summaryrefslogtreecommitdiff
path: root/lib/leap_cli/commands/user.rb
diff options
context:
space:
mode:
authorelijah <elijah@riseup.net>2016-08-29 14:05:51 -0700
committerelijah <elijah@riseup.net>2016-08-29 14:05:51 -0700
commit030ae6c324b1c8dde9a6eef3baa0b6c45c982110 (patch)
tree655959e5b90bdab98b207fda58a6935cca2d1606 /lib/leap_cli/commands/user.rb
parentb754dafbf3e887449233e335ffc38913f5fa3e2f (diff)
command line interface cleanup: harmonize the signatures of different commands to be more logically consistent.
For now, all changes are backwards compatible. DEPRECATED: `leap add-user`. Use `leap user add` instead.
Diffstat (limited to 'lib/leap_cli/commands/user.rb')
-rw-r--r--lib/leap_cli/commands/user.rb65
1 files changed, 60 insertions, 5 deletions
diff --git a/lib/leap_cli/commands/user.rb b/lib/leap_cli/commands/user.rb
index fb406dc7..a0569a4d 100644
--- a/lib/leap_cli/commands/user.rb
+++ b/lib/leap_cli/commands/user.rb
@@ -13,19 +13,49 @@
module LeapCli
module Commands
- desc 'Adds a new trusted sysadmin by adding public keys to the "users" directory.'
- arg_name 'USERNAME' #, :optional => false, :multiple => false
- command :'add-user' do |c|
-
+ desc 'Manage trusted sysadmins (DEPRECATED)'
+ long_desc "Use `leap user add` instead"
+ command :'user-add' do |c|
c.switch 'self', :desc => 'Add yourself as a trusted sysadmin by choosing among the public keys available for the current user.', :negatable => false
c.flag 'ssh-pub-key', :desc => 'SSH public key file for this new user'
c.flag 'pgp-pub-key', :desc => 'OpenPGP public key file for this new user'
-
c.action do |global_options,options,args|
do_add_user(global_options, options, args)
end
end
+ desc 'Manage trusted sysadmins'
+ long_desc "Manage the trusted sysadmins that are configured in the 'users' directory."
+ command :user do |user|
+
+ user.desc 'Adds a new trusted sysadmin'
+ user.arg_name 'USERNAME'
+ user.command :add do |c|
+ c.switch 'self', :desc => 'Add yourself as a trusted sysadmin by choosing among the public keys available for the current user.', :negatable => false
+ c.flag 'ssh-pub-key', :desc => 'SSH public key file for this new user'
+ c.flag 'pgp-pub-key', :desc => 'OpenPGP public key file for this new user'
+ c.action do |global_options,options,args|
+ do_add_user(global_options, options, args)
+ end
+ end
+
+ user.desc 'Removes a trusted sysadmin'
+ user.arg_name 'USERNAME'
+ user.command :rm do |c|
+ c.action do |global_options,options,args|
+ do_rm_user(global_options, options, args)
+ end
+ end
+
+ user.desc 'Lists the configured sysadmins'
+ user.command :ls do |c|
+ c.action do |global_options,options,args|
+ do_list_users(global_options, options, args)
+ end
+ end
+
+ end
+
private
def do_add_user(global, options, args)
@@ -70,6 +100,31 @@ module LeapCli
update_authorized_keys
end
+ def do_rm_user(global, options, args)
+ dir = [:user_dir, args.first]
+ if Util.dir_exists?(dir)
+ Util.remove_file!(dir)
+ update_authorized_keys
+ else
+ bail! :error, 'There is no directory `%s`' % Path.named_path(dir)
+ end
+ end
+
+ def do_list_users(global, options, args)
+ require 'leap_cli/ssh'
+
+ Dir.glob(path([:user_ssh, '*'])).each do |keyfile|
+ username = File.basename(File.dirname(keyfile))
+ log username, :color => :cyan do
+ log Path.relative_path(keyfile)
+ key = SSH::Key.load(keyfile)
+ log 'SSH MD5 fingerprint: ' + key.fingerprint(:digest => :md5, :type => :ssh, :encoding => :hex)
+ log 'SSH SHA256 fingerprint: ' + key.fingerprint(:digest => :sha256, :type => :ssh, :encoding => :base64)
+ log 'DER MD5 fingerprint: ' + key.fingerprint(:digest => :md5, :type => :der, :encoding => :hex)
+ end
+ end
+ end
+
#
# let the the user choose among the ssh public keys that we encounter, or
# just pick the key if there is only one.