from PLC.Interfaces import Interface, Interfaces
from PLC.Sessions import Session, Sessions
from PLC.Peers import Peer, Peers
+from PLC.Keys import Keys
from PLC.Boot import notify_owners
class Auth(Parameter):
raise PLCAuthenticationFailure, "GPGAuth: Not allowed to call method, missing 'peer' role"
method.caller = peer = peers[0]
- keys = [peer['key']]
+ gpg_keys = [ peer['key'] ]
else:
persons = Persons(method.api, {'email': auth['name'], 'enabled': True, 'peer_id': None})
if not persons:
raise PLCAuthenticationFailure, "GPGAuth: No such user '%s'" % auth['name']
+ method.caller = person = persons[0]
if not set(person['roles']).intersection(method.roles):
raise PLCAuthenticationFailure, "GPGAuth: Not allowed to call method, missing role"
- method.caller = person = persons[0]
keys = Keys(method.api, {'key_id': person['key_ids'], 'key_type': "gpg", 'peer_id': None})
+ gpg_keys = [ key['key'] for key in keys ]
- if not keys:
- raise PLCAuthenticationFailure, "GPGAuth: No GPG key on record for peer or user '%s'"
+ if not gpg_keys:
+ raise PLCAuthenticationFailure, "GPGAuth: No GPG key on record for peer or user '%s'"%auth['name']
- for key in keys:
+ for gpg_key in gpg_keys:
try:
from PLC.GPG import gpg_verify
- gpg_verify(args, key, auth['signature'], method.name)
+ gpg_verify(args, gpg_key, auth['signature'], method.name)
return
except PLCAuthenticationFailure, fault:
pass
if node['key']:
key = node['key']
else:
- write_debug_line("BootAuth.check: could not get key")
raise PLCAuthenticationFailure, "BootAuth: No node key"
# Yes, this is the "canonicalization" method used.