# HG changeset patch # User Paul Boddie # Date 1384353726 -3600 # Node ID e9c29bcf7a9e734ec362888a7daf399ad6fb5211 # Parent 274be4fcf983ab8289d511e4fe4c66a90609f028 Added authenticated user information to incoming signed messages. Exposed the retrieval of usernames from fingerprints in order to support inspection of signed message parts (within encrypted parts) in MoinShare. diff -r 274be4fcf983 -r e9c29bcf7a9e MoinMessageSupport.py --- a/MoinMessageSupport.py Tue Nov 12 23:05:52 2013 +0100 +++ b/MoinMessageSupport.py Wed Nov 13 15:42:06 2013 +0100 @@ -246,4 +246,25 @@ return getWikiDict(subpage, request) +def get_username_for_fingerprint(request, fingerprint): + + """ + Using the 'request', return the username corresponding to the given key + 'fingerprint' or None if no correspondence is present in the mapping page. + """ + + gpg_users = getWikiDict( + getattr(request.cfg, "moinmessage_gpg_users_page", "MoinMessageUserDict"), + request, + superuser=True # disable user test because we have no user yet + ) + + # With a user mapping and a fingerprint corresponding to a known + # user, temporarily switch user in order to make the edit. + + if gpg_users and gpg_users.has_key(fingerprint): + return gpg_users[fingerprint] + else: + return None + # vim: tabstop=4 expandtab shiftwidth=4 diff -r 274be4fcf983 -r e9c29bcf7a9e MoinMoin/auth/pgp.py --- a/MoinMoin/auth/pgp.py Tue Nov 12 23:05:52 2013 +0100 +++ b/MoinMoin/auth/pgp.py Wed Nov 13 15:42:06 2013 +0100 @@ -14,10 +14,10 @@ from MoinMoin.user import User from MoinMoin.auth import BaseAuth -from MoinSupport import getHeader, getWikiDict +from MoinSupport import getHeader from MoinMessage import GPG, is_signed, is_encrypted, \ MoinMessageDecodingError, MoinMessageError -from MoinMessageSupport import get_homedir +from MoinMessageSupport import get_homedir, get_username_for_fingerprint from email.parser import Parser try: @@ -117,17 +117,12 @@ # Evaluate the result of the verification process. if fingerprint: - gpg_users = getWikiDict( - getattr(request.cfg, "moinmessage_gpg_users_page", "MoinMessageUserDict"), - request, - superuser=True # disable user test because we have no user yet - ) + username = get_username_for_fingerprint(request, fingerprint) - # With a user mapping and a fingerprint corresponding to a known - # user, temporarily switch user in order to make the edit. + # With a known username, temporarily switch user in order to make + # the edit. - if gpg_users and gpg_users.has_key(fingerprint): - username = gpg_users[fingerprint] + if username: user = User(request, auth_method="pgp", auth_username=username) logging.debug("username: %r" % username) diff -r 274be4fcf983 -r e9c29bcf7a9e actions/PostMessage.py --- a/actions/PostMessage.py Tue Nov 12 23:05:52 2013 +0100 +++ b/actions/PostMessage.py Wed Nov 13 15:42:06 2013 +0100 @@ -51,10 +51,21 @@ whether it will be placed in a message store. """ + request = self.request + # Handle the different update actions. # Update a message store for the page. if to_store(update): + + # Add any authenticated user. + # Note that where messages are signed by the real author, encrypted, + # and then signed for sending, the authenticated user here is not + # the real author. + + if request.user and request.user.valid: + update["Moin-User"] = request.user.name + self.store.append(update.as_string()) # Update the page. @@ -78,12 +89,12 @@ if not replace: body.append(self.page.get_raw_body()) - page_editor = PageEditor(self.request, self.pagename) + page_editor = PageEditor(request, self.pagename) page_editor.saveText("\n\n".join(body), 0) # Refresh the page. - self.page = Page(self.request, self.pagename) + self.page = Page(request, self.pagename) # Action function.