def check_encryption(self): """ check if a value, which got written into config, got encrypted :return: """ test_key = 'linotp.testkey' linotp_conf = LinOtpConfig() if test_key not in linotp_conf: storeConfig(test_key, '', typ='password', desc=None) old_value = getFromConfig(test_key, defVal=None) now = datetime.datetime.now() new_value_plain = unicode(now) storeConfig(test_key, new_value_plain, typ='password', desc=None) new_value_enc = getFromConfig(test_key, defVal=None) # if new_value_enc != old_value: something new was written into db # if new_value_enc != new_value_plain: the new value got encrypted if new_value_enc and new_value_plain != new_value_enc != old_value: return True return False
def setProvider(params): """ save the provider info in linotp config :param params: generic parameter dictionary to support later more complex provider definitions in the dictionary currently required keys are :param type: push,sms or email :param name: the provider name :param config: the provider config :param timeout: the provider timeout :param: default: boolean :return: success - boolean """ provider_type = params['type'] provider_name = params['name'] if provider_name == Legacy_Provider_Name: save_legacy_provider(provider_type, params) else: save_new_provider(provider_type, provider_name, params) if 'default' in params: default_provider_key = Default_Provider_Key[provider_type] if params['default'] is True or params['default'].lower() == 'true': storeConfig(key=default_provider_key, val=provider_name) # uncomment this if you want to get provider config as ini file: # from linotp.provider.create_provider_ini import create_provider_config # create_provider_config() return True, {}
def setSupportLicenseInfo(lic_dict, lic_sign): """ set the license to be the current one :param lic_dict: the license with description :param lic_sign: the license signature :return: tuple with status (boolean) and if an error occured, the reason """ verifyLicenseInfo(lic_dict, lic_sign, raiseException=True) lic_str = lic_dict.info() log.debug("[setSupportLicense] license %r", lic_str) licTemp = "-----BEGIN LICENSE-----\n" licTemp += lic_str licTemp += "-----END LICENSE-----\n" licTemp += "-----BEGIN LICENSE SIGNATURE-----\n" licTemp += base64.b64encode(lic_sign) licTemp += "\n-----END LICENSE SIGNATURE-----" storeConfig("license", binascii.hexlify(licTemp)) log.info("[setLicense] license saved!") return True
def setSupportLicenseInfo(lic_dict, lic_sign): """ set the license to be the current one :param lic_dict: the license with description :param lic_sign: the license signature :return: tuple with status (boolean) and if faild, the reason """ verifyLicenseInfo(lic_dict, lic_sign, raiseException=True) lic_str = lic_dict.info() log.debug("[setSupportLicense] license %r", lic_str) licTemp = "-----BEGIN LICENSE-----\n" licTemp += lic_str licTemp += "-----END LICENSE-----\n" licTemp += "-----BEGIN LICENSE SIGNATURE-----\n" licTemp += base64.b64encode(lic_sign) licTemp += "\n-----END LICENSE SIGNATURE-----" storeConfig("license", binascii.hexlify(licTemp)) log.info("[setLicense] license saved!") return True
def setSupportLicenseInfo(lic_dict, lic_sign): """ set the license to be the current one :param lic_dict: the license with description :param lic_sign: the license signature :return: tuple with status (boolean) and if faild, the reason """ verifyLicenseInfo(lic_dict, lic_sign, raiseException=True) # first set the duration if there is one if not set_duration(lic_dict, raiseException=True): return False lic_str = lic_dict.info() log.debug("Setting licence to %r", lic_str) licTemp = "-----BEGIN LICENSE-----\n" licTemp += lic_str licTemp += "-----END LICENSE-----\n" licTemp += "-----BEGIN LICENSE SIGNATURE-----\n" licTemp += base64.b64encode(lic_sign).decode() licTemp += "\n-----END LICENSE SIGNATURE-----" storeConfig("license", binascii.hexlify(licTemp.encode('utf-8')).decode()) log.info("License saved.") return True
def save_new_provider(provider_type, provider_name, params): """ save the provider in the new provider format remarks: alternative to storing the whole config in encrypted way, we might look if it's a json and store the next Config. level and look for the reserved additional appended type: encrypted_data :param provider_type: push, sms or email provider :param provider_name: the name of the provider :param params: the provider description dict with 'class', 'config', and 'timeout' """ prefix = Provider_types.get(provider_type, {}).get('prefix') if not prefix: raise Exception('unknown provider type %r' % provider_type) provider_prefix = prefix + provider_name storeConfig(key=provider_prefix, val=params['class']) config_mapping = { 'timeout': ('Timeout', None), 'config': ('Config', 'encrypted_data')} # # alternative config entries are supported by the the adjustable config # entries if the provider supports the 'getConfigMapping' interface: # try: provider_class = _load_provider_class(params['class']) config_mapping = provider_class.getConfigMapping() except AttributeError as exx: log.debug("provider %r does not support ConfigMapping: %r", provider_name, exx) # add the extra parameter for each resolver that it could be a managed one config_mapping['managed'] = ('Managed', None) for config_entry in list(config_mapping.keys()): if config_entry not in params: continue # get the mapping entry and split the config name and type mapping_entry = config_mapping[config_entry] config_key, config_type = mapping_entry value = params[config_entry] # store the config entry storeConfig(key=provider_prefix + '.' + config_key, val=value, typ=config_type) return True, {}
def set_duration(lic_dict, raiseException=False): """ set the duration value in linotp config and thus in config database :param lic_dict: the license info object :param raiseException: switch to control if an exception should be thrown in case of a problem """ # if there is no expiration in the license we just can go on if not ( lic_dict.license_expiration and "days" in lic_dict.license_expiration ): return True lic_sign = lic_dict.signature days = lic_dict.license_expiration.replace("days", "").strip() try: days = int(days) except ValueError as _val: raise LicenseException( "Unable to interpret duration in license description" ) # we have a timely limited version, so we have to check if there is # already a license like this installed by comparing the signatures date_format = "%d%m%y" # get the decrypted value from the config, if there is one expiration = _get_license_duration() if expiration: # fetch config and split the signature and the expiration date signature, _sep, _date_str = expiration.rpartition(":") # here we only verify that the license signature is not the same # - we only take a slice as the stored signature will be # stored in an encrypted way and then will become too long if base64.b64encode(lic_sign)[:500] == signature: error = _("License already installed!") if raiseException: raise LicenseException(error) else: log.error(error) return False # so we calculate the expiration and store this together # with the license signature expires = datetime.datetime.now() + datetime.timedelta(days=days) expires_str = expires.strftime(date_format) # we take only some bytes as it is encrypted afterwards signature = base64.b64encode(lic_sign)[:500].decode() license_expire = "%s:%s" % (signature, expires_str) enc_license_expire = EncryptedData.from_unencrypted(license_expire) storeConfig("license_duration", enc_license_expire) log.info("Set license expiration to %s", license_expire) return True
def set_duration(lic_dict, raiseException=False): """ set the duration value in linotp config and thus in config database :param lic_dict: the license info object :param raiseException: switch to control if an exception should be thrown in case of a problem """ # if there is no expiration in the license we just can go on if not (lic_dict.license_expiration and 'days' in lic_dict.license_expiration): return True lic_sign = lic_dict.signature days = lic_dict.license_expiration.replace('days', '').strip() try: days = int(days) except ValueError as _val: raise Exception('Unable to interpret duration in' ' license description') # we have a timely limited version, so we have to check if there is # already a license like this installed by comparing the signatures date_format = "%d%m%y" # get the decrypted value from the config, if there is one expiration = getFromConfig('enclinotp.license_duration', None) if expiration: # fetch config and split the signature and the expiration date signature, _sep, _date_str = expiration.rpartition(':') # here we only verify that the license signature is not the same # - we only take a slice as the stored signature will be # stored in an encrypted way and then will become too long if base64.b64encode(lic_sign)[:500] == signature: error = _('License already installed!') if raiseException: raise Exception(error) else: log.error(error) return False # so we calculate the expiration and store this together # with the license signature expires = datetime.datetime.now() + datetime.timedelta(days=days) expires_str = expires.strftime(date_format) # we take only some bytes as it is encrypted afterwards signature = base64.b64encode(lic_sign)[:500] license_expire = "%s:%s" % (signature, expires_str) storeConfig("license_duration", license_expire, typ='password') log.info("license_expiration %s" % license_expire) return True
def do_nagging(lic_info, nag_days=7): """ do nagging - answer the question if nagging should be done :param lic_info: the license info :return: boolean - True if nagging should be displayed """ d_fmt = "%Y-%m-%d" # we start 7 days after download license was installed nag_offset = nag_days if not ( lic_info.license_type and ( lic_info.license_type == "download" or lic_info.license_type == "demo" ) ): return False # in case there is no duration definition in 'xx days' we do the nagging if not lic_info.license_expiration: log.error( "Download license format error: Missing expiration definition!" ) return True now_date = datetime.datetime.now().date() expire = get_expiration_date(lic_info) expire_date = datetime.datetime.strptime(expire, d_fmt).date() # calculate back, when the license was enrolled duration = int(lic_info.license_expiration.replace("days", "").strip()) lic_start_date = expire_date - datetime.timedelta(days=duration) # calulate the nagging start date with given nag_offset nag_start_date = lic_start_date + datetime.timedelta(days=nag_offset) if now_date <= nag_start_date: return False # ok, we are in the nagging time frame, so start nagging last_nagged = getFromConfig("last_nagged") if last_nagged: # nag only once a day: check, if we nagged already today last_nag_date = datetime.datetime.strptime(last_nagged, d_fmt).date() # check if we nagged already today if last_nag_date >= now_date: return False datum = now_date.strftime(d_fmt) storeConfig("last_nagged", datum, desc="last nagged") return True
def do_nagging(lic_info): """ do nagging - answer the question if nagging should be done :param lic_info: the license info :return: boolean - True if nagging should be displayed """ d_fmt = "%Y-%m-%d" # we start 20 days after download license was installed nag_offset = 20 if not (lic_info.license_type and lic_info.license_type == 'download'): return False # in case there is no duration definition in 'xx days' we do the nagging if not lic_info.license_expiration: log.error("download license format error: " "missing expiration definition!") return True now_date = datetime.datetime.now().date() expire = get_expiration_date(lic_info) expire_date = datetime.datetime.strptime(expire, d_fmt).date() # calculate back, when the license was enrolled duration = int(lic_info.license_expiration.replace('days', '').strip()) lic_start_date = expire_date - datetime.timedelta(days=duration) # calulate the nagging start date with given nag_offset nag_start_date = lic_start_date + datetime.timedelta(days=nag_offset) if now_date <= nag_start_date: return False # ok, we are in the nagging time frame, so start nagging last_nagged = getFromConfig('last_nagged') if last_nagged: # nag only once a day: check, if we nagged already today last_nag_date = datetime.datetime.strptime(last_nagged, d_fmt).date() # check if we nagged already today if last_nag_date >= now_date: return False datum = now_date.strftime(d_fmt) storeConfig('last_nagged', datum, desc='last nagged') return True
def setSupportLicense(licString): """ set the license to be the current one :param licString: the license with description and signature :return: tuple with status (boolean) and if faild, the reason """ log.debug("[setSupportLicense] license %r", licString) valid, msg = isSupportLicenseValid(licString, raiseException=True) storeConfig("license", binascii.hexlify(licString)) log.info("[setLicense] license saved!") return (valid, msg)
def setSupportLicense(licString): """ set the license to be the current one :param licString: the license with description and signature :return: tuple with status (boolean) and if faild, the reason """ log.debug("[setSupportLicense] license %r", licString) valid, msg = isSupportLicenseValid(licString) storeConfig("license", binascii.hexlify(licString)) log.info("[setLicense] license saved!") return (valid, msg)
def setPolicy(policy): ''' define and store a policy definition :param policy: dict with the following keys: * name * action * scope * realm * user * time * client :return: dict with the results of the stored entries ''' ret = {} _ = context['translate'] name = policy.get('name') if 'active' not in policy: policy['active'] = "True" # check that the name does not contain any bad characters if not PolicyNameRegex.match(name): raise Exception( _("The name of the policy may only contain " "the characters a-zA-Z0-9_.")) # verify the required policy attributes required_attributes = ['action', 'scope', 'realm'] for required_attribute in required_attributes: if (required_attribute not in policy or not policy[required_attribute]): raise PolicyWarning("Missing attribute %s in " "policy %s" % (required_attribute, name)) # before storing the policy, we have to check the impact: # if there is a problem, we will raise an exception with a warning _check_policy_impact(**policy) # transpose the forwardServer policy action as it might # contain sensitive data policy["action"] = ForwardServerPolicy.prepare_forward(policy["action"]) attributes = [ 'action', 'scope', 'realm', 'user', 'time', 'client', 'active' ] for attr in attributes: key = "Policy.%s.%s" % (name, attr) value = policy[attr] typ = "" descr = "a policy definition" ret[attr] = storeConfig(key, value, typ, descr) return ret
def setRealm(realm, resolvers): realm = realm.lower().strip() realm = realm.replace(" ", "-") nameExp = "^[A-Za-z0-9_\-\.]*$" res = re.match(nameExp, realm) if res is None: e = Exception("non conformant characters in realm name:" " %s (not in %s)" % (realm, nameExp)) raise e ret = storeConfig("useridresolver.group.%s" % realm, resolvers) if ret == False: return ret createDBRealm(realm) ## if this is the first one, make it the default realms = getRealms() if 1 == len(realms): for name in realms: setDefaultRealm(name) return True
def setDefaultRealm(defaultRealm): """ set the defualt realm attrbute :note: verify, if the defualtRealm could be empty :"" :param defaultRealm: the default realm name :type defualtRealm: string :return: success or not :rtype: boolean """ ret = isRealmDefined(defaultRealm) if True == ret or defaultRealm == "": storeConfig(u"linotp.DefaultRealm", defaultRealm); return ret
def save_resolver_config(resolver, config, prefix, name): """ save the processed config to the global linotp config and to the db """ res = True for key, value in config.items(): # if the config contains something starting with 'linotp.' # it does not belong to the resolver rather then to linotp if key.startswith('linotp.'): continue # use a the fully qualified key name l_key = '%s.%s.%s' % (prefix, key, name) # do some type naming typ = 'unknown' if key in resolver.resolver_parameters: (_req, _def, data_typ) = resolver.resolver_parameters.get(key) try: typ = data_typ.__name__ except Exception as _exx: log.error("unknown data type for %s", key) res = storeConfig(l_key, value, typ=typ) return res
def save_resolver_config(resolver, config, prefix, name): """ save the processed config to the global linotp config and to the db """ res = True for key, value in list(config.items()): # if the config contains something starting with 'linotp.' # it does not belong to the resolver rather then to linotp if key.startswith('linotp.'): continue # use a the fully qualified key name l_key = '%s.%s.%s' % (prefix, key, name) # do some type naming typ = 'unknown' if key in resolver.resolver_parameters: (_req, _def, data_typ) = resolver.resolver_parameters.get(key) try: typ = data_typ.__name__ except Exception as _exx: log.error("unknown data type for %s", key) res = storeConfig(l_key, value, typ=typ) return res
def setRealm(realm, resolvers): realm = realm.lower().strip() realm = realm.replace(" ", "-") nameExp = "^[A-Za-z0-9_\-\.]*$" res = re.match(nameExp, realm) if res is None: e = Exception("non conformant characters in realm name:" " %s (not in %s)" % (realm, nameExp)) raise e ret = storeConfig("useridresolver.group.%s" % realm, resolvers) if ret == False: return ret createDBRealm(realm) # if this is the first one, make it the default realms = getRealms() if 1 == len(realms): for name in realms: setDefaultRealm(name) return True
def getProvider(provider_type, provider_name=None, decrypted=False): """ return a dict with providers, each with it's description as dict :param provider_type: either push, sms or email :param provider_name: name of the provider (optional) :return: the dict with all providers """ providers = {} if provider_type in Legacy_Provider.keys(): legacy_provider = get_legacy_provider(provider_type) providers.update(legacy_provider) new_providers = get_all_new_providers(provider_type) providers.update(new_providers) if not providers: return {} # is there already one provider registered as default? default_provider_name = get_default_provider(provider_type) if default_provider_name and default_provider_name in providers: provider = providers.get(default_provider_name) provider['Default'] = True else: # we take the first one in the list as the default firstone = providers.keys()[0] provider = providers[firstone] provider['Default'] = True default_provider_key = Default_Provider_Key[provider_type] storeConfig(default_provider_key, firstone) if decrypted: for provider_def in providers.values(): if 'Config' in provider_def: provider_def['Config'] = provider_def.get( 'Config').get_unencrypted() if provider_name: if provider_name in providers: return {provider_name: providers[provider_name]} else: return {} return providers
def setPolicy(policy): ''' define and store a policy definition :param policy: dict with the following keys: * name * action * scope * realm * user * time * client :return: dict with the results of the stored entries ''' ret = {} _ = context['translate'] name = policy.get('name') if 'active' not in policy: policy['active'] = "True" # check that the name does not contain any bad characters if not PolicyNameRegex.match(name): raise Exception(_("The name of the policy may only contain " "the characters a-zA-Z0-9_.")) # verify the required policy attributes required_attributes = ['action', 'scope', 'realm'] for required_attribute in required_attributes: if (required_attribute not in policy or not policy[required_attribute]): raise PolicyWarning("Missing attribute %s in " "policy %s" % (required_attribute, name)) # before storing the policy, we have to check the impact: # if there is a problem, we will raise an exception with a warning _check_policy_impact(**policy) # transpose the forwardServer policy action as it might # contain sensitive data policy["action"] = ForwardServerPolicy.prepare_forward(policy["action"]) attributes = ['action', 'scope', 'realm', 'user', 'time', 'client', 'active'] for attr in attributes: key = "Policy.%s.%s" % (name, attr) value = policy[attr] typ = "" descr = "a policy definition" ret[attr] = storeConfig(key, value, typ, descr) return ret
def setProvider(params): """ save the provider info in linotp config :param params: generic parameter dictionary to support later more complex provider definitions in the dictionary currently required keys are :param type: sms or email :param name: the provider name :param config: the provider config :param timeout: the provider timeout :param: default: boolean :return: success - boolean """ provider_type = params['type'] provider_name = params['name'] prefix = Provider_types.get(provider_type, {}).get('prefix') if not prefix: raise Exception('unknown provider type %r' % provider_type) provider_prefix = prefix + provider_name storeConfig(key=provider_prefix, val=params['class']) storeConfig(key=provider_prefix + '.Timeout', val=params['timeout']) # alternative to storing the whole config in encrypted way, we # might look if it's a json and store the next Config. level # and look for the reserved additional appended type: password storeConfig(key=provider_prefix + '.Config', val=params['config'], typ='password') # finally we handle the default setting and the # ability to delete legacy entries drop_legacy = False config = getLinotpConfig() default_provider_key = Default_Provider_Key[provider_type] if 'default' in params: if params['default'] == True or params['default'].lower() == 'true': storeConfig(key=default_provider_key, val=provider_name) drop_legacy = True elif provider_name == config.get(default_provider_key, ''): drop_legacy = True if drop_legacy: # at this point we can drop the legacy definition entries = Legacy_Provider[provider_type] for entry in entries.keys(): if entry in config: removeFromConfig(entry) return True, {}
def setDefaultProvider(provider_type, provider_name): """ interface to set the default provider wo. storing the provider :param provider_type: the type of the provider: sms or email :param provider_name: the name of the provider - must exist :return: boolean, success of storing default provider information """ res = False detail = {} providers = getProvider(provider_type, provider_name) if provider_name in providers: default_provider_key = Default_Provider_Key[provider_type] storeConfig(key=default_provider_key, val=provider_name) res = True else: detail = {'message': _('Unknown provider! %r') % provider_name} return res, detail
def setDefaultProvider(provider_type, provider_name): """ interface to set the default provider wo. storing the provider :param provider_type: the type of the provider: sms or email :param provider_name: the name of the provider - must exist :return: boolean, success of storing default provider information """ res = False detail = {} providers = getProvider(provider_type, provider_name) if provider_name in providers or provider_name == Legacy_Provider_Name: default_provider_key = Default_Provider_Key[provider_type] storeConfig(key=default_provider_key, val=provider_name) res = True else: detail = {'message': _('Unknown provider! %r') % provider_name} return res, detail
def save_legacy_provider(provider_type, params): """ save the provider to the legacy format :param provider_type: push, sms or email provider :param params: the provider description dict with 'class', 'config' and 'timeout' """ defintion = Legacy_Provider.get(provider_type, {}) if not defintion: raise Exception("unknown provider type %r" % provider_type) for config_name, spec in list(defintion.items()): if spec == "Class" and "class" in params: storeConfig(key=config_name, val=params["class"]) if spec == "Config" and "config" in params: storeConfig(key=config_name, val=params["config"], typ="encrypted_data") if spec == "Timeout" and "timeout" in params: storeConfig(key=config_name, val=params["timeout"]) return
def save_new_provider(provider_type, provider_name, params): """ save the provider in the new provider format remarks: alternative to storing the whole config in encrypted way, we might look if it's a json and store the next Config. level and look for the reserved additional appended type: password :param provider_type: sms or email provider :param provider_name: the name of the provider :param params: the provider description dict with 'class', 'config', and 'timeout' """ prefix = Provider_types.get(provider_type, {}).get('prefix') if not prefix: raise Exception('unknown provider type %r' % provider_type) provider_prefix = prefix + provider_name storeConfig(key=provider_prefix, val=params['class']) storeConfig(key=provider_prefix + '.Timeout', val=params['timeout']) storeConfig(key=provider_prefix + '.Config', val=params['config'], typ='password') return True, {}
def save_legacy_provider(provider_type, params): """ save the provider to the legacy format :param provider_type: push, sms or email provider :param params: the provider description dict with 'class', 'config' and 'timeout' """ defintion = Legacy_Provider.get(provider_type, {}) if not defintion: raise Exception('unknown provider type %r' % provider_type) for config_name, spec in defintion.items(): if spec == 'Class' and 'class' in params: storeConfig(key=config_name, val=params['class']) if spec == 'Config' and 'config' in params: storeConfig(key=config_name, val=params['config'], typ='encrypted_data') if spec == 'Timeout' and 'timeout' in params: storeConfig(key=config_name, val=params['timeout']) return
def setDefaultRealm(defaultRealm, check_if_exists=True): """ set the defualt realm attrbute :note: verify, if the defualtRealm could be empty :"" :param defaultRealm: the default realm name :type defualtRealm: string :return: success or not :rtype: boolean """ #TODO: verify merge if check_if_exists: ret = isRealmDefined(defaultRealm) else: ret = True if ret is True or defaultRealm == "": storeConfig("linotp.DefaultRealm", defaultRealm) return ret
def setDefaultRealm(defaultRealm, check_if_exists=True): """ set the defualt realm attrbute :note: verify, if the defualtRealm could be empty :"" :param defaultRealm: the default realm name :type defualtRealm: string :return: success or not :rtype: boolean """ #TODO: verify merge if check_if_exists: ret = isRealmDefined(defaultRealm) else: ret = True if ret is True or defaultRealm == "": storeConfig(u"linotp.DefaultRealm", defaultRealm) return ret
def setPolicy(param): ''' Function to set a policy. It expects a dict of with the following keys: * name * action * scope * realm * user * time * client ''' ret = {} name = param.get('name') action = param.get('action') scope = param.get('scope') realm = param.get('realm') user = param.get('user') time = param.get('time') client = param.get('client') active = param.get('active', "True") # before storing the policy, we have to check the impact: # if there is a problem, we will raise an exception with a warning if context and 'Policies' in context: policies = context['Policies'] else: policies = getPolicies() _check_policy_impact(policies=policies, **param) action = ForwardServerPolicy.prepare_forward(action) ret["action"] = storeConfig("Policy.%s.action" % name, action, "", "a policy definition") ret["scope"] = storeConfig("Policy.%s.scope" % name, scope, "", "a policy definition") ret["realm"] = storeConfig("Policy.%s.realm" % name, realm, "", "a policy definition") ret["user"] = storeConfig("Policy.%s.user" % name, user, "", "a policy definition") ret["time"] = storeConfig("Policy.%s.time" % name, time, "", "a policy definition") ret["client"] = storeConfig("Policy.%s.client" % name, client, "", "a policy definition") ret["active"] = storeConfig("Policy.%s.active" % name, active, "", "a policy definition") return ret
def saveConfig(self): res = 'success' if self.name is None: return "no resolver name defined" # do the setConfig()'s prefix = self.type + "." postfix = "." + self.name for d in self.data: key = prefix + d + postfix val = self.data.get(d) typ = None desc = None if d in self.types: typ = self.types.get(d) if d in self.desc: desc = self.desc.get(d) res = storeConfig(key, val, typ, desc) return res
def saveConfig(self): res = 'success' if self.name is None: return "no resolver name defined" # do the setConfig()'s prefix = self.type + "." postfix = "." + self.name for d in self.data: key = prefix + d + postfix val = self.data.get(d) typ = None desc = None if self.types.has_key(d) == True: typ = self.types.get(d) if self.desc.has_key(d) == True: desc = self.desc.get(d) res = storeConfig(key, val, typ, desc) return res
def save_new_provider(provider_type, provider_name, params): """ save the provider in the new provider format remarks: alternative to storing the whole config in encrypted way, we might look if it's a json and store the next Config. level and look for the reserved additional appended type: encrypted_data :param provider_type: push, sms or email provider :param provider_name: the name of the provider :param params: the provider description dict with 'class', 'config', and 'timeout' """ prefix = Provider_types.get(provider_type, {}).get('prefix') if not prefix: raise Exception('unknown provider type %r' % provider_type) provider_prefix = prefix + provider_name storeConfig(key=provider_prefix, val=params['class']) config_mapping = { 'timeout': ('Timeout', None), 'config': ('Config', 'encrypted_data')} # # alternative config entries are supported by the the adjustable config # entries if the provider supports the 'getConfigMapping' interface: # try: provider_class = _load_provider_class(params['class']) config_mapping = provider_class.getConfigMapping() except AttributeError as exx: log.debug("provider %r does not support ConfigMapping: %r", provider_name, exx) # add the extra parameter for each resolver that it could be a managed one config_mapping['managed'] = ('Managed', None) for config_entry in config_mapping.keys(): if config_entry not in params: continue # get the mapping entry and split the config name and type mapping_entry = config_mapping[config_entry] config_key, config_type = mapping_entry value = params[config_entry] if isinstance(params[config_entry], str): value = params[config_entry].decode('utf-8') # store the config entry storeConfig(key=provider_prefix + '.' + config_key, val=value, typ=config_type) return True, {}
def getProvider(provider_type, provider_name=None): """ return a dict with providers, each with it's description as dict :param provider_type: either sms or email :param provider_name: name of the provider (optional) """ providers = {} # find out, which provider type we have, currently only sms or email prefix = Provider_types.get(provider_type, {}).get('prefix') if not prefix: raise Exception('unknow provider type %r' % provider_type) default_provider_key = Default_Provider_Key[provider_type] # find out, which providers we have config = getLinotpConfig() provider_names = {} default_provider = None # if provider by name is given, we select only this one if provider_name: name = prefix + provider_name if name in config: provider_names[name] = config[name] else: # first identify all providers by its name for key, value in config.items(): if key[:len(prefix)] == prefix: parts = key.split('.') if len(parts) == 3: provider_names[key] = value for provider, provider_class in provider_names.items(): defintion = {} defintion['Class'] = provider_class prefix = provider + '.' for key, value in config.items(): if key[:len(prefix)] == prefix: if 'enc' + key in config: value = config.get('enc' + key) entry = key.replace(prefix, '') defintion[entry] = value defintion['Default'] = False name = provider.split('.')[2] providers[name] = defintion # finally care for the default provider if default_provider_key in config: default_provider = config.get(default_provider_key) if default_provider in providers: providers[default_provider]['Default'] = True # if searched for a dedicated provider, ignore the legacy one if not provider_name: if Legacy_Provider_Name not in providers: defintion = get_legacy_provider(provider_type=provider_type) if defintion: if not default_provider: defintion['Default'] = True providers[Legacy_Provider_Name] = defintion # # finally check that we preserve and show the default: # # if in the current definition, we have a different default defined (s.o.) # we trust this and overwrite the one of Config table (if any) # This will create a consistent way to bootstrap a default even # from import for provider in providers: provider_info = providers[provider] if provider_info.get('Default', False): if config.get(default_provider_key, '') != provider: storeConfig(default_provider_key, provider) # if there is only one defined, it must be the default :-) if len(providers.keys()) == 1: for provider, provider_info in providers.items(): provider_info['Default'] = True storeConfig(default_provider_key, provider) return providers