diff options
| -rw-r--r-- | __init__.py | 13 | ||||
| -rw-r--r-- | server.py | 3 | ||||
| -rw-r--r-- | shared_db.py | 18 | 
3 files changed, 28 insertions, 6 deletions
| diff --git a/__init__.py b/__init__.py index 97130cde..86eb762e 100644 --- a/__init__.py +++ b/__init__.py @@ -113,6 +113,9 @@ class Soledad(object):          This method decides which bootstrap stage has to be performed and          performs it.          """ +        # TODO: make sure key storage always happens (even if this method is +        #       interrupted). +        # TODO: write tests for bootstrap stages.          self._init_dirs()          self._gpg = GPGWrapper(gnupghome=self.gnupg_home)          if not self._has_keys(): @@ -134,6 +137,7 @@ class Soledad(object):          Initialize configuration, with precedence order give by: instance          parameters > config file > default values.          """ +        # TODO: write tests for _init_config()          self.prefix = param_conf['prefix'] or \              os.environ['HOME'] + '/.config/leap/soledad'          m = re.compile('.*%s.*') @@ -143,6 +147,7 @@ class Soledad(object):                  val = val % self.prefix              setattr(self, key, val)          # get config from file +        # TODO: sanitize options from config file.          config = configparser.ConfigParser()          config.read(self.config_file)          if 'soledad-client' in config: @@ -162,6 +167,7 @@ class Soledad(object):          Generate (if needed) and load OpenPGP keypair and secret for symmetric          encryption.          """ +        # TODO: write tests for methods below.          # load/generate OpenPGP keypair          if not self._has_openpgp_keypair():              self._gen_openpgp_keypair() @@ -195,6 +201,9 @@ class Soledad(object):      # Management of secret for symmetric encryption      #------------------------------------------------------------------------- +    # TODO: refactor the following methods to somewhere out of here +    # (SoledadCrypto, maybe?) +      def _has_secret(self):          """          Verify if secret for symmetric encryption exists in a local encrypted @@ -322,6 +331,7 @@ class Soledad(object):          # TODO: create corresponding error on server side      def _send_keys(self, passphrase): +        # TODO: change this method's name to something more meaningful.          privkey = self._gpg.export_keys(self._fingerprint, secret=True)          content = {              '_privkey': self.encrypt(privkey, passphrase=passphrase, @@ -382,6 +392,9 @@ class Soledad(object):      # Document storage, retrieval and sync      #------------------------------------------------------------------------- +    # TODO: refactor the following methods to somewhere out of here +    # (SoledadLocalDatabase, maybe?) +      def put_doc(self, doc):          """          Update a document in the local encrypted database. @@ -128,7 +128,8 @@ def load_configuration(file_path):          for key in conf:              if key in config['soledad-server']:                  conf[key] = config['soledad-server'][key] -    # TODO: implement basic parsing of options comming from config file. +    # TODO: implement basic parsing/sanitization of options comming from +    # config file.      return conf diff --git a/shared_db.py b/shared_db.py index 7a1eae5d..9694db2b 100644 --- a/shared_db.py +++ b/shared_db.py @@ -33,16 +33,21 @@ class Unauthorized(Exception):  class SoledadSharedDatabase(http_database.HTTPDatabase):      """      This is a shared HTTP database that holds users' encrypted keys. + +    An authorization token is attached to every request other than +    get_doc_unauth, which has the purpose of retrieving encrypted content from +    the shared database without the need to associate user information with +    the request.      """      # TODO: prevent client from messing with the shared DB.      # TODO: define and document API.      @staticmethod -    def open_database(url, create, token=None, soledad=None): +    def open_database(url, create, token=None):          """          Open a Soledad shared database.          """ -        db = SoledadSharedDatabase(url, token=token, soledad=soledad) +        db = SoledadSharedDatabase(url, token=token)          db.open(create)          return db @@ -53,10 +58,11 @@ class SoledadSharedDatabase(http_database.HTTPDatabase):          """          raise Unauthorized("Can't delete shared database.") -    def __init__(self, url, document_factory=None, creds=None, token=None, -                 soledad=None): +    def __init__(self, url, document_factory=None, creds=None, token=None): +        """ +        Initialize database with auth token and encryption powers. +        """          self._token = token -        self._soledad = soledad          super(SoledadSharedDatabase, self).__init__(url, document_factory,                                                      creds) @@ -65,6 +71,7 @@ class SoledadSharedDatabase(http_database.HTTPDatabase):          """          Perform token-based http request.          """ +        # add the auth-token as a request parameter          if auth:              if not self._token:                  raise NoTokenForAuth() @@ -82,6 +89,7 @@ class SoledadSharedDatabase(http_database.HTTPDatabase):          """          Perform token-based http request.          """ +        # allow for token-authenticated requests.          res, headers = self._request(method, url_parts,                                       params=params, body=body,                                       content_type=content_type, auth=auth) | 
