def _sync_pws(datapath, force, dec_gpg, enc_gpg):
accounts = get_all_passwords(datapath)
git = Git(datapath)
with GitTransaction(git):
num = 0
if git.has_origin():
git.rebase_origin_master()
for (host, user, path) in accounts.iterate():
# There are three cases where the file needs to be reencrypted:
# 1. The force flag is set
# 2. The file is encrypted to a key that is no longer available,
# or expected as a recipient
# 3. The list of recipients do not match the expected recipient list
(rec_fps, rec_not_found) = enc_gpg.get_file_recipients(path)
if force or rec_not_found or sorted(rec_fps) != sorted(
enc_gpg.get_recipient_fps()):
debug('Need to reencrypt {}'.format(path))
encpw = enc_gpg.encrypt(dec_gpg.decrypt_file(path))
write_and_add(git, path, encpw, True)
num += 1
if num > 0:
uids = ''.join(
[' - {}\n'.format(x) for x in enc_gpg.get_recipient_uids()])
git.commit(
"Synchronized and reencrypted {} passwords to {} recipient{}{}\n\n{}\n\n{}"
.format(num, enc_gpg.get_num_recipients(),
's' if enc_gpg.get_num_recipients() > 1 else '',
' (forced)' if force else '', uids, get_version()))
if git.has_origin():
git.push_master()
return num
def do_rm(pwfile, host, user):
git = Git(datapath)
with GitTransaction(git):
if git.has_origin():
git.rebase_origin_master()
git.rm(pwfile)
git.commit("{}/{}: remove\n\n{}".format(host, user, get_version()))
if git.has_origin():
git.push_master()
def do_add(datapath, path, host, user, encpw, exist_ok):
git = Git(datapath)
with GitTransaction(git):
if git.has_origin():
git.rebase_origin_master()
write_and_add(git, path, encpw, exist_ok)
git.commit("{}/{}: {}\n\n{}".format(host, user,
'replace' if exist_ok else 'add',
get_version()))
if git.has_origin():
git.push_master()
def update_repo(cfg, args):
datapath = cfg['global']['datapath']
git = Git(datapath)
with GitTransaction(git):
orig_head = git.get_head()
if git.has_origin():
git.rebase_origin_master()
if git.get_head() != orig_head:
print('Password database updated from origin.')
else:
print(
'Password database already in sync with origin, nothing updated.'
)
else:
print('Cannot update: no git origin configured.')
def test_rebase(self):
new_path = os.path.join(self.tempdir, "new")
self.git.clone_to(new_path)
git1 = Git(new_path)
self.create_file(os.path.join(new_path, "one"))
git1.add("one")
git1.commit("message1")
git1.push_master()
self.assertTrue(os.path.isfile(os.path.join(new_path, "one")))
newnew_path = os.path.join(self.tempdir, "newnew")
self.git.clone_to(newnew_path)
git2 = Git(newnew_path)
self.create_file(os.path.join(newnew_path, "two"))
git2.add("two")
git2.commit("message2")
git2.push_master()
self.assertTrue(os.path.isfile(os.path.join(new_path, "one")))
self.assertFalse(os.path.isfile(os.path.join(new_path, "two")))
git1.rebase_origin_master()
self.assertTrue(os.path.isfile(os.path.join(new_path, "one")))
self.assertTrue(os.path.isfile(os.path.join(new_path, "two")))