X-Git-Url: https://osm.etsi.org/gitweb/?a=blobdiff_plain;f=osm_common%2Fdbbase.py;h=7428ed969509860ef2cf4af999fa5f9024a28afb;hb=refs%2Fchanges%2F80%2F8380%2F3;hp=e9152e505cfd479833ba9564e2028084e7e00d1c;hpb=3e759159243751bee85943700c4ad118ff8c6c70;p=osm%2Fcommon.git

diff --git a/osm_common/dbbase.py b/osm_common/dbbase.py
index e9152e5..7428ed9 100644
--- a/osm_common/dbbase.py
+++ b/osm_common/dbbase.py
@@ -17,6 +17,7 @@
 
 import yaml
 import logging
+import re
 from http import HTTPStatus
 from copy import deepcopy
 from Crypto.Cipher import AES
@@ -88,6 +89,16 @@ class DbBase(object):
         """
         raise DbException("Method 'get_list' not implemented")
 
+    def count(self, table, q_filter=None):
+        """
+        Count the number of entries matching q_filter
+        :param table: collection or table
+        :param q_filter: Filter
+        :return: number of entries found (can be zero)
+        :raise: DbException on error
+        """
+        raise DbException("Method 'count' not implemented")
+
     def get_one(self, table, q_filter=None, fail_on_empty=True, fail_on_more=True):
         """
         Obtain one entry matching q_filter
@@ -201,6 +212,13 @@ class DbBase(object):
             self.secret_key = None
         self.secret_key = self._join_secret_key(new_secret_key)
 
+    def get_secret_key(self):
+        """
+        Get the database secret key in case it is not done when "connect" is called. It can happens when database is
+        empty after an initial install. It should skip if secret is already obtained.
+        """
+        pass
+
     def encrypt(self, value, schema_version=None, salt=None):
         """
         Encrypt a value
@@ -210,6 +228,7 @@ class DbBase(object):
         :param salt: optional salt to be used. Must be str
         :return: Encrypted content of value
         """
+        self.get_secret_key()
         if not self.secret_key or not schema_version or schema_version == '1.0':
             return value
         else:
@@ -229,6 +248,7 @@ class DbBase(object):
         :param salt: optional salt to be used
         :return: Plain content of value
         """
+        self.get_secret_key()
         if not self.secret_key or not schema_version or schema_version == '1.0':
             return value
         else:
@@ -243,6 +263,29 @@ class DbBase(object):
                                   http_code=HTTPStatus.INTERNAL_SERVER_ERROR)
             return unpadded_private_msg
 
+    def encrypt_decrypt_fields(self, item, action, fields=None, flags=re.I, schema_version=None, salt=None):
+        if not fields:
+            return
+        self.get_secret_key()
+        actions = ['encrypt', 'decrypt']
+        if action.lower() not in actions:
+            raise DbException("Unknown action ({}): Must be one of {}".format(action, actions),
+                              http_code=HTTPStatus.INTERNAL_SERVER_ERROR)
+        method = self.encrypt if action.lower() == 'encrypt' else self.decrypt
+
+        def process(item):
+            if isinstance(item, list):
+                for elem in item:
+                    process(elem)
+            elif isinstance(item, dict):
+                for key, val in item.items():
+                    if any(re.search(f, key, flags) for f in fields) and isinstance(val, str):
+                        item[key] = method(val, schema_version, salt)
+                    else:
+                        process(val)
+
+        process(item)
+
 
 def deep_update_rfc7396(dict_to_change, dict_reference, key_list=None):
     """