git://git.onelab.eu / plcapi.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
fixed error format
[plcapi.git] / PLC / Auth.py
diff --git a/PLC/Auth.py b/PLC/Auth.py
index a15bff2..3be444b 100644 (file)
--- a/PLC/Auth.py
+++ b/PLC/Auth.py
@@ -21,6 +21,7 @@ from PLC.Nodes import Node, Nodes
 from PLC.Interfaces import Interface, Interfaces
 from PLC.Sessions import Session, Sessions
 from PLC.Peers import Peer, Peers
 from PLC.Interfaces import Interface, Interfaces
 from PLC.Sessions import Session, Sessions
 from PLC.Peers import Peer, Peers
+from PLC.Keys import Keys
 from PLC.Boot import notify_owners
 
 class Auth(Parameter):
 from PLC.Boot import notify_owners
 
 class Auth(Parameter):
@@ -71,25 +72,26 @@ class GPGAuth(Auth):
                     raise PLCAuthenticationFailure, "GPGAuth: Not allowed to call method, missing 'peer' role"
 
                 method.caller = peer = peers[0]
                     raise PLCAuthenticationFailure, "GPGAuth: Not allowed to call method, missing 'peer' role"
 
                 method.caller = peer = peers[0]
-                keys = [peer['key']]
+                gpg_keys = [ peer['key'] ]
             else:
                 persons = Persons(method.api, {'email': auth['name'], 'enabled': True, 'peer_id': None})
                 if not persons:
                     raise PLCAuthenticationFailure, "GPGAuth: No such user '%s'" % auth['name']
 
             else:
                 persons = Persons(method.api, {'email': auth['name'], 'enabled': True, 'peer_id': None})
                 if not persons:
                     raise PLCAuthenticationFailure, "GPGAuth: No such user '%s'" % auth['name']
 
+                method.caller = person = persons[0]
                 if not set(person['roles']).intersection(method.roles):
                     raise PLCAuthenticationFailure, "GPGAuth: Not allowed to call method, missing role"
 
                 if not set(person['roles']).intersection(method.roles):
                     raise PLCAuthenticationFailure, "GPGAuth: Not allowed to call method, missing role"
 
-                method.caller = person = persons[0]
                 keys = Keys(method.api, {'key_id': person['key_ids'], 'key_type': "gpg", 'peer_id': None})
                 keys = Keys(method.api, {'key_id': person['key_ids'], 'key_type': "gpg", 'peer_id': None})
+                gpg_keys = [ key['key'] for key in keys ]
 
 
-            if not keys:
-                raise PLCAuthenticationFailure, "GPGAuth: No GPG key on record for peer or user '%s'"
+            if not gpg_keys:
+                raise PLCAuthenticationFailure, "GPGAuth: No GPG key on record for peer or user '%s'"%auth['name']
 
 
-            for key in keys:
+            for gpg_key in gpg_keys:
                 try:
                     from PLC.GPG import gpg_verify
                 try:
                     from PLC.GPG import gpg_verify
-                    gpg_verify(args, key, auth['signature'], method.name)
+                    gpg_verify(args, gpg_key, auth['signature'], method.name)
                     return
                 except PLCAuthenticationFailure, fault:
                     pass
                     return
                 except PLCAuthenticationFailure, fault:
                     pass
plcapi