ability to update keys file from admin

add-key-for-user
nate 2018-02-21 20:36:09 -08:00
parent 3cf1b5a059
commit 31d58a637d
1 changed files with 16 additions and 9 deletions

View File

@ -117,8 +117,6 @@ class Townie(User):
logging.error(error) logging.error(error)
return return
self.write_authorized_keys()
def write_authorized_keys(self): def write_authorized_keys(self):
# Write out authorized_keys file # Write out authorized_keys file
# Why is this a call out to a python script? There's no secure way with # Why is this a call out to a python script? There's no secure way with
@ -146,12 +144,11 @@ class Townie(User):
"""returns a string suitable for writing out to an authorized_keys """returns a string suitable for writing out to an authorized_keys
file""" file"""
content = KEYFILE_HEADER content = KEYFILE_HEADER
pubkeys = Pubkey.objects.filter(townie=self) for pubkey in self.pubkey_set.all():
for key in pubkeys: if pubkey.key.startswith('ssh-'):
if key.key.startswith('ssh-'): content += '\n{}'.format(pubkey.key)
content += '\n{}'.format(key.key)
else: else:
content += '\n{} {}'.format(key.key_type, key.key) content += '\n{} {}'.format(key.key_type, pubkey.key)
return content return content
@ -169,13 +166,23 @@ class Pubkey(Model):
@receiver(pre_save, sender=Townie) @receiver(pre_save, sender=Townie)
def on_townie_pre_save(sender, instance, **kwargs): def on_townie_pre_save(sender, instance, **kwargs):
existing = Townie.objects.filter(username=instance.username) existing = Townie.objects.filter(username=instance.username)
if not existing: # we're making a new user if not existing:
# we're making a new Townie; this means someone just signed up. We
# don't care at all about their state on disk.
return return
if not existing[0].reviewed and instance.reviewed == True: existing = existing[0]
needs_creation = not existing.reviewed and instance.reviewed == True
regen_keyfile = needs_creation or set(existing.pubkey_set.all()) != set(instance.pubkey_set.all())
if needs_creation:
instance.create_on_disk() instance.create_on_disk()
instance.send_welcome_email() instance.send_welcome_email()
if regen_keyfile:
instance.write_authorized_keys()
def _guarded_run(cmd_args, **run_args): def _guarded_run(cmd_args, **run_args):
"""Given a list of args representing a command invocation as well as var """Given a list of args representing a command invocation as well as var