lemur Package¶
lemur
Package¶
constants
Module¶
-
class
lemur.constants.
CRLReason
(value) Bases:
enum.IntEnum
An enumeration.
-
aACompromise
= 10
-
affiliationChanged
= 3
-
cACompromise
= 2
-
certificateHold
= 6
-
cessationOfOperation
= 5
-
keyCompromise
= 1
-
privilegeWithdrawn
= 9
-
removeFromCRL
= 8
-
superseded
= 4
-
unspecified
= 0
-
database
Module¶
-
lemur.database.
add
(model) Helper to add a model to the current session.
- Parameters
model –
- Returns
-
lemur.database.
clone
(model) Clones the given model and removes it’s primary key :param model: :return:
-
lemur.database.
commit
() Helper to commit the current session.
-
lemur.database.
create
(model) Helper that attempts to create a new instance of an object.
- Parameters
model –
- Returns
- raise IntegrityError
-
lemur.database.
create_query
(model, kwargs) Returns a SQLAlchemy query object for specified model. Model filtered by the kwargs passed.
- Parameters
model –
kwargs –
- Returns
-
lemur.database.
delete
(model) Helper that attempts to delete a model.
- Parameters
model –
-
lemur.database.
filter
(query, model, terms) Helper that searched for ‘like’ strings in column values.
- Parameters
query –
model –
terms –
- Returns
-
lemur.database.
filter_none
(kwargs) Remove all None values froma given dict. SQLAlchemy does not like to have values that are None passed to it.
- Parameters
kwargs – Dict to filter
- Returns
Dict without any ‘None’ values
-
lemur.database.
find_all
(query, model, kwargs) Returns a query object that ensures that all kwargs are present.
- Parameters
query –
model –
kwargs –
- Returns
-
lemur.database.
find_any
(query, model, kwargs) Returns a query object that allows any kwarg to be present.
- Parameters
query –
model –
kwargs –
- Returns
-
lemur.database.
get
(model, value, field='id') Returns one object filtered by the field and value.
- Parameters
model –
value –
field –
- Returns
-
lemur.database.
get_all
(model, value, field='id') Returns query object with the fields and value filtered.
- Parameters
model –
value –
field –
- Returns
-
lemur.database.
get_count
(q) Count the number of rows in a table. More efficient than count(*) :param q: :return:
-
lemur.database.
get_model_column
(model, field)
-
lemur.database.
paginate
(query, page, count) Returns the items given the count and page specified. The items would be an empty list if page number exceeds max page number based on count per page and total number of records.
- Parameters
query – search query
page – current page number
count – results per page
-
lemur.database.
session_query
(model) Returns a SQLAlchemy query object for the specified model.
If model has a
query
attribute already, that object will be returned. Otherwise a query will be created and returned based on session.- Parameters
model – sqlalchemy model
- Returns
query object for model
-
lemur.database.
sort
(query, model, field, direction) Returns objects of the specified model in the field and direction given
- Parameters
query –
model –
field –
direction –
-
lemur.database.
sort_and_page
(query, model, args) Helper that allows us to combine sorting and paging
- Parameters
query –
model –
args –
- Returns
-
lemur.database.
update
(model) Helper that attempts to update a model.
- Parameters
model –
- Returns
-
lemur.database.
update_list
(model, model_attr, item_model, items) Helper that correctly updates a models items depending on what has changed
- Parameters
model_attr –
item_model –
items –
model –
- Returns
exceptions
Module¶
-
exception
lemur.exceptions.
AttrNotFound
(field) Bases:
lemur.exceptions.LemurException
-
exception
lemur.exceptions.
DuplicateError
(key) Bases:
lemur.exceptions.LemurException
-
exception
lemur.exceptions.
InvalidAuthority
Bases:
Exception
-
exception
lemur.exceptions.
InvalidConfiguration
Bases:
Exception
-
exception
lemur.exceptions.
InvalidListener
(*args, **kwargs) Bases:
lemur.exceptions.LemurException
-
exception
lemur.exceptions.
LemurException
(*args, **kwargs) Bases:
Exception
-
exception
lemur.exceptions.
UnknownProvider
Bases:
Exception
extensions
Module¶
-
class
lemur.extensions.
SQLAlchemy
(app=None, use_native_unicode=True, session_options=None, metadata=None, query_class=<class 'flask_sqlalchemy.BaseQuery'>, model_class=<class 'flask_sqlalchemy.model.Model'>, engine_options=None) Bases:
flask_sqlalchemy.SQLAlchemy
-
apply_pool_defaults
(app, options) Set default engine options. We enable pool_pre_ping to be the default value.
-
factory
Module¶
-
lemur.factory.
configure_app
(app, config=None) Different ways of configuration
- Parameters
app –
config –
- Returns
-
lemur.factory.
configure_blueprints
(app, blueprints) We prefix our APIs with their given version so that we can support multiple concurrent API versions.
- Parameters
app –
blueprints –
-
lemur.factory.
configure_database
(app)
-
lemur.factory.
configure_extensions
(app) Attaches and configures any needed flask extensions to our app.
- Parameters
app –
-
lemur.factory.
configure_logging
(app) Sets up application wide logging.
- Parameters
app –
-
lemur.factory.
create_app
(app_name=None, blueprints=None, config=None) Lemur application factory
- Parameters
config –
app_name –
blueprints –
- Returns
-
lemur.factory.
from_file
(file_path, silent=False) Updates the values in the config from a Python file. This function behaves as if the file was imported as module with the
- Parameters
file_path –
silent –
-
lemur.factory.
install_plugins
(app) Installs new issuers that are not currently bundled with Lemur.
- Parameters
app –
- Returns
manage
Module¶
-
class
lemur.manage.
CreateRole
(func=None) Bases:
flask_script.commands.Command
This command allows for the creation of a new role within Lemur
-
option_list
= (<flask_script.commands.Option object>, <flask_script.commands.Option object>, <flask_script.commands.Option object>)
-
run
(name, users, description) Runs a command. This must be implemented by the subclass. Should take arguments as configured by the Command options.
-
-
class
lemur.manage.
CreateUser
(func=None) Bases:
flask_script.commands.Command
This command allows for the creation of a new user within Lemur.
-
option_list
= (<flask_script.commands.Option object>, <flask_script.commands.Option object>, <flask_script.commands.Option object>, <flask_script.commands.Option object>, <flask_script.commands.Option object>)
-
run
(username, email, active, roles, password) Runs a command. This must be implemented by the subclass. Should take arguments as configured by the Command options.
-
-
class
lemur.manage.
InitializeApp
(func=None) Bases:
flask_script.commands.Command
This command will bootstrap our database with any destinations as specified by our config.
Additionally a Lemur user will be created as a default user and be used when certificates are discovered by Lemur.
-
option_list
= (<flask_script.commands.Option object>,)
-
run
(password) Runs a command. This must be implemented by the subclass. Should take arguments as configured by the Command options.
-
-
class
lemur.manage.
LemurServer
(func=None) Bases:
flask_script.commands.Command
This is the main Lemur server, it runs the flask app with gunicorn and uses any configuration options passed to it.
You can pass all standard gunicorn flags to this command as if you were running gunicorn itself.
For example:
lemur start -w 4 -b 127.0.0.0:8002
Will start gunicorn with 4 workers bound to 127.0.0.0:8002
-
description
= 'Run the app within Gunicorn'
-
get_options
() By default, returns self.option_list. Override if you need to do instance-specific configuration.
-
run
(*args, **kwargs) Runs a command. This must be implemented by the subclass. Should take arguments as configured by the Command options.
-
-
class
lemur.manage.
ResetPassword
(func=None) Bases:
flask_script.commands.Command
This command allows you to reset a user’s password.
-
option_list
= (<flask_script.commands.Option object>,)
-
run
(username) Runs a command. This must be implemented by the subclass. Should take arguments as configured by the Command options.
-
-
lemur.manage.
create
()
-
lemur.manage.
create_config
(config_path=None) Creates a new configuration file if one does not already exist
-
lemur.manage.
drop_all
()
-
lemur.manage.
generate_settings
() This command is run when
default_path
doesn’t exist, orinit
is run and returns a string representing the default data to put into their settings file.
-
lemur.manage.
lock
(path=None) Encrypts a given path. This directory can be used to store secrets needed for normal Lemur operation. This is especially useful for storing secrets needed for communication with third parties (e.g. external certificate authorities).
Lemur does not assume anything about the contents of the directory and will attempt to encrypt all files contained within. Currently this has only been tested against plain text files.
Path defaults ~/.lemur/keys
- Param
path
-
lemur.manage.
main
()
-
lemur.manage.
make_shell_context
() Creates a python REPL with several default imports in the context of the current_app
- Returns
-
lemur.manage.
publish_verisign_units
() Simple function that queries verisign for API units and posts the mertics to Atlas API for other teams to consume. :return:
-
lemur.manage.
unlock
(path=None) Decrypts all of the files in a given directory with provided password. This is most commonly used during the startup sequence of Lemur allowing it to go from source code to something that can communicate with external services.
Path defaults ~/.lemur/keys
- Param
path
models
Module¶
Subpackages¶
- auth Package
- authorities Package
- certificates Package
- common Package
- destinations Package
- domains Package
- notifications Package
- plugins Package
- roles Package
- users Package
- sources Package
- logs Package
- reporting Package
- tests Package
- deployment Package
- endpoints Package
- defaults Package
- lemur_acme package
- lemur_atlas package
- lemur_cryptography package
- lemur_digicert package
- lemur_jks package
- lemur_kubernetes package
- lemur_openssl package
- lemur_slack package