def render(args): """ Helper that filters subsets of roles depending on the parameters passed to the REST Api :param args: :return: """ query = database.session_query(Role) filt = args.pop('filter') user_id = args.pop('user_id', None) authority_id = args.pop('authority_id', None) if user_id: query = query.filter(Role.users.any(User.id == user_id)) if authority_id: query = query.filter(Role.authority_id == authority_id) # we make sure that user can see the role - admins can see all if not g.current_user.is_admin: ids = [] for role in g.current_user.roles: ids.append(role.id) query = query.filter(Role.id.in_(ids)) if filt: terms = filt.split(';') query = database.filter(query, Role, terms) return database.sort_and_page(query, Role, args)
def render(args): sort_by = args.pop("sort_by") sort_dir = args.pop("sort_dir") page = args.pop("page") count = args.pop("count") filt = args.pop("filter") certificate_id = args.pop("certificate_id", None) if certificate_id: query = database.session_query(Notification).join(Certificate, Notification.certificate) query = query.filter(Certificate.id == certificate_id) else: query = database.session_query(Notification) if filt: terms = filt.split(";") if terms[0] == "active" and terms[1] == "false": query = query.filter(Notification.active == False) # noqa elif terms[0] == "active" and terms[1] == "true": query = query.filter(Notification.active == True) # noqa else: query = database.filter(query, Notification, terms) query = database.find_all(query, Notification, args) if sort_by and sort_dir: query = database.sort(query, Notification, sort_by, sort_dir) return database.paginate(query, page, count)
def render(args): """ Helper to parse REST Api requests :param args: :return: """ query = database.session_query(Domain).join(Certificate, Domain.certificate) sort_by = args.pop('sort_by') sort_dir = args.pop('sort_dir') page = args.pop('page') count = args.pop('count') filt = args.pop('filter') certificate_id = args.pop('certificate_id', None) if filt: terms = filt.split(';') query = database.filter(query, Domain, terms) if certificate_id: query = query.filter(Certificate.id == certificate_id) query = database.find_all(query, Domain, args) if sort_by and sort_dir: query = database.sort(query, Domain, sort_by, sort_dir) return database.paginate(query, page, count)
def render(args): """ Helper that helps us render the REST Api responses. :param args: :return: """ query = database.session_query(Endpoint) filt = args.pop('filter') if filt: terms = filt.split(';') if 'active' in filt: # this is really weird but strcmp seems to not work here?? query = query.filter(Endpoint.active == terms[1]) elif 'port' in filt: if terms[1] != 'null': # ng-table adds 'null' if a number is removed query = query.filter(Endpoint.port == terms[1]) elif 'ciphers' in filt: query = query.filter( Cipher.name == terms[1] ) else: query = database.filter(query, Endpoint, terms) # we make sure that a user can only use an endpoint they either own are are a member of - admins can see all if not g.current_user.is_admin: endpoint_ids = [] for role in g.current_user.roles: for endpoint in role.endpoints: endpoint_ids.append(endpoint.id) query = query.filter(Endpoint.id.in_(endpoint_ids)) return database.sort_and_page(query, Endpoint, args)
def render(args): """ Helper that helps us render the REST Api responses. :param args: :return: """ query = database.session_query(Authority) filt = args.pop('filter') if filt: terms = filt.split(';') if 'active' in filt: query = query.filter(Authority.active == truthiness(terms[1])) elif 'cn' in filt: term = '%{0}%'.format(terms[1]) sub_query = database.session_query(Certificate.root_authority_id) \ .filter(Certificate.cn.ilike(term)) \ .subquery() query = query.filter(Authority.id.in_(sub_query)) else: query = database.filter(query, Authority, terms) # we make sure that a user can only use an authority they either own are a member of - admins can see all if not args['user'].is_admin: authority_ids = [] for authority in args['user'].authorities: authority_ids.append(authority.id) for role in args['user'].roles: for authority in role.authorities: authority_ids.append(authority.id) query = query.filter(Authority.id.in_(authority_ids)) return database.sort_and_page(query, Authority, args)
def render(args): """ Helper that paginates and filters data when requested through the REST Api :param args: :return: """ query = database.session_query(Log) filt = args.pop('filter') if filt: terms = filt.split(';') if 'certificate.name' in terms: sub_query = database.session_query(Certificate.id)\ .filter(Certificate.name.ilike('%{0}%'.format(terms[1]))) query = query.filter(Log.certificate_id.in_(sub_query)) elif 'user.email' in terms: sub_query = database.session_query(User.id)\ .filter(User.email.ilike('%{0}%'.format(terms[1]))) query = query.filter(Log.user_id.in_(sub_query)) else: query = database.filter(query, Log, terms) return database.sort_and_page(query, Log, args)
def render(args): """ Helper that helps us render the REST Api responses. :param args: :return: """ query = database.session_query(Authority) filt = args.pop('filter') if filt: terms = filt.split(';') if 'active' in filt: # this is really weird but strcmp seems to not work here?? query = query.filter(Authority.active == terms[1]) else: query = database.filter(query, Authority, terms) # we make sure that a user can only use an authority they either own are a member of - admins can see all if not args['user'].is_admin: authority_ids = [] for authority in args['user'].authorities: authority_ids.append(authority.id) for role in args['user'].roles: for authority in role.authorities: authority_ids.append(authority.id) query = query.filter(Authority.id.in_(authority_ids)) return database.sort_and_page(query, Authority, args)
def render(args): """ Helper that paginates and filters data when requested through the REST Api :param args: :return: """ query = database.session_query(User) sort_by = args.pop('sort_by') sort_dir = args.pop('sort_dir') page = args.pop('page') count = args.pop('count') filt = args.pop('filter') if filt: terms = filt.split(';') query = database.filter(query, User, terms) query = database.find_all(query, User, args) if sort_by and sort_dir: query = database.sort(query, User, sort_by, sort_dir) return database.paginate(query, page, count)
def render(args): sort_by = args.pop('sort_by') sort_dir = args.pop('sort_dir') page = args.pop('page') count = args.pop('count') filt = args.pop('filter') certificate_id = args.pop('certificate_id', None) if certificate_id: query = database.session_query(Notification).join(Certificate, Notification.certificate) query = query.filter(Certificate.id == certificate_id) else: query = database.session_query(Notification) if filt: terms = filt.split(';') if terms[0] == 'active' and terms[1] == 'false': query = query.filter(Notification.active == False) # noqa elif terms[0] == 'active' and terms[1] == 'true': query = query.filter(Notification.active == True) # noqa else: query = database.filter(query, Notification, terms) query = database.find_all(query, Notification, args) if sort_by and sort_dir: query = database.sort(query, Notification, sort_by, sort_dir) return database.paginate(query, page, count)
def render(args): """ Helper that helps us render the REST Api responses. :param args: :return: """ query = database.session_query(Authority) filt = args.pop('filter') if filt: terms = filt.split(';') if 'active' in filt: # this is really weird but strcmp seems to not work here?? query = query.filter(Authority.active == terms[1]) else: query = database.filter(query, Authority, terms) # we make sure that a user can only use an authority they either own are are a member of - admins can see all if not g.current_user.is_admin: authority_ids = [] for authority in g.current_user.authorities: authority_ids.append(authority.id) for role in g.current_user.roles: for authority in role.authorities: authority_ids.append(authority.id) query = query.filter(Authority.id.in_(authority_ids)) return database.sort_and_page(query, Authority, args)
def render(args): sort_by = args.pop('sort_by') sort_dir = args.pop('sort_dir') page = args.pop('page') count = args.pop('count') filt = args.pop('filter') certificate_id = args.pop('certificate_id', None) if certificate_id: query = database.session_query(Source).join(Certificate, Source.certificate) query = query.filter(Certificate.id == certificate_id) else: query = database.session_query(Source) if filt: terms = filt.split(';') query = database.filter(query, Source, terms) query = database.find_all(query, Source, args) if sort_by and sort_dir: query = database.sort(query, Source, sort_by, sort_dir) return database.paginate(query, page, count)
def render(args): """ Helper that paginates and filters data when requested through the REST Api :param args: :return: """ query = database.session_query(Log) filt = args.pop("filter") if filt: terms = filt.split(";") if "certificate.name" in terms: sub_query = database.session_query(Certificate.id).filter( Certificate.name.ilike("%{0}%".format(terms[1]))) query = query.filter(Log.certificate_id.in_(sub_query)) elif "user.email" in terms: sub_query = database.session_query(User.id).filter( User.email.ilike("%{0}%".format(terms[1]))) query = query.filter(Log.user_id.in_(sub_query)) else: query = database.filter(query, Log, terms) return database.sort_and_page(query, Log, args)
def render(args): """ Helper that helps us render the REST Api responses. :param args: :return: """ query = database.session_query(Endpoint)\ .options(joinedload(Endpoint.certificate))\ .options(joinedload(Endpoint.source)) filt = args.pop("filter") if filt: terms = filt.split(";") term = "%{0}%".format(terms[1]) if "active" in filt: # this is really weird but strcmp seems to not work here?? query = query.filter(Endpoint.active == truthiness(terms[1])) elif "port" in filt: if terms[1] != "null": # ng-table adds 'null' if a number is removed query = query.filter(Endpoint.port == terms[1]) elif "ciphers" in filt: query = query.filter(Cipher.name == terms[1]) elif "source" in filt: query = query.filter(Endpoint.source.has(Source.label.like(term.lower()))) else: query = database.filter(query, Endpoint, terms) if terms[0] == "name": alias_query = Endpoint.query.filter( Endpoint.aliases.any(EndpointDnsAlias.alias.ilike(f"%{terms[1]}%"))) query = query.union(alias_query) return database.sort_and_page(query, Endpoint, args)
def render(args): sort_by = args.pop('sort_by') sort_dir = args.pop('sort_dir') page = args.pop('page') count = args.pop('count') filt = args.pop('filter') certificate_id = args.pop('certificate_id', None) if certificate_id: query = database.session_query(Notification).join( Certificate, Notification.certificate) query = query.filter(Certificate.id == certificate_id) else: query = database.session_query(Notification) if filt: terms = filt.split(';') if terms[0] == 'active' and terms[1] == 'false': query = query.filter(Notification.active == False) # noqa elif terms[0] == 'active' and terms[1] == 'true': query = query.filter(Notification.active == True) # noqa else: query = database.filter(query, Notification, terms) query = database.find_all(query, Notification, args) if sort_by and sort_dir: query = database.sort(query, Notification, sort_by, sort_dir) return database.paginate(query, page, count)
def render(args): """ Helper that helps us render the REST Api responses. :param args: :return: """ query = database.session_query(Authority) sort_by = args.pop('sort_by') sort_dir = args.pop('sort_dir') page = args.pop('page') count = args.pop('count') filt = args.pop('filter') if filt: terms = filt.split(';') if 'active' in filt: # this is really weird but strcmp seems to not work here?? query = query.filter(Authority.active == terms[1]) else: query = database.filter(query, Authority, terms) # we make sure that a user can only use an authority they either own are are a member of - admins can see all if not g.current_user.is_admin: authority_ids = [] for role in g.current_user.roles: if role.authority: authority_ids.append(role.authority.id) query = query.filter(Authority.id.in_(authority_ids)) query = database.find_all(query, Authority, args) if sort_by and sort_dir: query = database.sort(query, Authority, sort_by, sort_dir) return database.paginate(query, page, count)
def render(args): """ Helper function that allows use to render our REST Api. :param args: :return: """ query = database.session_query(Certificate) time_range = args.pop("time_range") destination_id = args.pop("destination_id") notification_id = args.pop("notification_id", None) show = args.pop("show") # owner = args.pop('owner') # creator = args.pop('creator') # TODO we should enabling filtering by owner filt = args.pop("filter") if filt: terms = filt.split(";") if "issuer" in terms: # we can't rely on issuer being correct in the cert directly so we combine queries sub_query = ( database.session_query(Authority.id).filter(Authority.name.ilike("%{0}%".format(terms[1]))).subquery() ) query = query.filter( or_(Certificate.issuer.ilike("%{0}%".format(terms[1])), Certificate.authority_id.in_(sub_query)) ) return database.sort_and_page(query, Certificate, args) if "destination" in terms: query = query.filter(Certificate.destinations.any(Destination.id == terms[1])) elif "active" in filt: # this is really weird but strcmp seems to not work here?? query = query.filter(Certificate.active == terms[1]) else: query = database.filter(query, Certificate, terms) if show: sub_query = database.session_query(Role.name).filter(Role.user_id == g.user.id).subquery() query = query.filter(or_(Certificate.user_id == g.user.id, Certificate.owner.in_(sub_query))) if destination_id: query = query.filter(Certificate.destinations.any(Destination.id == destination_id)) if notification_id: query = query.filter(Certificate.notifications.any(Notification.id == notification_id)) if time_range: to = arrow.now().replace(weeks=+time_range).format("YYYY-MM-DD") now = arrow.now().format("YYYY-MM-DD") query = query.filter(Certificate.not_after <= to).filter(Certificate.not_after >= now) return database.sort_and_page(query, Certificate, args)
def render(args): filt = args.pop('filter') certificate_id = args.pop('certificate_id', None) if certificate_id: query = database.session_query(Source).join(Certificate, Source.certificate) query = query.filter(Certificate.id == certificate_id) else: query = database.session_query(Source) if filt: terms = filt.split(';') query = database.filter(query, Source, terms) return database.sort_and_page(query, Source, args)
def render(args): filt = args.pop("filter") certificate_id = args.pop("certificate_id", None) if certificate_id: query = database.session_query(Destination).join( Certificate, Destination.certificate) query = query.filter(Certificate.id == certificate_id) else: query = database.session_query(Destination) if filt: terms = filt.split(";") query = database.filter(query, Destination, terms) return database.sort_and_page(query, Destination, args)
def render(args): """ Helper that paginates and filters data when requested through the REST Api :param args: :return: """ query = database.session_query(Log) filt = args.pop('filter') if filt: terms = filt.split(';') query = database.filter(query, Log, terms) return database.sort_and_page(query, Log, args)
def render(args): """ Helper that paginates and filters data when requested through the REST Api :param args: :return: """ query = database.session_query(User) filt = args.pop('filter') if filt: terms = filt.split(';') query = database.filter(query, User, terms) return database.sort_and_page(query, User, args)
def render(args): """ Helper to parse REST Api requests :param args: :return: """ query = database.session_query(Domain).join(Certificate, Domain.certificate) filt = args.pop('filter') certificate_id = args.pop('certificate_id', None) if filt: terms = filt.split(';') query = database.filter(query, Domain, terms) if certificate_id: query = query.filter(Certificate.id == certificate_id) return database.sort_and_page(query, Domain, args)
def render(args): filt = args.pop('filter') certificate_id = args.pop('certificate_id', None) if certificate_id: query = database.session_query(Notification).join( Certificate, Notification.certificate) query = query.filter(Certificate.id == certificate_id) else: query = database.session_query(Notification) if filt: terms = filt.split(';') if terms[0] == 'active': query = query.filter(Notification.active == truthiness(terms[1])) else: query = database.filter(query, Notification, terms) return database.sort_and_page(query, Notification, args)
def render(args): """ Helper to parse REST Api requests :param args: :return: """ query = database.session_query(Domain) filt = args.pop('filter') certificate_id = args.pop('certificate_id', None) if filt: terms = filt.split(';') query = database.filter(query, Domain, terms) if certificate_id: query = query.join(Certificate, Domain.certificates) query = query.filter(Certificate.id == certificate_id) return database.sort_and_page(query, Domain, args)
def render(args): filt = args.pop('filter') certificate_id = args.pop('certificate_id', None) if certificate_id: query = database.session_query(Notification).join(Certificate, Notification.certificate) query = query.filter(Certificate.id == certificate_id) else: query = database.session_query(Notification) if filt: terms = filt.split(';') if terms[0] == 'active' and terms[1] == 'false': query = query.filter(Notification.active == False) # noqa elif terms[0] == 'active' and terms[1] == 'true': query = query.filter(Notification.active == True) # noqa else: query = database.filter(query, Notification, terms) return database.sort_and_page(query, Notification, args)
def render(args): """ Helper that filters subsets of roles depending on the parameters passed to the REST Api :param args: :return: """ query = database.session_query(Role) sort_by = args.pop('sort_by') sort_dir = args.pop('sort_dir') page = args.pop('page') count = args.pop('count') filt = args.pop('filter') user_id = args.pop('user_id', None) authority_id = args.pop('authority_id', None) if user_id: query = query.filter(Role.users.any(User.id == user_id)) if authority_id: query = query.filter(Role.authority_id == authority_id) # we make sure that user can see the role - admins can see all if not g.current_user.is_admin: ids = [] for role in g.current_user.roles: ids.append(role.id) query = query.filter(Role.id.in_(ids)) if filt: terms = filt.split(';') query = database.filter(query, Role, terms) query = database.find_all(query, Role, args) if sort_by and sort_dir: query = database.sort(query, Role, sort_by, sort_dir) return database.paginate(query, page, count)
def render(args): """ Helper that helps us render the REST Api responses. :param args: :return: """ query = database.session_query(Endpoint) filt = args.pop('filter') if filt: terms = filt.split(';') if 'active' in filt: # this is really weird but strcmp seems to not work here?? query = query.filter(Endpoint.active == truthiness(terms[1])) elif 'port' in filt: if terms[1] != 'null': # ng-table adds 'null' if a number is removed query = query.filter(Endpoint.port == terms[1]) elif 'ciphers' in filt: query = query.filter(Cipher.name == terms[1]) else: query = database.filter(query, Endpoint, terms) return database.sort_and_page(query, Endpoint, args)
def render(args): """ Helper that helps us render the REST Api responses. :param args: :return: """ query = database.session_query(Endpoint) filt = args.pop('filter') if filt: terms = filt.split(';') if 'active' in filt: # this is really weird but strcmp seems to not work here?? query = query.filter(Endpoint.active == truthiness(terms[1])) elif 'port' in filt: if terms[1] != 'null': # ng-table adds 'null' if a number is removed query = query.filter(Endpoint.port == terms[1]) elif 'ciphers' in filt: query = query.filter( Cipher.name == terms[1] ) else: query = database.filter(query, Endpoint, terms) return database.sort_and_page(query, Endpoint, args)
def render(args): """ Helper that filters subsets of roles depending on the parameters passed to the REST Api :param args: :return: """ query = database.session_query(Role) filt = args.pop("filter") user_id = args.pop("user_id", None) authority_id = args.pop("authority_id", None) if user_id: query = query.filter(Role.users.any(User.id == user_id)) if authority_id: query = query.filter(Role.authority_id == authority_id) if filt: terms = filt.split(";") query = database.filter(query, Role, terms) return database.sort_and_page(query, Role, args)
def render(args): """ Helper that filters subsets of roles depending on the parameters passed to the REST Api :param args: :return: """ query = database.session_query(Role) filt = args.pop('filter') user_id = args.pop('user_id', None) authority_id = args.pop('authority_id', None) if user_id: query = query.filter(Role.users.any(User.id == user_id)) if authority_id: query = query.filter(Role.authority_id == authority_id) if filt: terms = filt.split(';') query = database.filter(query, Role, terms) return database.sort_and_page(query, Role, args)
def render(args): query = database.session_query(PendingCertificate) time_range = args.pop('time_range') destination_id = args.pop('destination_id') notification_id = args.pop('notification_id', None) show = args.pop('show') # owner = args.pop('owner') # creator = args.pop('creator') # TODO we should enabling filtering by owner filt = args.pop('filter') if filt: terms = filt.split(';') if 'issuer' in terms: # we can't rely on issuer being correct in the cert directly so we combine queries sub_query = database.session_query(Authority.id) \ .filter(Authority.name.ilike('%{0}%'.format(terms[1]))) \ .subquery() query = query.filter( or_(PendingCertificate.issuer.ilike('%{0}%'.format(terms[1])), PendingCertificate.authority_id.in_(sub_query))) elif 'destination' in terms: query = query.filter( PendingCertificate.destinations.any( Destination.id == terms[1])) elif 'notify' in filt: query = query.filter( PendingCertificate.notify == truthiness(terms[1])) elif 'active' in filt: query = query.filter( PendingCertificate.active == truthiness(terms[1])) elif 'cn' in terms: query = query.filter( or_( PendingCertificate.cn.ilike('%{0}%'.format(terms[1])), PendingCertificate.domains.any( Domain.name.ilike('%{0}%'.format(terms[1]))))) elif 'id' in terms: query = query.filter( PendingCertificate.id == cast(terms[1], Integer)) else: query = database.filter(query, PendingCertificate, terms) if show: sub_query = database.session_query( Role.name).filter(Role.user_id == args['user'].id).subquery() query = query.filter( or_(PendingCertificate.user_id == args['user'].id, PendingCertificate.owner.in_(sub_query))) if destination_id: query = query.filter( PendingCertificate.destinations.any( Destination.id == destination_id)) if notification_id: query = query.filter( PendingCertificate.notifications.any( Notification.id == notification_id)) if time_range: to = arrow.now().replace(weeks=+time_range).format('YYYY-MM-DD') now = arrow.now().format('YYYY-MM-DD') query = query.filter(PendingCertificate.not_after <= to).filter( PendingCertificate.not_after >= now) # Only show unresolved certificates in the UI query = query.filter(PendingCertificate.resolved.is_(False)) return database.sort_and_page(query, PendingCertificate, args)
def render(args): """ Helper function that allows use to render our REST Api. :param args: :return: """ query = database.session_query(Certificate) time_range = args.pop('time_range') destination_id = args.pop('destination_id') notification_id = args.pop('notification_id', None) show = args.pop('show') # owner = args.pop('owner') # creator = args.pop('creator') # TODO we should enabling filtering by owner filt = args.pop('filter') if filt: terms = filt.split(';') if 'issuer' in terms: # we can't rely on issuer being correct in the cert directly so we combine queries sub_query = database.session_query(Authority.id)\ .filter(Authority.name.ilike('%{0}%'.format(terms[1])))\ .subquery() query = query.filter( or_( Certificate.issuer.ilike('%{0}%'.format(terms[1])), Certificate.authority_id.in_(sub_query) ) ) return database.sort_and_page(query, Certificate, args) elif 'destination' in terms: query = query.filter(Certificate.destinations.any(Destination.id == terms[1])) elif 'active' in filt: # this is really weird but strcmp seems to not work here?? query = query.filter(Certificate.active == terms[1]) elif 'cn' in terms: query = query.filter( or_( Certificate.cn.ilike('%{0}%'.format(terms[1])), Certificate.domains.any(Domain.name.ilike('%{0}%'.format(terms[1]))) ) ) else: query = database.filter(query, Certificate, terms) if show: sub_query = database.session_query(Role.name).filter(Role.user_id == g.user.id).subquery() query = query.filter( or_( Certificate.user_id == g.user.id, Certificate.owner.in_(sub_query) ) ) if destination_id: query = query.filter(Certificate.destinations.any(Destination.id == destination_id)) if notification_id: query = query.filter(Certificate.notifications.any(Notification.id == notification_id)) if time_range: to = arrow.now().replace(weeks=+time_range).format('YYYY-MM-DD') now = arrow.now().format('YYYY-MM-DD') query = query.filter(Certificate.not_after <= to).filter(Certificate.not_after >= now) return database.sort_and_page(query, Certificate, args)
def render(args): """ Helper function that allows use to render our REST Api. :param args: :return: """ query = database.session_query(Certificate) time_range = args.pop('time_range') destination_id = args.pop('destination_id') notification_id = args.pop('notification_id', None) show = args.pop('show') # owner = args.pop('owner') # creator = args.pop('creator') # TODO we should enabling filtering by owner filt = args.pop('filter') if filt: terms = filt.split(';') if 'issuer' in terms: # we can't rely on issuer being correct in the cert directly so we combine queries sub_query = database.session_query(Authority.id)\ .filter(Authority.name.ilike('%{0}%'.format(terms[1])))\ .subquery() query = query.filter( or_( Certificate.issuer.ilike('%{0}%'.format(terms[1])), Certificate.authority_id.in_(sub_query) ) ) return database.sort_and_page(query, Certificate, args) elif 'destination' in terms: query = query.filter(Certificate.destinations.any(Destination.id == terms[1])) elif 'notify' in filt: query = query.filter(Certificate.notify == cast(terms[1], Boolean)) elif 'active' in filt: query = query.filter(Certificate.active == terms[1]) elif 'cn' in terms: query = query.filter( or_( Certificate.cn.ilike('%{0}%'.format(terms[1])), Certificate.domains.any(Domain.name.ilike('%{0}%'.format(terms[1]))) ) ) elif 'id' in terms: query = query.filter(Certificate.id == cast(terms[1], Integer)) else: query = database.filter(query, Certificate, terms) if show: sub_query = database.session_query(Role.name).filter(Role.user_id == args['user'].id).subquery() query = query.filter( or_( Certificate.user_id == args['user'].id, Certificate.owner.in_(sub_query) ) ) if destination_id: query = query.filter(Certificate.destinations.any(Destination.id == destination_id)) if notification_id: query = query.filter(Certificate.notifications.any(Notification.id == notification_id)) if time_range: to = arrow.now().replace(weeks=+time_range).format('YYYY-MM-DD') now = arrow.now().format('YYYY-MM-DD') query = query.filter(Certificate.not_after <= to).filter(Certificate.not_after >= now) return database.sort_and_page(query, Certificate, args)
def render(args): """ Helper function that allows use to render our REST Api. :param args: :return: """ query = database.session_query(Certificate) show_expired = args.pop("showExpired") if show_expired != 1: one_month_old = ( arrow.now() .shift(months=current_app.config.get("HIDE_EXPIRED_CERTS_AFTER_MONTHS", -1)) .format("YYYY-MM-DD") ) query = query.filter(Certificate.not_after > one_month_old) time_range = args.pop("time_range") destination_id = args.pop("destination_id") notification_id = args.pop("notification_id", None) serial_number = args.pop("serial", None) show = args.pop("show") # owner = args.pop('owner') # creator = args.pop('creator') # TODO we should enabling filtering by owner filt = args.pop("filter") if filt: terms = filt.split(";") term = "%{0}%".format(terms[1]) # Exact matches for quotes. Only applies to name, issuer, and cn if terms[1].startswith('"') and terms[1].endswith('"'): term = terms[1][1:-1] if "issuer" in terms: # we can't rely on issuer being correct in the cert directly so we combine queries sub_query = ( database.session_query(Authority.id) .filter(Authority.name.ilike(term)) .subquery() ) query = query.filter( or_( Certificate.issuer.ilike(term), Certificate.authority_id.in_(sub_query), ) ) elif "destination" in terms: query = query.filter( Certificate.destinations.any(Destination.id == terms[1]) ) elif "notify" in filt: query = query.filter(Certificate.notify == truthiness(terms[1])) elif "rotation" in filt: query = query.filter(Certificate.rotation == truthiness(terms[1])) elif "active" in filt: query = query.filter(Certificate.active == truthiness(terms[1])) elif "cn" in terms: query = query.filter( or_( func.lower(Certificate.cn).like(term.lower()), Certificate.id.in_(like_domain_query(term)), ) ) elif "id" in terms: query = query.filter(Certificate.id == cast(terms[1], Integer)) elif "name" in terms: query = query.filter( or_( func.lower(Certificate.name).like(term.lower()), Certificate.id.in_(like_domain_query(term)), func.lower(Certificate.cn).like(term.lower()), ) ) elif "fixedName" in terms: # only what matches the fixed name directly if a fixedname is provided query = query.filter(Certificate.name == terms[1]) else: query = database.filter(query, Certificate, terms) if show: sub_query = ( database.session_query(Role.name) .filter(Role.user_id == args["user"].id) .subquery() ) query = query.filter( or_( Certificate.user_id == args["user"].id, Certificate.owner.in_(sub_query) ) ) if destination_id: query = query.filter( Certificate.destinations.any(Destination.id == destination_id) ) if notification_id: query = query.filter( Certificate.notifications.any(Notification.id == notification_id) ) if time_range: to = arrow.now().shift(weeks=+time_range).format("YYYY-MM-DD") now = arrow.now().format("YYYY-MM-DD") query = query.filter(Certificate.not_after <= to).filter( Certificate.not_after >= now ) if current_app.config.get("ALLOW_CERT_DELETION", False): query = query.filter(Certificate.deleted == false()) if serial_number: if serial_number.lower().startswith('0x'): serial_number = str(int(serial_number[2:], 16)) elif ":" in serial_number: serial_number = str(int(serial_number.replace(':', ''), 16)) query = query.filter(Certificate.serial == serial_number) result = database.sort_and_page(query, Certificate, args) return result
def render(args): """ Helper function that allows use to render our REST Api. :param args: :return: """ query = database.session_query(Certificate) time_range = args.pop('time_range') destination_id = args.pop('destination_id') notification_id = args.pop('notification_id', None) show = args.pop('show') # owner = args.pop('owner') # creator = args.pop('creator') # TODO we should enabling filtering by owner filt = args.pop('filter') if filt: terms = filt.split(';') term = '%{0}%'.format(terms[1]) # Exact matches for quotes. Only applies to name, issuer, and cn if terms[1].startswith('"') and terms[1].endswith('"'): term = terms[1][1:-1] if 'issuer' in terms: # we can't rely on issuer being correct in the cert directly so we combine queries sub_query = database.session_query(Authority.id) \ .filter(Authority.name.ilike(term)) \ .subquery() query = query.filter( or_( Certificate.issuer.ilike(term), Certificate.authority_id.in_(sub_query) ) ) elif 'destination' in terms: query = query.filter(Certificate.destinations.any(Destination.id == terms[1])) elif 'notify' in filt: query = query.filter(Certificate.notify == truthiness(terms[1])) elif 'active' in filt: query = query.filter(Certificate.active == truthiness(terms[1])) elif 'cn' in terms: query = query.filter( or_( Certificate.cn.ilike(term), Certificate.domains.any(Domain.name.ilike(term)) ) ) elif 'id' in terms: query = query.filter(Certificate.id == cast(terms[1], Integer)) elif 'name' in terms: query = query.filter( or_( Certificate.name.ilike(term), Certificate.domains.any(Domain.name.ilike(term)), Certificate.cn.ilike(term), ) ) else: query = database.filter(query, Certificate, terms) if show: sub_query = database.session_query(Role.name).filter(Role.user_id == args['user'].id).subquery() query = query.filter( or_( Certificate.user_id == args['user'].id, Certificate.owner.in_(sub_query) ) ) if destination_id: query = query.filter(Certificate.destinations.any(Destination.id == destination_id)) if notification_id: query = query.filter(Certificate.notifications.any(Notification.id == notification_id)) if time_range: to = arrow.now().replace(weeks=+time_range).format('YYYY-MM-DD') now = arrow.now().format('YYYY-MM-DD') query = query.filter(Certificate.not_after <= to).filter(Certificate.not_after >= now) if current_app.config.get('ALLOW_CERT_DELETION', False): query = query.filter(Certificate.deleted == False) # noqa result = database.sort_and_page(query, Certificate, args) return result
def render(args): query = database.session_query(PendingCertificate) time_range = args.pop("time_range") destination_id = args.pop("destination_id") notification_id = args.pop("notification_id", None) show = args.pop("show") # owner = args.pop('owner') # creator = args.pop('creator') # TODO we should enabling filtering by owner filt = args.pop("filter") if filt: terms = filt.split(";") if "issuer" in terms: # we can't rely on issuer being correct in the cert directly so we combine queries sub_query = (database.session_query(Authority.id).filter( Authority.name.ilike("%{0}%".format(terms[1]))).subquery()) query = query.filter( or_( PendingCertificate.issuer.ilike("%{0}%".format(terms[1])), PendingCertificate.authority_id.in_(sub_query), )) elif "destination" in terms: query = query.filter( PendingCertificate.destinations.any( Destination.id == terms[1])) elif "notify" in filt: query = query.filter( PendingCertificate.notify == truthiness(terms[1])) elif "active" in filt: query = query.filter( PendingCertificate.active == truthiness(terms[1])) elif "cn" in terms: query = query.filter( or_( PendingCertificate.cn.ilike("%{0}%".format(terms[1])), PendingCertificate.domains.any( Domain.name.ilike("%{0}%".format(terms[1]))), )) elif "id" in terms: query = query.filter( PendingCertificate.id == cast(terms[1], Integer)) else: query = database.filter(query, PendingCertificate, terms) if show: sub_query = (database.session_query( Role.name).filter(Role.user_id == args["user"].id).subquery()) query = query.filter( or_( PendingCertificate.user_id == args["user"].id, PendingCertificate.owner.in_(sub_query), )) if destination_id: query = query.filter( PendingCertificate.destinations.any( Destination.id == destination_id)) if notification_id: query = query.filter( PendingCertificate.notifications.any( Notification.id == notification_id)) if time_range: to = arrow.now().shift(weeks=+time_range).format("YYYY-MM-DD") now = arrow.now().format("YYYY-MM-DD") query = query.filter(PendingCertificate.not_after <= to).filter( PendingCertificate.not_after >= now) # Only show unresolved certificates in the UI query = query.filter(PendingCertificate.resolved.is_(False)) return database.sort_and_page(query, PendingCertificate, args)
def render(args): """ Helper function that allows use to render our REST Api. :param args: :return: """ query = database.session_query(Certificate) time_range = args.pop("time_range") destination_id = args.pop("destination_id") notification_id = args.pop("notification_id", None) show = args.pop("show") # owner = args.pop('owner') # creator = args.pop('creator') # TODO we should enabling filtering by owner filt = args.pop("filter") if filt: terms = filt.split(";") term = "%{0}%".format(terms[1]) # Exact matches for quotes. Only applies to name, issuer, and cn if terms[1].startswith('"') and terms[1].endswith('"'): term = terms[1][1:-1] if "issuer" in terms: # we can't rely on issuer being correct in the cert directly so we combine queries sub_query = (database.session_query(Authority.id).filter( Authority.name.ilike(term)).subquery()) query = query.filter( or_( Certificate.issuer.ilike(term), Certificate.authority_id.in_(sub_query), )) elif "destination" in terms: query = query.filter( Certificate.destinations.any(Destination.id == terms[1])) elif "notify" in filt: query = query.filter(Certificate.notify == truthiness(terms[1])) elif "active" in filt: query = query.filter(Certificate.active == truthiness(terms[1])) elif "cn" in terms: query = query.filter( or_( Certificate.cn.ilike(term), Certificate.domains.any(Domain.name.ilike(term)), )) elif "id" in terms: query = query.filter(Certificate.id == cast(terms[1], Integer)) elif "name" in terms: query = query.filter( or_( Certificate.name.ilike(term), Certificate.domains.any(Domain.name.ilike(term)), Certificate.cn.ilike(term), )) else: query = database.filter(query, Certificate, terms) if show: sub_query = (database.session_query( Role.name).filter(Role.user_id == args["user"].id).subquery()) query = query.filter( or_(Certificate.user_id == args["user"].id, Certificate.owner.in_(sub_query))) if destination_id: query = query.filter( Certificate.destinations.any(Destination.id == destination_id)) if notification_id: query = query.filter( Certificate.notifications.any(Notification.id == notification_id)) if time_range: to = arrow.now().replace(weeks=+time_range).format("YYYY-MM-DD") now = arrow.now().format("YYYY-MM-DD") query = query.filter(Certificate.not_after <= to).filter( Certificate.not_after >= now) if current_app.config.get("ALLOW_CERT_DELETION", False): query = query.filter(Certificate.deleted == False) # noqa result = database.sort_and_page(query, Certificate, args) return result
def render(args): """ Helper function that allows use to render our REST Api. :param args: :return: """ query = database.session_query(Certificate) time_range = args.pop('time_range') destination_id = args.pop('destination_id') notification_id = args.pop('notification_id', None) show = args.pop('show') # owner = args.pop('owner') # creator = args.pop('creator') # TODO we should enabling filtering by owner filt = args.pop('filter') if filt: terms = filt.split(';') term = '%{0}%'.format(terms[1]) # Exact matches for quotes. Only applies to name, issuer, and cn if terms[1].startswith('"') and terms[1].endswith('"'): term = terms[1][1:-1] if 'issuer' in terms: # we can't rely on issuer being correct in the cert directly so we combine queries sub_query = database.session_query(Authority.id) \ .filter(Authority.name.ilike(term)) \ .subquery() query = query.filter( or_(Certificate.issuer.ilike(term), Certificate.authority_id.in_(sub_query))) elif 'destination' in terms: query = query.filter( Certificate.destinations.any(Destination.id == terms[1])) elif 'notify' in filt: query = query.filter(Certificate.notify == truthiness(terms[1])) elif 'active' in filt: query = query.filter(Certificate.active == truthiness(terms[1])) elif 'cn' in terms: query = query.filter( or_(Certificate.cn.ilike(term), Certificate.domains.any(Domain.name.ilike(term)))) elif 'id' in terms: query = query.filter(Certificate.id == cast(terms[1], Integer)) elif 'name' in terms: query = query.outerjoin(certificate_associations).outerjoin( Domain).filter( or_( Certificate.name.ilike(term), Domain.name.ilike(term), Certificate.cn.ilike(term), )).group_by(Certificate.id) else: query = database.filter(query, Certificate, terms) if show: sub_query = database.session_query( Role.name).filter(Role.user_id == args['user'].id).subquery() query = query.filter( or_(Certificate.user_id == args['user'].id, Certificate.owner.in_(sub_query))) if destination_id: query = query.filter( Certificate.destinations.any(Destination.id == destination_id)) if notification_id: query = query.filter( Certificate.notifications.any(Notification.id == notification_id)) if time_range: to = arrow.now().replace(weeks=+time_range).format('YYYY-MM-DD') now = arrow.now().format('YYYY-MM-DD') query = query.filter(Certificate.not_after <= to).filter( Certificate.not_after >= now) result = database.sort_and_page(query, Certificate, args) return result