projects / osm / common.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
minor spelling changes
[osm/common.git] / osm_common / dbbase.py
diff --git a/osm_common/dbbase.py b/osm_common/dbbase.py
index 1319fd8..7f87663 100644 (file)
--- a/osm_common/dbbase.py
+++ b/osm_common/dbbase.py
@@ -17,6 +17,7 @@
 
 import yaml
 import logging
+import re
 from http import HTTPStatus
 from copy import deepcopy
 from Crypto.Cipher import AES
@@ -60,7 +61,7 @@ class DbBase(object):
         """
         Connect to database
         :param config: Configuration of database. Contains among others:
-            host:   database hosst (mandatory)
+            host:   database host (mandatory)
             port:   database port (mandatory)
             name:   database name (mandatory)
             user:   database username
@@ -211,6 +212,13 @@ class DbBase(object):
             self.secret_key = None
         self.secret_key = self._join_secret_key(new_secret_key)
 
+    def get_secret_key(self):
+        """
+        Get the database secret key in case it is not done when "connect" is called. It can happens when database is
+        empty after an initial install. It should skip if secret is already obtained.
+        """
+        pass
+
     def encrypt(self, value, schema_version=None, salt=None):
         """
         Encrypt a value
@@ -220,6 +228,7 @@ class DbBase(object):
         :param salt: optional salt to be used. Must be str
         :return: Encrypted content of value
         """
+        self.get_secret_key()
         if not self.secret_key or not schema_version or schema_version == '1.0':
             return value
         else:
@@ -239,6 +248,7 @@ class DbBase(object):
         :param salt: optional salt to be used
         :return: Plain content of value
         """
+        self.get_secret_key()
         if not self.secret_key or not schema_version or schema_version == '1.0':
             return value
         else:
@@ -253,6 +263,29 @@ class DbBase(object):
                                   http_code=HTTPStatus.INTERNAL_SERVER_ERROR)
             return unpadded_private_msg
 
+    def encrypt_decrypt_fields(self, item, action, fields=None, flags=re.I, schema_version=None, salt=None):
+        if not fields:
+            return
+        self.get_secret_key()
+        actions = ['encrypt', 'decrypt']
+        if action.lower() not in actions:
+            raise DbException("Unknown action ({}): Must be one of {}".format(action, actions),
+                              http_code=HTTPStatus.INTERNAL_SERVER_ERROR)
+        method = self.encrypt if action.lower() == 'encrypt' else self.decrypt
+
+        def process(item):
+            if isinstance(item, list):
+                for elem in item:
+                    process(elem)
+            elif isinstance(item, dict):
+                for key, val in item.items():
+                    if any(re.search(f, key, flags) for f in fields) and isinstance(val, str):
+                        item[key] = method(val, schema_version, salt)
+                    else:
+                        process(val)
+
+        process(item)
+
 
 def deep_update_rfc7396(dict_to_change, dict_reference, key_list=None):
     """