def create(self, validated_data): owner = validated_data['owner_write'] passwords = validated_data['passwords_write'] signing_key = validated_data['signing_key'] del validated_data['owner_write'] del validated_data['passwords_write'] del validated_data['signing_key'] del validated_data['user'] validated_data['owner'] = owner with transaction.atomic(savepoint=True): # Acquire lock on master key user lock = get_lock() # Validate our password dict looks good keyset = self.check_password_dict(owner, passwords) self.check_signing_key(signing_key) # Create our key entry object keyentry = KeyEntry.objects.create(**validated_data) for entry in passwords: key_pk, encoded_password, encoded_signature = self.check_password_dict_entry( entry, keyset) password_object = Password( key_entry=keyentry, public_key=PublicKey.objects.get(pk=key_pk), password=encoded_password, signature=encoded_signature, signing_key=signing_key, ) password_object.full_clean() password_object.save() keyentry.check_passwords() return keyentry
def update(self, instance, validated_data): owner = instance.owner passwords = validated_data['passwords_write'] signing_key = validated_data['signing_key'] with transaction.atomic(savepoint=True): # Acquire lock on master key user lock = get_lock() # Validate our password dict looks good keyset = self.check_password_dict(owner, passwords) self.check_signing_key(signing_key) # Get our key entry object keyentry = instance for entry in passwords: key_pk, encoded_password, encoded_signature = self.check_password_dict_entry( entry, keyset) # Get the corresponding password entry password_object = keyentry.passwords.get( public_key=PublicKey.objects.get(pk=key_pk)) password_object.password = encoded_password password_object.signature = encoded_signature password_object.signing_key = signing_key password_object.full_clean() password_object.save() keyentry.check_passwords() return keyentry
def ready(self): from django.conf import settings from api.models.util import get_master_user from api.models.util import get_lock from api.models.util import parse_key from api.models import PublicKey # Try to set up our master user, this fails under makemigrations. try: master_key = settings.MASTER_PUBLIC_KEY # Try to parse the master key (exception if invalid) parse_key(master_key) with transaction.atomic(savepoint=True): # Ensure our master key user exists user = get_master_user() # Acquire lock on master key user lock = get_lock() # Delete all keys, which aren't the master key deleted_count, del_dict = PublicKey.objects.filter( user=user).exclude(key=master_key).delete() key, created = PublicKey.objects.get_or_create(user=user, key=master_key) if deleted_count != 0: print "Deleted spurious master key(s)" if created: print "Created master key" except Exception as exception: print str(exception) # TODO: Log exception pass
def create(self, validated_data): with transaction.atomic(savepoint=True): # Acquire lock on master key user lock = get_lock() # Don't provide public key to user constructor public_key_string = validated_data['public_key'] del validated_data['public_key'] # Create the user user = super(UserSerializer, self).create(validated_data) user.set_password(validated_data['password']) user.full_clean() user.save() # Create an identity group group = Group(name=validated_data['username'], ) group.full_clean() group.save() # Add our user to the group group.user_set.add(user) # Create the public key object for the user public_key = PublicKey( user=user, key=public_key_string, ) public_key.full_clean() public_key.save() # Return the user return user
def create(self, validated_data): user = self.context['request'].user with transaction.atomic(savepoint=True): # Acquire lock on master key user lock = get_lock() # Create a group group = Group(name=validated_data['name'], ) group.full_clean() group.save() # Add the current user to the group group.user_set.add(user) return group
def update(self, instance, validated_data): # TODO: Check that current user is allowed to add with transaction.atomic(savepoint=True): # Acquire lock on master key user lock = get_lock() user = validated_data['user_pk'] # # Get the provided user # user = get_user_model().objects.get(pk=validated_data['user_pk']) # Check that no passwords exist on the group if instance.key_entries.count() != 0: raise ValueError("Cannot add to groups with passwords") # Add the provided user to the group instance.user_set.add(user) return instance