Finished data upload

Refactored to move security package inside common Moved data folder to process root.
2021-11-28 02:30:46 +00:00
parent 5b2e6dda67
commit 79193d897e
14 changed files with 192 additions and 40 deletions
--- a/ref-test/common/security/init.py
+++ b/ref-test/common/security/init.py
@ -0,0 +1,49 @@
+from os import environ, path
+from cryptography.fernet import Fernet
+
+def generate_keyfile():
+    with open('./common/security/.encryption.key', 'wb') as keyfile:
+        key = Fernet.generate_key()
+        keyfile.write(key)
+
+def load_key():
+    with open('./common/security/.encryption.key', 'rb') as keyfile:
+        key = keyfile.read()
+        return key
+
+def check_keyfile_exists():
+    return path.isfile('./common/security/.encryption.key')
+
+def encrypt(input):
+    if not check_keyfile_exists():
+        generate_keyfile()
+    _encryption_key = load_key()
+    fernet = Fernet(_encryption_key)
+    if type(input) == str:
+        input = input.encode()
+        output = fernet.encrypt(input)
+        return output.decode()
+    if type(input) == dict:
+        output = {}
+        for key,value in input.items():
+            if type(value) == dict:
+                output[key] = encrypt(value)
+            else:
+                value = value.encode()
+                output[key] = fernet.encrypt(value)
+                output[key] = output[key].decode()
+        return output
+
+def decrypt(input):
+    if not check_keyfile_exists():
+        raise EncryptionKeyMissing
+    input = input.encode()
+    _encryption_key = load_key()
+    fernet = Fernet(_encryption_key)
+    output = fernet.decrypt(input)
+    return output.decode()
+
+class EncryptionKeyMissing(Exception):
+    def __init__(self, message='There is no encryption keyfile.'):
+        self.message = message
+        super().__init__(self.message)
--- a/ref-test/common/security/database.py
+++ b/ref-test/common/security/database.py
@ -0,0 +1,46 @@
+from pymongo import collection
+from . import encrypt, decrypt
+encrypted_parameters = ['username', 'email', 'name', 'club', 'creator']
+
+def decrypt_find(collection:collection, query:dict):
+    cursor = collection.find({})
+    output_list = []
+    for document in cursor:
+        decrypted_document = {}
+        for key in document:
+            if key not in encrypted_parameters:
+                decrypted_document[key] = document[key]
+            else:
+                decrypted_document[key] = decrypt(document[key])
+        if not query:
+            output_list.append(decrypted_document)
+        else:
+            if set(query.items()).issubset(set(decrypted_document.items())):
+                output_list.append(decrypted_document)
+    return output_list
+
+def decrypt_find_one(collection:collection, query:dict={}):
+    cursor = decrypt_find(collection=collection, query=query)
+    if cursor: return cursor[0]
+    return None
+
+def encrypted_update(collection:collection, query:dict={}, update:dict={}):
+    document = decrypt_find_one(collection=collection, query=query)
+    for update_action in update:
+        key_pairs = update[update_action]
+        if type(key_pairs) is not dict:
+            raise ValueError
+        if update_action == '$set':
+            for key in key_pairs:
+                if key == '_id':
+                    raise ValueError
+                document[key] = key_pairs[key]
+        if update_action == '$unset':
+            for key in key_pairs:
+                if key == '_id':
+                    raise ValueError
+                if key in document:
+                    del document[key]
+    for key in document:
+        document[key] = encrypt(document[key]) if key in encrypted_parameters else document[key]
+    return collection.find_one_and_replace( { '_id': document['_id'] },  document)