Fixup REST users->addresses, change to per-address key model.

8 files changed, 63 insertions, 34 deletions

diff --git a/src/mailman_pgp/config/mailman_pgp.cfg b/src/mailman_pgp/config/mailman_pgp.cfg
index affcd70..3d1ed40 100644
--- a/src/mailman_pgp/config/mailman_pgp.cfg
+++ b/src/mailman_pgp/config/mailman_pgp.cfg
@@ -12,7 +12,7 @@ user_keydir= $DATA_DIR/pgp/user_keydir/
 # Key directory used to store list keypairs.
 list_keydir = $DATA_DIR/pgp/list_keydir/
 
-# Key directory used to store list archive public keys.
+# Key directory used to store archive public keys.
 archive_keydir = $DATA_DIR/pgp/archive_keydir/
 
 
diff --git a/src/mailman_pgp/model/address.py b/src/mailman_pgp/model/address.py
index 040e532..48bdb61 100644
--- a/src/mailman_pgp/model/address.py
+++ b/src/mailman_pgp/model/address.py
@@ -1,8 +1,13 @@
 """"""
 
+from os.path import join, exists, isfile
+
 from mailman.database.types import SAUnicode
+from pgpy import PGPKey
 from sqlalchemy import Column, Integer
+from sqlalchemy.orm import reconstructor
 
+from mailman_pgp.config import config
 from mailman_pgp.model.base import Base
 
 
@@ -16,10 +21,20 @@ class EncryptedAddress(Base):
     def __init__(self, email):
         super().__init__()
         self.email = email
-        self._user_key = None
+        self._init()
+
+    @reconstructor
+    def _init(self):
+        self._key = None
+
+    @property
+    def key(self):
+        if self._key is None:
+            if exists(self.key_path) and isfile(self.key_path):
+                self._key, _ = PGPKey.from_file(self.key_path)
+        return self._key
 
     @property
-    def user_key(self):
-        if self._user_key is not None:
-            return self._user_key
-        pass
+    def key_path(self):
+        return join(config.pgp.keydir_config['user_keydir'],
+                    self.key_fingerprint + '.asc')
diff --git a/src/mailman_pgp/pgp/inline.py b/src/mailman_pgp/pgp/inline.py
index 8f3ad88..4a5ea2c 100644
--- a/src/mailman_pgp/pgp/inline.py
+++ b/src/mailman_pgp/pgp/inline.py
@@ -1,12 +1,21 @@
 """"""
 from email.message import Message
 
+from pgpy import PGPMessage
+
+
 class PGPInlineWrapper:
     def __init__(self, msg: Message):
         self.msg = msg
+        self.pgp = None
+        if not msg.is_multipart():
+            try:
+                self.pgp = PGPMessage.from_blob(msg.get_payload())
+            except:
+                pass
 
     def is_inline_signed(self):
-        pass
+        return self.pgp is not None and self.pgp.is_signed
 
     def is_inline_encrypted(self):
-        pass
+        return self.pgp is not None and self.pgp.is_encrypted
diff --git a/src/mailman_pgp/pgp/mime.py b/src/mailman_pgp/pgp/mime.py
index 26d5ddc..2631ef5 100644
--- a/src/mailman_pgp/pgp/mime.py
+++ b/src/mailman_pgp/pgp/mime.py
@@ -25,8 +25,8 @@ class PGPMIMEWrapper:
         content_subtype = self.msg.get_content_subtype()
 
         return second_type == 'application/pgp-signature' and \
-               content_subtype == 'signed' and \
-               protocol_param == 'application/pgp-signature'
+            content_subtype == 'signed' and \
+            protocol_param == 'application/pgp-signature'
 
     def is_mime_encrypted(self):
         """
diff --git a/src/mailman_pgp/rest/addresses.py b/src/mailman_pgp/rest/addresses.py
new file mode 100644
index 0000000..12aad8e
--- /dev/null
+++ b/src/mailman_pgp/rest/addresses.py
@@ -0,0 +1,18 @@
+""""""
+
+from mailman.rest.helpers import CollectionMixin
+from public.public import public
+
+
+class _EncryptedBase(CollectionMixin):
+    pass
+
+
+@public
+class AllAddresses:
+    pass
+
+
+@public
+class AnAddress:
+    pass
diff --git a/src/mailman_pgp/rest/root.py b/src/mailman_pgp/rest/root.py
index 286d9ae..3d0c427 100644
--- a/src/mailman_pgp/rest/root.py
+++ b/src/mailman_pgp/rest/root.py
@@ -5,19 +5,13 @@ REST root.
 /lists/ -> List all known encrypted lists.
 /lists/<list_id>/ ->
 /lists/<list_id>/key -> GET list_public_key
-/lists/<list_id>/archive/key -> GET/POST list_archive_public_key
-
-/users/ -> List all known users of encrypted lists.
-/users/<uid>/ ->
-/users/<uid>/key -> GET/POST user_public_key
-
 """
 
 from mailman.rest.helpers import child
 from public import public
 
+from mailman_pgp.rest.addresses import AllAddresses, AnAddress
 from mailman_pgp.rest.lists import AllEncryptedLists, AnEncryptedList
-from mailman_pgp.rest.users import AllUsers, AUser
 
 
 @public
@@ -31,9 +25,9 @@ class RESTRoot:
             return AnEncryptedList(list_id), segments
 
     @child()
-    def users(self, context, segments):
+    def addresses(self, context, segments):
         if len(segments) == 0:
-            return AllUsers(), []
+            return AllAddresses(), []
         else:
-            uid = segments.pop(0)
-            return AUser(uid), segments
+            email = segments.pop(0)
+            return AnAddress(email), segments
diff --git a/src/mailman_pgp/rest/users.py b/src/mailman_pgp/rest/users.py
deleted file mode 100644
index 09990f6..0000000
--- a/src/mailman_pgp/rest/users.py
+++ /dev/null
@@ -1,13 +0,0 @@
-""""""
-
-from public import public
-
-
-@public
-class AllUsers:
-    pass
-
-
-@public
-class AUser:
-    pass
diff --git a/src/mailman_pgp/runners/incoming.py b/src/mailman_pgp/runners/incoming.py
index 3c69a23..050fe30 100644
--- a/src/mailman_pgp/runners/incoming.py
+++ b/src/mailman_pgp/runners/incoming.py
@@ -8,6 +8,7 @@ from public import public
 
 from mailman_pgp.config import config
 from mailman_pgp.model.list import EncryptedMailingList
+from mailman_pgp.pgp.inline import PGPInlineWrapper
 from mailman_pgp.pgp.mime import PGPMIMEWrapper
 
 
@@ -26,12 +27,17 @@ class IncomingRunner(Runner):
             return False
         # Is the message encrypted?
         mime = PGPMIMEWrapper(msg)
+        inline = PGPInlineWrapper(msg)
         if mime.is_mime_signed():
             # only signed.
             pass
         elif mime.is_mime_encrypted():
             # definitely encrypted, might still be signed
             pass
+        elif inline.is_inline_signed():
+            pass
+        elif inline.is_inline_encrypted():
+            pass
         else:
             # not encrypted or signed
             pass