Bug 559 use schema_version 1.1 and encrypt passwds
Change-Id: I8f949a0e68460b5d81fc0b7392fe700494a6c4be
Signed-off-by: tierno <alfonso.tiernosepulveda@telefonica.com>
diff --git a/Dockerfile.local b/Dockerfile.local
index da13878..7096163 100644
--- a/Dockerfile.local
+++ b/Dockerfile.local
@@ -56,7 +56,7 @@
ENV OSMNBI_DATABASE_PORT 27017
# ENV OSMNBI_DATABASE_USER xxx
# ENV OSMNBI_DATABASE_PASSWORD xxx
-# ENV OSMNBI_DATABASE_MASTERPASSWORD xxx
+# ENV OSMNBI_DATABASE_COMMONKEY xxx
# web
ENV OSMNBI_STATIC_DIR /app/osm_nbi/html_public
# logs
@@ -67,7 +67,7 @@
ENV OSMNBI_MESSAGE_HOST kafka
ENV OSMNBI_MESSAGE_PORT 9092
# logs
-ENV OSMNBI_LOG_FILE /app/log/nbi.log
+# ENV OSMNBI_LOG_FILE /app/log/nbi.log
ENV OSMNBI_LOG_LEVEL DEBUG
# authentication
ENV OSMNBI_AUTHENTICATION_BACKEND internal
diff --git a/osm_nbi/admin_topics.py b/osm_nbi/admin_topics.py
index 3b5da53..091ac88 100644
--- a/osm_nbi/admin_topics.py
+++ b/osm_nbi/admin_topics.py
@@ -128,6 +128,7 @@
topic_msg = "vim_account"
schema_new = vim_account_new_schema
schema_edit = vim_account_edit_schema
+ vim_config_encrypted = ("admin_password", "nsx_password", "vcenter_password")
def __init__(self, db, fs, msg):
BaseTopic.__init__(self, db, fs, msg)
@@ -136,12 +137,35 @@
self.check_unique_name(session, indata["name"], _id=None)
def check_conflict_on_edit(self, session, final_content, edit_content, _id, force=False):
- if edit_content.get("name"):
+ if not force and edit_content.get("name"):
self.check_unique_name(session, edit_content["name"], _id=_id)
- @staticmethod
- def format_on_new(content, project_id=None, make_public=False):
- BaseTopic.format_on_new(content, project_id=project_id, make_public=False)
+ # encrypt passwords
+ schema_version = final_content.get("schema_version")
+ if schema_version:
+ if edit_content.get("vim_password"):
+ final_content["vim_password"] = self.db.encrypt(edit_content["vim_password"],
+ schema_version=schema_version, salt=_id)
+ if edit_content.get("config"):
+ for p in self.vim_config_encrypted:
+ if edit_content["config"].get(p):
+ final_content["config"][p] = self.db.encrypt(edit_content["config"][p],
+ schema_version=schema_version, salt=_id)
+
+ def format_on_new(self, content, project_id=None, make_public=False):
+ BaseTopic.format_on_new(content, project_id=project_id, make_public=make_public)
+ content["schema_version"] = schema_version = "1.1"
+
+ # encrypt passwords
+ if content.get("vim_password"):
+ content["vim_password"] = self.db.encrypt(content["vim_password"], schema_version=schema_version,
+ salt=content["_id"])
+ if content.get("config"):
+ for p in self.vim_config_encrypted:
+ if content["config"].get(p):
+ content["config"][p] = self.db.encrypt(content["config"][p], schema_version=schema_version,
+ salt=content["_id"])
+
content["_admin"]["operationalState"] = "PROCESSING"
def delete(self, session, _id, force=False, dry_run=False):
@@ -176,12 +200,23 @@
self.check_unique_name(session, indata["name"], _id=None)
def check_conflict_on_edit(self, session, final_content, edit_content, _id, force=False):
- if edit_content.get("name"):
+ if not force and edit_content.get("name"):
self.check_unique_name(session, edit_content["name"], _id=_id)
- @staticmethod
- def format_on_new(content, project_id=None, make_public=False):
- BaseTopic.format_on_new(content, project_id=project_id, make_public=False)
+ # encrypt passwords
+ schema_version = final_content.get("schema_version")
+ if schema_version and edit_content.get("password"):
+ final_content["password"] = self.db.encrypt(edit_content["password"], schema_version=schema_version,
+ salt=_id)
+
+ def format_on_new(self, content, project_id=None, make_public=False):
+ BaseTopic.format_on_new(content, project_id=project_id, make_public=make_public)
+ content["schema_version"] = schema_version = "1.1"
+ # encrypt passwords
+ if content.get("password"):
+ content["password"] = self.db.encrypt(content["password"], schema_version=schema_version,
+ salt=content["_id"])
+
content["_admin"]["operationalState"] = "PROCESSING"
def delete(self, session, _id, force=False, dry_run=False):
diff --git a/osm_nbi/html_public/version b/osm_nbi/html_public/version
index f681730..80d6895 100644
--- a/osm_nbi/html_public/version
+++ b/osm_nbi/html_public/version
@@ -1,2 +1,2 @@
-0.1.25
-2018-11-08
+0.1.26
+2018-11-15
diff --git a/osm_nbi/nbi.cfg b/osm_nbi/nbi.cfg
index 215211d..1dbc9ca 100644
--- a/osm_nbi/nbi.cfg
+++ b/osm_nbi/nbi.cfg
@@ -50,7 +50,7 @@
name: "osm"
# user: "user"
# password: "password"
-# materpassword: "mpasswd"
+# commonkey: "commonkey"
loglevel: "DEBUG"
#logfile: /var/log/osm/nbi-database.log