| 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364 |
- from __future__ import unicode_literals
- from rest_framework import serializers
- from rest_framework.validators import UniqueTogetherValidator
- from taggit.models import Tag
- from dcim.api.serializers import NestedDeviceSerializer
- from secrets.models import Secret, SecretRole
- from utilities.api import TagField, ValidatedModelSerializer, WritableNestedSerializer
- #
- # SecretRoles
- #
- class SecretRoleSerializer(ValidatedModelSerializer):
- class Meta:
- model = SecretRole
- fields = ['id', 'name', 'slug']
- class NestedSecretRoleSerializer(WritableNestedSerializer):
- url = serializers.HyperlinkedIdentityField(view_name='secrets-api:secretrole-detail')
- class Meta:
- model = SecretRole
- fields = ['id', 'url', 'name', 'slug']
- #
- # Secrets
- #
- class SecretSerializer(ValidatedModelSerializer):
- device = NestedDeviceSerializer()
- role = NestedSecretRoleSerializer()
- plaintext = serializers.CharField()
- tags = TagField(queryset=Tag.objects.all(), required=False, many=True)
- class Meta:
- model = Secret
- fields = ['id', 'device', 'role', 'name', 'plaintext', 'hash', 'tags', 'created', 'last_updated']
- validators = []
- def validate(self, data):
- # Encrypt plaintext data using the master key provided from the view context
- if data.get('plaintext'):
- s = Secret(plaintext=data['plaintext'])
- s.encrypt(self.context['master_key'])
- data['ciphertext'] = s.ciphertext
- data['hash'] = s.hash
- # Validate uniqueness of name if one has been provided.
- if data.get('name'):
- validator = UniqueTogetherValidator(queryset=Secret.objects.all(), fields=('device', 'role', 'name'))
- validator.set_context(self)
- validator(data)
- # Enforce model validation
- super(SecretSerializer, self).validate(data)
- return data
|
