1.1 --- a/actions/FetchMessages.py Sun Jul 21 22:41:55 2013 +0200
1.2 +++ b/actions/FetchMessages.py Sun Jul 21 22:45:51 2013 +0200
1.3 @@ -6,9 +6,10 @@
1.4 @license: GNU GPL (v2 or later), see COPYING.txt for details.
1.5 """
1.6
1.7 -from MoinSupport import getMetadata, writeHeaders
1.8 -from MoinMessage import Message
1.9 -from MoinMessageSupport import MoinMessageAction
1.10 +from MoinSupport import getMetadata, writeHeaders, parseDictEntry
1.11 +from MoinMessage import Message, GPG
1.12 +from MoinMessageSupport import MoinMessageAction, \
1.13 + get_signing_users, get_recipients
1.14 from email.mime.text import MIMEText
1.15 from email.parser import Parser
1.16 from itertools import islice
1.17 @@ -37,6 +38,39 @@
1.18 request.write("The content does not appear to be a request for messages.")
1.19 return
1.20
1.21 + homedir = self.get_homedir()
1.22 + if not homedir:
1.23 + return
1.24 +
1.25 + gpg = GPG(homedir)
1.26 +
1.27 + # Get keys for signing and encrypting.
1.28 + # The signing key will be this wiki's signing key for the user
1.29 + # requesting the messages.
1.30 + # The encryption key will be the key associated with the user requesting
1.31 + # the messages, found in the recipients mapping.
1.32 +
1.33 + recipient = request.user.name
1.34 +
1.35 + signing_users = get_signing_users(request)
1.36 + signer = signing_users and signing_users.get(recipient)
1.37 +
1.38 + # Get the recipient details.
1.39 +
1.40 + recipients = get_recipients(request)
1.41 + if not recipient or not recipients or not recipients.has_key(recipient):
1.42 + writeHeaders(request, "text/plain", getMetadata(self.page), "403 Forbidden")
1.43 + request.write("The recipient does not appear to be registered for message delivery.")
1.44 + return
1.45 +
1.46 + recipient_details = recipients[recipient]
1.47 + parameters = parseDictEntry(recipient_details, ("type", "location", "fingerprint",))
1.48 +
1.49 + if not parameters.has_key("fingerprint"):
1.50 + writeHeaders(request, "text/plain", getMetadata(self.page), "403 Forbidden")
1.51 + request.write("The recipient does not appear to be registered for message delivery.")
1.52 + return
1.53 +
1.54 # Obtain commands from the payload, returning a collection of messages.
1.55
1.56 commands = content.get_payload(decode=True)
1.57 @@ -123,9 +157,19 @@
1.58 part["Request-Status"] = "ERR"
1.59 message.add_update(part)
1.60
1.61 + # Sign and encrypt the message.
1.62 +
1.63 + message = message.get_payload()
1.64 +
1.65 + if signer:
1.66 + message = gpg.signMessage(message, signer)
1.67 +
1.68 + message = gpg.encryptMessage(message, parameters["fingerprint"])
1.69 +
1.70 # Write the response.
1.71
1.72 - request.write(message.get_payload().as_string())
1.73 + request.write("Content-Type: text/plain\n\n")
1.74 + request.write(message.as_string())
1.75 return 1, None
1.76
1.77 # Action function.