summaryrefslogtreecommitdiff
path: root/users/app
diff options
context:
space:
mode:
authorjessib <jessib@riseup.net>2013-12-02 10:17:19 -0800
committerjessib <jessib@riseup.net>2013-12-02 10:17:19 -0800
commit8de6f143e53af5287b41913dcf3c7969f452fbc9 (patch)
tree6a311eb5cf4c20fa2053022ca9a45a92f0502f87 /users/app
parentb75f8781bb55557f13a9a4ae48fc45e5d6f1ee86 (diff)
parentdade6497424a869db5f1dfb030f88f4711278b81 (diff)
Merge pull request #118 from azul/feature/validate-pgp-keys
Feature/validate pgp keys
Diffstat (limited to 'users/app')
-rw-r--r--users/app/models/account.rb11
-rw-r--r--users/app/models/identity.rb6
-rw-r--r--users/app/models/pgp_key.rb48
3 files changed, 59 insertions, 6 deletions
diff --git a/users/app/models/account.rb b/users/app/models/account.rb
index 5c943bb..cf998e4 100644
--- a/users/app/models/account.rb
+++ b/users/app/models/account.rb
@@ -27,7 +27,8 @@ class Account
@user.update_attributes attrs.slice(:password_verifier, :password_salt)
end
# TODO: move into identity controller
- update_pgp_key(attrs[:public_key]) if attrs.has_key? :public_key
+ key = update_pgp_key(attrs[:public_key])
+ @user.errors.set :public_key, key.errors.full_messages
@user.save && save_identities
@user.refresh_identity
end
@@ -49,8 +50,12 @@ class Account
end
def update_pgp_key(key)
- @new_identity ||= Identity.for(@user)
- @new_identity.set_key(:pgp, key)
+ PgpKey.new(key).tap do |key|
+ if key.present? && key.valid?
+ @new_identity ||= Identity.for(@user)
+ @new_identity.set_key(:pgp, key)
+ end
+ end
end
def save_identities
diff --git a/users/app/models/identity.rb b/users/app/models/identity.rb
index 97966d0..cbb540e 100644
--- a/users/app/models/identity.rb
+++ b/users/app/models/identity.rb
@@ -94,9 +94,9 @@ class Identity < CouchRest::Model::Base
read_attribute('keys') || HashWithIndifferentAccess.new
end
- def set_key(type, value)
- return if keys[type] == value
- write_attribute('keys', keys.merge(type => value))
+ def set_key(type, key)
+ return if keys[type] == key.to_s
+ write_attribute('keys', keys.merge(type => key.to_s))
end
# for LoginFormatValidation
diff --git a/users/app/models/pgp_key.rb b/users/app/models/pgp_key.rb
new file mode 100644
index 0000000..66f8660
--- /dev/null
+++ b/users/app/models/pgp_key.rb
@@ -0,0 +1,48 @@
+class PgpKey
+ include ActiveModel::Validations
+
+ KEYBLOCK_IDENTIFIERS = [
+ '-----BEGIN PGP PUBLIC KEY BLOCK-----',
+ '-----END PGP PUBLIC KEY BLOCK-----',
+ ]
+
+ # mostly for testing.
+ attr_accessor :keyblock
+
+ validate :validate_keyblock_format
+
+ def initialize(keyblock = nil)
+ @keyblock = keyblock
+ end
+
+ def to_s
+ @keyblock
+ end
+
+ def present?
+ @keyblock.present?
+ end
+
+ # allow comparison with plain keyblock strings.
+ def ==(other)
+ self.equal?(other) or
+ # relax the comparison on line ends.
+ self.to_s.tr_s("\n\r", '') == other.tr_s("\r\n", '')
+ end
+
+ protected
+
+ def validate_keyblock_format
+ if keyblock_identifier_missing?
+ errors.add :public_key_block,
+ "does not look like an armored pgp public key block"
+ end
+ end
+
+ def keyblock_identifier_missing?
+ KEYBLOCK_IDENTIFIERS.find do |identify|
+ !@keyblock.include?(identify)
+ end
+ end
+
+end