def run()

in lemur/manage.py [0:0]

• 80 lines of code
• 9 McCabe index (conditional complexity)

    def run(self, password):
        create()
        user = user_service.get_by_username("lemur")

        admin_role = role_service.get_by_name("admin")

        if admin_role:
            sys.stdout.write("[-] Admin role already created, skipping...!\n")
        else:
            # we create an admin role
            admin_role = role_service.create(
                "admin", description="This is the Lemur administrator role."
            )
            sys.stdout.write("[+] Created 'admin' role\n")

        operator_role = role_service.get_by_name("operator")

        if operator_role:
            sys.stdout.write("[-] Operator role already created, skipping...!\n")
        else:
            # we create an operator role
            operator_role = role_service.create(
                "operator", description="This is the Lemur operator role."
            )
            sys.stdout.write("[+] Created 'operator' role\n")

        read_only_role = role_service.get_by_name("read-only")

        if read_only_role:
            sys.stdout.write("[-] Read only role already created, skipping...!\n")
        else:
            # we create an read only role
            read_only_role = role_service.create(
                "read-only", description="This is the Lemur read only role."
            )
            sys.stdout.write("[+] Created 'read-only' role\n")

        if not user:
            if not password:
                sys.stdout.write("We need to set Lemur's password to continue!\n")
                password = prompt_pass("Password")
                password1 = prompt_pass("Confirm Password")

                if password != password1:
                    sys.stderr.write("[!] Passwords do not match!\n")
                    sys.exit(1)

            user_service.create(
                "lemur", password, "lemur@nobody.com", True, None, [admin_role]
            )
            sys.stdout.write(
                "[+] Created the user 'lemur' and granted it the 'admin' role!\n"
            )

        else:
            sys.stdout.write(
                "[-] Default user has already been created, skipping...!\n"
            )

        intervals = current_app.config.get(
            "LEMUR_DEFAULT_EXPIRATION_NOTIFICATION_INTERVALS", []
        )
        sys.stdout.write(
            "[!] Creating {num} notifications for {intervals} days as specified by LEMUR_DEFAULT_EXPIRATION_NOTIFICATION_INTERVALS\n".format(
                num=len(intervals), intervals=",".join([str(x) for x in intervals])
            )
        )

        recipients = current_app.config.get("LEMUR_SECURITY_TEAM_EMAIL")
        sys.stdout.write("[+] Creating expiration email notifications!\n")
        sys.stdout.write(
            "[!] Using {0} as specified by LEMUR_SECURITY_TEAM_EMAIL for notifications\n".format(
                recipients
            )
        )
        notification_service.create_default_expiration_notifications(
            "DEFAULT_SECURITY", recipients=recipients
        )

        _DEFAULT_ROTATION_INTERVAL = "default"
        default_rotation_interval = policy_service.get_by_name(
            _DEFAULT_ROTATION_INTERVAL
        )

        if default_rotation_interval:
            sys.stdout.write(
                "[-] Default rotation interval policy already created, skipping...!\n"
            )
        else:
            days = current_app.config.get("LEMUR_DEFAULT_ROTATION_INTERVAL", 30)
            sys.stdout.write(
                "[+] Creating default certificate rotation policy of {days} days before issuance.\n".format(
                    days=days
                )
            )
            policy_service.create(days=days, name=_DEFAULT_ROTATION_INTERVAL)

        sys.stdout.write("[/] Done!\n")