def setup_config(command, filename, section, vars):
"""Place any commands to setup sflvault here"""
conf = appconfig('config:' + filename)
conf.global_conf.update(vars)
load_environment(conf.global_conf, conf.local_conf)
from sflvault import model
log.info("Creating tables")
model.meta.metadata.create_all(bind=model.meta.engine)
## Add default user 'admin' with 5 minutes for the client to call "sflvault setup"
if model.query(model.User).filter_by(username='******').first():
log.info("User 'admin' already exists, skipping insertion of admin user.")
else:
u = model.User()
u.waiting_setup = datetime.now() + timedelta(0, 900)
u.username = u'admin'
u.created_time = datetime.now()
u.is_admin = True
model.meta.Session.add(u)
model.meta.Session.commit()
log.info("Added 'admin' user, you have 15 minutes to setup from your client")
log.info("Successfully setup")
def main(global_config, **settings):
""" This function returns a Pyramid WSGI application.
"""
# We import in the main() function to avoid messing with namespace mechanism. We have to avoid
# any code/import other than the declare_namespace() in a namespace pkg's init. See
# http://packages.python.org/distribute/setuptools.html#namespace-packages
# Monkeypatches the xmlrpclib to set partial application of allow_none
#
# sflvault relies on a behaviour provided by an older version of pylons_xmlrpc
# that set the allow_none parameter by default. However, pyramid uses
# the new pyramid_rpc module that doesn't set this parameter and does not provide
# any way of setting it manually.
#
xmlrpclib.dumps = functools.partial(xmlrpclib.dumps, allow_none=True)
from pyramid.config import Configurator
from sqlalchemy import engine_from_config
#from controller.xmlrpc import SflVaultController
from sflvault import model
from sflvault.model import init_model
from sflvault.lib.vault import SFLvaultAccess
from datetime import datetime, timedelta
import transaction
print "Global config: %s " % global_config
print "settings: %s" % settings
# Configure the Pyramid app and SQL engine
engine = engine_from_config(settings, 'sqlalchemy.')
config = Configurator(settings=settings)
config.include('pyramid_rpc.xmlrpc')
config.add_xmlrpc_endpoint('sflvault', '/vault/rpc')
config.scan('sflvault.views')
# Configures the vault
if 'sflvault.vault.session_timeout' in settings:
SFLvaultAccess.session_timeout = settings['sflvault.vault.session_timeout']
if 'sflvault.vault.setup_timeout' in settings:
SFLvaultAccess.setup_timeout = settings['sflvault.vault.setup_timeout']
init_model(engine)
model.meta.metadata.create_all(engine)
#Add admin user if not present
if not model.query(model.User).filter_by(username='******').first():
log.info ("It seems like you are using SFLvault for the first time. An\
'admin' user account will be added to the system.")
u = model.User()
u.waiting_setup = datetime.now() + timedelta(0,900)
u.username = u'admin'
u.created_time = datetime.now()
u.is_admin = True
#transaction.begin()
model.meta.Session.add(u)
transaction.commit()
log.info("Added 'admin' user, you have 15 minutes to setup from your client")
return config.make_wsgi_app()
def main(global_config, **settings):
""" This function returns a Pyramid WSGI application.
"""
# We import in the main() function to avoid messing with namespace mechanism. We have to avoid
# any code/import other than the declare_namespace() in a namespace pkg's init. See
# http://packages.python.org/distribute/setuptools.html#namespace-packages
from pyramid.config import Configurator
from sqlalchemy import engine_from_config
#from controller.xmlrpc import SflVaultController
from sflvault import model
from sflvault.model import init_model
from datetime import datetime, timedelta
import transaction
print "Global config: %s " % global_config
print "settings: %s" % settings
engine = engine_from_config(settings, 'sqlalchemy.')
# initialize_sql(engine)
config = Configurator(settings=settings)
config.include('pyramid_rpc.xmlrpc')
config.add_xmlrpc_endpoint('sflvault', '/vault/rpc')
config.scan('sflvault.views')
# config.add_view(SflVaultController, route_name='xmlrpcvault')
# session_factory = session_factory_from_settings(settings)
# config.set_session_factory(session_factory)
init_model(engine)
model.meta.metadata.create_all(engine)
#Add admin user if not present
if not model.query(model.User).filter_by(username='******').first():
log.info ("It seems like you are using SFLvault for the first time. An\
'admin' user account will be added to the system.")
u = model.User()
u.waiting_setup = datetime.now() + timedelta(0,900)
u.username = u'admin'
u.created_time = datetime.now()
u.is_admin = True
#transaction.begin()
model.meta.Session.add(u)
transaction.commit()
log.info("Added 'admin' user, you have 15 minutes to setup from your client")
return config.make_wsgi_app()
return message
#-------------- END REWORKED CRYPTO LIB -----------
# Migration code
a = client.SFLvaultClient()
myusername = a.cfg.get('SFLvault', 'username')
myuser = model.query(model.User).filter_by(username=myusername).one()
enckey = a.cfg.get('SFLvault', 'key')
passphrase = getpass('Enter your Vault passphrase: ')
packedkey = decrypt_privkey(enckey, passphrase)
eg = ElGamal.ElGamalobj()
(eg.p, eg.x, eg.g, eg.y) = unserial_elgamal_privkey(packedkey)
myeg = eg
# Load all services
allservices = query(model.Service).all()
# Load all groups
allgroups = query(model.Group).all()
model.meta.metadata,
Column("id", types.Integer, primary_key=True),
Column("service_id", types.Integer, ForeignKey("services.id")), # relation to services
# The user for which this secret is encrypted
Column("user_id", types.Integer, ForeignKey("users.id")),
# Encrypted symkey with user's pubkey.
Column("cryptsymkey", types.Text),
)
except Exception, e:
print "EXCEPTION loading userciphers_table: %s" % e.message
a = client.SFLvaultClient()
myusername = a.cfg.get("SFLvault", "username")
myuser = model.query(model.User).filter_by(username=myusername).one()
enckey = a.cfg.get("SFLvault", "key")
passphrase = getpass("Enter your Vault passphrase: ")
packedkey = decrypt_privkey(enckey, passphrase)
eg = ElGamal.ElGamalobj()
(eg.p, eg.x, eg.g, eg.y) = unserial_elgamal_privkey(packedkey)
myeg = eg
# Load all my userciphers for deciphernig later..
userciphers = model.meta.Session.execute(userciphers_table.select().where(userciphers_table.c.user_id == myuser.id))
# Load all groups
allgroups = model.query(model.Group).all()
