self.db.execute("DELETE FROM keys_subkeys WHERE key_id = %s", self.id)
self.db.execute("DELETE FROM keys WHERE id = %s", self.id)
+ def has_perm(self, user):
+ # Anonymous users have no permission
+ if not user:
+ return False
+
+ # Admins have all permissions
+ return user.is_admin()
+
@property
def fingerprint(self):
return self.data.fingerprint[-16:]
</a>
</div>
- {% if current_user and current_user.has_perm("manage_keys") and key.can_be_deleted() %}
+ {% if key.has_perm(current_user) and key.can_be_deleted() %}
<div class="btn-group">
<a class="btn btn-mini btn-danger" href="/key/{{ key.fingerprint }}/delete">
<i class="icon-trash icon-white"></i>
</tbody>
</table>
- {% if current_user and current_user.has_perm("manage_keys") %}
+ {% if current_user and current_user.is_admin() %}
<a class="btn btn-danger pull-right" href="/key/import">
<i class="icon-star icon-white"></i>
{{ _("Import new key") }}
from . import base
class KeysActionHandler(base.BaseHandler):
- def prepare(self):
- if not self.current_user.has_perm("manage_keys"):
- raise tornado.web.HTTPError(403)
-
+ pass
class KeysImportHandler(KeysActionHandler):
@tornado.web.authenticated
def post(self):
data = self.get_argument("data")
+ # Check permissions
+ if not key.has_perm(self.current_user):
+ raise tornado.web.HTTPError(403)
+
key = self.backend.keys.create(data)
assert key
if not key:
raise tornado.web.HTTPError(404, "Could not find key: %s" % fingerprint)
+ # Check permissions
+ if not key.has_perm(self.current_user):
+ raise tornado.web.HTTPError(403)
+
confirmed = self.get_argument("confirmed", False)
if confirmed:
key.delete()
projects / pbs.git / commitdiff
