rhodecode-enterprise-ce Files · rhodecode/model/ssh_key.py

pull-requests: add merge check that detects WIP marker in title. This will prevent merges in such case....

pull-requests: add merge check that detects WIP marker in title. This will prevent merges in such case. Usually WIP in title means unfinished task that needs still some work. This pattern is present in Gitlab/Github and is already quite common.

marcink - - Load All Authors

File last commit:

r3520:d8bf39a6 default


                r4099:c12e69d0

default

Download file

             ssh_key.py
        
                    136 lines
            
             | 4.6 KiB
            
                | text/x-python
            
             |
                PythonLexer
            
             / rhodecode / model / ssh_key.py
          
                    History
                
                 |
                  Annotation
                 | Raw
                 |Copy content
                 |Copy permalink

      # -*- coding: utf-8 -*-

      # Copyright (C) 2013-2019 RhodeCode GmbH

      #

      # This program is free software: you can redistribute it and/or modify

      # it under the terms of the GNU Affero General Public License, version 3

      # (only), as published by the Free Software Foundation.

      #

      # This program is distributed in the hope that it will be useful,

      # but WITHOUT ANY WARRANTY; without even the implied warranty of

      # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

      # GNU General Public License for more details.

      #

      # You should have received a copy of the GNU Affero General Public License

      # along with this program.  If not, see <http://www.gnu.org/licenses/>.

      #

      # This program is dual-licensed. If you wish to learn more about the

      # RhodeCode Enterprise Edition, including its added features, Support services,

      # and proprietary license terms, please see https://rhodecode.com/licenses/

      import logging

      import traceback

      import sshpubkeys

      import sshpubkeys.exceptions

      from cryptography.hazmat.primitives.asymmetric import rsa

      from cryptography.hazmat.primitives import serialization as crypto_serialization

      from cryptography.hazmat.backends import default_backend as crypto_default_backend

      from rhodecode.model import BaseModel

      from rhodecode.model.db import UserSshKeys

      from rhodecode.model.meta import Session

      log = logging.getLogger(__name__)

      class SshKeyModel(BaseModel):

          cls = UserSshKeys

          def parse_key(self, key_data):

              """

              print(ssh.bits)  # 768

              print(ssh.hash_md5())  # 56:84:1e:90:08:3b:60:c7:29:70:5f:5e:25:a6:3b:86

              print(ssh.hash_sha256())  # SHA256:xk3IEJIdIoR9MmSRXTP98rjDdZocmXJje/28ohMQEwM

              print(ssh.hash_sha512())  # SHA512:1C3lNBhjpDVQe39hnyy+xvlZYU3IPwzqK1rVneGavy6O3/ebjEQSFvmeWoyMTplIanmUK1hmr9nA8Skmj516HA

              print(ssh.comment)  # ojar@ojar-laptop

              print(ssh.options_raw)  # None (string of optional options at the beginning of public key)

              print(ssh.options)  # None (options as a dictionary, parsed and validated)

              :param key_data:

              :return:

              """

              ssh = sshpubkeys.SSHKey(strict_mode=True)

              try:

                  ssh.parse(key_data)

                  return ssh

              except sshpubkeys.exceptions.InvalidKeyException as err:

                  log.error("Invalid key: %s", err)

                  raise

              except NotImplementedError as err:

                  log.error("Invalid key type: %s", err)

                  raise

              except Exception as err:

                  log.error("Key Parse error: %s", err)

                  raise

          def generate_keypair(self, comment=None):

              key = rsa.generate_private_key(

                  backend=crypto_default_backend(),

                  public_exponent=65537,

                  key_size=2048

              )

              private_key = key.private_bytes(

                  crypto_serialization.Encoding.PEM,

                  crypto_serialization.PrivateFormat.PKCS8,

                  crypto_serialization.NoEncryption())

              public_key = key.public_key().public_bytes(

                  crypto_serialization.Encoding.OpenSSH,

                  crypto_serialization.PublicFormat.OpenSSH

              )

              if comment:

                  public_key = public_key + " " + comment

              return private_key, public_key

          def create(self, user, fingerprint, key_data, description):

              """

              """

              user = self._get_user(user)

              new_ssh_key = UserSshKeys()

              new_ssh_key.ssh_key_fingerprint = fingerprint

              new_ssh_key.ssh_key_data = key_data

              new_ssh_key.user_id = user.user_id

              new_ssh_key.description = description

              Session().add(new_ssh_key)

              return new_ssh_key

          def delete(self, ssh_key_id, user=None):

              """

              Deletes given api_key, if user is set it also filters the object for

              deletion by given user.

              """

              ssh_key = UserSshKeys.query().filter(

                  UserSshKeys.ssh_key_id == ssh_key_id)

              if user:

                  user = self._get_user(user)

                  ssh_key = ssh_key.filter(UserSshKeys.user_id == user.user_id)

                  ssh_key = ssh_key.scalar()

              if ssh_key:

                  try:

                      Session().delete(ssh_key)

                  except Exception:

                      log.error(traceback.format_exc())

                      raise

          def get_ssh_keys(self, user):

              user = self._get_user(user)

              user_ssh_keys = UserSshKeys.query()\

                  .filter(UserSshKeys.user_id == user.user_id)

              user_ssh_keys = user_ssh_keys.order_by(UserSshKeys.ssh_key_id)

              return user_ssh_keys

          def get_ssh_key_by_fingerprint(self, ssh_key_fingerprint):

              user_ssh_key = UserSshKeys.query()\

                  .filter(UserSshKeys.ssh_key_fingerprint == ssh_key_fingerprint)\

                  .first()

              return user_ssh_key

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

				# -- coding: utf-8 --

				# Copyright (C) 2013-2019 RhodeCode GmbH
				#
				# This program is free software: you can redistribute it and/or modify
				# it under the terms of the GNU Affero General Public License, version 3
				# (only), as published by the Free Software Foundation.
				#
				# This program is distributed in the hope that it will be useful,
				# but WITHOUT ANY WARRANTY; without even the implied warranty of
				# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
				# GNU General Public License for more details.
				#
				# You should have received a copy of the GNU Affero General Public License
				# along with this program. If not, see <http://www.gnu.org/licenses/>.
				#
				# This program is dual-licensed. If you wish to learn more about the
				# RhodeCode Enterprise Edition, including its added features, Support services,
				# and proprietary license terms, please see https://rhodecode.com/licenses/

				import logging
				import traceback

				import sshpubkeys
				import sshpubkeys.exceptions

				from cryptography.hazmat.primitives.asymmetric import rsa
				from cryptography.hazmat.primitives import serialization as crypto_serialization
				from cryptography.hazmat.backends import default_backend as crypto_default_backend

				from rhodecode.model import BaseModel
				from rhodecode.model.db import UserSshKeys
				from rhodecode.model.meta import Session


				log = logging.getLogger(__name__)


				class SshKeyModel(BaseModel):
				cls = UserSshKeys

				def parse_key(self, key_data):
				"""
				print(ssh.bits) # 768
				print(ssh.hash_md5()) # 56:84:1e:90:08:3b:60:c7:29:70:5f:5e:25:a6:3b:86
				print(ssh.hash_sha256()) # SHA256:xk3IEJIdIoR9MmSRXTP98rjDdZocmXJje/28ohMQEwM
				print(ssh.hash_sha512()) # SHA512:1C3lNBhjpDVQe39hnyy+xvlZYU3IPwzqK1rVneGavy6O3/ebjEQSFvmeWoyMTplIanmUK1hmr9nA8Skmj516HA
				print(ssh.comment) # ojar@ojar-laptop
				print(ssh.options_raw) # None (string of optional options at the beginning of public key)
				print(ssh.options) # None (options as a dictionary, parsed and validated)

				:param key_data:
				:return:
				"""
				ssh = sshpubkeys.SSHKey(strict_mode=True)
				try:
				ssh.parse(key_data)
				return ssh
				except sshpubkeys.exceptions.InvalidKeyException as err:
				log.error("Invalid key: %s", err)
				raise
				except NotImplementedError as err:
				log.error("Invalid key type: %s", err)
				raise
				except Exception as err:
				log.error("Key Parse error: %s", err)
				raise

				def generate_keypair(self, comment=None):

				key = rsa.generate_private_key(
				backend=crypto_default_backend(),
				public_exponent=65537,
				key_size=2048
				)
				private_key = key.private_bytes(
				crypto_serialization.Encoding.PEM,
				crypto_serialization.PrivateFormat.PKCS8,
				crypto_serialization.NoEncryption())
				public_key = key.public_key().public_bytes(
				crypto_serialization.Encoding.OpenSSH,
				crypto_serialization.PublicFormat.OpenSSH
				)

				if comment:
				public_key = public_key + " " + comment
				return private_key, public_key

				def create(self, user, fingerprint, key_data, description):
				"""
				"""
				user = self._get_user(user)

				new_ssh_key = UserSshKeys()
				new_ssh_key.ssh_key_fingerprint = fingerprint
				new_ssh_key.ssh_key_data = key_data
				new_ssh_key.user_id = user.user_id
				new_ssh_key.description = description

				Session().add(new_ssh_key)

				return new_ssh_key

				def delete(self, ssh_key_id, user=None):
				"""
				Deletes given api_key, if user is set it also filters the object for
				deletion by given user.
				"""
				ssh_key = UserSshKeys.query().filter(
				UserSshKeys.ssh_key_id == ssh_key_id)

				if user:
				user = self._get_user(user)
				ssh_key = ssh_key.filter(UserSshKeys.user_id == user.user_id)
				ssh_key = ssh_key.scalar()

				if ssh_key:
				try:
				Session().delete(ssh_key)
				except Exception:
				log.error(traceback.format_exc())
				raise

				def get_ssh_keys(self, user):
				user = self._get_user(user)
				user_ssh_keys = UserSshKeys.query()\
				.filter(UserSshKeys.user_id == user.user_id)
				user_ssh_keys = user_ssh_keys.order_by(UserSshKeys.ssh_key_id)
				return user_ssh_keys

				def get_ssh_key_by_fingerprint(self, ssh_key_fingerprint):
				user_ssh_key = UserSshKeys.query()\
				.filter(UserSshKeys.ssh_key_fingerprint == ssh_key_fingerprint)\
				.first()

				return user_ssh_key