def WriteApprovalRequest(self, approval_request, cursor=None):
"""Writes an approval request object."""
# Copy the approval_request to ensure we don't modify the source object.
approval_request = approval_request.Copy()
# Generate random approval id.
approval_id_int = random.UInt64()
grants = approval_request.grants
approval_request.grants = None
expiry_time = approval_request.expiration_time
args = {
"username_hash": mysql_utils.Hash(approval_request.requestor_username),
"approval_type": int(approval_request.approval_type),
"subject_id": approval_request.subject_id,
"approval_id": approval_id_int,
"expiration_time": mysql_utils.RDFDatetimeToTimestamp(expiry_time),
"approval_request": approval_request.SerializeToString()
}
query = """
INSERT INTO approval_request (username_hash, approval_type,
subject_id, approval_id, expiration_time,
approval_request)
VALUES (%(username_hash)s, %(approval_type)s,
%(subject_id)s, %(approval_id)s, FROM_UNIXTIME(%(expiration_time)s),
%(approval_request)s)
"""
cursor.execute(query, args)
for grant in grants:
self._GrantApproval(approval_request.requestor_username, approval_id_int,
grant.grantor_username, cursor)
return _IntToApprovalID(approval_id_int)
def SetPassword(self, password):
self.salt = b"%016x" % random.UInt64()
self.iteration_count = 100000
# prevent non-descriptive 'key_material must be bytes' error later
if isinstance(password, Text):
password = password.encode("utf-8")
self.hashed_pwd = self._CalculateHash(password, self.salt,
self.iteration_count)
def WriteApprovalRequest(self, approval_request, cursor=None):
"""Writes an approval request object."""
# Copy the approval_request to ensure we don't modify the source object.
approval_request = approval_request.Copy()
# Generate random approval id.
approval_id_int = random.UInt64()
now_str = mysql_utils.RDFDatetimeToMysqlString(
rdfvalue.RDFDatetime.Now())
grants = approval_request.grants
approval_request.grants = None
args = {
"username_hash":
mysql_utils.Hash(approval_request.requestor_username),
"approval_type":
int(approval_request.approval_type),
"subject_id":
approval_request.subject_id,
"approval_id":
approval_id_int,
"timestamp":
now_str,
"expiration_time":
mysql_utils.RDFDatetimeToMysqlString(
approval_request.expiration_time),
"approval_request":
approval_request.SerializeToString()
}
query = (
"INSERT INTO approval_request {columns} VALUES {values}".format(
columns=mysql_utils.Columns(args),
values=mysql_utils.NamedPlaceholders(args)))
cursor.execute(query, args)
for grant in grants:
self._GrantApproval(approval_request.requestor_username,
approval_id_int, grant.grantor_username,
now_str, cursor)
return _IntToApprovalID(approval_id_int)
def WriteApprovalRequest(self, approval_request, cursor=None):
"""Writes an approval request object."""
# Copy the approval_request to ensure we don't modify the source object.
approval_request = approval_request.Copy()
# Generate random approval id.
approval_id_int = random.UInt64()
now_str = mysql_utils.RDFDatetimeToMysqlString(
rdfvalue.RDFDatetime.Now())
grants = approval_request.grants
approval_request.grants = None
query = ("INSERT INTO approval_request (username, approval_type, "
"subject_id, approval_id, timestamp, expiration_time, "
"approval_request) VALUES (%s, %s, %s, %s, %s, %s, %s)")
args = [
approval_request.requestor_username,
int(approval_request.approval_type), approval_request.subject_id,
approval_id_int, now_str,
mysql_utils.RDFDatetimeToMysqlString(
approval_request.expiration_time),
approval_request.SerializeToString()
]
cursor.execute(query, args)
for grant in grants:
grant_query = (
"INSERT INTO approval_grant (username, approval_id, "
"grantor_username, timestamp) VALUES (%s, %s, %s, %s)")
grant_args = [
approval_request.requestor_username, approval_id_int,
grant.grantor_username, now_str
]
cursor.execute(grant_query, grant_args)
return _IntToApprovalID(approval_id_int)
def testMin(self, urandom):
del urandom # Unused.
for _ in range(10000):
self.assertEqual(random.UInt64(), 0)
def testRandom(self):
self.assertBetween(random.UInt64(), 2**32, 2**64 - 1)
def testSpecific(self):
self.assertEqual(random.UInt64(), 0xDEADC0DEDEADB33F)
def SetPassword(self, password):
self.salt = b"%016x" % random.UInt64()
self.iteration_count = 100000
self.hashed_pwd = self._CalculateHash(password, self.salt,
self.iteration_count)
