def update_secret(wkf):
'update a secret value in a domain'
echo('Updating secret value.')
domain_name = prompt('Domain name: ')
secret_name = prompt('Secret name: ')
secret_value = prompt('Secret value: ')
return wkf.update_secret(domain_name, secret_name, secret_value)
def add_secret(wkf):
'add a secret to a domain'
echo('Adding secret value.')
domain_name = prompt('Domain name: ')
secret_name = prompt('Secret name: ')
secret_value = prompt('Secret value: ')
return wkf.add_secret(domain_name, secret_name, secret_value)
def mw_write_kf(next_, kf, confirm):
if not os.access(kf.path, os.W_OK):
raise UsageError('expected %r to be a writable file. Check the'
' permissions and try again.' % kf.path)
modified_kf = next_(wkf=kf)
if not modified_kf:
return modified_kf
if confirm:
diff_lines = list(difflib.unified_diff(kf.get_contents().splitlines(),
modified_kf.get_contents().splitlines(),
kf.path + '.old', kf.path + '.new'))
diff_lines = _get_colorized_lines(diff_lines)
echo('Changes to be written:\n')
echo('\n'.join(diff_lines) + '\n')
do_write = prompt('Write changes? [y/N] ')
if not do_write.lower().startswith('y'):
echo('Aborting...')
sys.exit(0)
modified_kf.write()
return
def set_key_custodian_passphrase(wkf):
'update a key custodian passphrase'
user_id = prompt('User email: ')
passphrase = prompt.secret('Current passphrase: ')
creds = Creds(user_id, passphrase)
_check_creds(wkf, creds)
new_passphrase = prompt.secret('New passphrase: ', confirm=True)
return wkf.set_key_custodian_passphrase(creds, new_passphrase)
def _ask_blackjack():
bottom = int(prompt.secret('Bottom card: ', confirm=True))
top = int(prompt('Top card: '))
total = top + bottom
if total > 21:
res = 'bust'
elif total == 21:
res = 'blackjack!'
else:
res = 'hit (if you feel lucky)'
print(res)
return
def _get_creds(kf,
user=None,
interactive=True,
check_env=True,
passphrase_file=None,
user_env_var='PPROTECT_USER',
pass_env_var='PPROTECT_PASSPHRASE'):
if not interactive and not check_env:
raise UsageError('expected at least one of check_env'
' and interactive to be True', 2)
user_source = 'argument'
passphrase, passphrase_source = None, None
if passphrase_file:
passphrase_file = os.path.abspath(passphrase_file)
try:
passphrase = open(passphrase_file, 'rb').read().decode('utf8')
except IOError as ioe:
if getattr(ioe, 'strerror', None):
msg = '%s while reading passphrase from file at "%s"' % (ioe.strerror, passphrase_file)
else:
msg = 'Failed to read passphrase from file at "%s"' % passphrase_file
raise UsageError(msg=msg)
else:
passphrase_source = "passphrase file: %s" % passphrase_file
if user is None and user_env_var:
user = os.getenv(user_env_var)
user_source = 'env var: %s' % user_env_var
if passphrase is None and pass_env_var:
passphrase = os.getenv(pass_env_var)
passphrase_source = 'env var: %s' % pass_env_var
if interactive:
msg = ''
if user is None:
msg = 'Verify credentials for %s' % kf.path
elif passphrase is None:
msg = 'Verify passphrase for %s (Using user %s from %s)' % (kf.path, user, user_source)
if msg:
echo.err(msg)
if user is None:
user = prompt('User email: ')
user_source = 'stdin'
if passphrase is None:
passphrase = prompt.secret('Passphrase: ', confirm=False)
passphrase_source = 'stdin'
creds = Creds(_get_text(user or ''), _get_text(passphrase or ''),
name_source=user_source, passphrase_source=passphrase_source)
_check_creds(kf, creds)
return creds
def _get_new_creds(confirm=True):
user_id = prompt('User email: ')
passphrase = prompt.secret('Passphrase: ', confirm=confirm)
ret = Creds(user_id, passphrase)
return ret
def rotate_domain_keys(wkf, creds):
'rotate the internal encryption keys for a given domain'
domain_name = prompt('Domain name: ')
return wkf.rotate_domain_key(domain_name, creds)
def rm_secret(wkf):
'remove a secret from a domain'
echo('Updating secret value.')
domain_name = prompt('Domain name: ')
secret_name = prompt('Secret name: ')
return wkf.rm_secret(domain_name, secret_name)
def rm_owner(wkf):
'remove a key custodian from the owner list of a domain'
echo('Removing domain owner.')
domain_name = prompt('Domain name: ')
owner_name = prompt('Owner email: ')
return wkf.rm_owner(domain_name, owner_name)
def add_owner(wkf, creds):
'add a key custodian to the owner list of a specific domain'
echo('Adding domain owner.')
domain_name = prompt('Domain name: ')
new_owner_name = prompt('New owner email: ')
return wkf.add_owner(domain_name, new_owner_name, creds)
def rm_domain(wkf):
'remove a domain and all of its keys from the protected'
echo('Removing domain.')
domain_name = prompt('Domain name: ')
return wkf.rm_domain(domain_name)
def add_domain(wkf, creds):
'add a new domain to the protected'
echo('Adding new domain.')
domain_name = prompt('Domain name: ')
return wkf.add_domain(domain_name, creds.name)
def _ask_halve():
val = float(prompt('Enter a number: '))
print()
ret = val / float(os.getenv('CALC_TWO', 2))
print(ret)
return ret