diff options
-rw-r--r-- | __init__.py | 13 | ||||
-rw-r--r-- | server.py | 3 | ||||
-rw-r--r-- | shared_db.py | 18 |
3 files changed, 28 insertions, 6 deletions
diff --git a/__init__.py b/__init__.py index 97130cde..86eb762e 100644 --- a/__init__.py +++ b/__init__.py @@ -113,6 +113,9 @@ class Soledad(object): This method decides which bootstrap stage has to be performed and performs it. """ + # TODO: make sure key storage always happens (even if this method is + # interrupted). + # TODO: write tests for bootstrap stages. self._init_dirs() self._gpg = GPGWrapper(gnupghome=self.gnupg_home) if not self._has_keys(): @@ -134,6 +137,7 @@ class Soledad(object): Initialize configuration, with precedence order give by: instance parameters > config file > default values. """ + # TODO: write tests for _init_config() self.prefix = param_conf['prefix'] or \ os.environ['HOME'] + '/.config/leap/soledad' m = re.compile('.*%s.*') @@ -143,6 +147,7 @@ class Soledad(object): val = val % self.prefix setattr(self, key, val) # get config from file + # TODO: sanitize options from config file. config = configparser.ConfigParser() config.read(self.config_file) if 'soledad-client' in config: @@ -162,6 +167,7 @@ class Soledad(object): Generate (if needed) and load OpenPGP keypair and secret for symmetric encryption. """ + # TODO: write tests for methods below. # load/generate OpenPGP keypair if not self._has_openpgp_keypair(): self._gen_openpgp_keypair() @@ -195,6 +201,9 @@ class Soledad(object): # Management of secret for symmetric encryption #------------------------------------------------------------------------- + # TODO: refactor the following methods to somewhere out of here + # (SoledadCrypto, maybe?) + def _has_secret(self): """ Verify if secret for symmetric encryption exists in a local encrypted @@ -322,6 +331,7 @@ class Soledad(object): # TODO: create corresponding error on server side def _send_keys(self, passphrase): + # TODO: change this method's name to something more meaningful. privkey = self._gpg.export_keys(self._fingerprint, secret=True) content = { '_privkey': self.encrypt(privkey, passphrase=passphrase, @@ -382,6 +392,9 @@ class Soledad(object): # Document storage, retrieval and sync #------------------------------------------------------------------------- + # TODO: refactor the following methods to somewhere out of here + # (SoledadLocalDatabase, maybe?) + def put_doc(self, doc): """ Update a document in the local encrypted database. @@ -128,7 +128,8 @@ def load_configuration(file_path): for key in conf: if key in config['soledad-server']: conf[key] = config['soledad-server'][key] - # TODO: implement basic parsing of options comming from config file. + # TODO: implement basic parsing/sanitization of options comming from + # config file. return conf diff --git a/shared_db.py b/shared_db.py index 7a1eae5d..9694db2b 100644 --- a/shared_db.py +++ b/shared_db.py @@ -33,16 +33,21 @@ class Unauthorized(Exception): class SoledadSharedDatabase(http_database.HTTPDatabase): """ This is a shared HTTP database that holds users' encrypted keys. + + An authorization token is attached to every request other than + get_doc_unauth, which has the purpose of retrieving encrypted content from + the shared database without the need to associate user information with + the request. """ # TODO: prevent client from messing with the shared DB. # TODO: define and document API. @staticmethod - def open_database(url, create, token=None, soledad=None): + def open_database(url, create, token=None): """ Open a Soledad shared database. """ - db = SoledadSharedDatabase(url, token=token, soledad=soledad) + db = SoledadSharedDatabase(url, token=token) db.open(create) return db @@ -53,10 +58,11 @@ class SoledadSharedDatabase(http_database.HTTPDatabase): """ raise Unauthorized("Can't delete shared database.") - def __init__(self, url, document_factory=None, creds=None, token=None, - soledad=None): + def __init__(self, url, document_factory=None, creds=None, token=None): + """ + Initialize database with auth token and encryption powers. + """ self._token = token - self._soledad = soledad super(SoledadSharedDatabase, self).__init__(url, document_factory, creds) @@ -65,6 +71,7 @@ class SoledadSharedDatabase(http_database.HTTPDatabase): """ Perform token-based http request. """ + # add the auth-token as a request parameter if auth: if not self._token: raise NoTokenForAuth() @@ -82,6 +89,7 @@ class SoledadSharedDatabase(http_database.HTTPDatabase): """ Perform token-based http request. """ + # allow for token-authenticated requests. res, headers = self._request(method, url_parts, params=params, body=body, content_type=content_type, auth=auth) |