예제 #1
0
파일: views.py 프로젝트: B-Rich/stockade
def create_secret(request):
    # TODO Make sure user is part of the project
    if request.method == 'POST':
       project_id = request.POST.get('project_id')
    try:
        project = Project.objects.get(pk=project_id)
    except Project.DoesNotExist:
        return HttpResponse(
            json.dumps({'error': 'Invalid project.'}),
            content_type='application/json',
            status=400
        )
    secret = Secret()
    secret.project = project
    secret.category = request.POST.get('category')
    secret.description = request.POST.get('description')
    secret.username = request.POST.get('username')
    secret.url = request.POST.get('url')
    secret.last_user = request.user

    password = request.POST.get('password')

    secret.secret_ref = _store_secret_as_plain_text(secret, password)
    secret.save()

    return HttpResponse(
        json.dumps({'success': 'Great Success!'}),
        content_type='application/json',
        status=201
    )
예제 #2
0
파일: views.py 프로젝트: yodermk/stockade
def create_secret(request):
    # TODO Make sure user is part of the project
    if request.method == 'POST':
	project_id = request.POST.get('project_id')
	try:
	    project = Project.objects.get(pk=project_id)
	except Project.DoesNotExist:
	    pass
	secret = Secret()
	secret.project = project
	secret.category = request.POST.get('category')
	secret.description = request.POST.get('description')
	secret.username = request.POST.get('username')
	secret.url = request.POST.get('url')

	password = request.POST.get('password')

	keystone_username = '******'
	auth_token = 'be1526d82e5e496e8a037ade5a3616cd'
	barbican_endpoint = 'http://api-02-int.cloudkeep.io:9311/v1'
	conn = client.Connection('keystone.com', keystone_username, 'password', 'demo',
				 token=auth_token,
				 endpoint=barbican_endpoint)
	secret.secret_ref = conn.create_secret('text/plain',
			    plain_text=password).secret_ref
	secret.save()
	return HttpResponse(
	    json.dumps({'success': 'Great Success!'}),
	    content_type='application/json',
	    status=201
	)
    return HttpResponse(
	json.dumps({'error': 'Epic Fail.'}),
	content_type='application/json',
	status=400
    )
예제 #3
0
파일: views.py 프로젝트: jmvrbanac/stockade
def secret_edit(request, secret_id):
    if request.method == 'POST':

        secrets = Secret.objects.filter(pk=secret_id)
        if not secrets or not len(secrets):
            return HttpResponse(
                json.dumps({'error': 'Not in this castle'}),
                content_type='application/json',
                status=401
            )
        secret_db = secrets[0]

        description = request.POST.get('description')
        passwordNew = request.POST.get('password')
        if description == '' or passwordNew == '':
            return HttpResponse(
                json.dumps({'error': 'Invalid description or password.'}),
                content_type='application/json',
                status=400
            )

        secret = Secret()
        secret.id = secret_db.id
        secret.secret_ref = secret_db.secret_ref
        secret.create_date = secret_db.create_date
        secret.project = secret_db.project
        secret.category = request.POST.get('category') or secret_db.category
        secret.description = description or secret_db.description
        secret.username = request.POST.get('username') or secret_db.username
        secret.url = request.POST.get('url') or secret_db.url
        secret.last_user = request.user

        # If the password changed, then need to create a new secret in Barbican.
        passwordCurrent = _decrypt_secret_as_plain_text(secret_db.secret_ref)
        if passwordNew and passwordCurrent != passwordNew:
            secret.secret_ref = _store_secret_as_plain_text(secret, passwordNew)

        secret.save()
        return HttpResponse(
            json.dumps({'success': 'Great Success!'}),
            content_type='application/json',
            status=201
        )

    return HttpResponse(
        json.dumps({'error': 'Epic Fail.'}),
        content_type='application/json',
        status=400
    )
예제 #4
0
def secret_edit(request, secret_id):
    if request.method == 'POST':

        secrets = Secret.objects.filter(pk=secret_id)
        if not secrets or not len(secrets):
            return HttpResponse(
                json.dumps({'error': 'Not in this castle'}),
                content_type='application/json',
                status=401
            )
        secret_db = secrets[0]

        if request.user not in secret_db.project.members.all():
            return HttpResponse(
                json.dumps({'error': 'Not found'}),
                content_type='application/json',
                status=404
            )

        description = request.POST.get('description')
        passwordNew = request.POST.get('password')
        if description == '' or passwordNew == '':
            return HttpResponse(
                json.dumps({'error': 'Invalid description or password.'}),
                content_type='application/json',
                status=400
            )

        secret = Secret()
        secret.id = secret_db.id
        secret.secret_ref = secret_db.secret_ref
        secret.create_date = secret_db.create_date
        secret.project = secret_db.project
        secret.category = request.POST.get('category') or secret_db.category
        secret.description = description or secret_db.description
        secret.username = request.POST.get('username') or secret_db.username
        secret.url = request.POST.get('url') or secret_db.url
        secret.last_user = request.user

        # If the password changed, then need to create a new secret in Barbican.
        passwordCurrent = _decrypt_secret_as_plain_text(secret_db.secret_ref)
        if passwordNew and passwordCurrent != passwordNew:
            secret.secret_ref = _store_secret_as_plain_text(secret, passwordNew)

        secret.save()
        return HttpResponse(
            json.dumps({'success': 'Great Success!'}),
            content_type='application/json',
            status=201
        )

    return HttpResponse(
        json.dumps({'error': 'Epic Fail.'}),
        content_type='application/json',
        status=400
    )
예제 #5
0
def create_secret(request):
    # TODO Make sure user is part of the project
    if request.method == 'POST':
        project_uuid = request.POST.get('project_uuid')
    try:
        project = Project.objects.get(uuid=project_uuid)
    except Project.DoesNotExist:
        return HttpResponse(
            json.dumps({'error': 'Invalid project.'}),
            content_type='application/json',
            status=400
        )

    description = request.POST.get('description')
    password = request.POST.get('password')

    if description == '' or password == '':
        return HttpResponse(
            json.dumps({'error': 'Invalid description or password.'}),
            content_type='application/json',
            status=400
        )

    secret = Secret()
    secret.project = project
    secret.category = request.POST.get('category')
    secret.description = description
    secret.username = request.POST.get('username')
    secret.url = request.POST.get('url')
    secret.last_user = request.user


    secret.secret_ref = _store_secret_as_plain_text(secret, password)
    secret.save()

    return HttpResponse(
        json.dumps({'success': 'Great Success!'}),
        content_type='application/json',
        status=201
    )