Merge branch 'master' of github.com:olcf/pkpass

olcf · Jan 28, 2022 · a1f8e35 · a1f8e35
2 parents 9a360f4 + cded28f
commit a1f8e35
Show file tree

Hide file tree

Showing 29 changed files with 384 additions and 205 deletions.
diff --git a/libpkpass/commands/command.py b/libpkpass/commands/command.py
@@ -162,7 +162,6 @@ def update_pass(self, pass_value):
             card_slot=self.args["card_slot"],
             escrow_users=self.args["escrow_users"],
             minimum=self.args["min_escrow"],
-            pwstore=self.args["pwstore"],
         )
         pass_entry["recipients"][self.args["identity"]] = swap_pass["recipients"][
             self.args["identity"]
@@ -198,7 +197,6 @@ def create_pass(self, password1, description, authorizer, recipient_list=None):
             card_slot=self.args["card_slot"],
             escrow_users=self.args["escrow_users"],
             minimum=self.args["min_escrow"],
-            pwstore=self.args["pwstore"],
         )
 
         password.write_password_data(

diff --git a/libpkpass/commands/create.py b/libpkpass/commands/create.py
@@ -51,6 +51,8 @@ def _run_command_execution(self):
         self.create_or_update_pass(
             password1, self.args["description"], self.args["authorizer"]
         )
+        # necessary for print statement
+        yield ""
 
     def _validate_args(self):
         for argument in ["pwname", "keypath"]:

diff --git a/libpkpass/commands/delete.py b/libpkpass/commands/delete.py
@@ -30,6 +30,8 @@ def _run_command_execution(self):
             raise NotThePasswordOwnerError(
                 self.args["identity"], owner, self.args["pwname"]
             )
+        # necessary for print statement
+        yield ""
 
     def _confirmation(self):
         ####################################################################

diff --git a/libpkpass/commands/distribute.py b/libpkpass/commands/distribute.py
@@ -30,6 +30,10 @@ class Distribute(Command):
         "noescrow",
     ]
 
+    def __init__(self, *args, **kwargs):
+        Command.__init__(self, *args, **kwargs)
+        self.filtered_pdb = {}
+
     def _run_command_execution(self):
         ####################################################################
         """Run function for class."""
@@ -42,9 +46,6 @@ def _run_command_execution(self):
             password = PasswordEntry()
             password.read_password_data(dist_pass)
             if self.args["identity"] in password.recipients.keys():
-                # we shouldn't modify escrow on distribute
-                self.args["min_escrow"] = None
-                self.args["escrow_users"] = None
                 plaintext_pw = password.decrypt_entry(
                     self.identity,
                     passphrase=self.passphrase,
@@ -57,7 +58,8 @@ def _run_command_execution(self):
                     session=self.session,
                     passphrase=self.passphrase,
                     card_slot=self.args["card_slot"],
-                    pwstore=self.args["pwstore"],
+                    escrow_users=self.args["escrow_users"],
+                    minimum=self.args["min_escrow"],
                 )
 
                 password.write_password_data(dist_pass)
@@ -92,7 +94,7 @@ def _confirm_recipients(self):
                 ", ".join(not_in_db),
             )
             self.recipient_list = [x for x in self.recipient_list if x not in not_in_db]
-        yield "The following users will receive the password: "
+        yield "The following user(s) will be added: "
         yield ", ".join(sort(self.recipient_list))
         correct = input("Are these correct? (y/N) ")
         if not correct or correct.lower()[0] == "n":

diff --git a/libpkpass/commands/export.py b/libpkpass/commands/export.py
@@ -31,6 +31,8 @@ def _run_command_execution(self):
                 raise PasswordMismatchError()
 
         self._iterate_pdb(self.passworddb, crypt_pass)
+        # necessary for print statement
+        yield ""
 
     def _iterate_pdb(self, passworddb, crypt_pass=False):
         ####################################################################

diff --git a/libpkpass/commands/fileimport.py b/libpkpass/commands/fileimport.py
@@ -43,6 +43,8 @@ def _run_command_execution(self):
             raise FileOpenError(
                 self.args["pwfile"], "No such file or directory"
             ) from err
+        # necessary for print statement
+        yield ""
 
     def _file_handler(self, string):
         ####################################################################

diff --git a/libpkpass/commands/generate.py b/libpkpass/commands/generate.py
@@ -53,6 +53,8 @@ def _run_command_execution(self):
             raise NotThePasswordOwnerError(
                 self.args["identity"], owner, self.args["pwname"]
             )
+        # necessary for print statement
+        yield ""
 
     def _generate_pass(self):
         ####################################################################

diff --git a/libpkpass/commands/info.py b/libpkpass/commands/info.py
@@ -30,26 +30,24 @@ def _run_command_execution(self):
 
         # Escrow
         if password.escrow:
-            yield self.color_print("\nEscrow Groups:", "first_level")
-            for group_key, group_value in password.escrow.items():
-                yield f"  {self.color_print(group_key, 'second_level')}:"
-                for key, value in group_value["metadata"].items():
-                    yield f"    {self.color_print(key + ':', 'third_level')} {str(value)}"
+            yield self.color_print("\nEscrow Group:", "first_level")
+            for key, value in password.escrow["metadata"].items():
+                yield f"    {self.color_print(key.capitalize() + ':', 'second_level')} {str(value)}"
 
-                yield f"    {self.color_print('Share Holders:', 'third_level')} {', '.join(list(group_value['recipients'].keys()))}"
-                yield f"    {self.color_print('Total Group Share Holders:', 'third_level')} {len(list(group_value['recipients'].keys()))}"
+            yield f"    {self.color_print('Share Holders:', 'second_level')} {', '.join(list(password.escrow['recipients'].keys()))}"
+            yield f"    {self.color_print('Total Group Share Holders:', 'second_level')} {len(list(password.escrow['recipients'].keys()))}"
 
-                timestamp_list = [
-                    x["timestamp"]
-                    for x in list(group_value["recipients"].values())
-                    if "timestamp" in x
-                ]
-                if timestamp_list:
-                    timestamp = int(round(float(min(timestamp_list))))
-                    timestamp = datetime.fromtimestamp(timestamp).strftime(
-                        "%Y-%m-%d %H:%M:%S"
-                    )
-                    yield f"    {self.color_print('Group creation time:', 'third_level')} {timestamp}"
+            timestamp_list = [
+                x["timestamp"]
+                for x in list(password.escrow["recipients"].values())
+                if "timestamp" in x
+            ]
+            if timestamp_list:
+                timestamp = int(round(float(min(timestamp_list))))
+                timestamp = datetime.fromtimestamp(timestamp).strftime(
+                    "%Y-%m-%d %H:%M:%S"
+                )
+                yield f"    {self.color_print('Group creation time:', 'second_level')} {timestamp}"
 
         # Recipients
         yield f"{self.color_print(linesep + 'Recipients:', 'first_level')} {', '.join(list(password.recipients.keys()))}"

diff --git a/libpkpass/commands/list.py b/libpkpass/commands/list.py
@@ -19,19 +19,17 @@ def _run_command_execution(self):
         result = {}
         for pwname, passwordentry in self.passworddb.pwdb.items():
             if self.args["recovery"] and passwordentry.escrow:
-                for rec_list in passwordentry.escrow.keys():
-                    recipients = passwordentry.escrow[rec_list]["recipients"]
-                    for key, value in recipients.items():
-                        if key == self.args["identity"]:
-                            result[pwname] = {
-                                "name": passwordentry.metadata["name"],
-                                "group": rec_list,
-                                "stake_holders": list(recipients.keys()),
-                                "distributor": value["distributor"],
-                                "minimum_shares": passwordentry.escrow[rec_list][
-                                    "metadata"
-                                ]["minimum_escrow"],
-                            }
+                recipients = passwordentry.escrow["recipients"]
+                for key, value in recipients.items():
+                    if key == self.args["identity"]:
+                        result[pwname] = {
+                            "name": passwordentry.metadata["name"],
+                            "stake_holders": list(recipients.keys()),
+                            "distributor": value["distributor"],
+                            "minimum_shares": passwordentry.escrow["metadata"][
+                                "minimum_escrow"
+                            ],
+                        }
             elif (
                 not self.args["recovery"]
                 and self.args["identity"] in passwordentry.recipients.keys()

diff --git a/libpkpass/commands/recover.py b/libpkpass/commands/recover.py
@@ -1,4 +1,5 @@
 """This module handles the CLI for password recovery"""
+from sys import stdin
 from libpkpass.escrow import pk_recover_secret
 from libpkpass.commands.command import Command
 
@@ -16,17 +17,19 @@ class Recover(Command):
         "nosign",
         "escrow_users",
         "min_escrow",
+        "stdin",
     ]
 
     def _run_command_execution(self):
         ####################################################################
         """Run function for class."""
         ####################################################################
         yield "If the password returned is not correct, you may need more shares"
-        shares = input("Enter comma separated list of shares: ")
-        shares = shares.split(",")
-        shares = map(str.strip, shares)
-        yield pk_recover_secret(shares)
+        if self.args["stdin"]:
+            shares = "".join(stdin.readlines()).strip()
+        else:
+            shares = input("Enter comma separated list of shares: ")
+        yield pk_recover_secret(map(str.strip, shares.split(",")))
 
     def _validate_args(self):
         pass

diff --git a/libpkpass/commands/rename.py b/libpkpass/commands/rename.py
@@ -53,6 +53,8 @@ def _run_command_execution(self):
             raise NotThePasswordOwnerError(
                 self.args["identity"], owner, self.args["pwname"]
             )
+        # necessary for print statement
+        yield ""
 
     def _confirmation(self, plaintext_pw):
         ####################################################################

diff --git a/libpkpass/commands/show.py b/libpkpass/commands/show.py
@@ -120,12 +120,10 @@ def _handle_escrow_show(self, password):
         ####################################################################
         """This populates the user's escrow as passwords"""
         ####################################################################
-        myescrow = []
         if password.escrow:
-            for key, value in password["escrow"].items():
-                if self.identity in value["recipients"].keys():
-                    myescrow.append([value["recipients"][self.identity], key])
-        return myescrow
+            if self.identity["name"] in password.escrow["recipients"].keys():
+                return password.escrow["recipients"][self.identity["name"]]
+        return None
 
     def _decrypt_wrapper(self, directory, password, pwname):
         ####################################################################
@@ -134,15 +132,16 @@ def _decrypt_wrapper(self, directory, password, pwname):
         if directory and password and pwname:
             password.read_password_data(path.join(directory, pwname))
             try:
-                distributor = password.recipients[self.identity["name"]]["distributor"]
                 if self.args["recovery"]:
                     myescrow = self._handle_escrow_show(password)
                     if myescrow:
-                        for share in myescrow:
-                            password["recipients"][self.identity["name"]] = share[0]
-                            yield f"Share for escrow group: {share[1]}"
-                            yield self._decrypt_password_entry(password, distributor)
+                        distributor = myescrow["distributor"]
+                        password["recipients"][self.identity["name"]] = myescrow
+                        yield self._decrypt_password_entry(password, distributor)
                 else:
+                    distributor = password.recipients[self.identity["name"]][
+                        "distributor"
+                    ]
                     yield self._decrypt_password_entry(password, distributor)
             except KeyError as err:
                 raise NotARecipientError(

diff --git a/libpkpass/commands/update.py b/libpkpass/commands/update.py
@@ -44,7 +44,9 @@ def _run_command_execution(self):
         )
         safe, owner = self.safety_check()
         if safe or self.args["overwrite"]:
-            self.recipient_list = password["recipients"].keys()
+            self.recipient_list = list(password["recipients"].keys())
+            self.recipient_list.append(str(self.args["identity"]))
+            self.recipient_list = list(set(self.recipient_list))
             yield from self._confirm_recipients()
             self._validate_identities(self.recipient_list)