2017-05-24 11:33:11 -04:00
|
|
|
from __future__ import unicode_literals
|
|
|
|
|
|
2016-03-01 11:23:03 -05:00
|
|
|
from rest_framework import serializers
|
2017-03-17 16:01:57 -04:00
|
|
|
from rest_framework.validators import UniqueTogetherValidator
|
2018-05-10 12:53:11 -04:00
|
|
|
from taggit.models import Tag
|
2016-03-01 11:23:03 -05:00
|
|
|
|
2017-01-27 12:22:29 -05:00
|
|
|
from dcim.api.serializers import NestedDeviceSerializer
|
2018-07-17 09:43:57 -04:00
|
|
|
from extras.api.customfields import CustomFieldModelSerializer
|
2016-03-01 11:23:03 -05:00
|
|
|
from secrets.models import Secret, SecretRole
|
2018-05-10 12:53:11 -04:00
|
|
|
from utilities.api import TagField, ValidatedModelSerializer, WritableNestedSerializer
|
2016-03-01 11:23:03 -05:00
|
|
|
|
|
|
|
|
|
|
|
|
|
#
|
|
|
|
|
# SecretRoles
|
|
|
|
|
#
|
|
|
|
|
|
2017-08-15 13:54:04 -04:00
|
|
|
class SecretRoleSerializer(ValidatedModelSerializer):
|
2016-03-01 11:23:03 -05:00
|
|
|
|
|
|
|
|
class Meta:
|
|
|
|
|
model = SecretRole
|
|
|
|
|
fields = ['id', 'name', 'slug']
|
|
|
|
|
|
|
|
|
|
|
2018-04-05 14:12:43 -04:00
|
|
|
class NestedSecretRoleSerializer(WritableNestedSerializer):
|
2017-01-31 10:40:53 -05:00
|
|
|
url = serializers.HyperlinkedIdentityField(view_name='secrets-api:secretrole-detail')
|
2016-03-01 11:23:03 -05:00
|
|
|
|
2017-01-27 12:22:29 -05:00
|
|
|
class Meta:
|
|
|
|
|
model = SecretRole
|
|
|
|
|
fields = ['id', 'url', 'name', 'slug']
|
2016-03-01 11:23:03 -05:00
|
|
|
|
|
|
|
|
|
|
|
|
|
#
|
|
|
|
|
# Secrets
|
|
|
|
|
#
|
|
|
|
|
|
2018-07-17 09:43:57 -04:00
|
|
|
class SecretSerializer(CustomFieldModelSerializer):
|
2017-01-27 12:22:29 -05:00
|
|
|
device = NestedDeviceSerializer()
|
|
|
|
|
role = NestedSecretRoleSerializer()
|
2017-02-01 16:21:33 -05:00
|
|
|
plaintext = serializers.CharField()
|
2018-05-10 12:53:11 -04:00
|
|
|
tags = TagField(queryset=Tag.objects.all(), required=False, many=True)
|
2017-02-01 16:21:33 -05:00
|
|
|
|
|
|
|
|
class Meta:
|
|
|
|
|
model = Secret
|
2018-07-17 09:43:57 -04:00
|
|
|
fields = [
|
|
|
|
|
'id', 'device', 'role', 'name', 'plaintext', 'hash', 'tags', 'custom_fields', 'created', 'last_updated',
|
|
|
|
|
]
|
2017-03-17 16:01:57 -04:00
|
|
|
validators = []
|
|
|
|
|
|
|
|
|
|
def validate(self, data):
|
|
|
|
|
|
2018-01-02 17:07:21 -05:00
|
|
|
# Encrypt plaintext data using the master key provided from the view context
|
|
|
|
|
if data.get('plaintext'):
|
|
|
|
|
s = Secret(plaintext=data['plaintext'])
|
|
|
|
|
s.encrypt(self.context['master_key'])
|
|
|
|
|
data['ciphertext'] = s.ciphertext
|
|
|
|
|
data['hash'] = s.hash
|
|
|
|
|
|
2017-03-17 16:01:57 -04:00
|
|
|
# Validate uniqueness of name if one has been provided.
|
2018-01-02 17:07:21 -05:00
|
|
|
if data.get('name'):
|
2017-03-17 16:01:57 -04:00
|
|
|
validator = UniqueTogetherValidator(queryset=Secret.objects.all(), fields=('device', 'role', 'name'))
|
|
|
|
|
validator.set_context(self)
|
|
|
|
|
validator(data)
|
|
|
|
|
|
2017-07-06 17:37:24 -04:00
|
|
|
# Enforce model validation
|
2018-04-05 14:12:43 -04:00
|
|
|
super(SecretSerializer, self).validate(data)
|
2017-07-06 17:37:24 -04:00
|
|
|
|
2017-03-17 16:01:57 -04:00
|
|
|
return data
|
