def handle(self, *args, **options): if settings.CENTRAL_SERVER: raise CommandError( "You shouldn't be trying to put the central server on a sharing network!" ) own_device = Device.get_own_device() if DeviceZone.objects.filter(device=own_device).count() > 0: raise CommandError( "This device already belongs to a sharing network.") zone_name = args[0] if len( args) >= 1 else "Sharing network for Device %s" % own_device.name zone_description = args[1] if (len(args) >= 2 and args[1]) else "" # Create the zone self.stdout.write("Generating a sharing network.\n") zone = Zone(name=zone_name, description=zone_description) zone.save() # this will sign the zone with the current device # Create the zone invitation--you're invited to a party of one! self.stdout.write( "Generating a sharing network invitation--from me, to me!\n") invitation = ZoneInvitation.generate(zone=zone, invited_by=own_device) invitation.save() invitation.claim(used_by=own_device) self.stdout.write("Done!\n")
def test_valid_trusted(self): """ Chain of trust: 1. Zone created by this device 2. Another device joins (no central server) through an invitation """ own_device = Device.get_own_device() zone = Zone(name="test_zone") zone.save() new_device = Device(name="new_device") # make a new device new_device.set_key(Key()) new_device.save() # get an ID new_device.get_metadata().save() # Now create an invitation, and claim that invitation for the new device. invitation = ZoneInvitation.generate(zone=zone, invited_by=own_device) invitation.claim(used_by=new_device) self.assertEqual(invitation.used_by, new_device, "Invitation should now be used by device %s" % new_device) self.assertEqual(DeviceZone.objects.filter(device=new_device).count(), 1, "There should be a DeviceZone for device %s" % new_device) self.assertEqual(DeviceZone.objects.get(device=new_device).zone, zone, "DeviceZone for device %s should be zone %s" % (new_device, zone)) # Now get a chain of trust establishing the new device on the zone chain = ChainOfTrust(zone=zone, device=new_device) self.assertTrue(chain.verify(), "Chain of trust should verify.")
def test_valid_trusted(self): """ Chain of trust: 1. Zone created by this device 2. Another device joins (no central server) through an invitation """ own_device = Device.get_own_device() zone = Zone(name="test_zone") zone.save() new_device = Device(name="new_device") # make a new device new_device.set_key(Key()) new_device.save() # get an ID new_device.get_metadata().save() # Now create an invitation, and claim that invitation for the new device. invitation = ZoneInvitation.generate(zone=zone, invited_by=own_device) invitation.claim(used_by=new_device) self.assertEqual( invitation.used_by, new_device, "Invitation should now be used by device %s" % new_device) self.assertEqual( DeviceZone.objects.filter(device=new_device).count(), 1, "There should be a DeviceZone for device %s" % new_device) self.assertEqual( DeviceZone.objects.get(device=new_device).zone, zone, "DeviceZone for device %s should be zone %s" % (new_device, zone)) # Now get a chain of trust establishing the new device on the zone chain = ChainOfTrust(zone=zone, device=new_device) self.assertTrue(chain.verify(), "Chain of trust should verify.")
def test_invalid_invitation(self): """ Chain of trust: 1. Zone created by this device 2. Another device joins (no central server) without an invitation--assert! """ own_device = Device.get_own_device() call_command("generate_zone") # put own_device on a zone zone = Zone.objects.all()[0] new_device = Device(name="new_device") # make a new device new_device.set_key(Key()) new_device.save() # get an ID new_device.get_metadata().save() # Now create an illegal invitation--one that's not signed by the zone creator with self.assertRaises(ValidationError): ZoneInvitation.generate(zone=zone, invited_by=new_device) # invitation = ZoneInvitation(zone=zone, invited_by=new_device) with self.assertRaises(ValidationError): invitation.set_key(Key())
def create_json_file(include_data): central_server = Device.get_central_server() if not zone_id: models = [central_server] if central_server else [] else: # Get a chain of trust to the zone owner. # Because we're on the central server, this will # simply be the central server, but in the future # this would return an actual chain. logging.debug("Generating a zone invitation...") zone = Zone.objects.get(id=zone_id) chain = ChainOfTrust(zone=zone) assert chain.validate() new_invitation = ZoneInvitation.generate( zone=zone, invited_by=Device.get_own_device()) new_invitation.save( ) # keep a record of the invitation, for future revocation. Also, signs the thing # This ordering of objects is a bit be hokey, but OK--invitation usually must be # inserted before devicezones--but because it's not pointing to any devices, # it's OK to be at the end. # Note that the central server will always be at the front of the chain of trust, # so no need to explicitly include. models = chain.objects() + [new_invitation] # if include_data: logging.debug("Serializing entire dataset...") devices = Device.objects.by_zone(zone) devicezones = DeviceZone.objects.filter(zone=zone) models += list(devices) + list(devicezones) models += engine.get_models( zone=zone, limit=None) # get all models on this zone models_file = tempfile.mkstemp()[1] with open(models_file, "w") as fp: fp.write(engine.serialize(models)) return models_file
def handle(self, *args, **options): if settings.CENTRAL_SERVER: raise CommandError("You shouldn't be trying to put the central server on a sharing network!") own_device = Device.get_own_device() if DeviceZone.objects.filter(device=own_device).count() > 0: raise CommandError("This device already belongs to a sharing network.") zone_name = args[0] if len(args) >= 1 else "Sharing network for Device %s" % own_device.name zone_description = args[1] if (len(args) >= 2 and args[1]) else "" # Create the zone self.stdout.write("Generating a sharing network.\n") zone = Zone(name=zone_name, description=zone_description) zone.save() # this will sign the zone with the current device # Create the zone invitation--you're invited to a party of one! self.stdout.write("Generating a sharing network invitation--from me, to me!\n") invitation = ZoneInvitation.generate(zone=zone, invited_by=own_device) invitation.save() invitation.claim(used_by=own_device) self.stdout.write("Done!\n")
def create_json_file(include_data): central_server = Device.get_central_server() if not zone_id: models = [central_server] if central_server else [] else: # Get a chain of trust to the zone owner. # Because we're on the central server, this will # simply be the central server, but in the future # this would return an actual chain. logging.debug("Generating a zone invitation...") zone = Zone.objects.get(id=zone_id) chain = ChainOfTrust(zone=zone) assert chain.validate() new_invitation = ZoneInvitation.generate(zone=zone, invited_by=Device.get_own_device()) new_invitation.save() # keep a record of the invitation, for future revocation. Also, signs the thing # This ordering of objects is a bit be hokey, but OK--invitation usually must be # inserted before devicezones--but because it's not pointing to any devices, # it's OK to be at the end. # Note that the central server will always be at the front of the chain of trust, # so no need to explicitly include. models = chain.objects() + [new_invitation] # if include_data: logging.debug("Serializing entire dataset...") devices = Device.objects.by_zone(zone) devicezones = DeviceZone.objects.filter(zone=zone) models += list(devices) + list(devicezones) models += engine.get_models(zone=zone, limit=None) # get all models on this zone models_file = tempfile.mkstemp()[1] with open(models_file, "w") as fp: fp.write(engine.serialize(models)) return models_file