... | ... |
@@ -17,91 +17,88 @@ |
17 | 17 |
if (lc $self->req->method eq 'post') { |
18 | 18 |
# Add ssh key |
19 | 19 |
if ($op eq 'add') { |
20 |
+ # Paramerters |
|
21 |
+ my $title = param('title'); |
|
22 |
+ my $original_key = param('key'); |
|
20 | 23 |
|
21 |
- # Paramters |
|
22 |
- my $params = $api->params; |
|
24 |
+ # Validator |
|
25 |
+ my $vc = app->vc; |
|
23 | 26 |
|
24 |
- # Rule |
|
25 |
- my $rule = [ |
|
26 |
- title => [ |
|
27 |
- ['not_blank' => 'title is empty'], |
|
28 |
- ['ascii' => 'title contains invalid character'], |
|
29 |
- ], |
|
30 |
- key => [ |
|
31 |
- ['not_blank' => 'key is empty'], |
|
32 |
- # Check if key format is valid |
|
33 |
- sub { |
|
34 |
- my ($original_key, $args, $vc) = @_; |
|
35 |
- |
|
36 |
- my $type; |
|
37 |
- my $original_key_edit; |
|
38 |
- if ($original_key =~ /^(ssh-rsa|ssh-dss|ecdsa-sha2-nistp25|ecdsa-sha2-nistp384|ecdsa-sha2-nistp521) +(\S+)/) { |
|
39 |
- $type = $1; |
|
40 |
- $original_key_edit = $2; |
|
41 |
- } |
|
42 |
- |
|
43 |
- if ($type) { |
|
44 |
- if ($vc->constraints->{ascii}->($original_key_edit)) { |
|
45 |
- my $key = "$type $original_key_edit"; |
|
46 |
- |
|
47 |
- my $row = app->dbi->model('ssh_public_key')->select(id => $key)->one; |
|
48 |
- |
|
49 |
- if ($row) { |
|
50 |
- return {result => 0, message => 'Key already exists'}; |
|
51 |
- } |
|
52 |
- else { |
|
53 |
- my $key_is_contained; |
|
54 |
- my $authorized_keys_file = app->manager->authorized_keys_file; |
|
55 |
- if (defined $authorized_keys_file) { |
|
56 |
- my $result |
|
57 |
- = app->manager->parse_authorized_keys_file($authorized_keys_file); |
|
27 |
+ # Validation result |
|
28 |
+ my $validation = $vc->validation; |
|
29 |
+ |
|
30 |
+ # "title" |
|
31 |
+ if (!(defined $title && length $title)) { |
|
32 |
+ $validation->add_failed(title => 'title is empty'); |
|
33 |
+ } |
|
34 |
+ elsif (!$vc->check($title, 'ascii_graphic')) { |
|
35 |
+ $validation->add_failed(title => 'title contains invalid character'); |
|
36 |
+ } |
|
37 |
+ else { |
|
38 |
+ my $ssh_public_key = app->dbi->model('ssh_public_key')->select( |
|
39 |
+ where => {title => $title} |
|
40 |
+ )->one; |
|
41 |
+ |
|
42 |
+ if ($ssh_public_key) { |
|
43 |
+ $validation->add_failed(title => 'title already exists'); |
|
44 |
+ } |
|
45 |
+ } |
|
46 |
+ |
|
47 |
+ # "key" |
|
48 |
+ my $key; |
|
49 |
+ if (!(defined $original_key && length $original_key)) { |
|
50 |
+ $validation->add_failed(key => 'key is empty'); |
|
51 |
+ } |
|
52 |
+ else { |
|
53 |
+ my $type; |
|
54 |
+ my $original_key_edit; |
|
55 |
+ if ($original_key =~ /^(ssh-rsa|ssh-dss|ecdsa-sha2-nistp25|ecdsa-sha2-nistp384|ecdsa-sha2-nistp521) +(\S+)/) { |
|
56 |
+ $type = $1; |
|
57 |
+ $original_key_edit = $2; |
|
58 |
+ } |
|
59 |
+ |
|
60 |
+ if (!$type) { |
|
61 |
+ my $message = "Key is invalid. It must begin with 'ssh-rsa', 'ssh-dss', 'ecdsa-sha2-nistp256'," |
|
62 |
+ . "'ecdsa-sha2-nistp384', or 'ecdsa-sha2-nistp521'. Check that you're copying the public half of the key"; |
|
63 |
+ $validation->add_failed(key => $message); |
|
64 |
+ } |
|
65 |
+ elsif (!$vc->check($original_key_edit, 'ascii_graphic')) { |
|
66 |
+ $validation->add_failed(key => 'Key contains invalid character.'); |
|
67 |
+ } |
|
68 |
+ else { |
|
69 |
+ $key = "$type $original_key_edit"; |
|
70 |
+ |
|
71 |
+ my $row = app->dbi->model('ssh_public_key')->select( |
|
72 |
+ where => {key => $key} |
|
73 |
+ )->one; |
|
74 |
+ |
|
75 |
+ if ($row) { |
|
76 |
+ $validation->add_failed(key => 'Key already exists'); |
|
77 |
+ } |
|
78 |
+ else { |
|
79 |
+ my $key_is_contained; |
|
80 |
+ my $authorized_keys_file = app->manager->authorized_keys_file; |
|
81 |
+ if (defined $authorized_keys_file) { |
|
82 |
+ my $result |
|
83 |
+ = app->manager->parse_authorized_keys_file($authorized_keys_file); |
|
58 | 84 |
|
59 |
- my $before_part = $result->{before_part}; |
|
60 |
- my $after_part = $result->{after_part}; |
|
61 |
- my $other_part = "$before_part\n$after_part"; |
|
62 |
- if ($other_part =~ /\s\Q$original_key_edit\E(\s|$)/) { |
|
63 |
- $key_is_contained = 1; |
|
64 |
- } |
|
65 |
- } |
|
66 |
- |
|
67 |
- if ($key_is_contained) { |
|
68 |
- return { |
|
69 |
- result => 0, |
|
70 |
- message => "authorized_keys file already contain this key" |
|
71 |
- }; |
|
72 |
- } |
|
73 |
- else { |
|
74 |
- return {result => 1, output => $key} |
|
75 |
- } |
|
76 |
- } |
|
77 |
- } |
|
78 |
- else { |
|
79 |
- return { |
|
80 |
- result => 0, |
|
81 |
- message => "Key contains invalid character." |
|
82 |
- } |
|
85 |
+ my $before_part = $result->{before_part}; |
|
86 |
+ my $after_part = $result->{after_part}; |
|
87 |
+ my $other_part = "$before_part\n$after_part"; |
|
88 |
+ if ($other_part =~ /\s\Q$original_key_edit\E(\s|$)/) { |
|
89 |
+ $key_is_contained = 1; |
|
83 | 90 |
} |
84 | 91 |
} |
85 |
- else { |
|
86 |
- return { |
|
87 |
- result => 0, |
|
88 |
- message => "Key is invalid. It must begin with 'ssh-rsa', 'ssh-dss', 'ecdsa-sha2-nistp256'," |
|
89 |
- . "'ecdsa-sha2-nistp384', or 'ecdsa-sha2-nistp521'. Check that you're copying the public half of the key" |
|
90 |
- }; |
|
92 |
+ |
|
93 |
+ if ($key_is_contained) { |
|
94 |
+ $validation->add_failed(key => "authorized_keys file already contain this key"); |
|
91 | 95 |
} |
92 | 96 |
} |
93 |
- ] |
|
94 |
- ]; |
|
95 |
- |
|
96 |
- # Validation |
|
97 |
- my $vresult = app->vc->validate($params, $rule); |
|
97 |
+ } |
|
98 |
+ } |
|
98 | 99 |
|
99 | 100 |
# Register ssh key |
100 |
- if ($vresult->is_ok) { |
|
101 |
- my $safe_params = $vresult->data; |
|
102 |
- my $title = $safe_params->{title}; |
|
103 |
- my $key = $safe_params->{key}; |
|
104 |
- |
|
101 |
+ if ($validation->is_valid) { |
|
105 | 102 |
my $p = { |
106 | 103 |
user_id => $user, |
107 | 104 |
title => $title, |
... | ... |
@@ -125,7 +122,7 @@ |
125 | 122 |
} |
126 | 123 |
} |
127 | 124 |
else { |
128 |
- $errors = $vresult->messages; |
|
125 |
+ $errors = $validation->messages; |
|
129 | 126 |
} |
130 | 127 |
} |
131 | 128 |
# Delete ssh public key |