Move local keys out of user.info
This commit is contained in:
parent
294e08cb65
commit
c58da11182
@ -48,7 +48,7 @@ def refetch_public_key(conn) do
|
||||
end
|
||||
|
||||
def sign(%User{} = user, headers) do
|
||||
with {:ok, %{info: %{keys: keys}}} <- User.ensure_keys_present(user),
|
||||
with {:ok, %{keys: keys}} <- User.ensure_keys_present(user),
|
||||
{:ok, private_key, _} <- Keys.keys_from_pem(keys) do
|
||||
HTTPSignatures.sign(private_key, user.ap_id <> "#main-key", headers)
|
||||
end
|
||||
|
@ -48,6 +48,7 @@ defmodule Pleroma.User do
|
||||
field(:password_hash, :string)
|
||||
field(:password, :string, virtual: true)
|
||||
field(:password_confirmation, :string, virtual: true)
|
||||
field(:keys, :string)
|
||||
field(:following, {:array, :string}, default: [])
|
||||
field(:ap_id, :string)
|
||||
field(:avatar, :map)
|
||||
@ -1590,15 +1591,13 @@ def get_mascot(%{info: %{mascot: mascot}}) when is_nil(mascot) do
|
||||
}
|
||||
end
|
||||
|
||||
def ensure_keys_present(%User{info: info} = user) do
|
||||
if info.keys do
|
||||
{:ok, user}
|
||||
else
|
||||
{:ok, pem} = Keys.generate_rsa_pem()
|
||||
def ensure_keys_present(%{keys: keys} = user) when not is_nil(keys), do: {:ok, user}
|
||||
|
||||
def ensure_keys_present(%User{} = user) do
|
||||
with {:ok, pem} <- Keys.generate_rsa_pem() do
|
||||
user
|
||||
|> Ecto.Changeset.change()
|
||||
|> Ecto.Changeset.put_embed(:info, User.Info.set_keys(info, pem))
|
||||
|> cast(%{keys: pem}, [:keys])
|
||||
|> validate_required([:keys])
|
||||
|> update_and_set_cache()
|
||||
end
|
||||
end
|
||||
|
@ -32,7 +32,7 @@ def render("endpoints.json", _), do: %{}
|
||||
|
||||
def render("service.json", %{user: user}) do
|
||||
{:ok, user} = User.ensure_keys_present(user)
|
||||
{:ok, _, public_key} = Keys.keys_from_pem(user.info.keys)
|
||||
{:ok, _, public_key} = Keys.keys_from_pem(user.keys)
|
||||
public_key = :public_key.pem_entry_encode(:SubjectPublicKeyInfo, public_key)
|
||||
public_key = :public_key.pem_encode([public_key])
|
||||
|
||||
@ -68,7 +68,7 @@ def render("user.json", %{user: %User{nickname: "internal." <> _} = user}),
|
||||
|
||||
def render("user.json", %{user: user}) do
|
||||
{:ok, user} = User.ensure_keys_present(user)
|
||||
{:ok, _, public_key} = Keys.keys_from_pem(user.info.keys)
|
||||
{:ok, _, public_key} = Keys.keys_from_pem(user.keys)
|
||||
public_key = :public_key.pem_entry_encode(:SubjectPublicKeyInfo, public_key)
|
||||
public_key = :public_key.pem_encode([public_key])
|
||||
|
||||
|
@ -193,7 +193,7 @@ def is_representable?(_), do: false
|
||||
@spec publish(User.t(), Pleroma.Activity.t()) :: none
|
||||
def publish(user, activity)
|
||||
|
||||
def publish(%{info: %{keys: keys}} = user, %{data: %{"type" => type}} = activity)
|
||||
def publish(%{keys: keys} = user, %{data: %{"type" => type}} = activity)
|
||||
when type in @supported_activities do
|
||||
feed = ActivityRepresenter.to_simple_form(activity, user, true)
|
||||
|
||||
@ -229,7 +229,7 @@ def publish(%{info: %{keys: keys}} = user, %{data: %{"type" => type}} = activity
|
||||
def publish(%{id: id}, _), do: Logger.debug(fn -> "Keys missing for user #{id}" end)
|
||||
|
||||
def gather_webfinger_links(%User{} = user) do
|
||||
{:ok, _private, public} = Keys.keys_from_pem(user.info.keys)
|
||||
{:ok, _private, public} = Keys.keys_from_pem(user.keys)
|
||||
magic_key = encode_key(public)
|
||||
|
||||
[
|
||||
|
9
priv/repo/migrations/20191006123824_add_keys_column.exs
Normal file
9
priv/repo/migrations/20191006123824_add_keys_column.exs
Normal file
@ -0,0 +1,9 @@
|
||||
defmodule Pleroma.Repo.Migrations.AddKeysColumn do
|
||||
use Ecto.Migration
|
||||
|
||||
def change do
|
||||
alter table("users") do
|
||||
add_if_not_exists :keys, :text
|
||||
end
|
||||
end
|
||||
end
|
@ -0,0 +1,7 @@
|
||||
defmodule Pleroma.Repo.Migrations.MoveKeysToSeparateColumn do
|
||||
use Ecto.Migration
|
||||
|
||||
def change do
|
||||
execute("update users set keys = info->>'keys' where local", "update users set info = jsonb_set(info, '{keys}'::text[], to_jsonb(keys)) where local")
|
||||
end
|
||||
end
|
@ -80,7 +80,7 @@ test "it returns signature headers" do
|
||||
user =
|
||||
insert(:user, %{
|
||||
ap_id: "https://mastodon.social/users/lambadalambda",
|
||||
info: %{keys: @private_key}
|
||||
keys: @private_key
|
||||
})
|
||||
|
||||
assert Signature.sign(
|
||||
@ -94,8 +94,7 @@ test "it returns signature headers" do
|
||||
end
|
||||
|
||||
test "it returns error" do
|
||||
user =
|
||||
insert(:user, %{ap_id: "https://mastodon.social/users/lambadalambda", info: %{keys: ""}})
|
||||
user = insert(:user, %{ap_id: "https://mastodon.social/users/lambadalambda", keys: ""})
|
||||
|
||||
assert Signature.sign(
|
||||
user,
|
||||
|
@ -1408,15 +1408,15 @@ test "if user is unconfirmed" do
|
||||
describe "ensure_keys_present" do
|
||||
test "it creates keys for a user and stores them in info" do
|
||||
user = insert(:user)
|
||||
refute is_binary(user.info.keys)
|
||||
refute is_binary(user.keys)
|
||||
{:ok, user} = User.ensure_keys_present(user)
|
||||
assert is_binary(user.info.keys)
|
||||
assert is_binary(user.keys)
|
||||
end
|
||||
|
||||
test "it doesn't create keys if there already are some" do
|
||||
user = insert(:user, %{info: %{keys: "xxx"}})
|
||||
user = insert(:user, keys: "xxx")
|
||||
{:ok, user} = User.ensure_keys_present(user)
|
||||
assert user.info.keys == "xxx"
|
||||
assert user.keys == "xxx"
|
||||
end
|
||||
end
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user