Refactor helpers

aclark4life · aclark4life · commit db324872f52a · 2025-07-01T20:14:29.000-04:00
diff --git a/django_mongodb_backend/encryption.py b/django_mongodb_backend/encryption.py
@@ -8,26 +8,41 @@
 from pymongo.encryption import AutoEncryptionOpts, ClientEncryption
 
 
-def get_client_encryption(auto_encryption_opts, encrypted_connection):
+def get_kms_providers():
+    """
+    Return supported KMS providers for MongoDB Client-Side Field Level Encryption (CSFLE).
+    """
+    return {
+        "local": {
+            "key": get_customer_master_key(),
+        },
+    }
+
+
+def get_client_encryption(encrypted_connection):
     """
     Returns a `ClientEncryption` instance for MongoDB Client-Side Field Level
     Encryption (CSFLE) that can be used to create an encrypted collection.
     """
 
-    key_vault_namespace = auto_encryption_opts._key_vault_namespace
-    kms_providers = auto_encryption_opts._kms_providers
+    key_vault_namespace = get_key_vault_namespace()
+    kms_providers = get_kms_providers()
     codec_options = CodecOptions(uuid_representation=STANDARD)
     return ClientEncryption(kms_providers, key_vault_namespace, encrypted_connection, codec_options)
 
 
+def get_key_vault_namespace():
+    key_vault_database_name = "encryption"
+    key_vault_collection_name = "__keyVault"
+    return f"{key_vault_database_name}.{key_vault_collection_name}"
+
+
 def get_auto_encryption_opts(crypt_shared_lib_path=None, kms_providers=None):
     """
     Returns an `AutoEncryptionOpts` instance for MongoDB Client-Side Field
     Level Encryption (CSFLE) that can be used to create an encrypted connection.
     """
-    key_vault_database_name = "encryption"
-    key_vault_collection_name = "__keyVault"
-    key_vault_namespace = f"{key_vault_database_name}.{key_vault_collection_name}"
+    key_vault_namespace = get_key_vault_namespace()
     return AutoEncryptionOpts(
         key_vault_namespace=key_vault_namespace,
         kms_providers=kms_providers,
@@ -53,14 +68,3 @@ def get_customer_master_key():
         "404142434445464748494a4b4c4d4e4f"
         "505152535455565758595a5b5c5d5e5f"
     )
-
-
-def get_kms_providers():
-    """
-    Return supported KMS providers for MongoDB Client-Side Field Level Encryption (CSFLE).
-    """
-    return {
-        "local": {
-            "key": get_customer_master_key(),
-        },
-    }
diff --git a/django_mongodb_backend/schema.py b/django_mongodb_backend/schema.py
@@ -428,13 +428,8 @@ def _create_collection(self, model):
         if not hasattr(model, "encrypted"):
             self.get_database().create_collection(model._meta.db_table)
         else:
-            # TODO: Route to the encrypted database connection.
-            auto_encryption_opts = self.connection.settings_dict.get("OPTIONS", {}).get(
-                "auto_encryption_opts"
-            )
             client = self.connection.connection
-
-            client_encryption = get_client_encryption(auto_encryption_opts, client)
+            client_encryption = get_client_encryption(client)
             client_encryption.create_encrypted_collection(
                 client.database,
                 model._meta.db_table,
