-
Notifications
You must be signed in to change notification settings - Fork 6
Expand file tree
/
Copy pathtls.py
More file actions
54 lines (46 loc) · 1.96 KB
/
tls.py
File metadata and controls
54 lines (46 loc) · 1.96 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
from django.db import models
from django.conf import settings
from django.db import transaction
from api.exceptions import AlreadyExists
from api.models import UuidAuditedModel
class TLS(UuidAuditedModel):
owner = models.ForeignKey(settings.AUTH_USER_MODEL, on_delete=models.PROTECT)
app = models.ForeignKey('App', on_delete=models.CASCADE)
https_enforced = models.NullBooleanField(default=None)
certs_auto_enabled = models.NullBooleanField(default=None)
class Meta:
get_latest_by = 'created'
unique_together = (('app', 'uuid'))
ordering = ['-created']
def __str__(self):
return "{}-{}".format(self.app.id, str(self.uuid)[:7])
def _check_previous_tls_settings(self):
"""
Only one value can be set at a time
If the other value is None, using the previous setting.
"""
try:
previous_tls_settings = self.app.tls_set.latest()
if self.https_enforced is not None:
if previous_tls_settings.https_enforced == self.https_enforced:
raise AlreadyExists(
"{} changed nothing".format(self.owner))
self.certs_auto_enabled = previous_tls_settings.certs_auto_enabled
elif self.certs_auto_enabled is not None:
if previous_tls_settings.certs_auto_enabled == self.certs_auto_enabled:
raise AlreadyExists(
"{} changed nothing".format(self.owner))
self.https_enforced = previous_tls_settings.https_enforced
previous_tls_settings.delete()
except TLS.DoesNotExist:
pass
@transaction.atomic
def save(self, *args, **kwargs):
self._check_previous_tls_settings()
try:
# Save to DB
return super(TLS, self).save(*args, **kwargs)
finally:
self.app.refresh_ingress_and_tls()
def sync(self):
self.app.refresh_ingress_and_tls()