[MediaWiki-commits] [Gerrit] labs/striker[master]: Display existing SSH -keys

Sun, 18 Dec 2016 12:13:42 -0800 

BryanDavis has uploaded a new change for review. ( 
https://gerrit.wikimedia.org/r/328058 )

Change subject: Display existing SSH -keys
......................................................................

Display existing SSH -keys

Display the SSH keys that are stored in LDAP for a user.

Bug: T144711
Change-Id: Ia6d0b559636df0ce9a566a884d793ea8fb7f9b21
---
A contrib/add-ssh.sh
M requirements.txt
M striker/profile/urls.py
A striker/profile/utils.py
M striker/profile/views.py
M striker/templates/profile/settings/accounts.html
M striker/templates/profile/settings/base.html
A striker/templates/profile/settings/ssh-keys.html
8 files changed, 115 insertions(+), 3 deletions(-)


  git pull ssh://gerrit.wikimedia.org:29418/labs/striker 
refs/changes/58/328058/1

diff --git a/contrib/add-ssh.sh b/contrib/add-ssh.sh
new file mode 100755
index 0000000..9c597bb
--- /dev/null
+++ b/contrib/add-ssh.sh
@@ -0,0 +1,17 @@
+#!/usr/bin/env bash
+#
+# Usage: add-ssh.sh SHELL_USER_NAME SSH_PUB_KEY
+
+NEW_UID=${1:?SHELL_USER_NAME required}
+PUB_KEY=${2:?SSH_PUB_KEY required}
+BASE_DN="dc=wmftest,dc=net"
+USER_BASE_DN="ou=People,${BASE_DN}"
+ADMIN_DN="cn=admin,${BASE_DN}"
+ADMIN_PASS="vagrant_admin"
+
+/usr/bin/ldapmodify -x -D "${ADMIN_DN}" -w "${ADMIN_PASS}" <<LDIF
+dn: uid=${NEW_UID},${USER_BASE_DN}
+changetype: modify
+add: sshPublicKey
+sshPublicKey: ${PUB_KEY}
+LDIF
diff --git a/requirements.txt b/requirements.txt
index a2820f4..1e43579 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -24,3 +24,4 @@
 requests>=2.10.0  # Apache 2.0
 requests-oauthlib>=0.6.1  # ISC
 six>=1.10.0  # MIT
+sshpubkeys>=2.2.0  # BSD
diff --git a/striker/profile/urls.py b/striker/profile/urls.py
index f7ed96e..7dd680e 100644
--- a/striker/profile/urls.py
+++ b/striker/profile/urls.py
@@ -40,4 +40,9 @@
         'striker.profile.views.phab_attach',
         name='phabricator_attach'
     ),
+    urls.url(
+        r'^settings/ssh-keys$',
+        'striker.profile.views.ssh_keys',
+        name='ssh_keys'
+    ),
 ]
diff --git a/striker/profile/utils.py b/striker/profile/utils.py
new file mode 100644
index 0000000..9efc0cf
--- /dev/null
+++ b/striker/profile/utils.py
@@ -0,0 +1,51 @@
+# -*- coding: utf-8 -*-
+#
+# Copyright (c) 2016 Wikimedia Foundation and contributors.
+# All Rights Reserved.
+#
+# This file is part of Striker.
+#
+# Striker is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Striker is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Striker.  If not, see <http://www.gnu.org/licenses/>.
+
+import logging
+import sshpubkeys
+
+
+logger = logging.getLogger(__name__)
+
+
+def parse_ssh_key(pubkey):
+    key = sshpubkeys.SSHKey(
+        pubkey, strict_mode=True, skip_option_parsing=True)
+    try:
+        key.parse()
+    except sshpubkeys.InvalidKeyException as err:
+        logger.exception('Failed to parse "%s"', err)
+        key = None
+    except NotImplementedError as err:
+        logger.exception('Failed to parse "%s"', err)
+        key = None
+
+    if key.key_type == b'ssh-dss':
+        key.type_name = 'DSA'
+    elif key.key_type == b'ssh-rsa':
+        key.type_name = 'RSA'
+    elif key.key_type.startswith(b'ecdsa-sha'):
+        key.type_name = 'ECDSA'
+    elif key.key_type == b'ssh-ed25519':
+        key.type_name = 'ED25519'
+    else:
+        key.type_name = key.key_type.decode('utf-8')
+
+    return key
diff --git a/striker/profile/views.py b/striker/profile/views.py
index 162232c..14d8736 100644
--- a/striker/profile/views.py
+++ b/striker/profile/views.py
@@ -29,6 +29,7 @@
 from django.utils.translation import ugettext_lazy as _
 
 from striker import phabricator
+from striker.profile import utils
 
 
 logger = logging.getLogger(__name__)
@@ -71,3 +72,11 @@
     next_page = req.GET.get(
         'next', urlresolvers.reverse('profile:accounts'))
     return shortcuts.redirect(next_page)
+
+@login_required
+def ssh_keys(req):
+    ldapuser = req.user.ldapuser
+    ctx = {
+        'ssh_keys': [utils.parse_ssh_key(key) for key in ldapuser.ssh_keys],
+    }
+    return shortcuts.render(req, 'profile/settings/ssh-keys.html', ctx)
diff --git a/striker/templates/profile/settings/accounts.html 
b/striker/templates/profile/settings/accounts.html
index 9350aa0..dfbb18c 100644
--- a/striker/templates/profile/settings/accounts.html
+++ b/striker/templates/profile/settings/accounts.html
@@ -4,7 +4,9 @@
 
 {% block title %}{% trans "Account settings" %}{% endblock %}
 {% block content %}
-{% include "profile/settings/accounts/ldap.html" %}
-{% include "profile/settings/accounts/sul.html" %}
-{% include "profile/settings/accounts/phabricator.html" %}
+<div class="panel-group">
+  {% include "profile/settings/accounts/ldap.html" %}
+  {% include "profile/settings/accounts/sul.html" %}
+  {% include "profile/settings/accounts/phabricator.html" %}
+</div>
 {% endblock %}
diff --git a/striker/templates/profile/settings/base.html 
b/striker/templates/profile/settings/base.html
index 07317a1..d84b878 100644
--- a/striker/templates/profile/settings/base.html
+++ b/striker/templates/profile/settings/base.html
@@ -1,9 +1,11 @@
 {% extends "base.html" %}
 {% load bootstrap3 %}
+{% load fontawesome %}
 {% load i18n %}
 
 {% block pre_content %}
 {% url 'profile:accounts' as settings_accounts %}
+{% url 'profile:ssh_keys' as settings_ssh_keys %}
 {{ block.super }}
 <div class="container-fluid">
   <div class="row">
@@ -14,6 +16,7 @@
         </div>
         <div class="list-group" role="navigation">
             <a class="list-group-item {% if request.path == settings_accounts 
%}active{% endif %}" href="{{ settings_accounts }}">{% bootstrap_icon "user" %} 
{% trans "Linked accounts" %}</a>
+            <a class="list-group-item {% if request.path == settings_ssh_keys 
%}active{% endif %}" href="{{ settings_ssh_keys }}">{% fa_icon "key" %} {% 
trans "SSH keys" %}</a>
         </div>
       </div>
     </div>
diff --git a/striker/templates/profile/settings/ssh-keys.html 
b/striker/templates/profile/settings/ssh-keys.html
new file mode 100644
index 0000000..e0ed52f
--- /dev/null
+++ b/striker/templates/profile/settings/ssh-keys.html
@@ -0,0 +1,24 @@
+{% extends "profile/settings/base.html" %}
+{% load fontawesome %}
+{% load i18n %}
+
+{% block title %}{% trans "SSH keys" %}{% endblock %}
+{% block content %}
+<div class="panel-group">
+  {% for key in ssh_keys %}
+  <div class="panel panel-default">
+    <div class="panel-heading">
+      <h3 class="panel-title"><span class="fa-stack">{% fa_icon "square" 
"stack-2x" "fw" aria_hidden="true" %}{% fa_icon "key" "stack-1x" "fw" "inverse" 
aria_hidden="true" %}</span> {{ key.comment }} ({{ key.bits }} {{ key.type_name 
}})</h3>
+    </div>
+    <div class="panel-body">
+      <dl class="dl-horizontal">
+        <dt>{% trans "Fingerprint" %}</dt>
+        <dd>{{ key.hash_md5 }}</dd>
+        <dd>{{ key.hash_sha256 }}</dd>
+      </dl>
+    </div>
+  </div>
+  {% endfor %}
+</div>
+{% endblock %}
+{# vim:sw=2:ts=2:sts=2:et: #}

-- 
To view, visit https://gerrit.wikimedia.org/r/328058
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: Ia6d0b559636df0ce9a566a884d793ea8fb7f9b21
Gerrit-PatchSet: 1
Gerrit-Project: labs/striker
Gerrit-Branch: master
Gerrit-Owner: BryanDavis <bda...@wikimedia.org>

_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

Reply via email to