Skip to content

Commit 6487086

Browse files
aclark4lifeaclark4life
committed
Refactor helpers again
Since auto_encryption_opts is provided in test settings, that means we get a key vault database that persists whether we like it or not. Would be nice if that were not the case, but probably OK for now.
1 parent e25357e commit 6487086

File tree

1 file changed

+15
-7
lines changed

1 file changed

+15
-7
lines changed

django_mongodb_backend/encryption.py

Lines changed: 15 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -7,6 +7,9 @@
77
from bson.codec_options import CodecOptions
88
from pymongo.encryption import AutoEncryptionOpts, ClientEncryption
99

10+
KEY_VAULT_DATABASE_NAME = "keyvault"
11+
KEY_VAULT_COLLECTION_NAME = "__keyVault"
12+
1013

1114
def get_kms_providers():
1215
"""
@@ -19,7 +22,7 @@ def get_kms_providers():
1922
}
2023

2124

22-
def get_client_encryption(encrypted_connection):
25+
def get_client_encryption(client):
2326
"""
2427
Returns a `ClientEncryption` instance for MongoDB Client-Side Field Level
2528
Encryption (CSFLE) that can be used to create an encrypted collection.
@@ -28,21 +31,26 @@ def get_client_encryption(encrypted_connection):
2831
key_vault_namespace = get_key_vault_namespace()
2932
kms_providers = get_kms_providers()
3033
codec_options = CodecOptions(uuid_representation=STANDARD)
31-
return ClientEncryption(kms_providers, key_vault_namespace, encrypted_connection, codec_options)
34+
return ClientEncryption(kms_providers, key_vault_namespace, client, codec_options)
3235

3336

34-
def get_key_vault_namespace():
35-
key_vault_database_name = "encryption"
36-
key_vault_collection_name = "__keyVault"
37+
def get_key_vault_namespace(
38+
key_vault_database_name=KEY_VAULT_DATABASE_NAME,
39+
key_vault_collection_name=KEY_VAULT_COLLECTION_NAME,
40+
):
3741
return f"{key_vault_database_name}.{key_vault_collection_name}"
3842

3943

40-
def get_auto_encryption_opts(crypt_shared_lib_path=None, kms_providers=None):
44+
KEY_VAULT_NAMESPACE = get_key_vault_namespace()
45+
46+
47+
def get_auto_encryption_opts(
48+
key_vault_namespace=KEY_VAULT_NAMESPACE, crypt_shared_lib_path=None, kms_providers=None
49+
):
4150
"""
4251
Returns an `AutoEncryptionOpts` instance for MongoDB Client-Side Field
4352
Level Encryption (CSFLE) that can be used to create an encrypted connection.
4453
"""
45-
key_vault_namespace = get_key_vault_namespace()
4654
return AutoEncryptionOpts(
4755
key_vault_namespace=key_vault_namespace,
4856
kms_providers=kms_providers,

0 commit comments

Comments
 (0)