class User(db.Model): __tablename__ = 'users' id = Column(Integer, primary_key=True) password = Column(String(128)) active = Column(Boolean()) confirmed_at = Column(DateTime()) username = Column(String(255), nullable=False, unique=True) email = Column(String(128), unique=True) profile_picture = Column(String(255)) roles = relationship('Role', secondary=roles_users, passive_deletes=True, backref=db.backref('user'), lazy='dynamic') certificates = relationship("Certificate", backref=db.backref('user'), lazy='dynamic') authorities = relationship("Authority", backref=db.backref('user'), lazy='dynamic') def check_password(self, password): """ Hash a given password and check it against the stored value to determine it's validity. :param password: :return: """ if self.password: return bcrypt.check_password_hash(self.password, password) def hash_password(self): """ Generate the secure hash for the password. :return: """ if self.password: self.password = bcrypt.generate_password_hash(self.password) return self.password @property def is_admin(self): """ Determine if the current user has the 'admin' role associated with it. :return: """ for role in self.roles: if role.name == 'admin': return True def as_dict(self): return {c.name: getattr(self, c.name) for c in self.__table__.columns} def serialize(self): blob = self.as_dict() return blob
class User(db.Model): __tablename__ = 'users' id = Column(Integer, primary_key=True) password = Column(String(128)) active = Column(Boolean()) confirmed_at = Column(ArrowType()) username = Column(String(255), nullable=False, unique=True) email = Column(String(128), unique=True) profile_picture = Column(String(255)) roles = relationship('Role', secondary=roles_users, passive_deletes=True, backref=db.backref('user'), lazy='dynamic') certificates = relationship('Certificate', backref=db.backref('user'), lazy='dynamic') authorities = relationship('Authority', backref=db.backref('user'), lazy='dynamic') keys = relationship('ApiKey', backref=db.backref('user'), lazy='dynamic') logs = relationship('Log', backref=db.backref('user'), lazy='dynamic') sensitive_fields = ('password', ) def check_password(self, password): """ Hash a given password and check it against the stored value to determine it's validity. :param password: :return: """ if self.password: return bcrypt.check_password_hash(self.password, password) def hash_password(self): """ Generate the secure hash for the password. :return: """ if self.password: self.password = bcrypt.generate_password_hash( self.password).decode('utf-8') @property def is_admin(self): """ Determine if the current user has the 'admin' role associated with it. :return: """ for role in self.roles: if role.name == 'admin': return True def __repr__(self): return "User(username={username})".format(username=self.username)
class Authority(db.Model): __tablename__ = "authorities" id = Column(Integer, primary_key=True) owner = Column(String(128), nullable=False) name = Column(String(128), unique=True) body = Column(Text()) chain = Column(Text()) active = Column(Boolean, default=True) plugin_name = Column(String(64)) description = Column(Text) options = Column(JSON) date_created = Column(DateTime, PassiveDefault(func.now()), nullable=False) roles = relationship( "Role", secondary=roles_authorities, passive_deletes=True, backref=db.backref("authority"), lazy="dynamic", ) user_id = Column(Integer, ForeignKey("users.id")) authority_certificate = relationship( "Certificate", backref="root_authority", uselist=False, foreign_keys="Certificate.root_authority_id", ) certificates = relationship("Certificate", backref="authority", foreign_keys="Certificate.authority_id") authority_pending_certificate = relationship( "PendingCertificate", backref="root_authority", uselist=False, foreign_keys="PendingCertificate.root_authority_id", ) pending_certificates = relationship( "PendingCertificate", backref="authority", foreign_keys="PendingCertificate.authority_id", ) def __init__(self, **kwargs): self.owner = kwargs["owner"] self.roles = kwargs.get("roles", []) self.name = kwargs.get("name") self.description = kwargs.get("description") self.authority_certificate = kwargs["authority_certificate"] self.plugin_name = kwargs["plugin"]["slug"] self.options = kwargs.get("options") @property def plugin(self): return plugins.get(self.plugin_name) def __repr__(self): return "Authority(name={name})".format(name=self.name)
class Authority(db.Model): __tablename__ = 'authorities' id = Column(Integer, primary_key=True) owner = Column(String(128), nullable=False) name = Column(String(128), unique=True) body = Column(Text()) chain = Column(Text()) active = Column(Boolean, default=True) plugin_name = Column(String(64)) description = Column(Text) options = Column(JSON) date_created = Column(DateTime, PassiveDefault(func.now()), nullable=False) roles = relationship('Role', secondary=roles_authorities, passive_deletes=True, backref=db.backref('authority'), lazy='dynamic') user_id = Column(Integer, ForeignKey('users.id')) authority_certificate = relationship( "Certificate", backref='root_authority', uselist=False, foreign_keys='Certificate.root_authority_id') certificates = relationship("Certificate", backref='authority', foreign_keys='Certificate.authority_id') authority_pending_certificate = relationship( "PendingCertificate", backref='root_authority', uselist=False, foreign_keys='PendingCertificate.root_authority_id') pending_certificates = relationship( 'PendingCertificate', backref='authority', foreign_keys='PendingCertificate.authority_id') def __init__(self, **kwargs): self.owner = kwargs['owner'] self.roles = kwargs.get('roles', []) self.name = kwargs.get('name') self.description = kwargs.get('description') self.authority_certificate = kwargs['authority_certificate'] self.plugin_name = kwargs['plugin']['slug'] self.options = kwargs.get('options') @property def plugin(self): return plugins.get(self.plugin_name) def __repr__(self): return "Authority(name={name})".format(name=self.name)
class Authority(db.Model): __tablename__ = 'authorities' id = Column(Integer, primary_key=True) owner = Column(String(128)) name = Column(String(128), unique=True) body = Column(Text()) chain = Column(Text()) bits = Column(Integer()) cn = Column(String(128)) not_before = Column(DateTime) not_after = Column(DateTime) active = Column(Boolean, default=True) date_created = Column(DateTime, PassiveDefault(func.now()), nullable=False) plugin_name = Column(String(64)) description = Column(Text) options = Column(JSON) roles = relationship('Role', backref=db.backref('authority'), lazy='dynamic') user_id = Column(Integer, ForeignKey('users.id')) certificates = relationship("Certificate", backref='authority') def __init__(self, name, owner, plugin_name, body, roles=None, chain=None, description=None): self.name = name self.body = body self.chain = chain self.owner = owner self.plugin_name = plugin_name cert = x509.load_pem_x509_certificate(str(body), default_backend()) self.cn = get_cn(cert) self.not_before = get_not_before(cert) self.not_after = get_not_after(cert) self.roles = roles self.description = description def as_dict(self): return {c.name: getattr(self, c.name) for c in self.__table__.columns} def serialize(self): blob = self.as_dict() return blob
class Authority(db.Model): __tablename__ = "authorities" id = Column(Integer, primary_key=True) owner = Column(String(128), nullable=False) name = Column(String(128), unique=True) body = Column(Text()) chain = Column(Text()) active = Column(Boolean, default=True) plugin_name = Column(String(64)) description = Column(Text) options = Column(JSON) date_created = Column(DateTime, DefaultClause(func.now()), nullable=False) roles = relationship( "Role", secondary=roles_authorities, passive_deletes=True, backref=db.backref("authority"), lazy="dynamic", ) user_id = Column(Integer, ForeignKey("users.id")) authority_certificate = relationship( "Certificate", backref="root_authority", uselist=False, foreign_keys="Certificate.root_authority_id", ) certificates = relationship("Certificate", backref="authority", foreign_keys="Certificate.authority_id") authority_pending_certificate = relationship( "PendingCertificate", backref="root_authority", uselist=False, foreign_keys="PendingCertificate.root_authority_id", ) pending_certificates = relationship( "PendingCertificate", backref="authority", foreign_keys="PendingCertificate.authority_id", ) def __init__(self, **kwargs): self.owner = kwargs["owner"] self.roles = kwargs.get("roles", []) self.name = kwargs.get("name") self.description = kwargs.get("description") self.authority_certificate = kwargs["authority_certificate"] self.plugin_name = kwargs["plugin"]["slug"] self.options = kwargs.get("options") @property def plugin(self): return plugins.get(self.plugin_name) @property def is_cab_compliant(self): """ Parse the options to find whether authority is CAB Forum Compliant, i.e., adhering to the CA/Browser Forum Baseline Requirements. Returns None if option is not available """ if not self.options: return None options_array = json.loads(self.options) if isinstance(options_array, list): for option in options_array: if "name" in option and option["name"] == 'cab_compliant': return option["value"] return None @property def max_issuance_days(self): if self.is_cab_compliant: return current_app.config.get("PUBLIC_CA_MAX_VALIDITY_DAYS", 397) @property def default_validity_days(self): if self.is_cab_compliant: return current_app.config.get("PUBLIC_CA_MAX_VALIDITY_DAYS", 397) return current_app.config.get("DEFAULT_VALIDITY_DAYS", 365) # 1 year default def __repr__(self): return "Authority(name={name})".format(name=self.name)