upstream/ipython Commit - r20946:ff008b70

profile_dir

Sylvain Corlay -

r20946:ff008b70

parent child

IPython/core/application.py

0 +1 -1

             # encoding: utf-8
             """
             An application for IPython.
             All top-level applications should use the classes in this module for
             handling configuration and creating configurables.
             The job of an :class:`Application` is to create the master configuration
             object and then create the configurable objects, passing the config to them.
             """
             # Copyright (c) IPython Development Team.
             # Distributed under the terms of the Modified BSD License.
             import atexit
             import glob
             import logging
             import os
             import shutil
             import sys
             from IPython.config.application import Application, catch_config_error
             from IPython.config.loader import ConfigFileNotFound, PyFileConfigLoader
             from IPython.core import release, crashhandler
             from IPython.core.profiledir import ProfileDir, ProfileDirError
             from IPython.utils.path import get_ipython_dir, get_ipython_package_dir, ensure_dir_exists
             from IPython.utils import py3compat
             from IPython.utils.traitlets import List, Unicode, Type, Bool, Dict, Set, Instance
             if os.name == 'nt':
                 programdata = os.environ.get('PROGRAMDATA', None)
                 if programdata:
                     SYSTEM_CONFIG_DIRS = [os.path.join(programdata, 'ipython')]
                 else:  # PROGRAMDATA is not defined by default on XP.
                     SYSTEM_CONFIG_DIRS = []
             else:
                 SYSTEM_CONFIG_DIRS = [
                     "/usr/local/etc/ipython",
                     "/etc/ipython",
                 ]
             # aliases and flags
             base_aliases = {
                 'profile-dir' : 'ProfileDir.location',
                 'profile' : 'BaseIPythonApplication.profile',
                 'ipython-dir' : 'BaseIPythonApplication.ipython_dir',
                 'log-level' : 'Application.log_level',
                 'config' : 'BaseIPythonApplication.extra_config_file',
             }
             base_flags = dict(
                 debug = ({'Application' : {'log_level' : logging.DEBUG}},
                         "set log level to logging.DEBUG (maximize logging output)"),
                 quiet = ({'Application' : {'log_level' : logging.CRITICAL}},
                         "set log level to logging.CRITICAL (minimize logging output)"),
                 init = ({'BaseIPythonApplication' : {
                                 'copy_config_files' : True,
                                 'auto_create' : True}
                         }, """Initialize profile with default config files.  This is equivalent
                         to running `ipython profile create <profile>` prior to startup.
                         """)
             )
             class ProfileAwareConfigLoader(PyFileConfigLoader):
                 """A Python file config loader that is aware of IPython profiles."""
                 def load_subconfig(self, fname, path=None, profile=None):
                     if profile is not None:
                         try:
                             profile_dir = ProfileDir.find_profile_dir_by_name(
                                     get_ipython_dir(),
                                     profile,
                             )
                         except ProfileDirError:
                             return
                         path = profile_dir.location
                     return super(ProfileAwareConfigLoader, self).load_subconfig(fname, path=path)
             class BaseIPythonApplication(Application):
                 name = Unicode(u'ipython')
                 description = Unicode(u'IPython: an enhanced interactive Python shell.')
                 version = Unicode(release.version)
                 aliases = Dict(base_aliases)
                 flags = Dict(base_flags)
                 classes = List([ProfileDir])
                 # enable `load_subconfig('cfg.py', profile='name')`
                 python_config_loader_class = ProfileAwareConfigLoader
                 # Track whether the config_file has changed,
                 # because some logic happens only if we aren't using the default.
                 config_file_specified = Set()
                 config_file_name = Unicode()
                 def _config_file_name_default(self):
                     return self.name.replace('-','_') + u'_config.py'
                 def _config_file_name_changed(self, name, old, new):
                     if new != old:
                         self.config_file_specified.add(new)
                 # The directory that contains IPython's builtin profiles.
                 builtin_profile_dir = Unicode(
                     os.path.join(get_ipython_package_dir(), u'config', u'profile', u'default')
                 )
                 config_file_paths = List(Unicode)
                 def _config_file_paths_default(self):
                     return [py3compat.getcwd()]
                 extra_config_file = Unicode(config=True,
                 help="""Path to an extra config file to load.
                 If specified, load this config file in addition to any other IPython config.
                 """)
                 def _extra_config_file_changed(self, name, old, new):
                     try:
                         self.config_files.remove(old)
                     except ValueError:
                         pass
                     self.config_file_specified.add(new)
                     self.config_files.append(new)
                 profile = Unicode(u'default', config=True,
                     help="""The IPython profile to use."""
                 )
                 def _profile_changed(self, name, old, new):
                     self.builtin_profile_dir = os.path.join(
                             get_ipython_package_dir(), u'config', u'profile', new
                     )
                 ipython_dir = Unicode(config=True,
                     help="""
                     The name of the IPython directory. This directory is used for logging
                     configuration (through profiles), history storage, etc. The default
                     is usually $HOME/.ipython. This option can also be specified through
                     the environment variable IPYTHONDIR.
                     """
                 )
                 def _ipython_dir_default(self):
                     d = get_ipython_dir()
                     self._ipython_dir_changed('ipython_dir', d, d)
                     return d
                 _in_init_profile_dir = False
-                profile_dir = Instance(ProfileDir)
+                profile_dir = Instance(ProfileDir, allow_none=True)
                 def _profile_dir_default(self):
                     # avoid recursion
                     if self._in_init_profile_dir:
                         return
                     # profile_dir requested early, force initialization
                     self.init_profile_dir()
                     return self.profile_dir
                 overwrite = Bool(False, config=True,
                     help="""Whether to overwrite existing config files when copying""")
                 auto_create = Bool(False, config=True,
                     help="""Whether to create profile dir if it doesn't exist""")
                 config_files = List(Unicode)
                 def _config_files_default(self):
                     return [self.config_file_name]
                 copy_config_files = Bool(False, config=True,
                     help="""Whether to install the default config files into the profile dir.
                     If a new profile is being created, and IPython contains config files for that
                     profile, then they will be staged into the new directory.  Otherwise,
                     default config files will be automatically generated.
                     """)
                 verbose_crash = Bool(False, config=True,
                     help="""Create a massive crash report when IPython encounters what may be an
                     internal error.  The default is to append a short message to the
                     usual traceback""")
                 # The class to use as the crash handler.
                 crash_handler_class = Type(crashhandler.CrashHandler)
                 @catch_config_error
                 def __init__(self, **kwargs):
                     super(BaseIPythonApplication, self).__init__(**kwargs)
                     # ensure current working directory exists
                     try:
                         directory = py3compat.getcwd()
                     except:
                         # exit if cwd doesn't exist
                         self.log.error("Current working directory doesn't exist.")
                         self.exit(1)
                 #-------------------------------------------------------------------------
                 # Various stages of Application creation
                 #-------------------------------------------------------------------------
                 def init_crash_handler(self):
                     """Create a crash handler, typically setting sys.excepthook to it."""
                     self.crash_handler = self.crash_handler_class(self)
                     sys.excepthook = self.excepthook
                     def unset_crashhandler():
                         sys.excepthook = sys.__excepthook__
                     atexit.register(unset_crashhandler)
                 def excepthook(self, etype, evalue, tb):
                     """this is sys.excepthook after init_crashhandler
                     set self.verbose_crash=True to use our full crashhandler, instead of
                     a regular traceback with a short message (crash_handler_lite)
                     """
                     if self.verbose_crash:
                         return self.crash_handler(etype, evalue, tb)
                     else:
                         return crashhandler.crash_handler_lite(etype, evalue, tb)
                 def _ipython_dir_changed(self, name, old, new):
                     if old is not None:
                         str_old = py3compat.cast_bytes_py2(os.path.abspath(old),
                             sys.getfilesystemencoding()
                         )
                         if str_old in sys.path:
                             sys.path.remove(str_old)
                     str_path = py3compat.cast_bytes_py2(os.path.abspath(new),
                         sys.getfilesystemencoding()
                     )
                     sys.path.append(str_path)
                     ensure_dir_exists(new)
                     readme = os.path.join(new, 'README')
                     readme_src = os.path.join(get_ipython_package_dir(), u'config', u'profile', 'README')
                     if not os.path.exists(readme) and os.path.exists(readme_src):
                         shutil.copy(readme_src, readme)
                     for d in ('extensions', 'nbextensions'):
                         path = os.path.join(new, d)
                         try:
                             ensure_dir_exists(path)
                         except OSError:
                             # this will not be EEXIST
                             self.log.error("couldn't create path %s: %s", path, e)
                     self.log.debug("IPYTHONDIR set to: %s" % new)
                 def load_config_file(self, suppress_errors=True):
                     """Load the config file.
                     By default, errors in loading config are handled, and a warning
                     printed on screen. For testing, the suppress_errors option is set
                     to False, so errors will make tests fail.
                     """
                     self.log.debug("Searching path %s for config files", self.config_file_paths)
                     base_config = 'ipython_config.py'
                     self.log.debug("Attempting to load config file: %s" %
                                    base_config)
                     try:
                         Application.load_config_file(
                             self,
                             base_config,
                             path=self.config_file_paths
                         )
                     except ConfigFileNotFound:
                         # ignore errors loading parent
                         self.log.debug("Config file %s not found", base_config)
                         pass
                     for config_file_name in self.config_files:
                         if not config_file_name or config_file_name == base_config:
                             continue
                         self.log.debug("Attempting to load config file: %s" %
                                        self.config_file_name)
                         try:
                             Application.load_config_file(
                                 self,
                                 config_file_name,
                                 path=self.config_file_paths
                             )
                         except ConfigFileNotFound:
                             # Only warn if the default config file was NOT being used.
                             if config_file_name in self.config_file_specified:
                                 msg = self.log.warn
                             else:
                                 msg = self.log.debug
                             msg("Config file not found, skipping: %s", config_file_name)
                         except:
                             # For testing purposes.
                             if not suppress_errors:
                                 raise
                             self.log.warn("Error loading config file: %s" %
                                           self.config_file_name, exc_info=True)
                 def init_profile_dir(self):
                     """initialize the profile dir"""
                     self._in_init_profile_dir = True
                     if self.profile_dir is not None:
                         # already ran
                         return
                     if 'ProfileDir.location' not in self.config:
                         # location not specified, find by profile name
                         try:
                             p = ProfileDir.find_profile_dir_by_name(self.ipython_dir, self.profile, self.config)
                         except ProfileDirError:
                             # not found, maybe create it (always create default profile)
                             if self.auto_create or self.profile == 'default':
                                 try:
                                     p = ProfileDir.create_profile_dir_by_name(self.ipython_dir, self.profile, self.config)
                                 except ProfileDirError:
                                     self.log.fatal("Could not create profile: %r"%self.profile)
                                     self.exit(1)
                                 else:
                                     self.log.info("Created profile dir: %r"%p.location)
                             else:
                                 self.log.fatal("Profile %r not found."%self.profile)
                                 self.exit(1)
                         else:
                             self.log.debug("Using existing profile dir: %r"%p.location)
                     else:
                         location = self.config.ProfileDir.location
                         # location is fully specified
                         try:
                             p = ProfileDir.find_profile_dir(location, self.config)
                         except ProfileDirError:
                             # not found, maybe create it
                             if self.auto_create:
                                 try:
                                     p = ProfileDir.create_profile_dir(location, self.config)
                                 except ProfileDirError:
                                     self.log.fatal("Could not create profile directory: %r"%location)
                                     self.exit(1)
                                 else:
                                     self.log.debug("Creating new profile dir: %r"%location)
                             else:
                                 self.log.fatal("Profile directory %r not found."%location)
                                 self.exit(1)
                         else:
                             self.log.info("Using existing profile dir: %r"%location)
                         # if profile_dir is specified explicitly, set profile name
                         dir_name = os.path.basename(p.location)
                         if dir_name.startswith('profile_'):
                             self.profile = dir_name[8:]
                     self.profile_dir = p
                     self.config_file_paths.append(p.location)
                     self._in_init_profile_dir = False
                 def init_config_files(self):
                     """[optionally] copy default config files into profile dir."""
                     self.config_file_paths.extend(SYSTEM_CONFIG_DIRS)
                     # copy config files
                     path = self.builtin_profile_dir
                     if self.copy_config_files:
                         src = self.profile
                         cfg = self.config_file_name
                         if path and os.path.exists(os.path.join(path, cfg)):
                             self.log.warn("Staging %r from %s into %r [overwrite=%s]"%(
                                     cfg, src, self.profile_dir.location, self.overwrite)
                             )
                             self.profile_dir.copy_config_file(cfg, path=path, overwrite=self.overwrite)
                         else:
                             self.stage_default_config_file()
                     else:
                         # Still stage *bundled* config files, but not generated ones
                         # This is necessary for `ipython profile=sympy` to load the profile
                         # on the first go
                         files = glob.glob(os.path.join(path, '*.py'))
                         for fullpath in files:
                             cfg = os.path.basename(fullpath)
                             if self.profile_dir.copy_config_file(cfg, path=path, overwrite=False):
                                 # file was copied
                                 self.log.warn("Staging bundled %s from %s into %r"%(
                                         cfg, self.profile, self.profile_dir.location)
                                 )
                 def stage_default_config_file(self):
                     """auto generate default config file, and stage it into the profile."""
                     s = self.generate_config_file()
                     fname = os.path.join(self.profile_dir.location, self.config_file_name)
                     if self.overwrite or not os.path.exists(fname):
                         self.log.warn("Generating default config file: %r"%(fname))
                         with open(fname, 'w') as f:
                             f.write(s)
                 @catch_config_error
                 def initialize(self, argv=None):
                     # don't hook up crash handler before parsing command-line
                     self.parse_command_line(argv)
                     self.init_crash_handler()
                     if self.subapp is not None:
                         # stop here if subapp is taking over
                         return
                     cl_config = self.config
                     self.init_profile_dir()
                     self.init_config_files()
                     self.load_config_file()
                     # enforce cl-opts override configfile opts:
                     self.update_config(cl_config)

jupyter_nbformat/sign.py

0 +1 -1

             """Utilities for signing notebooks"""
             # Copyright (c) IPython Development Team.
             # Distributed under the terms of the Modified BSD License.
             import base64
             from contextlib import contextmanager
             from datetime import datetime
             import hashlib
             from hmac import HMAC
             import io
             import os
             try:
                 import sqlite3
             except ImportError:
                 try:
                     from pysqlite2 import dbapi2 as sqlite3
                 except ImportError:
                     sqlite3 = None
             from IPython.utils.io import atomic_writing
             from IPython.utils.py3compat import unicode_type, cast_bytes
             from IPython.utils.traitlets import Instance, Bytes, Enum, Any, Unicode, Bool, Integer
             from IPython.config import LoggingConfigurable, MultipleInstanceError
             from IPython.core.application import BaseIPythonApplication, base_flags
             from . import read, write, NO_CONVERT
             try:
                 # Python 3
                 algorithms = hashlib.algorithms_guaranteed
             except AttributeError:
                 algorithms = hashlib.algorithms
             def yield_everything(obj):
                 """Yield every item in a container as bytes
                 Allows any JSONable object to be passed to an HMAC digester
                 without having to serialize the whole thing.
                 """
                 if isinstance(obj, dict):
                     for key in sorted(obj):
                         value = obj[key]
                         yield cast_bytes(key)
                         for b in yield_everything(value):
                             yield b
                 elif isinstance(obj, (list, tuple)):
                     for element in obj:
                         for b in yield_everything(element):
                             yield b
                 elif isinstance(obj, unicode_type):
                     yield obj.encode('utf8')
                 else:
                     yield unicode_type(obj).encode('utf8')
             def yield_code_cells(nb):
                 """Iterator that yields all cells in a notebook
                 nbformat version independent
                 """
                 if nb.nbformat >= 4:
                     for cell in nb['cells']:
                         if cell['cell_type'] == 'code':
                             yield cell
                 elif nb.nbformat == 3:
                     for ws in nb['worksheets']:
                         for cell in ws['cells']:
                             if cell['cell_type'] == 'code':
                                 yield cell
             @contextmanager
             def signature_removed(nb):
                 """Context manager for operating on a notebook with its signature removed
                 Used for excluding the previous signature when computing a notebook's signature.
                 """
                 save_signature = nb['metadata'].pop('signature', None)
                 try:
                     yield
                 finally:
                     if save_signature is not None:
                         nb['metadata']['signature'] = save_signature
             class NotebookNotary(LoggingConfigurable):
                 """A class for computing and verifying notebook signatures."""
-                profile_dir = Instance("IPython.core.profiledir.ProfileDir")
+                profile_dir = Instance("IPython.core.profiledir.ProfileDir", allow_none=True)
                 def _profile_dir_default(self):
                     from IPython.core.application import BaseIPythonApplication
                     app = None
                     try:
                         if BaseIPythonApplication.initialized():
                             app = BaseIPythonApplication.instance()
                     except MultipleInstanceError:
                         pass
                     if app is None:
                         # create an app, without the global instance
                         app = BaseIPythonApplication()
                         app.initialize(argv=[])
                     return app.profile_dir
                 db_file = Unicode(config=True,
                     help="""The sqlite file in which to store notebook signatures.
                     By default, this will be in your IPython profile.
                     You can set it to ':memory:' to disable sqlite writing to the filesystem.
                     """)
                 def _db_file_default(self):
                     if self.profile_dir is None:
                         return ':memory:'
                     return os.path.join(self.profile_dir.security_dir, u'nbsignatures.db')
                 # 64k entries ~ 12MB
                 cache_size = Integer(65535, config=True,
                     help="""The number of notebook signatures to cache.
                     When the number of signatures exceeds this value,
                     the oldest 25% of signatures will be culled.
                     """
                 )
                 db = Any()
                 def _db_default(self):
                     if sqlite3 is None:
                         self.log.warn("Missing SQLite3, all notebooks will be untrusted!")
                         return
                     kwargs = dict(detect_types=sqlite3.PARSE_DECLTYPES|sqlite3.PARSE_COLNAMES)
                     db = sqlite3.connect(self.db_file, **kwargs)
                     self.init_db(db)
                     return db
                 def init_db(self, db):
                     db.execute("""
                     CREATE TABLE IF NOT EXISTS nbsignatures
                     (
                         id integer PRIMARY KEY AUTOINCREMENT,
                         algorithm text,
                         signature text,
                         path text,
                         last_seen timestamp
                     )""")
                     db.execute("""
                     CREATE INDEX IF NOT EXISTS algosig ON nbsignatures(algorithm, signature)
                     """)
                     db.commit()
                 algorithm = Enum(algorithms, default_value='sha256', config=True,
                     help="""The hashing algorithm used to sign notebooks."""
                 )
                 def _algorithm_changed(self, name, old, new):
                     self.digestmod = getattr(hashlib, self.algorithm)
                 digestmod = Any()
                 def _digestmod_default(self):
                     return getattr(hashlib, self.algorithm)
                 secret_file = Unicode(config=True,
                     help="""The file where the secret key is stored."""
                 )
                 def _secret_file_default(self):
                     if self.profile_dir is None:
                         return ''
                     return os.path.join(self.profile_dir.security_dir, 'notebook_secret')
                 secret = Bytes(config=True,
                     help="""The secret key with which notebooks are signed."""
                 )
                 def _secret_default(self):
                     # note : this assumes an Application is running
                     if os.path.exists(self.secret_file):
                         with io.open(self.secret_file, 'rb') as f:
                             return f.read()
                     else:
                         secret = base64.encodestring(os.urandom(1024))
                         self._write_secret_file(secret)
                         return secret
                 def _write_secret_file(self, secret):
                     """write my secret to my secret_file"""
                     self.log.info("Writing notebook-signing key to %s", self.secret_file)
                     with io.open(self.secret_file, 'wb') as f:
                         f.write(secret)
                     try:
                         os.chmod(self.secret_file, 0o600)
                     except OSError:
                         self.log.warn(
                             "Could not set permissions on %s",
                             self.secret_file
                         )
                     return secret
                 def compute_signature(self, nb):
                     """Compute a notebook's signature
                     by hashing the entire contents of the notebook via HMAC digest.
                     """
                     hmac = HMAC(self.secret, digestmod=self.digestmod)
                     # don't include the previous hash in the content to hash
                     with signature_removed(nb):
                         # sign the whole thing
                         for b in yield_everything(nb):
                             hmac.update(b)
                     return hmac.hexdigest()
                 def check_signature(self, nb):
                     """Check a notebook's stored signature
                     If a signature is stored in the notebook's metadata,
                     a new signature is computed and compared with the stored value.
                     Returns True if the signature is found and matches, False otherwise.
                     The following conditions must all be met for a notebook to be trusted:
                     - a signature is stored in the form 'scheme:hexdigest'
                     - the stored scheme matches the requested scheme
                     - the requested scheme is available from hashlib
                     - the computed hash from notebook_signature matches the stored hash
                     """
                     if nb.nbformat < 3:
                         return False
                     if self.db is None:
                         return False
                     signature = self.compute_signature(nb)
                     r = self.db.execute("""SELECT id FROM nbsignatures WHERE
                         algorithm = ? AND
                         signature = ?;
                         """, (self.algorithm, signature)).fetchone()
                     if r is None:
                         return False
                     self.db.execute("""UPDATE nbsignatures SET last_seen = ? WHERE
                         algorithm = ? AND
                         signature = ?;
                         """,
                         (datetime.utcnow(), self.algorithm, signature),
                     )
                     self.db.commit()
                     return True
                 def sign(self, nb):
                     """Sign a notebook, indicating that its output is trusted on this machine
                     Stores hash algorithm and hmac digest in a local database of trusted notebooks.
                     """
                     if nb.nbformat < 3:
                         return
                     signature = self.compute_signature(nb)
                     self.store_signature(signature, nb)
                 def store_signature(self, signature, nb):
                     if self.db is None:
                         return
                     self.db.execute("""INSERT OR IGNORE INTO nbsignatures
                         (algorithm, signature, last_seen) VALUES (?, ?, ?)""",
                         (self.algorithm, signature, datetime.utcnow())
                     )
                     self.db.execute("""UPDATE nbsignatures SET last_seen = ? WHERE
                         algorithm = ? AND
                         signature = ?;
                         """,
                         (datetime.utcnow(), self.algorithm, signature),
                     )
                     self.db.commit()
                     n, = self.db.execute("SELECT Count(*) FROM nbsignatures").fetchone()
                     if n > self.cache_size:
                         self.cull_db()
                 def unsign(self, nb):
                     """Ensure that a notebook is untrusted
                     by removing its signature from the trusted database, if present.
                     """
                     signature = self.compute_signature(nb)
                     self.db.execute("""DELETE FROM nbsignatures WHERE
                             algorithm = ? AND
                             signature = ?;
                         """,
                         (self.algorithm, signature)
                     )
                     self.db.commit()
                 def cull_db(self):
                     """Cull oldest 25% of the trusted signatures when the size limit is reached"""
                     self.db.execute("""DELETE FROM nbsignatures WHERE id IN (
                         SELECT id FROM nbsignatures ORDER BY last_seen DESC LIMIT -1 OFFSET ?
                     );
                     """, (max(int(0.75 * self.cache_size), 1),))
                 def mark_cells(self, nb, trusted):
                     """Mark cells as trusted if the notebook's signature can be verified
                     Sets ``cell.metadata.trusted = True | False`` on all code cells,
                     depending on whether the stored signature can be verified.
                     This function is the inverse of check_cells
                     """
                     if nb.nbformat < 3:
                         return
                     for cell in yield_code_cells(nb):
                         cell['metadata']['trusted'] = trusted
                 def _check_cell(self, cell, nbformat_version):
                     """Do we trust an individual cell?
                     Return True if:
                     - cell is explicitly trusted
                     - cell has no potentially unsafe rich output
                     If a cell has no output, or only simple print statements,
                     it will always be trusted.
                     """
                     # explicitly trusted
                     if cell['metadata'].pop("trusted", False):
                         return True
                     # explicitly safe output
                     if nbformat_version >= 4:
                         unsafe_output_types = ['execute_result', 'display_data']
                         safe_keys = {"output_type", "execution_count", "metadata"}
                     else: # v3
                         unsafe_output_types = ['pyout', 'display_data']
                         safe_keys = {"output_type", "prompt_number", "metadata"}
                     for output in cell['outputs']:
                         output_type = output['output_type']
                         if output_type in unsafe_output_types:
                             # if there are any data keys not in the safe whitelist
                             output_keys = set(output)
                             if output_keys.difference(safe_keys):
                                 return False
                     return True
                 def check_cells(self, nb):
                     """Return whether all code cells are trusted
                     If there are no code cells, return True.
                     This function is the inverse of mark_cells.
                     """
                     if nb.nbformat < 3:
                         return False
                     trusted = True
                     for cell in yield_code_cells(nb):
                         # only distrust a cell if it actually has some output to distrust
                         if not self._check_cell(cell, nb.nbformat):
                             trusted = False
                     return trusted
             trust_flags = {
                 'reset' : (
                     {'TrustNotebookApp' : { 'reset' : True}},
                     """Delete the trusted notebook cache.
                     All previously signed notebooks will become untrusted.
                     """
                 ),
             }
             trust_flags.update(base_flags)
             trust_flags.pop('init')
             class TrustNotebookApp(BaseIPythonApplication):
                 description="""Sign one or more IPython notebooks with your key,
                 to trust their dynamic (HTML, Javascript) output.
                 Trusting a notebook only applies to the current IPython profile.
                 To trust a notebook for use with a profile other than default,
                 add `--profile [profile name]`.
                 Otherwise, you will have to re-execute the notebook to see output.
                 """
                 examples = """
                 ipython trust mynotebook.ipynb and_this_one.ipynb
                 ipython trust --profile myprofile mynotebook.ipynb
                 """
                 flags = trust_flags
                 reset = Bool(False, config=True,
                     help="""If True, delete the trusted signature cache.
                     After reset, all previously signed notebooks will become untrusted.
                     """
                 )
                 notary = Instance(NotebookNotary)
                 def _notary_default(self):
                     return NotebookNotary(parent=self, profile_dir=self.profile_dir)
                 def sign_notebook(self, notebook_path):
                     if not os.path.exists(notebook_path):
                         self.log.error("Notebook missing: %s" % notebook_path)
                         self.exit(1)
                     with io.open(notebook_path, encoding='utf8') as f:
                         nb = read(f, NO_CONVERT)
                     if self.notary.check_signature(nb):
                         print("Notebook already signed: %s" % notebook_path)
                     else:
                         print("Signing notebook: %s" % notebook_path)
                         self.notary.sign(nb)
                         with atomic_writing(notebook_path) as f:
                             write(nb, f, NO_CONVERT)
                 def generate_new_key(self):
                     """Generate a new notebook signature key"""
                     print("Generating new notebook key: %s" % self.notary.secret_file)
                     self.notary._write_secret_file(os.urandom(1024))
                 def start(self):
                     if self.reset:
                         if os.path.exists(self.notary.db_file):
                             print("Removing trusted signature cache: %s" % self.notary.db_file)
                             os.remove(self.notary.db_file)
                         self.generate_new_key()
                         return
                     if not self.extra_args:
                         self.log.critical("Specify at least one notebook to sign.")
                         self.exit(1)
                     for notebook_path in self.extra_args:
                         self.sign_notebook(notebook_path)

General Comments 0

Write
Preview

You need to be logged in to leave comments. Login now

No TODOs yet

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages