First commit for beta. Added encryption, changed schema a bit

Author: m0ngr31

.gitignore

@@ -238,4 +238,6 @@ temp/
 *.sln
 *.sw?
 
-/config
+/config
+test.sh
+test.py

app/models.py

@@ -1,31 +1,94 @@
-from app import db
+from app import app, db
 from app.model_types import GUID
 from sqlalchemy.sql import func
+from sqlalchemy.ext.hybrid import hybrid_property, hybrid_method
 from sqlalchemy import event
+from Crypto.Cipher import AES
+import binascii
 import uuid
 import frontmatter
 import re
 
 
+key = app.config['DB_ENCRYPTION_KEY']
+
+
+def aes_encrypt(data):
+  cipher = AES.new(key)
+  data = data + (" " * (16 - (len(data) % 16)))
+  return binascii.hexlify(cipher.encrypt(data))
+
+def aes_decrypt(data):
+  try:
+    cipher = AES.new(key)
+    return cipher.decrypt(binascii.unhexlify(data)).rstrip()
+  except:
+    # If data is not encrypted, just return it
+    return data
+
+
 class User(db.Model):
   uuid = db.Column(GUID, primary_key=True, index=True, unique=True, default=lambda: uuid.uuid4())
   username = db.Column(db.String(64), unique=True, nullable=False)
   password_hash = db.Column(db.String(128), nullable=False)
-  notes = db.relationship('Note', lazy='dynamic')
+  notes = db.relationship('Note', lazy='dynamic', cascade='all, delete, delete-orphan')
+  tags = db.relationship('Tag', lazy='dynamic', cascade='all, delete, delete-orphan')
+  projects = db.relationship('Project', lazy='dynamic', cascade='all, delete, delete-orphan')
+  tasks = db.relationship('Task', lazy='dynamic', cascade='all, delete, delete-orphan')
 
   def __repr__(self):
     return '<User {}>'.format(self.uuid)
 
 
+class Tag(db.Model):
+  uuid = db.Column(GUID, primary_key=True, index=True, unique=True, default=lambda: uuid.uuid4())
+  user_id = db.Column(GUID, db.ForeignKey('user.uuid'), nullable=False)
+  note_id = db.Column(GUID, db.ForeignKey('note.uuid'), nullable=False)
+  name = db.Column(db.String)
+
+  def __repr__(self):
+    return '<Tag {}>'.format(self.uuid)
+
+
+class Project(db.Model):
+  uuid = db.Column(GUID, primary_key=True, index=True, unique=True, default=lambda: uuid.uuid4())
+  user_id = db.Column(GUID, db.ForeignKey('user.uuid'), nullable=False)
+  note_id = db.Column(GUID, db.ForeignKey('note.uuid'), nullable=False)
+  name = db.Column(db.String)
+
+  def __repr__(self):
+    return '<Project {}>'.format(self.uuid)
+
+
+class Task(db.Model):
+  uuid = db.Column(GUID, primary_key=True, index=True, unique=True, default=lambda: uuid.uuid4())
+  user_id = db.Column(GUID, db.ForeignKey('user.uuid'), nullable=False)
+  note_id = db.Column(GUID, db.ForeignKey('note.uuid'), nullable=False)
+  name = db.Column(db.String)
+  swimlane = db.Column(db.String)
+
+  def __repr__(self):
+    return '<Task {}>'.format(self.uuid)
+
+
 class Note(db.Model):
   uuid = db.Column(GUID, primary_key=True, index=True, unique=True, default=lambda: uuid.uuid4())
-  tags = db.Column(db.String)
-  projects = db.Column(db.String)
   user_id = db.Column(GUID, db.ForeignKey('user.uuid'), nullable=False)
   data = db.Column(db.String)
   title = db.Column(db.String(128), nullable=False, unique=True)
   date = db.Column(db.DateTime(timezone=True), server_default=func.now())
   is_date = db.Column(db.Boolean, default=False)
+  tags = db.relationship('Tag', lazy='dynamic', cascade='all, delete, delete-orphan')
+  projects = db.relationship('Project', lazy='dynamic', cascade='all, delete, delete-orphan')
+  tasks = db.relationship('Task', lazy='dynamic', cascade='all, delete, delete-orphan')
+
+  @hybrid_property
+  def text(self):
+    return aes_decrypt(self.data)
+
+  @text.setter
+  def text(self, value):
+    self.data = aes_encrypt(value)
 
   def __repr__(self):
     return '<Note {}>'.format(self.uuid)
@@ -53,32 +116,81 @@ def serialize_full(self):
     }
 
 
+# Update title automatically
 def before_change_note(mapper, connection, target):
-  tags = ''
-  projects = ''
   title = None
 
-  data = frontmatter.loads(target.data)
-
-  if isinstance(data.get('tags'), list):
-    tags = ','.join(set([x.replace(',', '\,') for x in data.get('tags')]))
-  elif isinstance(data.get('tags'), str):
-    tags = ','.join(set(map(str.strip, data['tags'].split(','))))
-
-  if isinstance(data.get('projects'), list):
-    projects = ','.join(set([x.replace(',', '\,') for x in data.get('projects')]))
-  elif isinstance(data.get('projects'), str):
-    projects = ','.join(set(map(str.strip, data['projects'].split(','))))
+  data = frontmatter.loads(target.text)
 
   if isinstance(data.get('title'), str) and len(data.get('title')) > 0:
     title = data.get('title')
-  
-  target.tags = tags
-  target.projects = projects
 
   if title and not target.is_date:
     target.title = title
 
 
+# Handle changes to tasks, projects, and tags
+def after_change_note(mapper, connection, target):
+  tags = []
+  projects = []
+  # tasks = []
+
+  data = frontmatter.loads(target.text)
+
+  if isinstance(data.get('tags'), list):
+    tags = list(set([x.replace(',', '\,') for x in data.get('tags')]))
+  elif isinstance(data.get('tags'), str):
+    tags = list(set(map(str.strip, data['tags'].split(','))))
+
+  if isinstance(data.get('projects'), list):
+    projects = list(set([x.replace(',', '\,') for x in data.get('projects')]))
+  elif isinstance(data.get('projects'), str):
+    projects = list(set(map(str.strip, data['projects'].split(','))))
+
+  # Parse out tasks here #
+
+  existing_tags = Tag.query.filter_by(note_id=target.uuid).all()
+  existing_projects = Project.query.filter_by(note_id=target.uuid).all()
+  # existing_tasks = Task.query.filter_by(note_id=target.uuid).all()
+
+  for tag in existing_tags:
+    if tag.name not in tags:
+      connection.execute(
+        'DELETE FROM tag WHERE uuid = (?)',
+        '{}'.format(tag.uuid).replace('-', '')
+      )
+    else:
+      tags.remove(tag.name)
+
+  for tag in tags:
+    connection.execute(
+      'INSERT INTO tag (uuid, user_id, note_id, name) VALUES (?, ?, ?, ?)',
+      '{}'.format(uuid.uuid4()).replace('-', ''),
+      '{}'.format(target.user_id).replace('-', ''),
+      '{}'.format(target.uuid).replace('-', ''),
+      tag
+    )
+
+  for project in existing_projects:
+    if project.name not in projects:
+      connection.execute(
+        'DELETE FROM project WHERE uuid = (?)',
+        '{}'.format(project.uuid).replace('-', '')
+      )
+    else:
+      projects.remove(project.name)
+
+  for project in projects:
+    connection.execute(
+      'INSERT INTO project (uuid, user_id, note_id, name) VALUES (?, ?, ?, ?)',
+      '{}'.format(uuid.uuid4()).replace('-', ''),
+      '{}'.format(target.user_id).replace('-', ''),
+      '{}'.format(target.uuid).replace('-', ''),
+      project
+    )
+
+
 event.listen(Note, 'before_insert', before_change_note)
-event.listen(Note, 'before_update', before_change_note)
+event.listen(Note, 'before_update', before_change_note)
+event.listen(Note, 'after_insert', after_change_note)
+event.listen(Note, 'after_update', after_change_note)

config.py

@@ -5,6 +5,7 @@
 
 class Config(object):
   JWT_SECRET_KEY = os.environ.get('API_SECRET_KEY')
+  DB_ENCRYPTION_KEY = os.environ.get('DB_ENCRYPTION_KEY')
   SQLALCHEMY_DATABASE_URI = os.environ.get('DATABASE_URI') or 'sqlite:///' + os.path.join(basedir + '/config', 'app.db')
   SQLALCHEMY_TRACK_MODIFICATIONS = False
   JWT_ACCESS_TOKEN_EXPIRES = datetime.timedelta(days=7)

migrations/env.py

@@ -82,6 +82,7 @@ def process_revision_directives(context, revision, directives):
         context.configure(
             connection=connection,
             target_metadata=target_metadata,
+            # render_as_batch=True,
             process_revision_directives=process_revision_directives,
             user_module_prefix="app.model_types.",
             **current_app.extensions['migrate'].configure_args

migrations/versions/21156316dbbe_newtables.py

@@ -0,0 +1,64 @@
+"""newtables
+
+Revision ID: 21156316dbbe
+Revises: 9ca5901af374
+Create Date: 2020-01-28 20:45:00.940634
+
+"""
+from alembic import op
+import sqlalchemy as sa
+import app.model_types
+
+
+# revision identifiers, used by Alembic.
+revision = '21156316dbbe'
+down_revision = '9ca5901af374'
+branch_labels = None
+depends_on = None
+
+
+def upgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    op.create_table('project',
+    sa.Column('uuid', app.model_types.GUID(), nullable=False),
+    sa.Column('user_id', app.model_types.GUID(), nullable=False),
+    sa.Column('note_id', app.model_types.GUID(), nullable=False),
+    sa.Column('name', sa.String(), nullable=True),
+    sa.ForeignKeyConstraint(['note_id'], ['note.uuid'], ),
+    sa.ForeignKeyConstraint(['user_id'], ['user.uuid'], ),
+    sa.PrimaryKeyConstraint('uuid')
+    )
+    op.create_index(op.f('ix_project_uuid'), 'project', ['uuid'], unique=True)
+    op.create_table('tag',
+    sa.Column('uuid', app.model_types.GUID(), nullable=False),
+    sa.Column('user_id', app.model_types.GUID(), nullable=False),
+    sa.Column('note_id', app.model_types.GUID(), nullable=False),
+    sa.Column('name', sa.String(), nullable=True),
+    sa.ForeignKeyConstraint(['note_id'], ['note.uuid'], ),
+    sa.ForeignKeyConstraint(['user_id'], ['user.uuid'], ),
+    sa.PrimaryKeyConstraint('uuid')
+    )
+    op.create_index(op.f('ix_tag_uuid'), 'tag', ['uuid'], unique=True)
+    op.create_table('task',
+    sa.Column('uuid', app.model_types.GUID(), nullable=False),
+    sa.Column('user_id', app.model_types.GUID(), nullable=False),
+    sa.Column('note_id', app.model_types.GUID(), nullable=False),
+    sa.Column('name', sa.String(), nullable=True),
+    sa.Column('swimlane', sa.String(), nullable=True),
+    sa.ForeignKeyConstraint(['note_id'], ['note.uuid'], ),
+    sa.ForeignKeyConstraint(['user_id'], ['user.uuid'], ),
+    sa.PrimaryKeyConstraint('uuid')
+    )
+    op.create_index(op.f('ix_task_uuid'), 'task', ['uuid'], unique=True)
+    # ### end Alembic commands ###
+
+
+def downgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    op.drop_index(op.f('ix_task_uuid'), table_name='task')
+    op.drop_table('task')
+    op.drop_index(op.f('ix_tag_uuid'), table_name='tag')
+    op.drop_table('tag')
+    op.drop_index(op.f('ix_project_uuid'), table_name='project')
+    op.drop_table('project')
+    # ### end Alembic commands ###

migrations/versions/9ca5901af374_cleanup.py

@@ -0,0 +1,35 @@
+"""cleanup
+
+Revision ID: 9ca5901af374
+Revises: a477f34dbaa4
+Create Date: 2020-01-28 20:44:00.184324
+
+"""
+from alembic import op
+import sqlalchemy as sa
+import app.model_types
+
+
+# revision identifiers, used by Alembic.
+revision = '9ca5901af374'
+down_revision = 'a477f34dbaa4'
+branch_labels = None
+depends_on = None
+
+
+def upgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    with op.batch_alter_table('note', schema=None) as batch_op:
+        batch_op.drop_column('projects')
+        batch_op.drop_column('tags')
+
+    # ### end Alembic commands ###
+
+
+def downgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    with op.batch_alter_table('note', schema=None) as batch_op:
+        batch_op.add_column(sa.Column('tags', sa.VARCHAR(), nullable=True))
+        batch_op.add_column(sa.Column('projects', sa.VARCHAR(), nullable=True))
+
+    # ### end Alembic commands ###

requirements.txt

@@ -3,4 +3,5 @@ flask_sqlalchemy
 flask-migrate
 flask-jwt-extended
 flask-argon2
-python-frontmatter
+python-frontmatter
+pycrypto

run.sh

@@ -1,5 +1,9 @@
 #!/bin/sh
 
+if test -f "./config/.env"; then
+  . ./config/.env
+fi
+
 ./verify_env.py
 
 if test -f "./config/.env"; then