Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Restore conservative configuration #5759

Merged
merged 1 commit into from
Jan 27, 2021
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
132 changes: 100 additions & 32 deletions securedrop/sdconfig.py
Original file line number Diff line number Diff line change
Expand Up @@ -10,42 +10,107 @@

class SDConfig:
def __init__(self) -> None:
self.JOURNALIST_APP_FLASK_CONFIG_CLS = \
_config.JournalistInterfaceFlaskConfig # type: Type

self.SOURCE_APP_FLASK_CONFIG_CLS = \
_config.SourceInterfaceFlaskConfig # type: Type

self.DATABASE_ENGINE = _config.DATABASE_ENGINE # type: str
self.DATABASE_FILE = _config.DATABASE_FILE # type: str
try:
self.JOURNALIST_APP_FLASK_CONFIG_CLS = (
_config.JournalistInterfaceFlaskConfig
) # type: Type
except AttributeError:
pass

try:
self.SOURCE_APP_FLASK_CONFIG_CLS = _config.SourceInterfaceFlaskConfig # type: Type
except AttributeError:
pass

try:
self.DATABASE_ENGINE = _config.DATABASE_ENGINE # type: str
except AttributeError:
pass

try:
self.DATABASE_FILE = _config.DATABASE_FILE # type: str
except AttributeError:
pass

self.DATABASE_USERNAME = getattr(_config, "DATABASE_USERNAME", None) # type: Optional[str]
self.DATABASE_PASSWORD = getattr(_config, "DATABASE_PASSWORD", None) # type: Optional[str]
self.DATABASE_HOST = getattr(_config, "DATABASE_HOST", None) # type: Optional[str]
self.DATABASE_NAME = getattr(_config, "DATABASE_NAME", None) # type: Optional[str]

self.ADJECTIVES = _config.ADJECTIVES # type: str
self.NOUNS = _config.NOUNS # type: str

self.GPG_KEY_DIR = _config.GPG_KEY_DIR # type: str

self.JOURNALIST_KEY = _config.JOURNALIST_KEY # type: str
self.JOURNALIST_TEMPLATES_DIR = _config.JOURNALIST_TEMPLATES_DIR # type: str

self.SCRYPT_GPG_PEPPER = _config.SCRYPT_GPG_PEPPER # type: str
self.SCRYPT_ID_PEPPER = _config.SCRYPT_ID_PEPPER # type: str
self.SCRYPT_PARAMS = _config.SCRYPT_PARAMS # type: Dict[str, int]

self.SECUREDROP_DATA_ROOT = _config.SECUREDROP_DATA_ROOT # type: str
self.SECUREDROP_ROOT = _config.SECUREDROP_ROOT # type: str

self.SESSION_EXPIRATION_MINUTES = _config.SESSION_EXPIRATION_MINUTES # type: int

self.SOURCE_TEMPLATES_DIR = _config.SOURCE_TEMPLATES_DIR # type: str
self.TEMP_DIR = _config.TEMP_DIR # type: str
self.STORE_DIR = _config.STORE_DIR # type: str

self.WORKER_PIDFILE = _config.WORKER_PIDFILE # type: str
try:
self.ADJECTIVES = _config.ADJECTIVES # type: str
except AttributeError:
pass

try:
self.NOUNS = _config.NOUNS # type: str
except AttributeError:
pass

try:
self.GPG_KEY_DIR = _config.GPG_KEY_DIR # type: str
except AttributeError:
pass

try:
self.JOURNALIST_KEY = _config.JOURNALIST_KEY # type: str
except AttributeError:
pass

try:
self.JOURNALIST_TEMPLATES_DIR = _config.JOURNALIST_TEMPLATES_DIR # type: str
except AttributeError:
pass

try:
self.SCRYPT_GPG_PEPPER = _config.SCRYPT_GPG_PEPPER # type: str
except AttributeError:
pass

try:
self.SCRYPT_ID_PEPPER = _config.SCRYPT_ID_PEPPER # type: str
except AttributeError:
pass

try:
self.SCRYPT_PARAMS = _config.SCRYPT_PARAMS # type: Dict[str, int]
except AttributeError:
pass

try:
self.SECUREDROP_DATA_ROOT = _config.SECUREDROP_DATA_ROOT # type: str
except AttributeError:
pass

try:
self.SECUREDROP_ROOT = _config.SECUREDROP_ROOT # type: str
except AttributeError:
pass

try:
self.SESSION_EXPIRATION_MINUTES = _config.SESSION_EXPIRATION_MINUTES # type: int
except AttributeError:
pass

try:
self.SOURCE_TEMPLATES_DIR = _config.SOURCE_TEMPLATES_DIR # type: str
except AttributeError:
pass

try:
self.TEMP_DIR = _config.TEMP_DIR # type: str
except AttributeError:
pass

try:
self.STORE_DIR = _config.STORE_DIR # type: str
except AttributeError:
pass

try:
self.WORKER_PIDFILE = _config.WORKER_PIDFILE # type: str
except AttributeError:
pass

self.env = getattr(_config, 'env', 'prod') # type: str
if self.env == 'test':
Expand All @@ -54,7 +119,7 @@ def __init__(self) -> None:
self.RQ_WORKER_NAME = 'default'

# Config entries used by i18n.py
# Use en_US as the default local if the key is not defined in _config
# Use en_US as the default locale if the key is not defined in _config
self.DEFAULT_LOCALE = getattr(
_config, "DEFAULT_LOCALE", "en_US"
) # type: str
Expand All @@ -68,7 +133,10 @@ def __init__(self) -> None:
if translation_dirs_in_conf:
self.TRANSLATION_DIRS = Path(translation_dirs_in_conf) # type: Path
else:
self.TRANSLATION_DIRS = Path(_config.SECUREDROP_ROOT) / "translations"
try:
self.TRANSLATION_DIRS = Path(_config.SECUREDROP_ROOT) / "translations"
except AttributeError:
pass

@property
def DATABASE_URI(self) -> str:
Expand Down
47 changes: 47 additions & 0 deletions securedrop/tests/test_config.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,47 @@
import importlib

import config as _config


def test_missing_config_attribute_is_handled():
"""
Test handling of incomplete configurations.

Long-running SecureDrop instances might not have ever updated
config.py, so could be missing newer settings. This tests that
sdconfig.SDConfig can be initialized without error with such a
configuration.
"""
attributes_to_test = (
"JournalistInterfaceFlaskConfig",
"SourceInterfaceFlaskConfig",
"DATABASE_ENGINE",
"DATABASE_FILE",
"ADJECTIVES",
"NOUNS",
"GPG_KEY_DIR",
"JOURNALIST_KEY",
"JOURNALIST_TEMPLATES_DIR",
"SCRYPT_GPG_PEPPER",
"SCRYPT_ID_PEPPER",
"SCRYPT_PARAMS",
"SECUREDROP_DATA_ROOT",
"SECUREDROP_ROOT",
"SESSION_EXPIRATION_MINUTES",
"SOURCE_TEMPLATES_DIR",
"TEMP_DIR",
"STORE_DIR",
"WORKER_PIDFILE",
)

try:
importlib.reload(_config)

for a in attributes_to_test:
delattr(_config, a)

from sdconfig import SDConfig

SDConfig()
finally:
importlib.reload(_config)