AUDIT_NO_SIGN")
self.sign_object = None
self.verify_old_sig = get_app_config_value('PI_CHECK_OLD_SIGNATURES')
if self.sign_data:
self.read_keys(self.config.get("PI_AUDIT_KEY_PUBLIC"),
self.config.get("PI_AUDIT_KEY_PRIVATE"))
self.sign_object = Sign(self.private, self.public)
# We can use "sqlaudit" as the key because the SQLAudit connection
# string is fixed for a running privacyIDEA instance.
# In other words, we will not run into any problems with changing connect strings.
self.engine = get_engine(self.name, self._create_engine)
# create a configured "Session" class. ``scoped_session`` is not
# necessary because we do not share session objects among threads.
# We use it anyway as a safety measure.
Session = scoped_session(sessionmaker(bind=self.engine))
self.session = Session()
# Ensure that the connection gets returned to the pool when the request has
# been handled. This may close an already-closed session, but this is not a problem.
register_finalizer(self.session.close)
self.session._model_changes = {}
def loadConfig(self, config):
"""
Load the config from conf.
:param config: The configuration from the Config Table
:type config: dict
"""
self.server = config.get('Server', "")
self.driver = config.get('Driver', "")
self.database = config.get('Database', "")
self.resolverId = self.database
self.port = config.get('Port', "")
self.limit = config.get('Limit', 100)
self.user = config.get('User', "")
self.password = config.get('Password', "")
self.table = config.get('Table', "")
self._editable = config.get("Editable", False)
self.password_hash_type = config.get("Password_Hash_Type", "SSHA256")
usermap = config.get('Map', {})
self.map = yaml.safe_load(usermap)
self.reverse_map = dict([[v, k] for k, v in self.map.items()])
self.where = config.get('Where', "")
self.encoding = str(config.get('Encoding') or "latin1")
self.conParams = config.get('conParams', "")
self.pool_size = int(config.get('poolSize') or 5)
self.pool_timeout = int(config.get('poolTimeout') or 10)
# recycle SQL connections after 2 hours by default
# (necessary for MySQL servers, which terminate idle connections after some hours)
self.pool_recycle = int(config.get('poolRecycle') or 7200)
# create the connectstring like
params = {
'Port': self.port,
'Password': self.password,
'conParams': self.conParams,
'Driver': self.driver,
'User': self.user,
'Server': self.server,
'Database': self.database
}
self.connect_string = self._create_connect_string(params)
# get an engine from the engine registry, using self.getResolverId() as the key,
# which involves the connect string and the pool settings.
self.engine = get_engine(self.getResolverId(), self._create_engine)
# We use ``scoped_session`` to be sure that the SQLSoup object
# also uses ``self.session``.
Session = scoped_session(sessionmaker(bind=self.engine))
# Session should be closed on teardown
self.session = Session()
register_finalizer(self.session.close)
self.session._model_changes = {}
self.db = SQLSoup(self.engine, session=Session)
self.db.session._model_changes = {}
self.TABLE = self.db.entity(self.table)
return self
def loadConfig(self, config):
"""
Load the config from conf.
:param config: The configuration from the Config Table
:type config: dict
"""
self.server = config.get('Server', "")
self.driver = config.get('Driver', "")
self.database = config.get('Database', "")
self.resolverId = self.database
self.port = config.get('Port', "")
self.limit = config.get('Limit', 100)
self.user = config.get('User', "")
self.password = config.get('Password', "")
self.table = config.get('Table', "")
self._editable = config.get("Editable", False)
self.password_hash_type = config.get("Password_Hash_Type", "SSHA256")
usermap = config.get('Map', {})
self.map = yaml.safe_load(usermap)
self.reverse_map = dict([[v, k] for k, v in self.map.items()])
self.where = config.get('Where', "")
self.encoding = str(config.get('Encoding') or "latin1")
self.conParams = config.get('conParams', "")
self.pool_size = int(config.get('poolSize') or 5)
self.pool_timeout = int(config.get('poolTimeout') or 10)
# recycle SQL connections after 2 hours by default
# (necessary for MySQL servers, which terminate idle connections after some hours)
self.pool_recycle = int(config.get('poolRecycle') or 7200)
# create the connectstring like
params = {'Port': self.port,
'Password': self.password,
'conParams': self.conParams,
'Driver': self.driver,
'User': self.user,
'Server': self.server,
'Database': self.database}
self.connect_string = self._create_connect_string(params)
# get an engine from the engine registry, using self.getResolverId() as the key,
# which involves the connect string and the pool settings.
self.engine = get_engine(self.getResolverId(), self._create_engine)
# We use ``scoped_session`` to be sure that the SQLSoup object
# also uses ``self.session``.
Session = scoped_session(sessionmaker(bind=self.engine))
# Session should be closed on teardown
self.session = Session()
register_finalizer(self.session.close)
self.session._model_changes = {}
self.db = SQLSoup(self.engine, session=Session)
self.db.session._model_changes = {}
self.TABLE = self.db.entity(self.table)
return self
def __init__(self, config=None):
self.name = "sqlstats"
self.config = config or {}
self.engine = get_engine(self.name, self._create_engine)
# create a configured "Session" class. ``scoped_session`` is not
# necessary because we do not share session objects among threads.
# We use it anyway as a safety measure.
Session = scoped_session(sessionmaker(bind=self.engine))
self.session = Session()
# Ensure that the connection gets returned to the pool when the request has
# been handled. This may close an already-closed session, but this is not a problem.
register_finalizer(self.session.close)
self.session._model_changes = {}
def __init__(self, config=None):
self.name = "sqlstats"
self.config = config or {}
self.engine = get_engine(self.name, self._create_engine)
# create a configured "Session" class. ``scoped_session`` is not
# necessary because we do not share session objects among threads.
# We use it anyway as a safety measure.
Session = scoped_session(sessionmaker(bind=self.engine))
self.session = Session()
# Ensure that the connection gets returned to the pool when the request has
# been handled. This may close an already-closed session, but this is not a problem.
register_finalizer(self.session.close)
self.session._model_changes = {}
def test_03_finalizer_error(self):
finalizer1 = mock.MagicMock()
finalizer1.side_effect = RuntimeError()
finalizer2 = mock.MagicMock()
# test that we can use finalizers
with self.app.test_request_context('/token/',
method='GET',
headers={'Authorization': self.at}):
register_finalizer(finalizer1)
register_finalizer(finalizer2)
res = self.app.full_dispatch_request()
result = res.json.get("result")
self.assertTrue(result.get("status"))
finalizer1.assert_called_once()
finalizer2.assert_called_once()
def test_03_finalizer_error(self):
finalizer1 = mock.MagicMock()
finalizer1.side_effect = RuntimeError()
finalizer2 = mock.MagicMock()
# test that we can use finalizers
with self.app.test_request_context('/token/',
method='GET',
headers={'Authorization': self.at}):
register_finalizer(finalizer1)
register_finalizer(finalizer2)
res = self.app.full_dispatch_request()
result = json.loads(res.data.decode('utf8')).get("result")
self.assertTrue(result.get("status"))
finalizer1.assert_called_once()
finalizer2.assert_called_once()
def test_02_register_finalizer_request_context(self):
finalizer1 = mock.MagicMock()
finalizer2 = mock.MagicMock()
# test that we can use finalizers
with self.app.test_request_context('/token/',
method='GET',
headers={'Authorization': self.at}):
register_finalizer(finalizer1)
register_finalizer(finalizer2)
res = self.app.full_dispatch_request()
result = json.loads(res.data.decode('utf8')).get("result")
self.assertTrue(result.get("status"))
finalizer1.assert_called_once()
finalizer2.assert_called_once()
# test that they are not called in the next request
with self.app.test_request_context('/token/',
method='GET',
headers={'Authorization': self.at}):
res = self.app.full_dispatch_request()
result = json.loads(res.data.decode('utf8')).get("result")
self.assertTrue(result.get("status"))
finalizer1.assert_called_once()
finalizer2.assert_called_once()
def test_01_register_finalizer(self):
finalizer1 = mock.MagicMock()
finalizer2 = mock.MagicMock()
finalizer3 = mock.MagicMock()
register_finalizer(finalizer1)
register_finalizer(finalizer2)
call_finalizers()
finalizer1.assert_called_once()
finalizer2.assert_called_once()
finalizer3.assert_not_called()
# call_finalizer clears the list of finalizers
register_finalizer(finalizer3)
call_finalizers()
finalizer1.assert_called_once()
finalizer2.assert_called_once()
finalizer3.assert_called_once()
def test_01_register_finalizer(self):
finalizer1 = mock.MagicMock()
finalizer2 = mock.MagicMock()
finalizer3 = mock.MagicMock()
register_finalizer(finalizer1)
register_finalizer(finalizer2)
call_finalizers()
finalizer1.assert_called_once()
finalizer2.assert_called_once()
finalizer3.assert_not_called()
# call_finalizer clears the list of finalizers
register_finalizer(finalizer3)
call_finalizers()
finalizer1.assert_called_once()
finalizer2.assert_called_once()
finalizer3.assert_called_once()
