kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-08-15 08:30:46 +02:00
Code Issues Packages Projects Releases Wiki Activity

Implemented get_app_conf

Browse Source
This commit is contained in:
Kevin Veen-Birkenbach 2025-08-14 11:14:15 +02:00
parent 85924ab3c5
commit bf7b24c3ee
No known key found for this signature in database
GPG Key ID: 44D8F11FD62F878E
1 changed files with 32 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
filter_plugins/csp_filters.py
View File

@ -1,6 +1,10 @@
from ansible.errors import AnsibleFilterError from ansible.errors import AnsibleFilterError
import hashlib import hashlib
import base64 import base64
import sys, os
sys.path.insert(0, os.path.abspath(os.path.join(os.path.dirname(__file__), '..')))
from module_utils.config_utils import get_app_conf
class FilterModule(object): class FilterModule(object):
""" """
@ -17,13 +21,23 @@ class FilterModule(object):
""" """
Return True if applications[application_id].features[feature] is truthy. Return True if applications[application_id].features[feature] is truthy.
""" """
app = applications.get(application_id, {}) return get_app_conf(
return bool(app.get('features', {}).get(feature, False)) applications,
application_id,
'features.' + feature,
False,
False
)
@staticmethod @staticmethod
def get_csp_whitelist(applications, application_id, directive): def get_csp_whitelist(applications, application_id, directive):
app = applications.get(application_id, {}) wl = get_app_conf(
wl = app.get('server',{}).get('csp', {}).get('whitelist', {}).get(directive, []) applications,
application_id,
'server.csp.whitelist.' + directive,
False,
[]
)
if isinstance(wl, list): if isinstance(wl, list):
return wl return wl
if wl: if wl:
@ -36,8 +50,13 @@ class FilterModule(object):
Dynamically extract all CSP flags for a given directive and return them as tokens, Dynamically extract all CSP flags for a given directive and return them as tokens,
e.g., "'unsafe-eval'", "'unsafe-inline'", etc. e.g., "'unsafe-eval'", "'unsafe-inline'", etc.
""" """
app = applications.get(application_id, {}) flags = get_app_conf(
flags = app.get('server',{}).get('csp', {}).get('flags', {}).get(directive, {}) applications,
application_id,
'server.csp.flags.' + directive,
False,
{}
)
tokens = [] tokens = []
for flag_name, enabled in flags.items(): for flag_name, enabled in flags.items():
@ -51,8 +70,13 @@ class FilterModule(object):
""" """
Return inline script/style snippets to hash for a given CSP directive. Return inline script/style snippets to hash for a given CSP directive.
""" """
app = applications.get(application_id, {}) snippets = get_app_conf(
snippets = app.get('server',{}).get('csp', {}).get('hashes', {}).get(directive, []) applications,
application_id,
'server.csp.hashes.' + directive,
False,
[]
)
if isinstance(snippets, list): if isinstance(snippets, list):
return snippets return snippets
if snippets: if snippets: