BryanDavis has uploaded a new change for review. ( https://gerrit.wikimedia.org/r/328058 )
Change subject: Display existing SSH -keys ...................................................................... Display existing SSH -keys Display the SSH keys that are stored in LDAP for a user. Bug: T144711 Change-Id: Ia6d0b559636df0ce9a566a884d793ea8fb7f9b21 --- A contrib/add-ssh.sh M requirements.txt M striker/profile/urls.py A striker/profile/utils.py M striker/profile/views.py M striker/templates/profile/settings/accounts.html M striker/templates/profile/settings/base.html A striker/templates/profile/settings/ssh-keys.html 8 files changed, 115 insertions(+), 3 deletions(-) git pull ssh://gerrit.wikimedia.org:29418/labs/striker refs/changes/58/328058/1 diff --git a/contrib/add-ssh.sh b/contrib/add-ssh.sh new file mode 100755 index 0000000..9c597bb --- /dev/null +++ b/contrib/add-ssh.sh @@ -0,0 +1,17 @@ +#!/usr/bin/env bash +# +# Usage: add-ssh.sh SHELL_USER_NAME SSH_PUB_KEY + +NEW_UID=${1:?SHELL_USER_NAME required} +PUB_KEY=${2:?SSH_PUB_KEY required} +BASE_DN="dc=wmftest,dc=net" +USER_BASE_DN="ou=People,${BASE_DN}" +ADMIN_DN="cn=admin,${BASE_DN}" +ADMIN_PASS="vagrant_admin" + +/usr/bin/ldapmodify -x -D "${ADMIN_DN}" -w "${ADMIN_PASS}" <<LDIF +dn: uid=${NEW_UID},${USER_BASE_DN} +changetype: modify +add: sshPublicKey +sshPublicKey: ${PUB_KEY} +LDIF diff --git a/requirements.txt b/requirements.txt index a2820f4..1e43579 100644 --- a/requirements.txt +++ b/requirements.txt @@ -24,3 +24,4 @@ requests>=2.10.0 # Apache 2.0 requests-oauthlib>=0.6.1 # ISC six>=1.10.0 # MIT +sshpubkeys>=2.2.0 # BSD diff --git a/striker/profile/urls.py b/striker/profile/urls.py index f7ed96e..7dd680e 100644 --- a/striker/profile/urls.py +++ b/striker/profile/urls.py @@ -40,4 +40,9 @@ 'striker.profile.views.phab_attach', name='phabricator_attach' ), + urls.url( + r'^settings/ssh-keys$', + 'striker.profile.views.ssh_keys', + name='ssh_keys' + ), ] diff --git a/striker/profile/utils.py b/striker/profile/utils.py new file mode 100644 index 0000000..9efc0cf --- /dev/null +++ b/striker/profile/utils.py @@ -0,0 +1,51 @@ +# -*- coding: utf-8 -*- +# +# Copyright (c) 2016 Wikimedia Foundation and contributors. +# All Rights Reserved. +# +# This file is part of Striker. +# +# Striker is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# Striker is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with Striker. If not, see <http://www.gnu.org/licenses/>. + +import logging +import sshpubkeys + + +logger = logging.getLogger(__name__) + + +def parse_ssh_key(pubkey): + key = sshpubkeys.SSHKey( + pubkey, strict_mode=True, skip_option_parsing=True) + try: + key.parse() + except sshpubkeys.InvalidKeyException as err: + logger.exception('Failed to parse "%s"', err) + key = None + except NotImplementedError as err: + logger.exception('Failed to parse "%s"', err) + key = None + + if key.key_type == b'ssh-dss': + key.type_name = 'DSA' + elif key.key_type == b'ssh-rsa': + key.type_name = 'RSA' + elif key.key_type.startswith(b'ecdsa-sha'): + key.type_name = 'ECDSA' + elif key.key_type == b'ssh-ed25519': + key.type_name = 'ED25519' + else: + key.type_name = key.key_type.decode('utf-8') + + return key diff --git a/striker/profile/views.py b/striker/profile/views.py index 162232c..14d8736 100644 --- a/striker/profile/views.py +++ b/striker/profile/views.py @@ -29,6 +29,7 @@ from django.utils.translation import ugettext_lazy as _ from striker import phabricator +from striker.profile import utils logger = logging.getLogger(__name__) @@ -71,3 +72,11 @@ next_page = req.GET.get( 'next', urlresolvers.reverse('profile:accounts')) return shortcuts.redirect(next_page) + +@login_required +def ssh_keys(req): + ldapuser = req.user.ldapuser + ctx = { + 'ssh_keys': [utils.parse_ssh_key(key) for key in ldapuser.ssh_keys], + } + return shortcuts.render(req, 'profile/settings/ssh-keys.html', ctx) diff --git a/striker/templates/profile/settings/accounts.html b/striker/templates/profile/settings/accounts.html index 9350aa0..dfbb18c 100644 --- a/striker/templates/profile/settings/accounts.html +++ b/striker/templates/profile/settings/accounts.html @@ -4,7 +4,9 @@ {% block title %}{% trans "Account settings" %}{% endblock %} {% block content %} -{% include "profile/settings/accounts/ldap.html" %} -{% include "profile/settings/accounts/sul.html" %} -{% include "profile/settings/accounts/phabricator.html" %} +<div class="panel-group"> + {% include "profile/settings/accounts/ldap.html" %} + {% include "profile/settings/accounts/sul.html" %} + {% include "profile/settings/accounts/phabricator.html" %} +</div> {% endblock %} diff --git a/striker/templates/profile/settings/base.html b/striker/templates/profile/settings/base.html index 07317a1..d84b878 100644 --- a/striker/templates/profile/settings/base.html +++ b/striker/templates/profile/settings/base.html @@ -1,9 +1,11 @@ {% extends "base.html" %} {% load bootstrap3 %} +{% load fontawesome %} {% load i18n %} {% block pre_content %} {% url 'profile:accounts' as settings_accounts %} +{% url 'profile:ssh_keys' as settings_ssh_keys %} {{ block.super }} <div class="container-fluid"> <div class="row"> @@ -14,6 +16,7 @@ </div> <div class="list-group" role="navigation"> <a class="list-group-item {% if request.path == settings_accounts %}active{% endif %}" href="{{ settings_accounts }}">{% bootstrap_icon "user" %} {% trans "Linked accounts" %}</a> + <a class="list-group-item {% if request.path == settings_ssh_keys %}active{% endif %}" href="{{ settings_ssh_keys }}">{% fa_icon "key" %} {% trans "SSH keys" %}</a> </div> </div> </div> diff --git a/striker/templates/profile/settings/ssh-keys.html b/striker/templates/profile/settings/ssh-keys.html new file mode 100644 index 0000000..e0ed52f --- /dev/null +++ b/striker/templates/profile/settings/ssh-keys.html @@ -0,0 +1,24 @@ +{% extends "profile/settings/base.html" %} +{% load fontawesome %} +{% load i18n %} + +{% block title %}{% trans "SSH keys" %}{% endblock %} +{% block content %} +<div class="panel-group"> + {% for key in ssh_keys %} + <div class="panel panel-default"> + <div class="panel-heading"> + <h3 class="panel-title"><span class="fa-stack">{% fa_icon "square" "stack-2x" "fw" aria_hidden="true" %}{% fa_icon "key" "stack-1x" "fw" "inverse" aria_hidden="true" %}</span> {{ key.comment }} ({{ key.bits }} {{ key.type_name }})</h3> + </div> + <div class="panel-body"> + <dl class="dl-horizontal"> + <dt>{% trans "Fingerprint" %}</dt> + <dd>{{ key.hash_md5 }}</dd> + <dd>{{ key.hash_sha256 }}</dd> + </dl> + </div> + </div> + {% endfor %} +</div> +{% endblock %} +{# vim:sw=2:ts=2:sts=2:et: #} -- To view, visit https://gerrit.wikimedia.org/r/328058 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: newchange Gerrit-Change-Id: Ia6d0b559636df0ce9a566a884d793ea8fb7f9b21 Gerrit-PatchSet: 1 Gerrit-Project: labs/striker Gerrit-Branch: master Gerrit-Owner: BryanDavis <bda...@wikimedia.org> _______________________________________________ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits