def create_secret(request):
# TODO Make sure user is part of the project
if request.method == 'POST':
project_id = request.POST.get('project_id')
try:
project = Project.objects.get(pk=project_id)
except Project.DoesNotExist:
return HttpResponse(
json.dumps({'error': 'Invalid project.'}),
content_type='application/json',
status=400
)
secret = Secret()
secret.project = project
secret.category = request.POST.get('category')
secret.description = request.POST.get('description')
secret.username = request.POST.get('username')
secret.url = request.POST.get('url')
secret.last_user = request.user
password = request.POST.get('password')
secret.secret_ref = _store_secret_as_plain_text(secret, password)
secret.save()
return HttpResponse(
json.dumps({'success': 'Great Success!'}),
content_type='application/json',
status=201
)
def create_secret(request):
# TODO Make sure user is part of the project
if request.method == 'POST':
project_id = request.POST.get('project_id')
try:
project = Project.objects.get(pk=project_id)
except Project.DoesNotExist:
pass
secret = Secret()
secret.project = project
secret.category = request.POST.get('category')
secret.description = request.POST.get('description')
secret.username = request.POST.get('username')
secret.url = request.POST.get('url')
password = request.POST.get('password')
keystone_username = '******'
auth_token = 'be1526d82e5e496e8a037ade5a3616cd'
barbican_endpoint = 'http://api-02-int.cloudkeep.io:9311/v1'
conn = client.Connection('keystone.com', keystone_username, 'password', 'demo',
token=auth_token,
endpoint=barbican_endpoint)
secret.secret_ref = conn.create_secret('text/plain',
plain_text=password).secret_ref
secret.save()
return HttpResponse(
json.dumps({'success': 'Great Success!'}),
content_type='application/json',
status=201
)
return HttpResponse(
json.dumps({'error': 'Epic Fail.'}),
content_type='application/json',
status=400
)
def secret_edit(request, secret_id):
if request.method == 'POST':
secrets = Secret.objects.filter(pk=secret_id)
if not secrets or not len(secrets):
return HttpResponse(
json.dumps({'error': 'Not in this castle'}),
content_type='application/json',
status=401
)
secret_db = secrets[0]
description = request.POST.get('description')
passwordNew = request.POST.get('password')
if description == '' or passwordNew == '':
return HttpResponse(
json.dumps({'error': 'Invalid description or password.'}),
content_type='application/json',
status=400
)
secret = Secret()
secret.id = secret_db.id
secret.secret_ref = secret_db.secret_ref
secret.create_date = secret_db.create_date
secret.project = secret_db.project
secret.category = request.POST.get('category') or secret_db.category
secret.description = description or secret_db.description
secret.username = request.POST.get('username') or secret_db.username
secret.url = request.POST.get('url') or secret_db.url
secret.last_user = request.user
# If the password changed, then need to create a new secret in Barbican.
passwordCurrent = _decrypt_secret_as_plain_text(secret_db.secret_ref)
if passwordNew and passwordCurrent != passwordNew:
secret.secret_ref = _store_secret_as_plain_text(secret, passwordNew)
secret.save()
return HttpResponse(
json.dumps({'success': 'Great Success!'}),
content_type='application/json',
status=201
)
return HttpResponse(
json.dumps({'error': 'Epic Fail.'}),
content_type='application/json',
status=400
)
def secret_edit(request, secret_id):
if request.method == 'POST':
secrets = Secret.objects.filter(pk=secret_id)
if not secrets or not len(secrets):
return HttpResponse(
json.dumps({'error': 'Not in this castle'}),
content_type='application/json',
status=401
)
secret_db = secrets[0]
if request.user not in secret_db.project.members.all():
return HttpResponse(
json.dumps({'error': 'Not found'}),
content_type='application/json',
status=404
)
description = request.POST.get('description')
passwordNew = request.POST.get('password')
if description == '' or passwordNew == '':
return HttpResponse(
json.dumps({'error': 'Invalid description or password.'}),
content_type='application/json',
status=400
)
secret = Secret()
secret.id = secret_db.id
secret.secret_ref = secret_db.secret_ref
secret.create_date = secret_db.create_date
secret.project = secret_db.project
secret.category = request.POST.get('category') or secret_db.category
secret.description = description or secret_db.description
secret.username = request.POST.get('username') or secret_db.username
secret.url = request.POST.get('url') or secret_db.url
secret.last_user = request.user
# If the password changed, then need to create a new secret in Barbican.
passwordCurrent = _decrypt_secret_as_plain_text(secret_db.secret_ref)
if passwordNew and passwordCurrent != passwordNew:
secret.secret_ref = _store_secret_as_plain_text(secret, passwordNew)
secret.save()
return HttpResponse(
json.dumps({'success': 'Great Success!'}),
content_type='application/json',
status=201
)
return HttpResponse(
json.dumps({'error': 'Epic Fail.'}),
content_type='application/json',
status=400
)
def create_secret(request):
# TODO Make sure user is part of the project
if request.method == 'POST':
project_uuid = request.POST.get('project_uuid')
try:
project = Project.objects.get(uuid=project_uuid)
except Project.DoesNotExist:
return HttpResponse(
json.dumps({'error': 'Invalid project.'}),
content_type='application/json',
status=400
)
description = request.POST.get('description')
password = request.POST.get('password')
if description == '' or password == '':
return HttpResponse(
json.dumps({'error': 'Invalid description or password.'}),
content_type='application/json',
status=400
)
secret = Secret()
secret.project = project
secret.category = request.POST.get('category')
secret.description = description
secret.username = request.POST.get('username')
secret.url = request.POST.get('url')
secret.last_user = request.user
secret.secret_ref = _store_secret_as_plain_text(secret, password)
secret.save()
return HttpResponse(
json.dumps({'success': 'Great Success!'}),
content_type='application/json',
status=201
)
