def test_string_can_be_decrypt():
"""Basic encryption decryption test."""
encrypted_source = encryption.encrypt(SOURCE, SECRET_KEY)
assert SOURCE != encrypted_source
decrypted_source = encryption.decrypt(encrypted_source, SECRET_KEY)
assert SOURCE == decrypted_source
def test_bytes_can_be_decrypt():
"""Basic decryption test."""
encrypted_source = encryption.encrypt(SOURCE.encode(), SECRET_KEY)
assert SOURCE != encrypted_source
decrypted_source = encryption.decrypt(encrypted_source, SECRET_KEY)
assert SOURCE == decrypted_source
def test_generate_file_with_secretkey_entered(input_mock, getpass_mock):
"""Test with user secret key."""
input_mock.side_effect = ["n", FakeSettings.SECRET_KEY, "user"]
getpass_mock.return_value = "pass"
init_and_launch_command([])
assert os.path.exists(CREATED_FILE_PATH)
config = configparser.RawConfigParser()
config.read(CREATED_FILE_PATH)
secret_key = config.get("DJANGO", "KEY")
assert secret_key == FakeSettings.SECRET_KEY
assert config.get("DATABASE_CREDENTIALS", "USER") == "user"
assert (encryption.decrypt(config.get("DATABASE_CREDENTIALS", "PASSWORD"),
secret_key) == "pass")
os.remove(CREATED_FILE_PATH)
def test_decryption_error():
"""Basic decryption error."""
with pytest.raises(ValueError):
encryption.decrypt("Bad value", SECRET_KEY)
def handle(self, *args, **options):
"""
Command core.
"""
settings_template_file = options["settings_template_file"]
settings_file_path = options["settings_file_path"]
force_secret_key = options["force_secretkey"]
if not force_secret_key:
force_secret_key = self.default_force_secret_key
if not settings_template_file:
raise CommandError(
"Parameter settings_template_file undefined.\nUsage: %s" % self.usage
)
if not settings_file_path:
raise CommandError(
"Parameter settings_file_path undefined.\nUsage: %s" % self.usage
)
if not os.path.exists(settings_template_file):
raise CommandError("The settings template file doesn't exists.")
self.stdout.write("** Configuration file generation: **")
if os.path.exists(settings_file_path):
override = get_input(
"A configuration file already exists at %s. "
"Would you override it ? (y/N) : " % settings_file_path
)
if override.upper() != "Y":
raise CommandError("Generation cancelled.")
config = RawConfigParser()
config.read(settings_template_file)
input_secret_key = False
secret_key = None
if not force_secret_key:
generate_secret_key = get_input(
"Do you want to generate the secret key for Django ? (Y/n) : "
)
input_secret_key = generate_secret_key.upper() == "N"
if input_secret_key:
secret_key = get_input("Enter your secret key : ")
if not secret_key:
raise CommandError(
"Django secret key is needed for encryption. Generation cancelled."
)
else:
self.stdout.write("Django secret key generation !")
self.stdout.write("\n** Filling values for configuration file content **")
variable_regex = re.compile(r" *{(.+)} *")
properties = {}
for section in config.sections():
properties[section] = {}
for key, value in config.items(section):
match_groups = variable_regex.match(value)
if match_groups:
value_type = match_groups.group(1).strip().upper()
value = self.get_value(section, key, value_type)
properties[section][key] = value
max_retry = 0 if input_secret_key else 3
retry = 0
encrypted_properties = properties.copy()
while retry <= max_retry and self.encrypted_field:
if secret_key is None:
secret_key = get_random_secret_key().replace("%", "0")
try:
for section, key in self.encrypted_field:
value = encryption.encrypt(properties[section][key], secret_key)
encryption.decrypt(value, secret_key)
encrypted_properties[section][key] = value
retry = max_retry
except ValueError:
secret_key = None
retry += 1
if secret_key is None:
raise CommandError(
"Error while encoding / decoding passwords with the secret key."
"Retried %s. Generation cancelled." % max_retry
)
for section, key in self.django_keys:
encrypted_properties[section][key] = secret_key
# Fill config file
for section, values in encrypted_properties.items():
for key, value in values.items():
config.set(section, key, value)
self.stdout.write("\nWriting file at %s:" % settings_file_path)
settings_directory = os.path.dirname(settings_file_path)
if not os.path.exists(settings_directory):
os.makedirs(settings_directory)
with open(settings_file_path, "w") as config_file:
config.write(config_file)
self.stdout.write(
self.style.SUCCESS("Configuration file successfully generated !")
)