Esempio n. 1
0
 def get_available_name(self, name, max_length=None):
     """
     Return a filename that's free on the target storage system and
     available for new content to be written to.
     """
     dir_name, file_name = os.path.split(name)
     file_root, file_ext = os.path.splitext(file_name)
     # If the filename already exists, add an underscore and a random 7
     # character alphanumeric string (before the file extension, if one
     # exists) to the filename until the generated filename doesn't exist.
     # Truncate original name if required, so the new filename does not
     # exceed the max_length.
     while self.exists(name) or (max_length and len(name) > max_length):
         # file_ext includes the dot.
         name = os.path.join(dir_name, "%s_%s%s" % (file_root, get_random_string(7), file_ext))
         if max_length is None:
             continue
         # Truncate file_root if max_length exceeded.
         truncation = len(name) - max_length
         if truncation > 0:
             file_root = file_root[:-truncation]
             # Entire file_root was truncated in attempt to find an available filename.
             if not file_root:
                 raise SuspiciousFileOperation(
                     'Storage can not find an available filename for "%s". '
                     'Please make sure that the corresponding file field '
                     'allows sufficient "max_length".' % name
                 )
             name = os.path.join(dir_name, "%s_%s%s" % (file_root, get_random_string(7), file_ext))
     return name
Esempio n. 2
0
 def make_random_password(self,
                          length=10,
                          allowed_chars='abcdefghjkmnpqrstuvwxyz'
                          'ABCDEFGHJKLMNPQRSTUVWXYZ'
                          '23456789'):
     """
     Generate a random password with the given length and given
     allowed_chars. The default value of allowed_chars does not have "I" or
     "O" or letters and digits that look similar -- just to avoid confusion.
     """
     return get_random_string(length, allowed_chars)
Esempio n. 3
0
def make_password(password, salt=None, hasher='default'):
    """
    Turn a plain-text password into a hash for database storage

    Same as encode() but generate a new random salt. If password is None then
    return a concatenation of UNUSABLE_PASSWORD_PREFIX and a random string,
    which disallows logins. Additional random string reduces chances of gaining
    access to staff or superuser accounts. See ticket #20079 for more info.
    """
    if password is None:
        return UNUSABLE_PASSWORD_PREFIX + get_random_string(UNUSABLE_PASSWORD_SUFFIX_LENGTH)
    hasher = get_hasher(hasher)
    salt = salt or hasher.salt()
    return hasher.encode(password, salt)
Esempio n. 4
0
 def _get_new_session_key(self):
     "Return session key that isn't being used."
     while True:
         session_key = get_random_string(32, VALID_KEY_CHARS)
         if not self.exists(session_key):
             return session_key
Esempio n. 5
0
def _get_new_csrf_string():
    return get_random_string(CSRF_SECRET_LENGTH,
                             allowed_chars=CSRF_ALLOWED_CHARS)
Esempio n. 6
0
 def salt(self):
     return get_random_string(2)
Esempio n. 7
0
 def salt(self):
     """Generate a cryptographically secure nonce salt in ASCII."""
     return get_random_string()
Esempio n. 8
0
def get_random_secret_key():
    """
    Return a 50 character random string usable as a SECRET_KEY setting value.
    """
    chars = 'abcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*(-_=+)'
    return get_random_string(50, chars)
Esempio n. 9
0
 def _test_database_passwd(self):
     password = self._test_settings_get('PASSWORD')
     if password is None and self._test_user_create():
         # Oracle passwords are limited to 30 chars and can't contain symbols.
         password = get_random_string(length=30)
     return password