Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
def register_shared_folder(shared_folder, records):
# type: (shared_folder.SharedFolder, dict) -> bytes
shared_folder_key = api.generate_aes_key()
sf = {
'shared_folder_uid': shared_folder.shared_folder_uid,
'key_type': 1,
'shared_folder_key': api.encrypt_aes(shared_folder_key, _USER_DATA_KEY),
'name': api.encrypt_aes(shared_folder.name.encode('utf-8'), shared_folder_key),
'is_account_folder': False,
'manage_records': False,
'manage_users': False,
'default_manage_records': True,
'default_manage_users': True,
'default_can_edit': True,
'default_can_share': True,
'full_sync': True,
'records': [{
'record_uid': x[0],
'record_key': api.encrypt_aes(x[1], shared_folder_key),
} for x in folder_uids
]
}
rs = api.communicate(params, request)
request = {
'command': 'delete',
'pre_delete_token': rs['pre_delete_response']['pre_delete_token']
}
rs = api.communicate(params, request)
request = {
'command': 'purge_deleted_records'
}
rs = api.communicate(params, request)
params.revision = 0
api.sync_down(params)
meta_data = {
'record_uid': record.record_uid,
'owner': key_type in [0, 1],
'can_share': key_type == 1,
'can_edit': key_type == 1,
'record_key_type': key_type
}
if key_type == 0:
_RECORD_METADATA.append(meta_data)
if key_type == 1:
meta_data['record_key'] = api.encrypt_aes(record_key, _USER_DATA_KEY)
_RECORD_METADATA.append(meta_data)
elif key_type == 2:
meta_data['record_key'] = api.encrypt_rsa(record_key, _IMPORTED_PUBLIC_KEY)
_RECORD_METADATA.append(meta_data)
return record_key
def register_team(team, key_type, sfs=None):
# type: (team.Team, int, dict) -> bytes
team_key = api.generate_aes_key()
t = {
'team_uid': team.team_uid,
'name': team.name,
'team_key_type': key_type,
'team_key': api.encrypt_aes(team_key, _USER_DATA_KEY) if key_type == 1 else api.encrypt_rsa(team_key, _IMPORTED_PUBLIC_KEY),
'team_private_key': api.encrypt_aes(_DER_PRIVATE_KEY, team_key),
'restrict_edit': team.restrict_edit,
'restrict_share': team.restrict_share,
'restrict_view': team.restrict_view,
}
_TEAMS.append(t)
if sfs:
t['shared_folder_keys'] = [{
'shared_folder_uid': x[0],
'key_type': 1,
'shared_folder_key': api.encrypt_aes(x[1], team_key)
} for x in sfs.items()]
sf_uids = set()
for uid in sfs:
def register_team(team, key_type, sfs=None):
# type: (team.Team, int, dict) -> bytes
team_key = api.generate_aes_key()
t = {
'team_uid': team.team_uid,
'name': team.name,
'team_key_type': key_type,
'team_key': api.encrypt_aes(team_key, _USER_DATA_KEY) if key_type == 1 else api.encrypt_rsa(team_key, _IMPORTED_PUBLIC_KEY),
'team_private_key': api.encrypt_aes(_DER_PRIVATE_KEY, team_key),
'restrict_edit': team.restrict_edit,
'restrict_share': team.restrict_share,
'restrict_view': team.restrict_view,
}
_TEAMS.append(t)
if sfs:
t['shared_folder_keys'] = [{
'shared_folder_uid': x[0],
'key_type': 1,
'shared_folder_key': api.encrypt_aes(x[1], team_key)
} for x in sfs.items()]
sf_uids = set()
for uid in sfs:
sf_uids.add(uid)
def wipe_out_data(cls):
params = cls.params # type: KeeperParams
managed_roles = set()
for mn in params.enterprise['managed_nodes']:
managed_roles.add(mn['role_id'])
for ru in params.enterprise['role_users']:
if ru['role_id'] not in managed_roles:
request = {
'command': 'role_user_remove',
'role_id': ru['role_id'],
'enterprise_user_id': ru['enterprise_user_id']
}
api.communicate(params, request)
for user in params.enterprise['users']:
if user['username'] in ['integration.enterprise@keepersecurity.com', 'integration.tests@keepersecurity.com']:
if user['lock'] != 0:
request = {
'command': 'enterprise_user_lock',
'enterprise_user_id': user['enterprise_user_id'],
'lock': 'unlocked'
}
api.communicate(params, request)
else:
request = {
'command': 'enterprise_user_delete',
'enterprise_user_id': user['enterprise_user_id']
}
api.communicate(params, request)
'object_type': 'user_folder',
'delete_resolution': 'unlink'
} for x in folder_uids
]
}
rs = api.communicate(params, request)
request = {
'command': 'delete',
'pre_delete_token': rs['pre_delete_response']['pre_delete_token']
}
rs = api.communicate(params, request)
request = {
'command': 'purge_deleted_records'
}
rs = api.communicate(params, request)
params.revision = 0
api.sync_down(params)
import json
from data_vault import VaultEnvironment
from keepercommander import api
from keepercommander.params import KeeperParams
_TREE_KEY = api.generate_aes_key()
_ENTERPRISE_ID = 123
_VAULT_ENV = VaultEnvironment()
_USE_DATA_KEY = True
_TEAM_KEY = api.generate_aes_key()
_TEAM1_UID = api.generate_record_uid()
_TEAM2_UID = api.generate_record_uid()
_TEAM1_NAME = 'Team 1'
_TEAM2_NAME = 'Team 2'
_NODE1_ID = (_ENTERPRISE_ID << 32) + 101
_NODE2_ID = (_ENTERPRISE_ID << 32) + 102
_USER1_ID = (_ENTERPRISE_ID << 32) + 201
_USER2_ID = (_ENTERPRISE_ID << 32) + 202
_USER2_EMAIL = 'user2@keepercommander.com'
_ROLE1_ID = (_ENTERPRISE_ID << 32) + 301
_ROLE1_NAME = 'Role 1'
_LAST_ID = 1000
r2 = record.Record()
r2.record_uid = api.generate_record_uid()
r2.title = 'Record 2'
r2.login = 'user2@keepersecurity.com'
r2.password = 'password2'
r2.login_url = 'https://keepersecurity.com/2'
r2.set_field('field2', 'value2')
r2.notes = 'note2'
r2.revision = 2
r2_key = register_record(r2, 2)
register_records_to_folder(None, [r1.record_uid, r2.record_uid])
r3 = record.Record()
r3.record_uid = api.generate_record_uid()
r3.title = 'Record 3'
r3.login = 'user3@keepersecurity.com'
r3.password = 'password3'
r3.login_url = 'https://keepersecurity.com/3'
r3.revision = 3
r3_key = register_record(r3)
sf1 = shared_folder.SharedFolder()
sf1.shared_folder_uid = api.generate_record_uid()
sf1.default_manage_records = False
sf1.default_manage_users = False
sf1.default_can_edit = False
sf1.default_can_share = False
sf1.name = 'Shared Folder 1'
sf1_key = register_shared_folder(sf1, {
r3.record_uid: r3_key
sf1 = shared_folder.SharedFolder()
sf1.shared_folder_uid = api.generate_record_uid()
sf1.default_manage_records = False
sf1.default_manage_users = False
sf1.default_can_edit = False
sf1.default_can_share = False
sf1.name = 'Shared Folder 1'
sf1_key = register_shared_folder(sf1, {
r3.record_uid: r3_key
})
register_records_to_folder(sf1.shared_folder_uid, [r3.record_uid])
_USER_FOLDER_SHARED_FOLDER.append({'shared_folder_uid': sf1.shared_folder_uid})
t1 = team.Team()
t1.team_uid = api.generate_record_uid()
t1.name = 'Team 1'
t1.restrict_edit = True
t1.restrict_share = True
t1.restrict_view = False
register_team(t1, 1, {
sf1.shared_folder_uid: sf1_key
})
folder_key = api.generate_aes_key()
_USER_FOLDERS.append({
'folder_uid': api.generate_record_uid(),
'key_type': 1,
'user_folder_key': api.encrypt_aes(folder_key, _USER_DATA_KEY),
'revision': 200,
'type': 'user_folder',