lemur Package

lemur Package

constants Module

class lemur.constants.CRLReason(value)

Bases: enum.IntEnum

An enumeration.

aACompromise = 10
affiliationChanged = 3
cACompromise = 2
certificateHold = 6
cessationOfOperation = 5
keyCompromise = 1
privilegeWithdrawn = 9
removeFromCRL = 8
superseded = 4
unspecified = 0

database Module

lemur.database.add(model)

Helper to add a model to the current session.

Parameters

model

Returns

lemur.database.clone(model)

Clones the given model and removes it’s primary key :param model: :return:

lemur.database.commit()

Helper to commit the current session.

lemur.database.create(model)

Helper that attempts to create a new instance of an object.

Parameters

model

Returns

raise IntegrityError

lemur.database.create_query(model, kwargs)

Returns a SQLAlchemy query object for specified model. Model filtered by the kwargs passed.

Parameters
  • model

  • kwargs

Returns

lemur.database.delete(model)

Helper that attempts to delete a model.

Parameters

model

lemur.database.filter(query, model, terms)

Helper that searched for ‘like’ strings in column values.

Parameters
  • query

  • model

  • terms

Returns

lemur.database.filter_none(kwargs)

Remove all None values froma given dict. SQLAlchemy does not like to have values that are None passed to it.

Parameters

kwargs – Dict to filter

Returns

Dict without any ‘None’ values

lemur.database.find_all(query, model, kwargs)

Returns a query object that ensures that all kwargs are present.

Parameters
  • query

  • model

  • kwargs

Returns

lemur.database.find_any(query, model, kwargs)

Returns a query object that allows any kwarg to be present.

Parameters
  • query

  • model

  • kwargs

Returns

lemur.database.get(model, value, field='id')

Returns one object filtered by the field and value.

Parameters
  • model

  • value

  • field

Returns

lemur.database.get_all(model, value, field='id')

Returns query object with the fields and value filtered.

Parameters
  • model

  • value

  • field

Returns

lemur.database.get_count(q)

Count the number of rows in a table. More efficient than count(*) :param q: :return:

lemur.database.get_model_column(model, field)
lemur.database.paginate(query, page, count)

Returns the items given the count and page specified. The items would be an empty list if page number exceeds max page number based on count per page and total number of records.

Parameters
  • query – search query

  • page – current page number

  • count – results per page

lemur.database.session_query(model)

Returns a SQLAlchemy query object for the specified model.

If model has a query attribute already, that object will be returned. Otherwise a query will be created and returned based on session.

Parameters

model – sqlalchemy model

Returns

query object for model

lemur.database.sort(query, model, field, direction)

Returns objects of the specified model in the field and direction given

Parameters
  • query

  • model

  • field

  • direction

lemur.database.sort_and_page(query, model, args)

Helper that allows us to combine sorting and paging

Parameters
  • query

  • model

  • args

Returns

lemur.database.update(model)

Helper that attempts to update a model.

Parameters

model

Returns

lemur.database.update_list(model, model_attr, item_model, items)

Helper that correctly updates a models items depending on what has changed

Parameters
  • model_attr

  • item_model

  • items

  • model

Returns

exceptions Module

exception lemur.exceptions.AttrNotFound(field)

Bases: lemur.exceptions.LemurException

exception lemur.exceptions.DuplicateError(key)

Bases: lemur.exceptions.LemurException

exception lemur.exceptions.InvalidAuthority

Bases: Exception

exception lemur.exceptions.InvalidConfiguration

Bases: Exception

exception lemur.exceptions.InvalidDistribution(field)

Bases: lemur.exceptions.LemurException

exception lemur.exceptions.InvalidListener(*args, **kwargs)

Bases: lemur.exceptions.LemurException

exception lemur.exceptions.LemurException(*args, **kwargs)

Bases: Exception

exception lemur.exceptions.UnknownProvider

Bases: Exception

extensions Module

class lemur.extensions.SQLAlchemy(app=None, use_native_unicode=True, session_options=None, metadata=None, query_class=<class 'flask_sqlalchemy.BaseQuery'>, model_class=<class 'flask_sqlalchemy.model.Model'>, engine_options=None)

Bases: flask_sqlalchemy.SQLAlchemy

apply_pool_defaults(app, options)

Set default engine options. We enable pool_pre_ping to be the default value.

factory Module

lemur.factory.configure_app(app, config=None)

Different ways of configuration

Parameters
  • app

  • config

Returns

lemur.factory.configure_blueprints(app, blueprints)

We prefix our APIs with their given version so that we can support multiple concurrent API versions.

Parameters
  • app

  • blueprints

lemur.factory.configure_database(app)
lemur.factory.configure_extensions(app)

Attaches and configures any needed flask extensions to our app.

Parameters

app

lemur.factory.configure_logging(app)

Sets up application wide logging.

Parameters

app

lemur.factory.create_app(app_name=None, blueprints=None, config=None)

Lemur application factory

Parameters
  • config

  • app_name

  • blueprints

Returns

lemur.factory.from_file(file_path, silent=False)

Updates the values in the config from a Python file. This function behaves as if the file was imported as module with the

Parameters
  • file_path

  • silent

lemur.factory.install_plugins(app)

Installs new issuers that are not currently bundled with Lemur.

Parameters

app

Returns

manage Module

class lemur.manage.CreateRole(func=None)

Bases: flask_script.commands.Command

This command allows for the creation of a new role within Lemur

option_list = (<flask_script.commands.Option object>, <flask_script.commands.Option object>, <flask_script.commands.Option object>)
run(name, users, description)

Runs a command. This must be implemented by the subclass. Should take arguments as configured by the Command options.

class lemur.manage.CreateUser(func=None)

Bases: flask_script.commands.Command

This command allows for the creation of a new user within Lemur.

option_list = (<flask_script.commands.Option object>, <flask_script.commands.Option object>, <flask_script.commands.Option object>, <flask_script.commands.Option object>, <flask_script.commands.Option object>)
run(username, email, active, roles, password)

Runs a command. This must be implemented by the subclass. Should take arguments as configured by the Command options.

class lemur.manage.InitializeApp(func=None)

Bases: flask_script.commands.Command

This command will bootstrap our database with any destinations as specified by our config.

Additionally a Lemur user will be created as a default user and be used when certificates are discovered by Lemur.

option_list = (<flask_script.commands.Option object>,)
run(password)

Runs a command. This must be implemented by the subclass. Should take arguments as configured by the Command options.

class lemur.manage.LemurServer(func=None)

Bases: flask_script.commands.Command

This is the main Lemur server, it runs the flask app with gunicorn and uses any configuration options passed to it.

You can pass all standard gunicorn flags to this command as if you were running gunicorn itself.

For example:

lemur start -w 4 -b 127.0.0.0:8002

Will start gunicorn with 4 workers bound to 127.0.0.0:8002

description = 'Run the app within Gunicorn'
get_options()

By default, returns self.option_list. Override if you need to do instance-specific configuration.

run(*args, **kwargs)

Runs a command. This must be implemented by the subclass. Should take arguments as configured by the Command options.

class lemur.manage.ResetPassword(func=None)

Bases: flask_script.commands.Command

This command allows you to reset a user’s password.

option_list = (<flask_script.commands.Option object>,)
run(username)

Runs a command. This must be implemented by the subclass. Should take arguments as configured by the Command options.

lemur.manage.create()
lemur.manage.create_config(config_path=None)

Creates a new configuration file if one does not already exist

lemur.manage.drop_all()
lemur.manage.generate_settings()

This command is run when default_path doesn’t exist, or init is run and returns a string representing the default data to put into their settings file.

lemur.manage.lock(path=None)

Encrypts a given path. This directory can be used to store secrets needed for normal Lemur operation. This is especially useful for storing secrets needed for communication with third parties (e.g. external certificate authorities).

Lemur does not assume anything about the contents of the directory and will attempt to encrypt all files contained within. Currently this has only been tested against plain text files.

Path defaults ~/.lemur/keys

Param

path

lemur.manage.main()
lemur.manage.make_shell_context()

Creates a python REPL with several default imports in the context of the current_app

Returns

lemur.manage.publish_verisign_units()

Simple function that queries verisign for API units and posts the mertics to Atlas API for other teams to consume. :return:

lemur.manage.unlock(path=None)

Decrypts all of the files in a given directory with provided password. This is most commonly used during the startup sequence of Lemur allowing it to go from source code to something that can communicate with external services.

Path defaults ~/.lemur/keys

Param

path

models Module

Subpackages