Toggle organisation restriction from config file.

2020-02-15 15:15:15 +01:00 · 2020-02-15 15:15:15 +01:00 · b66531d19d
parent f535a197d3
commit b66531d19d
5 changed files with 24 additions and 7 deletions
--- a/config/default.js
+++ b/config/default.js
@ -41,7 +41,9 @@ module.exports = {
  },

  publicKey: {
-    purgeTimeInDays: process.env.PUBLIC_KEY_PURGE_TIME || 30
+    purgeTimeInDays: process.env.PUBLIC_KEY_PURGE_TIME || 30,
+    restrictUserOrigin: process.env.RESTRICT_USER_ORIGIN || false,
+    restrictionRegEx: process.env.RESTRICTION_REGEX
  }

 };
--- a/config/development.js
+++ b/config/development.js
@ -22,6 +22,11 @@ module.exports = {
      name: 'OpenPGP Key Server',
      email: 'user@gmail.com'
    }
+  },
+  
+  publicKey: {
+    restrictUserOrigin: true,
+    restrictionRegEx: '^([a-z0-9\-.]+)@([a-z0-9.\-]*)esisar\.grenoble-inp\.fr$'
  }

 };
--- a/src/service/pgp.js
+++ b/src/service/pgp.js
@ -19,6 +19,7 @@

 const log = require('winston');
 const util = require('./util');
+const config = require('config');
 const openpgp = require('openpgp');

 const KEY_BEGIN = '-----BEGIN PGP PUBLIC KEY BLOCK-----';
@ -154,7 +155,7 @@ class PGP {
      }
    }
    var status = 0;
-    if(!isFromOrganisation){
+    if(config.publicKey.restrictUserOrigin && !isFromOrganisation ){
      result.length = 0;
      status = 1;
    }
--- a/src/service/public-key.js
+++ b/src/service/public-key.js
@ -103,10 +103,18 @@ class PublicKey {
      await this._addKeyArmored(key.userIds, key.publicKeyArmored);
      // new key, set armored to null
      key.publicKeyArmored = null;
-      // send mails to verify organisation's user ids
-      await this._sendVerifyOrganisationEmail(key, origin, ctx);
-      // store key in database
-      await this._persistKeyOrganisation(key);
+      if(config.publicKey.restrictUserOrigin) {
+        // send mails to verify organisation's user ids
+        await this._sendVerifyOrganisationEmail(key, origin, ctx);
+        // store key in database
+        await this._persistKeyOrganisation(key);
+      }
+      else {
+        // send mails to verify all user ids
+        await this._sendVerifyEmail(key, origin, ctx);
+        // store key in database 
+        await this._persistKey(key);
+      }
    }
  }

--- a/src/service/util.js
+++ b/src/service/util.js
@ -18,6 +18,7 @@
 'use strict';

 const crypto = require('crypto');
+const config = require('config');

 /**
 * Checks for a valid string
@ -87,7 +88,7 @@ exports.isFromOrganisation = function(data) {
  if (!this.isString(data)) {
    return false;
  }
-  const re = /^([a-z0-9\-.]+)@([a-z0-9.\-]*)esisar\.grenoble-inp\.fr$/;
+  const re = new RegExp(config.publicKey.restrictionRegEx, 'g');
  return re.test(data);
 };