add nbformat.sign.NotebookNotary

2024-12-27 04:20:22 +08:00 · 2014-01-17 17:39:41 -08:00 · 2014-01-17 17:39:41 -08:00 · 6a1e7fe685
commit 6a1e7fe685
parent f14f856edb
2 changed files with 7 additions and 36 deletions
--- a/IPython/html/services/notebooks/filenbmanager.py
+++ b/IPython/html/services/notebooks/filenbmanager.py
@ -214,7 +214,7 @@ class FileNotebookManager(NotebookManager):
                except Exception as e:
                    raise web.HTTPError(400, u"Unreadable Notebook: %s %s" % (os_path, e))
            model['content'] = nb
-            sign.mark_trusted_cells(nb, self.secret)
+            sign.mark_trusted_cells(nb, self.notary.secret)
        return model

    def save_notebook_model(self, model, name='', path=''):
@ -239,7 +239,7 @@ class FileNotebookManager(NotebookManager):
        nb = current.to_notebook_json(model['content'])
        
        if sign.check_trusted_cells(nb):
-            sign.trust_notebook(nb, self.secret, self.signature_scheme)
+            sign.trust_notebook(nb, self.notary.secret, self.notary.signature_scheme)
        
        if 'name' in nb['metadata']:
            nb['metadata']['name'] = u''
--- a/IPython/html/services/notebooks/nbmanager.py
+++ b/IPython/html/services/notebooks/nbmanager.py
@ -17,16 +17,12 @@ Authors:
 # Imports
 #-----------------------------------------------------------------------------

-import base64
-import hashlib
-import io
 import os

 from IPython.config.configurable import LoggingConfigurable
-from IPython.core.application import BaseIPythonApplication
-from IPython.nbformat import current
+from IPython.nbformat import current, sign
 from IPython.utils import py3compat
-from IPython.utils.traitlets import Unicode, TraitError, Enum, Bytes
+from IPython.utils.traitlets import Instance, Unicode, TraitError

 #-----------------------------------------------------------------------------
 # Classes
@ -46,34 +42,9 @@ class NotebookManager(LoggingConfigurable):

    filename_ext = Unicode(u'.ipynb')
    
-    signature_scheme = Enum(hashlib.algorithms, default_value='sha256', config=True,
-        help="""The signature scheme used to sign notebooks."""
-    )
-    
-    secret = Bytes(config=True,
-        help="""The secret key with which notebooks are signed."""
-    )
-    def _secret_default(self):
-        # note : this assumes an Application is running
-        profile_dir = BaseIPythonApplication.instance().profile_dir
-        secret_file = os.path.join(profile_dir.security_dir, 'notebook_secret')
-        if os.path.exists(secret_file):
-            with io.open(secret_file, 'rb') as f:
-                return f.read()
-        else:
-            secret = base64.encodestring(os.urandom(1024))
-            self.log.info("Writing output secret to %s", secret_file)
-            with io.open(secret_file, 'wb') as f:
-                f.write(secret)
-            try:
-                os.chmod(secret_file, 0o600)
-            except OSError:
-                self.log.warn(
-                    "Could not set permissions on %s",
-                    secret_file
-                )
-            return secret
-
+    notary = Instance(sign.NotebookNotary)
+    def _notary_default(self):
+        return sign.NotebookNotary(parent=self)
    
    def path_exists(self, path):
        """Does the API-style path (directory) actually exist?