def bootstrap(self, options):
Cipher.initialize()
if options.get('debug', False):
Runtime.debug(True)
if options.get('no_parallel', False):
Runtime.parallel(False)
if options.get('no_color', False):
Runtime.color(False)
if options.get('display_width', False):
Runtime.width(options.get('display_width'))
self.init_environment()
if self.bootstrap_ensure() and settings.CLI_EXEC:
self._user._ensure(self)
self.set_options(options, True)
if self.bootstrap_ensure() and settings.CLI_EXEC:
self.ensure_resources()
if self.initialize_services():
self.manager.initialize_services(settings.STARTUP_SERVICES)
return self
def _format_options(self, options):
cipher = Cipher.get('command_api', user = self.command.active_user.name)
def process_item(key, value):
return (key, cipher.decrypt(value))
return self.command.format_fields(options, process_item)
def authenticate(self, request):
token_text = self.get_auth_header(request)
if not token_text:
return None
user, token = self.parse_token(token_text)
try:
if self.api_type:
token = Cipher.get(self.api_type,
user=user.name).decrypt(token)
except Exception as error:
raise exceptions.AuthenticationFailed(
'Invalid token header. Credentials can not be decrypted')
if not user.is_active:
raise exceptions.AuthenticationFailed(
'User account is inactive. Contact administrator')
if not user.check_password(token):
raise exceptions.AuthenticationFailed(
'Invalid token: User credentials are invalid')
user.last_login = now()
user.save()
self.user_class.facade.set_active_user(user)
return (user, token)
def _load(self, str_data, encrypted = True):
logger.debug("Loaded: %s", str_data)
try:
if encrypted:
str_data = Cipher.get('data').decrypt(str_data)
logger.debug("Importing: %s", str_data)
with transaction.atomic(using = self.alias):
with self.connection.constraint_checks_disabled():
models = parse_objects(self.alias, str_data)
table_names = [model._meta.db_table for model in models]
self.connection.check_constraints(table_names = table_names)
sequence_sql = self.connection.ops.sequence_reset_sql(no_style(), models)
if sequence_sql:
with self.connection.cursor() as cursor:
for line in sequence_sql:
cursor.execute(line)
except Exception as e:
e.args = ("Problem installing data: {}".format(e),)
logger.exception("Exception: %s", e)
raise e
def _save(self, packages, encrypted = True):
str_conn = StringIO()
try:
serializers.serialize('json',
get_objects(self.alias, packages),
indent = 2,
use_natural_foreign_keys = False,
use_natural_primary_keys = False,
stream = str_conn
)
str_data = str_conn.getvalue()
logger.debug("Updated: %s", str_data)
if encrypted:
str_data = Cipher.get('data').encrypt(str_data)
except Exception as e:
e.args = ("Problem saving data: {}".format(e),)
logger.exception("Exception: %s", e)
raise
finally:
str_conn.close()
return str_data
def save(self, *args, **kwargs):
if not self.password and self.name == settings.ADMIN_USER:
self.set_password(settings.DEFAULT_ADMIN_TOKEN)
if not self.encryption_key or self.encryption_key == '<generate>':
self.encryption_key = Cipher.get_provider_class(
'user_api_key').generate_key()
super().save(*args, **kwargs)
def get(cls, data, decrypt=True, user=None):
if decrypt:
message = Cipher.get('command_api',
user=user).decrypt(data['package'], False)
data = load_json(message)
message = getattr(sys.modules[__name__], data['type'])(user=user)
message.load(data)
return message
def __init__(self,
message='',
name=None,
prefix=None,
silent=False,
user=None):
super().__init__()
self.type = self.__class__.__name__
self.name = name
self.prefix = prefix
self.message = message
self.silent = silent
self.cipher = Cipher.get('command_api', user=user)
def content(self):
if not self.api_type or not getattr(settings, "ENCRYPT_{}_API".format(self.api_type.replace('_api', '').upper()), True):
return super().content
return Cipher.get(self.api_type, user = self.user).encrypt(super().content)
def get_cipher(self, request):
return Cipher.get('data_api',
user = request.user.name if request.user else None
)
def encrypt(self, value):
# Python data type
return Cipher.get('data').encrypt(value).decode()
def decrypt(self, value):
# Database cipher text
return Cipher.get('data').decrypt(str.encode(value))