5 files changed, 115 insertions, 10 deletions

diff --git a/src/mailman_pgp/workflows/base.py b/src/mailman_pgp/workflows/base.py
index 036dc18..42515e2 100644
--- a/src/mailman_pgp/workflows/base.py
+++ b/src/mailman_pgp/workflows/base.py
@@ -16,11 +16,13 @@
 # this program.  If not, see <http://www.gnu.org/licenses/>.
 
 """"""
+from public import public
 
 from mailman_pgp.database import transaction
 from mailman_pgp.model.address import PGPAddress
 
 
+@public
 class PGPMixin:
     def _step_pgp_prepare(self):
         pgp_address = PGPAddress.for_address(self.address)
diff --git a/src/mailman_pgp/workflows/key_change.py b/src/mailman_pgp/workflows/key_change.py
index 290e504..2ef82a8 100644
--- a/src/mailman_pgp/workflows/key_change.py
+++ b/src/mailman_pgp/workflows/key_change.py
@@ -32,6 +32,7 @@ from mailman_pgp.model.address import PGPAddress
 from mailman_pgp.model.list import PGPMailingList
 from mailman_pgp.pgp.wrapper import PGPWrapper
 from mailman_pgp.utils.email import copy_headers
+from mailman_pgp.workflows.mod_approval import ModeratorApprovalMixin
 
 CHANGE_CONFIRM_REQUEST = """\
 ----------
@@ -46,12 +47,7 @@ Token: {}
 """
 
 
-@public
-@implementer(IWorkflow)
-class KeyChangeWorkflow(Workflow):
-    name = 'pgp-key-change-workflow'
-    description = ''
-    initial_state = 'change_key'
+class KeyChangeBase(Workflow):
     save_attributes = (
         'address_key',
         'pubkey_key'
@@ -116,16 +112,17 @@ class KeyChangeWorkflow(Workflow):
         raise StopIteration
 
     def _step_receive_confirmation(self):
-        with transaction():
-            self.pgp_address.key = self.pubkey
-            self.pgp_address.key_confirmed = True
-
         pendings = getUtility(IPendings)
         if self.token is not None:
             pendings.confirm(self.token)
             self.token = None
             self.token_owner = TokenOwner.no_one
 
+    def _step_do_change(self):
+        with transaction():
+            self.pgp_address.key = self.pubkey
+            self.pgp_address.key_confirmed = True
+
     @classmethod
     def pendable_class(cls):
         @implementer(IPendable)
@@ -133,3 +130,28 @@ class KeyChangeWorkflow(Workflow):
             PEND_TYPE = KeyChangeWorkflow.name
 
         return Pendable
+
+
+@public
+@implementer(IWorkflow)
+class KeyChangeWorkflow(KeyChangeBase):
+    name = 'pgp-key-change-workflow'
+    description = ''
+    initial_state = 'prepare'
+
+    def _step_prepare(self):
+        self.push('do_change')
+        self.push('change_key')
+
+
+@public
+@implementer(IWorkflow)
+class KeyChangeModWorkflow(KeyChangeBase, ModeratorApprovalMixin):
+    name = 'pgp-key-change-mod-workflow'
+    description = ''
+    initial_state = 'prepare'
+
+    def _step_prepare(self):
+        self.push('do_change')
+        self.push('mod_approval')
+        self.push('change_key')
diff --git a/src/mailman_pgp/workflows/mod_approval.py b/src/mailman_pgp/workflows/mod_approval.py
new file mode 100644
index 0000000..e7ff061
--- /dev/null
+++ b/src/mailman_pgp/workflows/mod_approval.py
@@ -0,0 +1,62 @@
+# Copyright (C) 2017 Jan Jancar
+#
+# This file is a part of the Mailman PGP plugin.
+#
+# This program is free software; you can redistribute it and/or modify it under
+# the terms of the GNU General Public License as published by the Free
+# Software Foundation, either version 3 of the License, or (at your option)
+# any later version.
+#
+# This program is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
+# more details.
+#
+# You should have received a copy of the GNU General Public License along with
+# this program.  If not, see <http://www.gnu.org/licenses/>.
+
+""""""
+
+from mailman.email.message import UserNotification
+from mailman.interfaces.subscriptions import TokenOwner
+from public import public
+
+from mailman_pgp.pgp.mime import MIMEWrapper
+
+MOD_APPROVAL_REQUEST = """\
+----------
+TODO: this is a pgp enabled list.
+A subscriber with address {} requested a change of his key.
+His new key is attached to this message.
+
+Fingerprint: {}
+----------
+"""
+
+
+@public
+class ModeratorApprovalMixin:
+    def _step_mod_approval(self):
+        self.push('restore')
+        self.push('get_approval')
+
+    def _step_get_approval(self):
+        self._set_token(TokenOwner.moderator)
+        self.push('restore')
+        self.save()
+
+        if self.mlist.admin_immed_notify:
+            subject = 'New key change request to {} from {}'.format(
+                    self.mlist.display_name, self.pgp_address.email)
+            text = MOD_APPROVAL_REQUEST.format(self.pgp_address.email,
+                                               self.pubkey.fingerprint)
+            msg = UserNotification(
+                    self.mlist.owner_address, self.mlist.owner_address,
+                    subject, text, self.mlist.preferred_language)
+            wrapped = MIMEWrapper(msg)
+            msg = wrapped.attach_keys(self.pubkey)
+            msg.send(self.mlist)
+        raise StopIteration
+
+    def _step_restore(self):
+        self._set_token(TokenOwner.no_one)
diff --git a/src/mailman_pgp/workflows/pubkey.py b/src/mailman_pgp/workflows/pubkey.py
index a13d491..65ea74d 100644
--- a/src/mailman_pgp/workflows/pubkey.py
+++ b/src/mailman_pgp/workflows/pubkey.py
@@ -1,6 +1,7 @@
 from mailman.email.message import UserNotification
 from mailman.interfaces.subscriptions import TokenOwner
 from pgpy import PGPKey
+from public import public
 
 from mailman_pgp.database import transaction
 from mailman_pgp.model.address import PGPAddress
@@ -27,6 +28,7 @@ Token: {}
 """
 
 
+@public
 class SetPubkeyMixin:
     def __init__(self, pubkey=None):
         self.pubkey = pubkey
@@ -73,6 +75,7 @@ class SetPubkeyMixin:
         self._set_token(TokenOwner.no_one)
 
 
+@public
 class ConfirmPubkeyMixin:
     def __init__(self, pre_confirmed=False):
         self.pubkey_confirmed = pre_confirmed
diff --git a/src/mailman_pgp/workflows/tests/test_mod_approval.py b/src/mailman_pgp/workflows/tests/test_mod_approval.py
new file mode 100644
index 0000000..8b6b4d1
--- /dev/null
+++ b/src/mailman_pgp/workflows/tests/test_mod_approval.py
@@ -0,0 +1,16 @@
+# Copyright (C) 2017 Jan Jancar
+#
+# This file is a part of the Mailman PGP plugin.
+#
+# This program is free software; you can redistribute it and/or modify it under
+# the terms of the GNU General Public License as published by the Free
+# Software Foundation, either version 3 of the License, or (at your option)
+# any later version.
+#
+# This program is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
+# more details.
+#
+# You should have received a copy of the GNU General Public License along with
+# this program.  If not, see <http://www.gnu.org/licenses/>.