forked from gopasspw/gopass
-
Notifications
You must be signed in to change notification settings - Fork 0
/
recipients.go
101 lines (86 loc) · 2.35 KB
/
recipients.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
package action
import (
"fmt"
"strings"
"github.com/justwatchcom/gopass/gpg"
"github.com/urfave/cli"
)
var (
removalWarning = `
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOVING A USER WILL NOT REVOKE ACCESS FROM OLD REVISONS! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
THE USER %s WILL STILL BE ABLE TO ACCESS ANY OLD COPY OF THE STORE AND
ANY OLD REVISION HE HAD ACCESS TO.
ANY CREDENTIALS THIS USER HAD ACCESS TO NEED TO BE CONSIDERED COMPROMISED
AND SHOULD BE REVOKED.
This feature is only meant from revoking access to any added or changed
credentials.
`
)
// RecipientsPrint prints all recipients per store
func (s *Action) RecipientsPrint(c *cli.Context) error {
tree, err := s.Store.RecipientsTree(true)
if err != nil {
return err
}
fmt.Println(tree.Format())
return nil
}
// RecipientsComplete will print a list of recipients for bash
// completion
func (s *Action) RecipientsComplete(*cli.Context) {
tree, err := s.Store.RecipientsTree(false)
if err != nil {
fmt.Println(err)
return
}
for _, v := range tree.List() {
fmt.Println(v)
}
}
// RecipientsAdd adds new recipients
func (s *Action) RecipientsAdd(c *cli.Context) error {
store := c.String("store")
added := 0
for _, r := range c.Args() {
keys, err := gpg.ListPublicKeys(r)
if err != nil {
return fmt.Errorf("Failed to list public keys: %s", err)
}
if len(keys) < 1 {
return fmt.Errorf("no matching key found in keyring")
}
if !askForConfirmation(fmt.Sprintf("Do you want to add '%s' as an recipient?", keys[0].OneLine())) {
continue
}
if err := s.Store.AddRecipient(store, keys[0].Fingerprint); err != nil {
return err
}
added++
}
fmt.Printf("Added %d recipients\n", added)
return nil
}
// RecipientsRemove removes recipients
func (s *Action) RecipientsRemove(c *cli.Context) error {
store := c.String("store")
removed := 0
for _, r := range c.Args() {
kl, err := gpg.ListPrivateKeys(r)
if err == nil {
if len(kl) > 0 {
if !askForConfirmation(fmt.Sprintf("Do you want to remove yourself (%s) from the recipients?", r)) {
continue
}
}
}
if err := s.Store.RemoveRecipient(store, strings.TrimPrefix(r, "0x")); err != nil {
return err
}
fmt.Printf(removalWarning, r)
removed++
}
fmt.Printf("Removed %d recipients\n", removed)
return nil
}