This is an automated email from the ASF dual-hosted git repository.
sbp pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tooling-trusted-release.git
The following commit(s) were added to refs/heads/main by this push:
new 43cea81 Allow admins to view all public signing keys
43cea81 is described below
commit 43cea81cf3ec63b0522e4d07c0c1f1111e9a5e40
Author: Sean B. Palmer <[email protected]>
AuthorDate: Wed Jun 18 16:36:10 2025 +0100
Allow admins to view all public signing keys
---
atr/db/interaction.py | 1 +
atr/routes/keys.py | 3 +++
2 files changed, 4 insertions(+)
diff --git a/atr/db/interaction.py b/atr/db/interaction.py
index e31d84f..21485fb 100644
--- a/atr/db/interaction.py
+++ b/atr/db/interaction.py
@@ -138,6 +138,7 @@ async def key_user_session_add(
existing = await data.public_signing_key(fingerprint=fingerprint).get()
# TODO: This can race
if existing:
+ # TODO: Always update?
# If the new key has a latest self signature
if latest_self_signature is not None:
# And the self signature is newer, update it
diff --git a/atr/routes/keys.py b/atr/routes/keys.py
index 0bdbffb..4d7b6f4 100644
--- a/atr/routes/keys.py
+++ b/atr/routes/keys.py
@@ -45,6 +45,7 @@ import atr.revision as revision
import atr.routes as routes
import atr.routes.compose as compose
import atr.template as template
+import atr.user as user
import atr.util as util
@@ -660,6 +661,8 @@ async def _key_and_is_owner(
key_committee_names = {c.name for c in key.committees}
if user_affiliations.intersection(key_committee_names):
authorised = True
+ elif user.is_admin(session.uid):
+ authorised = True
if not authorised:
quart.abort(403, description="You are not authorised to view this key")
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
