| ... | ... |
@@ -17,91 +17,88 @@ |
| 17 | 17 |
if (lc $self->req->method eq 'post') {
|
| 18 | 18 |
# Add ssh key |
| 19 | 19 |
if ($op eq 'add') {
|
| 20 |
+ # Paramerters |
|
| 21 |
+ my $title = param('title');
|
|
| 22 |
+ my $original_key = param('key');
|
|
| 20 | 23 |
|
| 21 |
- # Paramters |
|
| 22 |
- my $params = $api->params; |
|
| 24 |
+ # Validator |
|
| 25 |
+ my $vc = app->vc; |
|
| 23 | 26 |
|
| 24 |
- # Rule |
|
| 25 |
- my $rule = [ |
|
| 26 |
- title => [ |
|
| 27 |
- ['not_blank' => 'title is empty'], |
|
| 28 |
- ['ascii' => 'title contains invalid character'], |
|
| 29 |
- ], |
|
| 30 |
- key => [ |
|
| 31 |
- ['not_blank' => 'key is empty'], |
|
| 32 |
- # Check if key format is valid |
|
| 33 |
- sub {
|
|
| 34 |
- my ($original_key, $args, $vc) = @_; |
|
| 35 |
- |
|
| 36 |
- my $type; |
|
| 37 |
- my $original_key_edit; |
|
| 38 |
- if ($original_key =~ /^(ssh-rsa|ssh-dss|ecdsa-sha2-nistp25|ecdsa-sha2-nistp384|ecdsa-sha2-nistp521) +(\S+)/) {
|
|
| 39 |
- $type = $1; |
|
| 40 |
- $original_key_edit = $2; |
|
| 41 |
- } |
|
| 42 |
- |
|
| 43 |
- if ($type) {
|
|
| 44 |
- if ($vc->constraints->{ascii}->($original_key_edit)) {
|
|
| 45 |
- my $key = "$type $original_key_edit"; |
|
| 46 |
- |
|
| 47 |
- my $row = app->dbi->model('ssh_public_key')->select(id => $key)->one;
|
|
| 48 |
- |
|
| 49 |
- if ($row) {
|
|
| 50 |
- return {result => 0, message => 'Key already exists'};
|
|
| 51 |
- } |
|
| 52 |
- else {
|
|
| 53 |
- my $key_is_contained; |
|
| 54 |
- my $authorized_keys_file = app->manager->authorized_keys_file; |
|
| 55 |
- if (defined $authorized_keys_file) {
|
|
| 56 |
- my $result |
|
| 57 |
- = app->manager->parse_authorized_keys_file($authorized_keys_file); |
|
| 27 |
+ # Validation result |
|
| 28 |
+ my $validation = $vc->validation; |
|
| 29 |
+ |
|
| 30 |
+ # "title" |
|
| 31 |
+ if (!(defined $title && length $title)) {
|
|
| 32 |
+ $validation->add_failed(title => 'title is empty'); |
|
| 33 |
+ } |
|
| 34 |
+ elsif (!$vc->check($title, 'ascii_graphic')) {
|
|
| 35 |
+ $validation->add_failed(title => 'title contains invalid character'); |
|
| 36 |
+ } |
|
| 37 |
+ else {
|
|
| 38 |
+ my $ssh_public_key = app->dbi->model('ssh_public_key')->select(
|
|
| 39 |
+ where => {title => $title}
|
|
| 40 |
+ )->one; |
|
| 41 |
+ |
|
| 42 |
+ if ($ssh_public_key) {
|
|
| 43 |
+ $validation->add_failed(title => 'title already exists'); |
|
| 44 |
+ } |
|
| 45 |
+ } |
|
| 46 |
+ |
|
| 47 |
+ # "key" |
|
| 48 |
+ my $key; |
|
| 49 |
+ if (!(defined $original_key && length $original_key)) {
|
|
| 50 |
+ $validation->add_failed(key => 'key is empty'); |
|
| 51 |
+ } |
|
| 52 |
+ else {
|
|
| 53 |
+ my $type; |
|
| 54 |
+ my $original_key_edit; |
|
| 55 |
+ if ($original_key =~ /^(ssh-rsa|ssh-dss|ecdsa-sha2-nistp25|ecdsa-sha2-nistp384|ecdsa-sha2-nistp521) +(\S+)/) {
|
|
| 56 |
+ $type = $1; |
|
| 57 |
+ $original_key_edit = $2; |
|
| 58 |
+ } |
|
| 59 |
+ |
|
| 60 |
+ if (!$type) {
|
|
| 61 |
+ my $message = "Key is invalid. It must begin with 'ssh-rsa', 'ssh-dss', 'ecdsa-sha2-nistp256'," |
|
| 62 |
+ . "'ecdsa-sha2-nistp384', or 'ecdsa-sha2-nistp521'. Check that you're copying the public half of the key"; |
|
| 63 |
+ $validation->add_failed(key => $message); |
|
| 64 |
+ } |
|
| 65 |
+ elsif (!$vc->check($original_key_edit, 'ascii_graphic')) {
|
|
| 66 |
+ $validation->add_failed(key => 'Key contains invalid character.'); |
|
| 67 |
+ } |
|
| 68 |
+ else {
|
|
| 69 |
+ $key = "$type $original_key_edit"; |
|
| 70 |
+ |
|
| 71 |
+ my $row = app->dbi->model('ssh_public_key')->select(
|
|
| 72 |
+ where => {key => $key}
|
|
| 73 |
+ )->one; |
|
| 74 |
+ |
|
| 75 |
+ if ($row) {
|
|
| 76 |
+ $validation->add_failed(key => 'Key already exists'); |
|
| 77 |
+ } |
|
| 78 |
+ else {
|
|
| 79 |
+ my $key_is_contained; |
|
| 80 |
+ my $authorized_keys_file = app->manager->authorized_keys_file; |
|
| 81 |
+ if (defined $authorized_keys_file) {
|
|
| 82 |
+ my $result |
|
| 83 |
+ = app->manager->parse_authorized_keys_file($authorized_keys_file); |
|
| 58 | 84 |
|
| 59 |
- my $before_part = $result->{before_part};
|
|
| 60 |
- my $after_part = $result->{after_part};
|
|
| 61 |
- my $other_part = "$before_part\n$after_part"; |
|
| 62 |
- if ($other_part =~ /\s\Q$original_key_edit\E(\s|$)/) {
|
|
| 63 |
- $key_is_contained = 1; |
|
| 64 |
- } |
|
| 65 |
- } |
|
| 66 |
- |
|
| 67 |
- if ($key_is_contained) {
|
|
| 68 |
- return {
|
|
| 69 |
- result => 0, |
|
| 70 |
- message => "authorized_keys file already contain this key" |
|
| 71 |
- }; |
|
| 72 |
- } |
|
| 73 |
- else {
|
|
| 74 |
- return {result => 1, output => $key}
|
|
| 75 |
- } |
|
| 76 |
- } |
|
| 77 |
- } |
|
| 78 |
- else {
|
|
| 79 |
- return {
|
|
| 80 |
- result => 0, |
|
| 81 |
- message => "Key contains invalid character." |
|
| 82 |
- } |
|
| 85 |
+ my $before_part = $result->{before_part};
|
|
| 86 |
+ my $after_part = $result->{after_part};
|
|
| 87 |
+ my $other_part = "$before_part\n$after_part"; |
|
| 88 |
+ if ($other_part =~ /\s\Q$original_key_edit\E(\s|$)/) {
|
|
| 89 |
+ $key_is_contained = 1; |
|
| 83 | 90 |
} |
| 84 | 91 |
} |
| 85 |
- else {
|
|
| 86 |
- return {
|
|
| 87 |
- result => 0, |
|
| 88 |
- message => "Key is invalid. It must begin with 'ssh-rsa', 'ssh-dss', 'ecdsa-sha2-nistp256'," |
|
| 89 |
- . "'ecdsa-sha2-nistp384', or 'ecdsa-sha2-nistp521'. Check that you're copying the public half of the key" |
|
| 90 |
- }; |
|
| 92 |
+ |
|
| 93 |
+ if ($key_is_contained) {
|
|
| 94 |
+ $validation->add_failed(key => "authorized_keys file already contain this key"); |
|
| 91 | 95 |
} |
| 92 | 96 |
} |
| 93 |
- ] |
|
| 94 |
- ]; |
|
| 95 |
- |
|
| 96 |
- # Validation |
|
| 97 |
- my $vresult = app->vc->validate($params, $rule); |
|
| 97 |
+ } |
|
| 98 |
+ } |
|
| 98 | 99 |
|
| 99 | 100 |
# Register ssh key |
| 100 |
- if ($vresult->is_ok) {
|
|
| 101 |
- my $safe_params = $vresult->data; |
|
| 102 |
- my $title = $safe_params->{title};
|
|
| 103 |
- my $key = $safe_params->{key};
|
|
| 104 |
- |
|
| 101 |
+ if ($validation->is_valid) {
|
|
| 105 | 102 |
my $p = {
|
| 106 | 103 |
user_id => $user, |
| 107 | 104 |
title => $title, |
| ... | ... |
@@ -125,7 +122,7 @@ |
| 125 | 122 |
} |
| 126 | 123 |
} |
| 127 | 124 |
else {
|
| 128 |
- $errors = $vresult->messages; |
|
| 125 |
+ $errors = $validation->messages; |
|
| 129 | 126 |
} |
| 130 | 127 |
} |
| 131 | 128 |
# Delete ssh public key |