gpg-lacre/lacre/dbschema.py

"""Database schema for Lacre.

This definition includes:

- 'lacre_keys' -- temporary key storage, used by the frontend to submit keys and
  by webgate-cron script to import submitted keys.

- 'lacre_identities' -- identity catalogue, used by encryption logic to match
  emails with corresponding keys.

- 'lacre_locks' -- used only by the frontend.
"""

import sqlalchemy

# Values for lacre_keys.status column:
# - ST_DEFAULT: initial state;
# - ST_IMPORTED: key has been successfully processed by cron job;
# - ST_TO_BE_DELETED: key can be deleted.  We only have checks for this value
#   but never assign it, so this is a candidate for removal.
ST_DEFAULT, ST_IMPORTED, ST_TO_BE_DELETED = range(3)

# lacre_keys.confirmed is set to an empty string when a key is confirmed by the user.
CO_CONFIRMED = ''

_meta = sqlalchemy.MetaData()

LACRE_KEYS = sqlalchemy.Table('lacre_keys', _meta,
                              sqlalchemy.Column('id', sqlalchemy.Integer, primary_key=True, nullable=False, autoincrement='auto'),
                              sqlalchemy.Column('email', sqlalchemy.String(256), index=True),
                              # ASCII-armored key
                              sqlalchemy.Column('publickey', sqlalchemy.Text),
                              # Empty string means this key has been confirmed.
                              sqlalchemy.Column('confirm', sqlalchemy.String(32)),
                              # Status: see ST_* constants at the top of the file.
                              sqlalchemy.Column('status', sqlalchemy.Integer, nullable=False, default=0),
                              sqlalchemy.Column('time', sqlalchemy.DateTime))

LACRE_LOCKS = sqlalchemy.Table('lacre_locks', _meta,
                               sqlalchemy.Column('id', sqlalchemy.Integer, primary_key=True, nullable=False, autoincrement='auto'),
                               sqlalchemy.Column('ip', sqlalchemy.String(16)),
                               sqlalchemy.Column('time', sqlalchemy.Integer),
                               sqlalchemy.Column('action', sqlalchemy.String(16)),
                               sqlalchemy.Column('num', sqlalchemy.Integer),
                               )

LACRE_IDENTITIES = sqlalchemy.Table('lacre_identities', _meta,
                                    sqlalchemy.Column('email', sqlalchemy.String(256), index=True, nullable=False),
                                    # Key fingerprint
                                    sqlalchemy.Column('fingerprint', sqlalchemy.String(64), index=True, nullable=False))

def init_identities_table() -> sqlalchemy.Table:
    return LACRE_IDENTITIES

def init_locks_table() -> sqlalchemy.Table:
    return LACRE_LOCKS

def init_keys_table() -> sqlalchemy.Table:
    return LACRE_KEYS

def create_tables(engine):
    _meta.create_all(engine)

def table_metadata():
    return _meta
Extract parts of cron script to modules Introduce new Python modules: - lacre.notify -- to send notifications from the cron script; - lacre.dbschema -- to keep database schema definition as code (SQLAlchemy); - lacre.repositories -- to define key and identity repositories with high level APIs that we can then use elsewhere. Also: - rework GnuPG.add_key to return fingerprint so we can use it in the cron script; - rename cron-job's logger name, replacing dash with an underscore as logging module doesn't like dashes. 2023-11-01 21:30:26 +01:00			`"""Database schema for Lacre.`

			`This definition includes:`

Change table prefix from 'gpgmw' to 'lacre' 2023-12-02 19:25:24 +01:00			`- 'lacre_keys' -- temporary key storage, used by the frontend to submit keys and`
Extract parts of cron script to modules Introduce new Python modules: - lacre.notify -- to send notifications from the cron script; - lacre.dbschema -- to keep database schema definition as code (SQLAlchemy); - lacre.repositories -- to define key and identity repositories with high level APIs that we can then use elsewhere. Also: - rework GnuPG.add_key to return fingerprint so we can use it in the cron script; - rename cron-job's logger name, replacing dash with an underscore as logging module doesn't like dashes. 2023-11-01 21:30:26 +01:00			`by webgate-cron script to import submitted keys.`

Change table prefix from 'gpgmw' to 'lacre' 2023-12-02 19:25:24 +01:00			`- 'lacre_identities' -- identity catalogue, used by encryption logic to match`
Extract parts of cron script to modules Introduce new Python modules: - lacre.notify -- to send notifications from the cron script; - lacre.dbschema -- to keep database schema definition as code (SQLAlchemy); - lacre.repositories -- to define key and identity repositories with high level APIs that we can then use elsewhere. Also: - rework GnuPG.add_key to return fingerprint so we can use it in the cron script; - rename cron-job's logger name, replacing dash with an underscore as logging module doesn't like dashes. 2023-11-01 21:30:26 +01:00			`emails with corresponding keys.`
Adjust lacre.dbschema to reflect original schema.sql - Set nullability of columns. - Set up primary keys and auto-increment where necessary. - Add missing 'lacre_locks' table. - Implement a function to create tables. 2024-02-21 21:09:15 +01:00
			`- 'lacre_locks' -- used only by the frontend.`
Extract parts of cron script to modules Introduce new Python modules: - lacre.notify -- to send notifications from the cron script; - lacre.dbschema -- to keep database schema definition as code (SQLAlchemy); - lacre.repositories -- to define key and identity repositories with high level APIs that we can then use elsewhere. Also: - rework GnuPG.add_key to return fingerprint so we can use it in the cron script; - rename cron-job's logger name, replacing dash with an underscore as logging module doesn't like dashes. 2023-11-01 21:30:26 +01:00			`"""`

			`import sqlalchemy`

Change table prefix from 'gpgmw' to 'lacre' 2023-12-02 19:25:24 +01:00			`# Values for lacre_keys.status column:`
Retrieve data from db result before returning from Context Manager SQLAlchemy's connection is a Context Manager and if we return a result from code wrapped in a Context Manager, its cursor might already be closed. 2024-01-20 18:52:47 +01:00			`# - ST_DEFAULT: initial state;`
			`# - ST_IMPORTED: key has been successfully processed by cron job;`
When cleaning up after cron-job, remove expired queue items - Implement KeyConfirmationQueue.delete_expired_queue_items to delete items older than a given number of hours. - Introduce configuration parameter to specify maximum number of hours. It defaults to 1 hour. - Update documentation to explain that we never assign ST_TO_BE_DELETED. 2024-04-05 17:19:01 +02:00			`# - ST_TO_BE_DELETED: key can be deleted. We only have checks for this value`
			`# but never assign it, so this is a candidate for removal.`
Extract parts of cron script to modules Introduce new Python modules: - lacre.notify -- to send notifications from the cron script; - lacre.dbschema -- to keep database schema definition as code (SQLAlchemy); - lacre.repositories -- to define key and identity repositories with high level APIs that we can then use elsewhere. Also: - rework GnuPG.add_key to return fingerprint so we can use it in the cron script; - rename cron-job's logger name, replacing dash with an underscore as logging module doesn't like dashes. 2023-11-01 21:30:26 +01:00			`ST_DEFAULT, ST_IMPORTED, ST_TO_BE_DELETED = range(3)`

Retrieve data from db result before returning from Context Manager SQLAlchemy's connection is a Context Manager and if we return a result from code wrapped in a Context Manager, its cursor might already be closed. 2024-01-20 18:52:47 +01:00			`# lacre_keys.confirmed is set to an empty string when a key is confirmed by the user.`
			`CO_CONFIRMED = ''`

Extract parts of cron script to modules Introduce new Python modules: - lacre.notify -- to send notifications from the cron script; - lacre.dbschema -- to keep database schema definition as code (SQLAlchemy); - lacre.repositories -- to define key and identity repositories with high level APIs that we can then use elsewhere. Also: - rework GnuPG.add_key to return fingerprint so we can use it in the cron script; - rename cron-job's logger name, replacing dash with an underscore as logging module doesn't like dashes. 2023-11-01 21:30:26 +01:00			`_meta = sqlalchemy.MetaData()`

Change table prefix from 'gpgmw' to 'lacre' 2023-12-02 19:25:24 +01:00			`LACRE_KEYS = sqlalchemy.Table('lacre_keys', _meta,`
Set default values for non-nullable lacre_keys columns 2024-03-03 09:25:14 +01:00			`sqlalchemy.Column('id', sqlalchemy.Integer, primary_key=True, nullable=False, autoincrement='auto'),`
Retrieve data from db result before returning from Context Manager SQLAlchemy's connection is a Context Manager and if we return a result from code wrapped in a Context Manager, its cursor might already be closed. 2024-01-20 18:52:47 +01:00			`sqlalchemy.Column('email', sqlalchemy.String(256), index=True),`
Extract parts of cron script to modules Introduce new Python modules: - lacre.notify -- to send notifications from the cron script; - lacre.dbschema -- to keep database schema definition as code (SQLAlchemy); - lacre.repositories -- to define key and identity repositories with high level APIs that we can then use elsewhere. Also: - rework GnuPG.add_key to return fingerprint so we can use it in the cron script; - rename cron-job's logger name, replacing dash with an underscore as logging module doesn't like dashes. 2023-11-01 21:30:26 +01:00			`# ASCII-armored key`
			`sqlalchemy.Column('publickey', sqlalchemy.Text),`
Retrieve data from db result before returning from Context Manager SQLAlchemy's connection is a Context Manager and if we return a result from code wrapped in a Context Manager, its cursor might already be closed. 2024-01-20 18:52:47 +01:00			`# Empty string means this key has been confirmed.`
Extract parts of cron script to modules Introduce new Python modules: - lacre.notify -- to send notifications from the cron script; - lacre.dbschema -- to keep database schema definition as code (SQLAlchemy); - lacre.repositories -- to define key and identity repositories with high level APIs that we can then use elsewhere. Also: - rework GnuPG.add_key to return fingerprint so we can use it in the cron script; - rename cron-job's logger name, replacing dash with an underscore as logging module doesn't like dashes. 2023-11-01 21:30:26 +01:00			`sqlalchemy.Column('confirm', sqlalchemy.String(32)),`
			`# Status: see ST_* constants at the top of the file.`
Set default values for non-nullable lacre_keys columns 2024-03-03 09:25:14 +01:00			`sqlalchemy.Column('status', sqlalchemy.Integer, nullable=False, default=0),`
Extract parts of cron script to modules Introduce new Python modules: - lacre.notify -- to send notifications from the cron script; - lacre.dbschema -- to keep database schema definition as code (SQLAlchemy); - lacre.repositories -- to define key and identity repositories with high level APIs that we can then use elsewhere. Also: - rework GnuPG.add_key to return fingerprint so we can use it in the cron script; - rename cron-job's logger name, replacing dash with an underscore as logging module doesn't like dashes. 2023-11-01 21:30:26 +01:00			`sqlalchemy.Column('time', sqlalchemy.DateTime))`

Adjust lacre.dbschema to reflect original schema.sql - Set nullability of columns. - Set up primary keys and auto-increment where necessary. - Add missing 'lacre_locks' table. - Implement a function to create tables. 2024-02-21 21:09:15 +01:00			`LACRE_LOCKS = sqlalchemy.Table('lacre_locks', _meta,`
			`sqlalchemy.Column('id', sqlalchemy.Integer, primary_key=True, nullable=False, autoincrement='auto'),`
			`sqlalchemy.Column('ip', sqlalchemy.String(16)),`
			`sqlalchemy.Column('time', sqlalchemy.Integer),`
			`sqlalchemy.Column('action', sqlalchemy.String(16)),`
			`sqlalchemy.Column('num', sqlalchemy.Integer),`
			`)`

Change table prefix from 'gpgmw' to 'lacre' 2023-12-02 19:25:24 +01:00			`LACRE_IDENTITIES = sqlalchemy.Table('lacre_identities', _meta,`
Adjust lacre.dbschema to reflect original schema.sql - Set nullability of columns. - Set up primary keys and auto-increment where necessary. - Add missing 'lacre_locks' table. - Implement a function to create tables. 2024-02-21 21:09:15 +01:00			`sqlalchemy.Column('email', sqlalchemy.String(256), index=True, nullable=False),`
Extract parts of cron script to modules Introduce new Python modules: - lacre.notify -- to send notifications from the cron script; - lacre.dbschema -- to keep database schema definition as code (SQLAlchemy); - lacre.repositories -- to define key and identity repositories with high level APIs that we can then use elsewhere. Also: - rework GnuPG.add_key to return fingerprint so we can use it in the cron script; - rename cron-job's logger name, replacing dash with an underscore as logging module doesn't like dashes. 2023-11-01 21:30:26 +01:00			`# Key fingerprint`
Adjust lacre.dbschema to reflect original schema.sql - Set nullability of columns. - Set up primary keys and auto-increment where necessary. - Add missing 'lacre_locks' table. - Implement a function to create tables. 2024-02-21 21:09:15 +01:00			`sqlalchemy.Column('fingerprint', sqlalchemy.String(64), index=True, nullable=False))`
Use lacre.dbschema definition of identities table 2023-11-12 20:20:38 +01:00
			`def init_identities_table() -> sqlalchemy.Table:`
Change table prefix from 'gpgmw' to 'lacre' 2023-12-02 19:25:24 +01:00			`return LACRE_IDENTITIES`
Implement identity repository Also: rename key_id to fingerprint. 2023-11-20 22:09:50 +01:00
Adjust lacre.dbschema to reflect original schema.sql - Set nullability of columns. - Set up primary keys and auto-increment where necessary. - Add missing 'lacre_locks' table. - Implement a function to create tables. 2024-02-21 21:09:15 +01:00			`def init_locks_table() -> sqlalchemy.Table:`
			`return LACRE_LOCKS`

			`def init_keys_table() -> sqlalchemy.Table:`
			`return LACRE_KEYS`

			`def create_tables(engine):`
			`_meta.create_all(engine)`

Implement identity repository Also: rename key_id to fingerprint. 2023-11-20 22:09:50 +01:00			`def table_metadata():`
			`return _meta`