Finished most of admin console

Basic CRUD operations for managing registered admin users Encrypted personal information Still missing sections on managing tests and results Also missing dashboards/index/category landing pages
2021-11-23 13:00:03 +00:00
parent 935cba0939
commit 0002c15e94
45 changed files with 2265 additions and 0 deletions
--- a/ref-test/security/init.py
+++ b/ref-test/security/init.py
@ -0,0 +1,38 @@
+from os import path
+from cryptography.fernet import Fernet
+
+def generate_keyfile():
+    with open('./security/.encryption.key', 'wb') as keyfile:
+        key = Fernet.generate_key()
+        keyfile.write(key)
+
+def load_key():
+    with open('./security/.encryption.key', 'rb') as keyfile:
+        key = keyfile.read()
+        return key
+
+def check_keyfile_exists():
+    return path.isfile('./security/.encryption.key')
+
+def encrypt(input:str):
+    input = input.encode()
+    if not check_keyfile_exists():
+        generate_keyfile()
+    _encryption_key = load_key()
+    fernet = Fernet(_encryption_key)
+    output = fernet.encrypt(input)
+    return output.decode()
+
+def decrypt(input):
+    if not check_keyfile_exists():
+        raise EncryptionKeyMissing
+    input = input.encode()
+    _encryption_key = load_key()
+    fernet = Fernet(_encryption_key)
+    output = fernet.decrypt(input)
+    return output.decode()
+
+class EncryptionKeyMissing(Exception):
+    def __init__(self, message='There is no encryption keyfile.'):
+        self.message = message
+        super().__init__(self.message)
--- a/ref-test/security/database.py
+++ b/ref-test/security/database.py
@ -0,0 +1,46 @@
+from pymongo import collection
+from . import encrypt, decrypt
+encrypted_parameters = ['username', 'email', 'name', 'club']
+
+def decrypt_find(collection:collection, query:dict):
+    cursor = collection.find({})
+    output_list = []
+    for document in cursor:
+        decrypted_document = {}
+        for key in document:
+            if key not in encrypted_parameters:
+                decrypted_document[key] = document[key]
+            else:
+                decrypted_document[key] = decrypt(document[key])
+        if not query:
+            output_list.append(decrypted_document)
+        else:
+            if set(query.items()).issubset(set(decrypted_document.items())):
+                output_list.append(decrypted_document)
+    return output_list
+
+def decrypt_find_one(collection:collection, query:dict={}):
+    cursor = decrypt_find(collection=collection, query=query)
+    if cursor: return cursor[0]
+    return None
+
+def encrypted_update(collection:collection, query:dict={}, update:dict={}):
+    document = decrypt_find_one(collection=collection, query=query)
+    for update_action in update:
+        key_pairs = update[update_action]
+        if type(key_pairs) is not dict:
+            raise ValueError
+        if update_action == '$set':
+            for key in key_pairs:
+                if key == '_id':
+                    raise ValueError
+                document[key] = key_pairs[key]
+        if update_action == '$unset':
+            for key in key_pairs:
+                if key == '_id':
+                    raise ValueError
+                if key in document:
+                    del document[key]
+    for key in document:
+        document[key] = encrypt(document[key]) if key in encrypted_parameters else document[key]
+    return collection.find_one_and_replace( { '_id': document['_id'] },  document)