OK, to answer my own query this works fine:
----------------------------------------------------------------------
class User(object):
username_enc = Column(String(128))
@hybrid_attribute
def username(self):
return decrypt_string(self.username_enc)
@username.setter
def username(self, value):
return self.username_enc = encrypt_string(value)
@username.expression
def username(cls):
return func(decrypt_string(cls.username_enc))
class encrypt_comparator(Comparator):
def operate(self, op, other, **kw):
return op(self.__clause_element__(),
encrypt_string(other), **kw)
@username.comparator(cls):
return cls.encrypt_comparator(cls.username_enc)
----------------------------------------------------------------------
Should have RTFM before posting. Sorry.
On May 2, 5:51 pm, cpldave <[email protected]> wrote:
> Just found this useful page with an example:
>
> http://www.sqlalchemy.org/trac/wiki/UsageRecipes/SymmetricEncryption
>
> Not 100% sure what is going on with a class being defined within the
> Model class itself, but I'll have a play around and see where I can
> get to with that.
>
> Thanks.
>
> On May 2, 5:33 pm, cpldave <[email protected]> wrote:
>
>
>
>
>
>
>
> > Hi All,
>
> > I am trying to write a model that willencryptall data at the
> > database level, but can be accessed easily through normal attributes.
> > I stumbled across thehybrid_propertyfeature and it works fine, as
> > long as I don't try and filter() or filter_by() myhybrid_property.
> > The thing is it'd be quite nice to filter by the hybrid_properties as
> > these are the friendly names for encrypted data in the database.
> > Here's a cut-down version of my class:
>
> > ----------------------------------------------------------------------
> > class User(object):
> > username_enc = Column(String(128))
>
> > @hybrid_attribute
> > def username(self):
> > return decrypt_string(self.username_enc)
>
> > @username.setter
> > def username(self, value):
> > return self.username_enc = encrypt_string(value)
>
> > @username.expression
> > def username(cls):
> > return func(decrypt_string(cls.username_enc))
>
> > user1 = User()
> > user1.username = 'test1'
> > print user1.username # works
> > print user1.username_enc # works
> > ----------------------------------------------------------------------
>
> > This works fine on the object itself for getting and setting values,
> > but if I try to do the following it fails in my "encrypt_string"
> > function complaining that the type should be a string and not a
> > InstrumentedAttribute.
>
> > User.query.filter(User.username == 'test1').first()
>
> > The error message regarding "InstrumentedAttribute" is because
> > base64.b64decode() expects a buffer, rather than an
> > InstrumentedAttribute to decode, but what I don't understand is how to
> > get it to filter based on the encrypted version of the username when
> > the front-end code tries to filter on 'username'
>
> > SQLAlchemy: 0.7.6
> > Python: 2.7
>
> > Any help would be appreciated.
>
> > Cheers,
> > David.
--
You received this message because you are subscribed to the Google Groups
"sqlalchemy" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/sqlalchemy?hl=en.
