2013-09-18 00:02:42 +00:00
|
|
|
|
{- git-annex webapp gpg stuff
|
|
|
|
|
-
|
2015-01-21 16:50:09 +00:00
|
|
|
|
- Copyright 2013 Joey Hess <id@joeyh.name>
|
2013-09-18 00:02:42 +00:00
|
|
|
|
-
|
|
|
|
|
- Licensed under the GNU AGPL version 3 or higher.
|
|
|
|
|
-}
|
|
|
|
|
|
2013-09-26 16:40:19 +00:00
|
|
|
|
{-# LANGUAGE QuasiQuotes, TemplateHaskell, OverloadedStrings #-}
|
2013-09-18 00:02:42 +00:00
|
|
|
|
|
|
|
|
|
module Assistant.WebApp.Gpg where
|
|
|
|
|
|
|
|
|
|
import Assistant.WebApp.Common
|
2013-09-26 20:09:45 +00:00
|
|
|
|
import Assistant.Gpg
|
2013-09-18 00:02:42 +00:00
|
|
|
|
import Utility.Gpg
|
2015-09-09 22:06:49 +00:00
|
|
|
|
import qualified Annex
|
2013-09-18 19:30:53 +00:00
|
|
|
|
import qualified Git.Command
|
2014-10-27 15:24:21 +00:00
|
|
|
|
import qualified Git.Remote.Remove
|
2013-09-27 20:21:56 +00:00
|
|
|
|
import qualified Git.Construct
|
2013-09-18 19:30:53 +00:00
|
|
|
|
import qualified Annex.Branch
|
|
|
|
|
import qualified Git.GCrypt
|
2013-09-27 20:21:56 +00:00
|
|
|
|
import qualified Remote.GCrypt as GCrypt
|
2013-11-07 22:02:00 +00:00
|
|
|
|
import Git.Types (RemoteName)
|
2013-10-28 15:33:14 +00:00
|
|
|
|
import Assistant.WebApp.MakeRemote
|
2019-10-10 17:08:17 +00:00
|
|
|
|
import Annex.SpecialRemote.Config
|
2013-09-18 19:30:53 +00:00
|
|
|
|
import Logs.Remote
|
2013-09-18 00:02:42 +00:00
|
|
|
|
|
|
|
|
|
import qualified Data.Map as M
|
|
|
|
|
|
|
|
|
|
gpgKeyDisplay :: KeyId -> Maybe UserId -> Widget
|
|
|
|
|
gpgKeyDisplay keyid userid = [whamlet|
|
|
|
|
|
<span title="key id #{keyid}">
|
2014-04-21 11:05:52 +00:00
|
|
|
|
<span .glyphicon .glyphicon-user>
|
|
|
|
|
\
|
|
|
|
|
$maybe name <- userid
|
|
|
|
|
#{name}
|
|
|
|
|
$nothing
|
|
|
|
|
key id #{keyid}
|
2013-09-18 00:02:42 +00:00
|
|
|
|
|]
|
|
|
|
|
|
2013-09-26 20:09:45 +00:00
|
|
|
|
genKeyModal :: Widget
|
|
|
|
|
genKeyModal = $(widgetFile "configurators/genkeymodal")
|
|
|
|
|
|
2013-09-27 20:21:56 +00:00
|
|
|
|
isGcryptInstalled :: IO Bool
|
|
|
|
|
isGcryptInstalled = inPath "git-remote-gcrypt"
|
|
|
|
|
|
2013-09-26 20:09:45 +00:00
|
|
|
|
whenGcryptInstalled :: Handler Html -> Handler Html
|
2013-09-27 20:21:56 +00:00
|
|
|
|
whenGcryptInstalled a = ifM (liftIO isGcryptInstalled)
|
2013-09-26 20:09:45 +00:00
|
|
|
|
( a
|
|
|
|
|
, page "Need git-remote-gcrypt" (Just Configuration) $
|
|
|
|
|
$(widgetFile "configurators/needgcrypt")
|
|
|
|
|
)
|
2013-09-18 00:02:42 +00:00
|
|
|
|
|
|
|
|
|
withNewSecretKey :: (KeyId -> Handler Html) -> Handler Html
|
|
|
|
|
withNewSecretKey use = do
|
2015-09-09 22:06:49 +00:00
|
|
|
|
cmd <- liftAnnex $ gpgCmd <$> Annex.getGitConfig
|
|
|
|
|
userid <- liftIO $ newUserId cmd
|
|
|
|
|
liftIO $ genSecretKey cmd RSA "" userid maxRecommendedKeySize
|
|
|
|
|
results <- M.keys . M.filter (== userid) <$> liftIO (secretKeys cmd)
|
2013-09-18 00:02:42 +00:00
|
|
|
|
case results of
|
2016-11-16 01:29:54 +00:00
|
|
|
|
[] -> giveup "Failed to generate gpg key!"
|
2013-09-18 00:02:42 +00:00
|
|
|
|
(key:_) -> use key
|
2013-09-18 19:30:53 +00:00
|
|
|
|
|
|
|
|
|
{- Tries to find the name used in remote.log for a gcrypt repository
|
|
|
|
|
- with a given uuid.
|
|
|
|
|
-
|
|
|
|
|
- The gcrypt remote may not be on that is listed in the local remote.log
|
|
|
|
|
- (or the info may be out of date), so this actually fetches the git-annex
|
|
|
|
|
- branch from the gcrypt remote and merges it in, and then looks up
|
|
|
|
|
- the name.
|
|
|
|
|
-}
|
2013-11-07 22:02:00 +00:00
|
|
|
|
getGCryptRemoteName :: UUID -> String -> Annex RemoteName
|
2013-09-18 19:30:53 +00:00
|
|
|
|
getGCryptRemoteName u repoloc = do
|
2018-01-09 19:36:56 +00:00
|
|
|
|
tmpremote <- uniqueRemoteName "tmpgcryptremote" 0 <$> Annex.getGitRemotes
|
2013-09-18 19:30:53 +00:00
|
|
|
|
void $ inRepo $ Git.Command.runBool
|
2015-06-01 17:52:23 +00:00
|
|
|
|
[ Param "remote"
|
|
|
|
|
, Param "add"
|
|
|
|
|
, Param tmpremote
|
|
|
|
|
, Param $ Git.GCrypt.urlPrefix ++ repoloc
|
|
|
|
|
]
|
2013-09-18 19:30:53 +00:00
|
|
|
|
mname <- ifM (inRepo $ Git.Command.runBool [Param "fetch", Param tmpremote])
|
|
|
|
|
( do
|
2013-10-02 05:06:59 +00:00
|
|
|
|
void Annex.Branch.forceUpdate
|
2019-10-10 17:08:17 +00:00
|
|
|
|
(lookupName <=< M.lookup u) <$> readRemoteLog
|
2013-09-18 19:30:53 +00:00
|
|
|
|
, return Nothing
|
|
|
|
|
)
|
2014-10-27 15:24:21 +00:00
|
|
|
|
void $ inRepo $ Git.Remote.Remove.remove tmpremote
|
2013-09-27 20:21:56 +00:00
|
|
|
|
maybe missing return mname
|
|
|
|
|
where
|
2016-11-16 01:29:54 +00:00
|
|
|
|
missing = giveup $ "Cannot find configuration for the gcrypt remote at " ++ repoloc
|
2013-09-26 16:40:19 +00:00
|
|
|
|
|
2013-10-22 17:32:10 +00:00
|
|
|
|
{- Checks to see if a repo is encrypted with gcrypt, and runs one action if
|
|
|
|
|
- it's not an another if it is.
|
|
|
|
|
-
|
|
|
|
|
- Since the probing requires gcrypt to be installed, a third action must
|
|
|
|
|
- be provided to run if it's not installed.
|
|
|
|
|
-}
|
2013-10-24 16:59:20 +00:00
|
|
|
|
checkGCryptRepoEncryption :: (Monad m, LiftAnnex m) => String -> m a -> m a -> m a -> m a
|
2013-10-22 17:32:10 +00:00
|
|
|
|
checkGCryptRepoEncryption location notencrypted notinstalled encrypted =
|
2013-10-24 16:59:20 +00:00
|
|
|
|
ifM (liftAnnex $ liftIO isGcryptInstalled)
|
2013-10-22 17:32:10 +00:00
|
|
|
|
( dispatch =<< liftAnnex (inRepo $ Git.GCrypt.probeRepo location)
|
|
|
|
|
, notinstalled
|
|
|
|
|
)
|
2013-09-27 05:03:50 +00:00
|
|
|
|
where
|
|
|
|
|
dispatch Git.GCrypt.Decryptable = encrypted
|
|
|
|
|
dispatch Git.GCrypt.NotEncrypted = notencrypted
|
|
|
|
|
dispatch Git.GCrypt.NotDecryptable =
|
2016-11-16 01:29:54 +00:00
|
|
|
|
giveup "This git repository is encrypted with a GnuPG key that you do not have."
|
2013-09-27 20:21:56 +00:00
|
|
|
|
|
|
|
|
|
{- Gets the UUID of the gcrypt repo at a location, which may not exist.
|
|
|
|
|
- Only works if the gcrypt repo was created as a git-annex remote. -}
|
|
|
|
|
probeGCryptRemoteUUID :: String -> Annex (Maybe UUID)
|
|
|
|
|
probeGCryptRemoteUUID repolocation = do
|
|
|
|
|
r <- inRepo $ Git.Construct.fromRemoteLocation repolocation
|
|
|
|
|
GCrypt.getGCryptUUID False r
|