Include keycheck results in active process pages

ae8dbe25 · Enrico Zini · e4b189b7 · ae8dbe25 · ae8dbe25 · ae8dbe25
Commit ae8dbe25 authored May 16, 2016 by Enrico Zini
--- a/keyring/models.py
+++ b/keyring/models.py
@@ -23,6 +23,7 @@ import tempfile
 from six.moves.urllib.parse import urlencode
 import json
 import requests
+from six.moves import shlex_quote
 from contextlib import contextmanager
 import logging

@@ -40,7 +41,7 @@ KEYRING_MAINT_GIT_REPO = getattr(settings, "KEYRING_MAINT_GIT_REPO", "data/keyri
 def tempdir_gpg():
    homedir = tempfile.mkdtemp(dir=KEYRINGS_TMPDIR)
    try:
-        gpg = GPG(homedir=homedir)
+        gpg = GPG(homedir=homedir, use_default_keyring=True)
        yield gpg
    finally:
        shutil.rmtree(homedir)
@@ -154,17 +155,20 @@ class GPG(object):
    Run GnuPG commands and parse their output
    """

-    def __init__(self, homedir=None):
+    def __init__(self, homedir=None, use_default_keyring=False):
        self.homedir = homedir
+        self.use_default_keyring = use_default_keyring

    def _base_cmd(self):
        cmd = ["/usr/bin/gpg"]
        if self.homedir is not None:
            cmd.append("--homedir")
            cmd.append(self.homedir)
-        cmd.extend(("-q", "--no-options", "--no-default-keyring", "--no-auto-check-trustdb",
+        cmd.extend(("-q", "--no-options", "--no-auto-check-trustdb",
            "--trust-model", "always", "--with-colons", "--fixed-list-mode",
            "--with-fingerprint", "--no-permission-warning"))
+        if not self.use_default_keyring:
+            cmd.append("--no-default-keyring")
        return cmd

    def cmd(self, *args):
@@ -228,7 +232,11 @@ class GPG(object):
        """
        stdout, stderr, result = self.run_cmd(cmd, input)
        if result != 0:
-            raise RuntimeError("gpg exited with status %d: %s" % (result, stderr.strip()))
+            raise RuntimeError("{} exited with status {}: {}".format(
+                " ".join(shlex_quote(x) for x in cmd),
+                result,
+                stderr.strip()
+            ))
        return stdout

    def pipe_cmd(self, cmd):

--- a/nmlayout/static/css/nm.css
+++ b/nmlayout/static/css/nm.css
@@ -48,6 +48,11 @@ table.tablesorter th.headerSortDown:after {
    content: "▼";
 }

+ul.packed {
+   margin-top: 0;
+   margin-bottom: 0;
+}
+
 ul.horizontal {
    list-style-type: none;
 }

--- a/public/templates/public/process.html
+++ b/public/templates/public/process.html
@@ -128,7 +128,22 @@ See: <a href="http://lists.debian.org/debian-project/2010/09/msg00026.html">hand
        </td>
    </tr>
    <tr><th>Account name</th><td>{{person.uid|default:"none chosen yet"}}</td></tr>
-    <tr><th>OpenPGP fingerprint</th><td>{{person.fpr|fingerprint}}{% if "edit_ldap" in vperms.perms %} (<a href="{% url 'restricted_person_fingerprints' key=person.lookup_key %}">manage</a>){% endif %}</td></tr>
+    <tr>
+      <th>OpenPGP fingerprint</th>
+      <td>
+        {{person.fpr|fingerprint}}{% if "edit_ldap" in vperms.perms %} (<a href="{% url 'restricted_person_fingerprints' key=person.lookup_key %}">manage</a>){% endif %}
+        {% if keycheck %}
+        <small>
+        <ul class="packed">
+          <li>Main key: <i>{{keycheck.main.remarks}}</i></li>
+          {% for uid in keycheck.uids %}
+          <li>{{uid.name}}: <i>{{uid.remarks}}</i>, <i>{{uid.sigs_ok}}</i> DD sigs, <i>{{uid.sigs_no_key}}</i> non-DD sigs</li>
+          {% endfor %}
+        </ul>
+        </small>
+        {% endif %}
+      </td>
+    </tr>
    {% if process.manager %}
    <tr><th>Manager</th><td><a href="{{process.manager.get_absolute_url}}">{{process.manager.person.uid}}</a></td></tr>
    {% elif process.progress == PROGRESS_APP_OK %}

--- a/public/views.py
+++ b/public/views.py
@@ -236,6 +236,29 @@ class Process(VisitorTemplateView):
                stats["median_py"] = datetime.timedelta(seconds=stats["median"])
                stats["median_hours"] = stats["median_py"].seconds // 3600
        ctx["mbox_stats"] = stats
+
+        # Key information for active processes
+        if process.is_active:
+            from keyring.models import Key
+            key = Key.objects.get_or_download(process.person.fpr)
+            keycheck = key.keycheck()
+            uids = []
+            for ku in keycheck.uids:
+                uids.append({
+                    "name": ku.uid.name.replace("@", ", "),
+                    "remarks": " ".join(sorted(ku.errors)) if ku.errors else "ok",
+                    "sigs_ok": len(ku.sigs_ok),
+                    "sigs_no_key": len(ku.sigs_no_key),
+                    "sigs_bad": len(ku.sigs_bad)
+                })
+
+            ctx["keycheck"] = {
+                "main": {
+                    "remarks": " ".join(sorted(keycheck.errors)) if keycheck.errors else "ok",
+                },
+                "uids": uids,
+            }
+
        return ctx

    def build_wizards(self, process):