15.1.5. crate_anon.anonymise.config¶
Copyright (C) 2015-2018 Rudolf Cardinal (rudolf@pobox.com).
This file is part of CRATE.
CRATE is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
CRATE is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with CRATE. If not, see <http://www.gnu.org/licenses/>.
Config class for CRATE anonymiser.
Thoughts on configuration method
First version used a Config() class, which initializes with blank values. The anonymise_cli.py file creates a config singleton and passes it around. Then when its set() method is called, it reads a config file and instantiates its settings. An option exists to print a draft config without ever reading one from disk.
- Advantage: easy to start the program without a valid config file (e.g. to
print one).
- Disadvantage: modules can’t be sure that a config is properly instantiated
before they are loaded, so you can’t easily define a class according to config settings (you’d have to have a class factory, which gets ugly).
The Django method is to have a configuration file (e.g. settings.py, which can import from other things) that is read by Django and then becomes importable by anything at startup as “django.conf.settings”. (I’ve added local settings via an environment variable.) The way Django knows where to look is via this in manage.py:
- os.environ.setdefault(“DJANGO_SETTINGS_MODULE”,
“crate_anon.crateweb.config.settings”)
- Advantage: setting the config file via an environment variable (read when
the config file loads) allows guaranteed config existence as other modules start.
- Further advantage: config filenames not on command line, therefore not
visible to ps.
- Disadvantage: how do you override with a command-line (argparse) setting?
… though: who cares?
- To print a config using that file: raise an exception on nonexistent
config, and catch it with a special entry point script.
See also http://stackoverflow.com/questions/7443366/argument-passing-strategy-environment-variables-vs-command-line # noqa
-
class
crate_anon.anonymise.config.
Config
(open_databases: bool = True)[source]¶ Class representing the main configuration.
-
encrypt_master_pid
(mpid: Union[int, str]) → Union[str, NoneType][source]¶ Encrypt a master PID, producing a master RID.
-
hash_object
(l: Any) → str[source]¶ Hashes a list with Python’s built-in hash function.
We could use Python’s build-in hash() function, which produces a 64-bit unsigned integer (calculated from: sys.maxint). However, there is an outside chance that someone uses a single-field table and therefore that this is vulnerable to content discovery via a dictionary attack. Thus, we should use a better version.
-