summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--__init__.py13
-rw-r--r--server.py3
-rw-r--r--shared_db.py18
3 files changed, 28 insertions, 6 deletions
diff --git a/__init__.py b/__init__.py
index 97130cde..86eb762e 100644
--- a/__init__.py
+++ b/__init__.py
@@ -113,6 +113,9 @@ class Soledad(object):
This method decides which bootstrap stage has to be performed and
performs it.
"""
+ # TODO: make sure key storage always happens (even if this method is
+ # interrupted).
+ # TODO: write tests for bootstrap stages.
self._init_dirs()
self._gpg = GPGWrapper(gnupghome=self.gnupg_home)
if not self._has_keys():
@@ -134,6 +137,7 @@ class Soledad(object):
Initialize configuration, with precedence order give by: instance
parameters > config file > default values.
"""
+ # TODO: write tests for _init_config()
self.prefix = param_conf['prefix'] or \
os.environ['HOME'] + '/.config/leap/soledad'
m = re.compile('.*%s.*')
@@ -143,6 +147,7 @@ class Soledad(object):
val = val % self.prefix
setattr(self, key, val)
# get config from file
+ # TODO: sanitize options from config file.
config = configparser.ConfigParser()
config.read(self.config_file)
if 'soledad-client' in config:
@@ -162,6 +167,7 @@ class Soledad(object):
Generate (if needed) and load OpenPGP keypair and secret for symmetric
encryption.
"""
+ # TODO: write tests for methods below.
# load/generate OpenPGP keypair
if not self._has_openpgp_keypair():
self._gen_openpgp_keypair()
@@ -195,6 +201,9 @@ class Soledad(object):
# Management of secret for symmetric encryption
#-------------------------------------------------------------------------
+ # TODO: refactor the following methods to somewhere out of here
+ # (SoledadCrypto, maybe?)
+
def _has_secret(self):
"""
Verify if secret for symmetric encryption exists in a local encrypted
@@ -322,6 +331,7 @@ class Soledad(object):
# TODO: create corresponding error on server side
def _send_keys(self, passphrase):
+ # TODO: change this method's name to something more meaningful.
privkey = self._gpg.export_keys(self._fingerprint, secret=True)
content = {
'_privkey': self.encrypt(privkey, passphrase=passphrase,
@@ -382,6 +392,9 @@ class Soledad(object):
# Document storage, retrieval and sync
#-------------------------------------------------------------------------
+ # TODO: refactor the following methods to somewhere out of here
+ # (SoledadLocalDatabase, maybe?)
+
def put_doc(self, doc):
"""
Update a document in the local encrypted database.
diff --git a/server.py b/server.py
index a6e520df..eaa5e964 100644
--- a/server.py
+++ b/server.py
@@ -128,7 +128,8 @@ def load_configuration(file_path):
for key in conf:
if key in config['soledad-server']:
conf[key] = config['soledad-server'][key]
- # TODO: implement basic parsing of options comming from config file.
+ # TODO: implement basic parsing/sanitization of options comming from
+ # config file.
return conf
diff --git a/shared_db.py b/shared_db.py
index 7a1eae5d..9694db2b 100644
--- a/shared_db.py
+++ b/shared_db.py
@@ -33,16 +33,21 @@ class Unauthorized(Exception):
class SoledadSharedDatabase(http_database.HTTPDatabase):
"""
This is a shared HTTP database that holds users' encrypted keys.
+
+ An authorization token is attached to every request other than
+ get_doc_unauth, which has the purpose of retrieving encrypted content from
+ the shared database without the need to associate user information with
+ the request.
"""
# TODO: prevent client from messing with the shared DB.
# TODO: define and document API.
@staticmethod
- def open_database(url, create, token=None, soledad=None):
+ def open_database(url, create, token=None):
"""
Open a Soledad shared database.
"""
- db = SoledadSharedDatabase(url, token=token, soledad=soledad)
+ db = SoledadSharedDatabase(url, token=token)
db.open(create)
return db
@@ -53,10 +58,11 @@ class SoledadSharedDatabase(http_database.HTTPDatabase):
"""
raise Unauthorized("Can't delete shared database.")
- def __init__(self, url, document_factory=None, creds=None, token=None,
- soledad=None):
+ def __init__(self, url, document_factory=None, creds=None, token=None):
+ """
+ Initialize database with auth token and encryption powers.
+ """
self._token = token
- self._soledad = soledad
super(SoledadSharedDatabase, self).__init__(url, document_factory,
creds)
@@ -65,6 +71,7 @@ class SoledadSharedDatabase(http_database.HTTPDatabase):
"""
Perform token-based http request.
"""
+ # add the auth-token as a request parameter
if auth:
if not self._token:
raise NoTokenForAuth()
@@ -82,6 +89,7 @@ class SoledadSharedDatabase(http_database.HTTPDatabase):
"""
Perform token-based http request.
"""
+ # allow for token-authenticated requests.
res, headers = self._request(method, url_parts,
params=params, body=body,
content_type=content_type, auth=auth)