git://git.onelab.eu
/
plcapi.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
fix packaging for f37 (4/n)
[plcapi.git]
/
PLC
/
Keys.py
diff --git
a/PLC/Keys.py
b/PLC/Keys.py
index
841e6eb
..
1103f7c
100644
(file)
--- a/
PLC/Keys.py
+++ b/
PLC/Keys.py
@@
-9,36
+9,39
@@
from PLC.KeyTypes import KeyType, KeyTypes
class Key(Row):
"""
class Key(Row):
"""
- Representation of a row in the keys table. To use, instantiate with a
- dict of values. Update as you would a dict. Commit to the database
+ Representation of a row in the keys table. To use, instantiate with a
+ dict of values. Update as you would a dict. Commit to the database
with sync().
"""
table_name = 'keys'
primary_key = 'key_id'
with sync().
"""
table_name = 'keys'
primary_key = 'key_id'
- join_tables = ['person_key']
+ join_tables = ['person_key'
, 'peer_key'
]
fields = {
'key_id': Parameter(int, "Key identifier"),
'key_type': Parameter(str, "Key type"),
'key': Parameter(str, "Key value", max = 4096),
fields = {
'key_id': Parameter(int, "Key identifier"),
'key_type': Parameter(str, "Key type"),
'key': Parameter(str, "Key value", max = 4096),
+ 'person_id': Parameter(int, "User to which this key belongs", nullok = True),
+ 'peer_id': Parameter(int, "Peer to which this key belongs", nullok = True),
+ 'peer_key_id': Parameter(int, "Foreign key identifier at peer", nullok = True),
}
def validate_key_type(self, key_type):
key_types = [row['key_type'] for row in KeyTypes(self.api)]
if key_type not in key_types:
}
def validate_key_type(self, key_type):
key_types = [row['key_type'] for row in KeyTypes(self.api)]
if key_type not in key_types:
- raise PLCInvalidArgument
, "Invalid key type"
- return key_type
+ raise PLCInvalidArgument
("Invalid key type")
+
return key_type
def validate_key(self, key):
def validate_key(self, key):
- # Key must not be blacklisted
- rows = self.api.db.selectall("SELECT 1 from keys" \
- " WHERE key = %(key)s" \
+
# Key must not be blacklisted
+
rows = self.api.db.selectall("SELECT 1 from keys" \
+
" WHERE key = %(key)s" \
" AND is_blacklisted IS True",
locals())
" AND is_blacklisted IS True",
locals())
- if rows:
- raise PLCInvalidArgument
, "Key is blacklisted and cannot be used"
+
if rows:
+ raise PLCInvalidArgument
("Key is blacklisted and cannot be used")
- return key
+
return key
def validate(self):
# Basic validation
def validate(self):
# Basic validation
@@
-60,17
+63,17
@@
class Key(Row):
good_ssh_key = r'^.*(?:ssh-dss|ssh-rsa)[ ]+[A-Za-z0-9+/=]+(?: .*)?$'
if not re.match(good_ssh_key, key, re.IGNORECASE):
good_ssh_key = r'^.*(?:ssh-dss|ssh-rsa)[ ]+[A-Za-z0-9+/=]+(?: .*)?$'
if not re.match(good_ssh_key, key, re.IGNORECASE):
- raise PLCInvalidArgument
, "Invalid SSH version 2 public key"
+ raise PLCInvalidArgument
("Invalid SSH version 2 public key")
def blacklist(self, commit = True):
"""
def blacklist(self, commit = True):
"""
- Permanently blacklist key (and all other identical keys),
- preventing it from ever being added again. Because this could
- affect multiple keys associated with multiple accounts, it
- should be admin only.
- """
+
Permanently blacklist key (and all other identical keys),
+
preventing it from ever being added again. Because this could
+
affect multiple keys associated with multiple accounts, it
+ should be admin only.
+
"""
- assert 'key_id' in self
+
assert 'key_id' in self
assert 'key' in self
# Get all matching keys
assert 'key' in self
# Get all matching keys
@@
-84,8
+87,8
@@
class Key(Row):
self.api.db.do("UPDATE keys SET is_blacklisted = True" \
" WHERE key_id IN (%s)" % ", ".join(map(str, key_ids)))
self.api.db.do("UPDATE keys SET is_blacklisted = True" \
" WHERE key_id IN (%s)" % ", ".join(map(str, key_ids)))
- # But disassociate them from all join tables
- for table in
['person_key']
:
+
# But disassociate them from all join tables
+ for table in
self.join_tables
:
self.api.db.do("DELETE FROM %s WHERE key_id IN (%s)" % \
(table, ", ".join(map(str, key_ids))))
self.api.db.do("DELETE FROM %s WHERE key_id IN (%s)" % \
(table, ", ".join(map(str, key_ids))))
@@
-100,15
+103,17
@@
class Keys(Table):
def __init__(self, api, key_filter = None, columns = None):
Table.__init__(self, api, Key, columns)
def __init__(self, api, key_filter = None, columns = None):
Table.__init__(self, api, Key, columns)
-
-
sql = "SELECT %s FROM
keys WHERE is_blacklisted IS False" % \
+
+
sql = "SELECT %s FROM view_
keys WHERE is_blacklisted IS False" % \
", ".join(self.columns)
if key_filter is not None:
", ".join(self.columns)
if key_filter is not None:
- if isinstance(key_filter, (list, tuple, set)):
+ if isinstance(key_filter, (list, tuple, set
, int
)):
key_filter = Filter(Key.fields, {'key_id': key_filter})
elif isinstance(key_filter, dict):
key_filter = Filter(Key.fields, key_filter)
key_filter = Filter(Key.fields, {'key_id': key_filter})
elif isinstance(key_filter, dict):
key_filter = Filter(Key.fields, key_filter)
- sql += " AND (%s)" % key_filter.sql(api)
+ else:
+ raise PLCInvalidArgument("Wrong key filter %r"%key_filter)
+ sql += " AND (%s) %s" % key_filter.sql(api)
- self.selectall(sql)
+
self.selectall(sql)