forked from cfpb/django-nudge
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathserver.py
77 lines (63 loc) · 2.26 KB
/
server.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
import binascii, hashlib, json, os, pickle
from django.core import serializers
from Crypto.Cipher import AES
from django.db import models
from django.utils import importlib
from utils import convert_keys_to_string, caster
from nudge.models import Setting
from django.contrib.contenttypes.models import ContentType
"""
server.py
commands received from nudge client
"""
SETTINGS = Setting.objects.get(pk=1)
def get_model(model_str):
"""returns model object based on string provided by batch item"""
app_name = model_str.split('.')[0]
model_name = model_str.split('.')[1]
return ContentType.objects.get_by_natural_key(app_name, model_name).model_class()
def valid_batch(batch_info):
"""returns whether a batch format is valid"""
is_valid = ('id' in batch_info) and ('title' in batch_info) and ('items' in batch_info)
return is_valid
def decrypt(key, ciphertext, iv):
"""decrypts message sent from client using shared symmetric key"""
ciphertext = binascii.unhexlify(ciphertext)
decobj = AES.new(key, AES.MODE_CBC, iv)
plaintext = decobj.decrypt(ciphertext)
return plaintext
def process_item(item):
"""
examines an item in a batch, determines if it should be added, updated or
deleted and performs the command
"""
item_content = json.loads(item['fields']['serialized_data'])[0]
model_obj = get_model(item_content['model'])
id = item_content['pk']
fields = convert_keys_to_string(item_content['fields'])
if item['fields']['type'] < 2:
# Add or Update
fields=caster(fields, model_obj)
new_item = model_obj(pk=id, **fields)
new_item.save()
return True
else:
# Delete
del_item = model_obj.objects.get(pk=id)
del_item.delete()
return True
def process_batch(batch_info, iv):
"""
loops through items in a batch and processes them
"""
print batch_info
print iv
print iv.decode('hex')
key = SETTINGS.local_key.decode('hex')
batch_info = pickle.loads(decrypt(key, batch_info, iv.decode('hex')))
if valid_batch(batch_info):
items = json.loads(batch_info['items'])
success = True
for item in items:
success = success and process_item(item)
return success