Add get_encrypted_fields_map management command

Create a `schema_map` for all encrypted models that can be passed to
`AutoEncryptionOpts` for production use.

Usage may involve something like:

- Configure QE site for development
- Develop encrypted models and fields
- Run `python manage.py get_encrypted_fields_map`
- Reconfigure QE site for production by adding `schema_map` to
  AutoEncryptionOpts

Author: aclark4life

django_mongodb_backend/management/commands/get_encrypted_fields_map.py

@@ -0,0 +1,45 @@
+import json
+
+from django.apps import apps
+from django.core.management.base import BaseCommand
+from django.db import DEFAULT_DB_ALIAS, connections
+
+
+class Command(BaseCommand):
+    help = "Generate an encryptedFieldsMap for MongoDB automatic encryption"
+
+    def handle(self, *args, **options):
+        connection = connections[DEFAULT_DB_ALIAS]
+
+        schema_map = self.generate_encrypted_fields_schema_map(connection)
+
+        self.stdout.write(json.dumps(schema_map, indent=2))
+
+    def generate_encrypted_fields_schema_map(self, conn):
+        schema_map = {}
+
+        for model in apps.get_models():
+            encrypted_fields = self.get_encrypted_fields(model, conn)
+            if encrypted_fields:
+                collection = model._meta.db_table
+                schema_map[collection] = {"fields": encrypted_fields}
+
+        return schema_map
+
+    def get_encrypted_fields(self, model, conn):
+        fields = model._meta.fields
+        encrypted_fields = []
+
+        for field in fields:
+            if getattr(field, "encrypted", False):
+                field_map = {
+                    "path": field.column,
+                    "bsonType": field.db_type(conn),
+                }
+
+                if getattr(field, "queries", None):
+                    field_map["queries"] = field.queries[0].to_dict()
+
+                encrypted_fields.append(field_map)
+
+        return encrypted_fields

tests/encryption_/tests.py

@@ -1,5 +1,6 @@
+from django.core import management
 from django.db import connection
-from django.test import TestCase
+from django.test import TestCase, modify_settings
 
 from .models import Person
 
@@ -24,3 +25,13 @@ def test_encrypted_fields_map(self):
         }
         with connection.schema_editor() as editor:
             self.assertEqual(editor._get_encrypted_fields_map(self.person), expected)
+
+
+@modify_settings(
+    INSTALLED_APPS={"prepend": "django_mongodb_backend"},
+)
+class AutoEncryptionOptsTests(TestCase):
+    databases = {"default", "encrypted"}
+
+    def test_auto_encryption_opts(self):
+        management.call_command("get_encrypted_fields_map", verbosity=0)