Ejemplo n.º 1
0
class User(db.Model):
    __tablename__ = 'users'
    id = Column(Integer, primary_key=True)
    password = Column(String(128))
    active = Column(Boolean())
    confirmed_at = Column(DateTime())
    username = Column(String(255), nullable=False, unique=True)
    email = Column(String(128), unique=True)
    profile_picture = Column(String(255))
    roles = relationship('Role',
                         secondary=roles_users,
                         passive_deletes=True,
                         backref=db.backref('user'),
                         lazy='dynamic')
    certificates = relationship("Certificate",
                                backref=db.backref('user'),
                                lazy='dynamic')
    authorities = relationship("Authority",
                               backref=db.backref('user'),
                               lazy='dynamic')

    def check_password(self, password):
        """
        Hash a given password and check it against the stored value
        to determine it's validity.

        :param password:
        :return:
        """
        if self.password:
            return bcrypt.check_password_hash(self.password, password)

    def hash_password(self):
        """
        Generate the secure hash for the password.

        :return:
        """
        if self.password:
            self.password = bcrypt.generate_password_hash(self.password)
            return self.password

    @property
    def is_admin(self):
        """
        Determine if the current user has the 'admin' role associated
        with it.

        :return:
        """
        for role in self.roles:
            if role.name == 'admin':
                return True

    def as_dict(self):
        return {c.name: getattr(self, c.name) for c in self.__table__.columns}

    def serialize(self):
        blob = self.as_dict()
        return blob
Ejemplo n.º 2
0
class User(db.Model):
    __tablename__ = 'users'
    id = Column(Integer, primary_key=True)
    password = Column(String(128))
    active = Column(Boolean())
    confirmed_at = Column(ArrowType())
    username = Column(String(255), nullable=False, unique=True)
    email = Column(String(128), unique=True)
    profile_picture = Column(String(255))
    roles = relationship('Role',
                         secondary=roles_users,
                         passive_deletes=True,
                         backref=db.backref('user'),
                         lazy='dynamic')
    certificates = relationship('Certificate',
                                backref=db.backref('user'),
                                lazy='dynamic')
    authorities = relationship('Authority',
                               backref=db.backref('user'),
                               lazy='dynamic')
    keys = relationship('ApiKey', backref=db.backref('user'), lazy='dynamic')
    logs = relationship('Log', backref=db.backref('user'), lazy='dynamic')

    sensitive_fields = ('password', )

    def check_password(self, password):
        """
        Hash a given password and check it against the stored value
        to determine it's validity.

        :param password:
        :return:
        """
        if self.password:
            return bcrypt.check_password_hash(self.password, password)

    def hash_password(self):
        """
        Generate the secure hash for the password.

        :return:
        """
        if self.password:
            self.password = bcrypt.generate_password_hash(
                self.password).decode('utf-8')

    @property
    def is_admin(self):
        """
        Determine if the current user has the 'admin' role associated
        with it.

        :return:
        """
        for role in self.roles:
            if role.name == 'admin':
                return True

    def __repr__(self):
        return "User(username={username})".format(username=self.username)
Ejemplo n.º 3
0
class Authority(db.Model):
    __tablename__ = "authorities"
    id = Column(Integer, primary_key=True)
    owner = Column(String(128), nullable=False)
    name = Column(String(128), unique=True)
    body = Column(Text())
    chain = Column(Text())
    active = Column(Boolean, default=True)
    plugin_name = Column(String(64))
    description = Column(Text)
    options = Column(JSON)
    date_created = Column(DateTime, PassiveDefault(func.now()), nullable=False)
    roles = relationship(
        "Role",
        secondary=roles_authorities,
        passive_deletes=True,
        backref=db.backref("authority"),
        lazy="dynamic",
    )
    user_id = Column(Integer, ForeignKey("users.id"))
    authority_certificate = relationship(
        "Certificate",
        backref="root_authority",
        uselist=False,
        foreign_keys="Certificate.root_authority_id",
    )
    certificates = relationship("Certificate",
                                backref="authority",
                                foreign_keys="Certificate.authority_id")

    authority_pending_certificate = relationship(
        "PendingCertificate",
        backref="root_authority",
        uselist=False,
        foreign_keys="PendingCertificate.root_authority_id",
    )
    pending_certificates = relationship(
        "PendingCertificate",
        backref="authority",
        foreign_keys="PendingCertificate.authority_id",
    )

    def __init__(self, **kwargs):
        self.owner = kwargs["owner"]
        self.roles = kwargs.get("roles", [])
        self.name = kwargs.get("name")
        self.description = kwargs.get("description")
        self.authority_certificate = kwargs["authority_certificate"]
        self.plugin_name = kwargs["plugin"]["slug"]
        self.options = kwargs.get("options")

    @property
    def plugin(self):
        return plugins.get(self.plugin_name)

    def __repr__(self):
        return "Authority(name={name})".format(name=self.name)
Ejemplo n.º 4
0
class Authority(db.Model):
    __tablename__ = 'authorities'
    id = Column(Integer, primary_key=True)
    owner = Column(String(128), nullable=False)
    name = Column(String(128), unique=True)
    body = Column(Text())
    chain = Column(Text())
    active = Column(Boolean, default=True)
    plugin_name = Column(String(64))
    description = Column(Text)
    options = Column(JSON)
    date_created = Column(DateTime, PassiveDefault(func.now()), nullable=False)
    roles = relationship('Role',
                         secondary=roles_authorities,
                         passive_deletes=True,
                         backref=db.backref('authority'),
                         lazy='dynamic')
    user_id = Column(Integer, ForeignKey('users.id'))
    authority_certificate = relationship(
        "Certificate",
        backref='root_authority',
        uselist=False,
        foreign_keys='Certificate.root_authority_id')
    certificates = relationship("Certificate",
                                backref='authority',
                                foreign_keys='Certificate.authority_id')

    authority_pending_certificate = relationship(
        "PendingCertificate",
        backref='root_authority',
        uselist=False,
        foreign_keys='PendingCertificate.root_authority_id')
    pending_certificates = relationship(
        'PendingCertificate',
        backref='authority',
        foreign_keys='PendingCertificate.authority_id')

    def __init__(self, **kwargs):
        self.owner = kwargs['owner']
        self.roles = kwargs.get('roles', [])
        self.name = kwargs.get('name')
        self.description = kwargs.get('description')
        self.authority_certificate = kwargs['authority_certificate']
        self.plugin_name = kwargs['plugin']['slug']
        self.options = kwargs.get('options')

    @property
    def plugin(self):
        return plugins.get(self.plugin_name)

    def __repr__(self):
        return "Authority(name={name})".format(name=self.name)
Ejemplo n.º 5
0
class Authority(db.Model):
    __tablename__ = 'authorities'
    id = Column(Integer, primary_key=True)
    owner = Column(String(128))
    name = Column(String(128), unique=True)
    body = Column(Text())
    chain = Column(Text())
    bits = Column(Integer())
    cn = Column(String(128))
    not_before = Column(DateTime)
    not_after = Column(DateTime)
    active = Column(Boolean, default=True)
    date_created = Column(DateTime, PassiveDefault(func.now()), nullable=False)
    plugin_name = Column(String(64))
    description = Column(Text)
    options = Column(JSON)
    roles = relationship('Role',
                         backref=db.backref('authority'),
                         lazy='dynamic')
    user_id = Column(Integer, ForeignKey('users.id'))
    certificates = relationship("Certificate", backref='authority')

    def __init__(self,
                 name,
                 owner,
                 plugin_name,
                 body,
                 roles=None,
                 chain=None,
                 description=None):
        self.name = name
        self.body = body
        self.chain = chain
        self.owner = owner
        self.plugin_name = plugin_name
        cert = x509.load_pem_x509_certificate(str(body), default_backend())
        self.cn = get_cn(cert)
        self.not_before = get_not_before(cert)
        self.not_after = get_not_after(cert)
        self.roles = roles
        self.description = description

    def as_dict(self):
        return {c.name: getattr(self, c.name) for c in self.__table__.columns}

    def serialize(self):
        blob = self.as_dict()
        return blob
Ejemplo n.º 6
0
class Authority(db.Model):
    __tablename__ = "authorities"
    id = Column(Integer, primary_key=True)
    owner = Column(String(128), nullable=False)
    name = Column(String(128), unique=True)
    body = Column(Text())
    chain = Column(Text())
    active = Column(Boolean, default=True)
    plugin_name = Column(String(64))
    description = Column(Text)
    options = Column(JSON)
    date_created = Column(DateTime, DefaultClause(func.now()), nullable=False)
    roles = relationship(
        "Role",
        secondary=roles_authorities,
        passive_deletes=True,
        backref=db.backref("authority"),
        lazy="dynamic",
    )
    user_id = Column(Integer, ForeignKey("users.id"))
    authority_certificate = relationship(
        "Certificate",
        backref="root_authority",
        uselist=False,
        foreign_keys="Certificate.root_authority_id",
    )
    certificates = relationship("Certificate",
                                backref="authority",
                                foreign_keys="Certificate.authority_id")

    authority_pending_certificate = relationship(
        "PendingCertificate",
        backref="root_authority",
        uselist=False,
        foreign_keys="PendingCertificate.root_authority_id",
    )
    pending_certificates = relationship(
        "PendingCertificate",
        backref="authority",
        foreign_keys="PendingCertificate.authority_id",
    )

    def __init__(self, **kwargs):
        self.owner = kwargs["owner"]
        self.roles = kwargs.get("roles", [])
        self.name = kwargs.get("name")
        self.description = kwargs.get("description")
        self.authority_certificate = kwargs["authority_certificate"]
        self.plugin_name = kwargs["plugin"]["slug"]
        self.options = kwargs.get("options")

    @property
    def plugin(self):
        return plugins.get(self.plugin_name)

    @property
    def is_cab_compliant(self):
        """
        Parse the options to find whether authority is CAB Forum Compliant,
        i.e., adhering to the CA/Browser Forum Baseline Requirements.
        Returns None if option is not available
        """
        if not self.options:
            return None

        options_array = json.loads(self.options)
        if isinstance(options_array, list):
            for option in options_array:
                if "name" in option and option["name"] == 'cab_compliant':
                    return option["value"]

        return None

    @property
    def max_issuance_days(self):
        if self.is_cab_compliant:
            return current_app.config.get("PUBLIC_CA_MAX_VALIDITY_DAYS", 397)

    @property
    def default_validity_days(self):
        if self.is_cab_compliant:
            return current_app.config.get("PUBLIC_CA_MAX_VALIDITY_DAYS", 397)

        return current_app.config.get("DEFAULT_VALIDITY_DAYS",
                                      365)  # 1 year default

    def __repr__(self):
        return "Authority(name={name})".format(name=self.name)