예제 #1
0
 def read_folder(self,
                 folder_id: PassboltFolderIdType) -> PassboltFolderTuple:
     response = self.get(f"/folders/{folder_id}.json",
                         params={"contain[permissions]": True},
                         return_response_object=True)
     response = response.json()
     return constructor(PassboltFolderTuple,
                        subconstructors={
                            "permissions":
                            constructor(PassboltPermissionTuple)
                        })(response["body"])
예제 #2
0
 def read_resource_type(
     self, resource_type_id: PassboltResourceTypeIdType
 ) -> PassboltResourceTypeTuple:
     response = self.get(f"/resource-types/{resource_type_id}.json",
                         return_response_object=True)
     response = response.json()["body"]
     return constructor(PassboltResourceTypeTuple)(response)
예제 #3
0
 def list_users(self,
                resource_or_folder_id: Union[None, PassboltResourceIdType,
                                             PassboltFolderIdType] = None,
                force_list=True) -> List[PassboltUserTuple]:
     if resource_or_folder_id is None:
         params = {}
     else:
         params = {"filter[has-access]": resource_or_folder_id}
     params["contain[permission]"] = True
     response = self.get(f"/users.json", params=params)
     assert "body" in response.keys(
     ), f"Key 'body' not found in response keys: {response.keys()}"
     response = response["body"]
     users = constructor(
         PassboltUserTuple,
         subconstructors={
             "gpgkey": constructor(PassboltOpenPgpKeyTuple),
         },
     )(response)
     if isinstance(users, PassboltUserTuple) and force_list:
         return [users]
     return users
예제 #4
0
 def list_resources(self, folder_id: Optional[PassboltFolderIdType] = None):
     params = {
         **({
             "filter[has-id][]": folder_id
         } if folder_id else {}),
         "contain[children_resources]":
         True,
     }
     url_params = urllib.parse.urlencode(params)
     if url_params:
         url_params = "?" + url_params
     response = self.get("/folders.json" + url_params)
     assert "body" in response.keys(
     ), f"Key 'body' not found in response keys: {response.keys()}"
     response = response["body"][0]
     assert "children_resources" in response.keys(), (
         f"Key 'body[].children_resources' not found in response "
         f"keys: {response.keys()} ")
     return constructor(PassboltResourceTuple)(
         response["children_resources"])
예제 #5
0
    def create_resource(
        self,
        name: str,
        password: str,
        username: str = "",
        description: str = "",
        uri: str = "",
        resource_type_id: Optional[PassboltResourceTypeIdType] = None,
        folder_id: Optional[PassboltFolderIdType] = None,
    ):
        """Creates a new resource on passbolt and shares it with the provided folder recipients"""
        if not name:
            raise PassboltValidationError(
                f"Name cannot be None or empty -- {name}!")
        if not password:
            raise PassboltValidationError(
                f"Password cannot be None or empty -- {password}!")

        r_create = self.post(
            "/resources.json",
            {
                "name":
                name,
                "username":
                username,
                "description":
                description,
                "uri":
                uri,
                **({
                    "resource_type_id": resource_type_id
                } if resource_type_id else {}),
                "secrets": [{
                    "data": self.encrypt(password)
                }],
            },
            return_response_object=True,
        )
        resource = constructor(PassboltResourceTuple)(r_create.json()["body"])
        if folder_id:
            folder = self.read_folder(folder_id)
            # get users with access to folder
            users_list = self.list_users(resource_or_folder_id=folder_id)
            lookup_users: Mapping[PassboltUserIdType, PassboltUserTuple] = {
                user.id: user
                for user in users_list
            }
            self_user_id = [
                user.id for user in users_list
                if self.user_fingerprint == user.gpgkey.fingerprint
            ]
            if self_user_id:
                self_user_id = self_user_id[0]
            else:
                raise ValueError("User not in passbolt")
            # simulate sharing with folder perms
            permissions = [{
                "is_new": True,
                **{k: v
                   for k, v in perm._asdict().items() if k != "id"},
            } for perm in folder.permissions
                           if (perm.aro_foreign_key != self_user_id)]
            share_payload = {
                "permissions": permissions,
                "secrets": self._encrypt_secrets(password,
                                                 lookup_users.values()),
            }
            # simulate sharing with folder perms
            r_simulate = self.post(
                f"/share/simulate/resource/{resource.id}.json",
                share_payload,
                return_response_object=True)
            r_share = self.put(f"/share/resource/{resource.id}.json",
                               share_payload,
                               return_response_object=True)

            self.move_resource_to_folder(resource_id=resource.id,
                                         folder_id=folder_id)
        return r_create