Merge branch '0.3.8-settings-encrypt-by-default-854' into testing

author: Patrick Totzke <patricktotzke@gmail.com> 2016-03-24 21:04:15 +0000
committer: Patrick Totzke <patricktotzke@gmail.com> 2016-03-24 21:04:15 +0000
commit: 39d214f87c9bf0559d6e360af7b35fe3a6258454 (patch)
tree: e4b053063a31d289e4fb4e3e0fa671f8709ac435 /alot/commands
parent: 6554345a0523b0221fc54a771ab53682086ef603 (diff)
parent: 39e4208cd8a677d986cf9489769e19bccec30c8b (diff)
3 files changed, 44 insertions, 9 deletions
diff --git a/alot/commands/envelope.py b/alot/commands/envelope.py
index e1a6eca7..c8362037 100644
--- a/alot/commands/envelope.py
+++ b/alot/commands/envelope.py
@@ -500,6 +500,7 @@ class SignCommand(Command):
 
 
 @registerCommand(MODE, 'encrypt', forced={'action': 'encrypt'}, arguments=[
+    (['--trusted'], {'action': 'store_true', 'help': 'only add trusted keys'}),
     (['keyids'], {'nargs': argparse.REMAINDER,
                   'help': 'keyid of the key to encrypt with'})],
     help='request encryption of message before sendout')
@@ -507,6 +508,8 @@ class SignCommand(Command):
                  help='remove request to encrypt message before sending')
 @registerCommand(MODE, 'toggleencrypt', forced={'action': 'toggleencrypt'},
                  arguments=[
+                     (['--trusted'], {'action': 'store_true',
+                                      'help': 'only add trusted keys'}),
                      (['keyids'], {'nargs': argparse.REMAINDER,
                       'help': 'keyid of the key to encrypt with'})],
                  help='toggle if message should be encrypted before sendout')
@@ -516,16 +519,19 @@ class SignCommand(Command):
                       'help': 'keyid of the key to encrypt with'})],
                  help='do not encrypt to given recipient key')
 class EncryptCommand(Command):
-    def __init__(self, action=None, keyids=None, **kwargs):
+    def __init__(self, action=None, keyids=None, trusted=False, **kwargs):
         """
         :param action: wether to encrypt/unencrypt/toggleencrypt
         :type action: str
         :param keyid: the id of the key to encrypt
         :type keyid: str
+        :param trusted: wether to filter keys and only use trusted ones
+        :type trusted: bool
         """
 
         self.encrypt_keys = keyids
         self.action = action
+        self.trusted = trusted
         Command.__init__(self, **kwargs)
 
     @inlineCallbacks
@@ -556,14 +562,22 @@ class EncryptCommand(Command):
                         continue
                     match = re.search("<(.*@.*)>", recipient)
                     if match:
-                        recipient = match.group(0)
+                        recipient = match.group(1)
                     self.encrypt_keys.append(recipient)
 
             logging.debug("encryption keys: " + str(self.encrypt_keys))
-            keys = yield get_keys(ui, self.encrypt_keys)
+            keys = yield get_keys(ui, self.encrypt_keys,
+                                  signed_only=self.trusted)
+            if self.trusted:
+                logging.debug("filtered encrytion keys: " +
+                              " ".join(x.uids[0].uid for x in keys.values()))
             if keys:
                 envelope.encrypt_keys.update(keys)
             else:
                 envelope.encrypt = False
+        if not envelope.encrypt:
+            # This is an extra conditional as it can even happen if encrypt is
+            # True.
+            envelope.encrypt_keys = {}
         # reload buffer
         ui.current_buffer.rebuild()
diff --git a/alot/commands/globals.py b/alot/commands/globals.py
index d234f54f..519cf2aa 100644
--- a/alot/commands/globals.py
+++ b/alot/commands/globals.py
@@ -851,8 +851,20 @@ class ComposeCommand(Command):
                     logging.debug('attaching: ' + a)
 
         # set encryption if needed
-        if self.encrypt or account.encrypt_by_default:
+        if self.encrypt or account.encrypt_by_default == u"all":
+            logging.debug("Trying to encrypt message because encrypt={} and "
+                          "encrypt_by_default={}".format(
+                              self.encrypt, account.encrypt_by_default))
             yield self._set_encrypt(ui, self.envelope)
+        elif account.encrypt_by_default == u"trusted":
+            logging.debug("Trying to encrypt message because "
+                          "account.encrypt_by_default={}".format(
+                              account.encrypt_by_default))
+            yield self._set_encrypt(ui, self.envelope, trusted_only=True)
+        else:
+            logging.debug(
+                    "No encryption by default, encrypt_by_default={}".format(
+                        account.encrypt_by_default))
 
         cmd = commands.envelope.EditCommand(envelope=self.envelope,
                                             spawn=self.force_spawn,
@@ -860,26 +872,31 @@ class ComposeCommand(Command):
         ui.apply_command(cmd)
 
     @inlineCallbacks
-    def _set_encrypt(self, ui, envelope):
+    def _set_encrypt(self, ui, envelope, trusted_only=False):
         """Find and set the encryption keys in an envolope.
 
         :param ui: the main user interface object
         :type ui: alot.ui.UI
         :param envolope: the envolope buffer object
         :type envolope: alot.buffers.EnvelopeBuffer
+        :param trusted_only: only add keys to the list of encryption
+            keys whose uid is signed (trusted to belong to the key)
+        :type trusted_only: bool
 
         """
         encrypt_keys = []
         for recipient in envelope.headers['To'][0].split(','):
+            recipient = recipient.strip()
             if not recipient:
                 continue
             match = re.search("<(.*@.*)>", recipient)
             if match:
-                recipient = match.group(0)
+                recipient = match.group(1)
             encrypt_keys.append(recipient)
 
         logging.debug("encryption keys: " + str(encrypt_keys))
-        keys = yield get_keys(ui, encrypt_keys, block_error=self.encrypt)
+        keys = yield get_keys(ui, encrypt_keys, block_error=self.encrypt,
+                              signed_only=trusted_only)
         if keys:
             envelope.encrypt_keys.update(keys)
             envelope.encrypt = True
diff --git a/alot/commands/utils.py b/alot/commands/utils.py
index 5ac8a74c..48d7aac9 100644
--- a/alot/commands/utils.py
+++ b/alot/commands/utils.py
@@ -8,7 +8,7 @@ from alot import crypto
 
 
 @inlineCallbacks
-def get_keys(ui, encrypt_keyids, block_error=False):
+def get_keys(ui, encrypt_keyids, block_error=False, signed_only=False):
     """Get several keys from the GPG keyring.  The keys are selected by keyid
     and are checked if they can be used for encryption.
 
@@ -19,6 +19,9 @@ def get_keys(ui, encrypt_keyids, block_error=False):
     :param block_error: wether error messages for the user should expire
         automatically or block the ui
     :type block_error: bool
+    :param signed_only: only return keys whose uid is signed (trusted to belong
+        to the key)
+    :type signed_only: bool
     :returns: the available keys indexed by their key hash
     :rtype: dict(str->gpgme.Key)
 
@@ -26,7 +29,8 @@ def get_keys(ui, encrypt_keyids, block_error=False):
     keys = {}
     for keyid in encrypt_keyids:
         try:
-            key = crypto.get_key(keyid, validate=True, encrypt=True)
+            key = crypto.get_key(keyid, validate=True, encrypt=True,
+                                 signed_only=signed_only)
         except GPGProblem as e:
             if e.code == GPGCode.AMBIGUOUS_NAME:
                 possible_keys = crypto.list_keys(hint=keyid)
author	Patrick Totzke <patricktotzke@gmail.com>	2016-03-24 21:04:15 +0000
committer	Patrick Totzke <patricktotzke@gmail.com>	2016-03-24 21:04:15 +0000
commit	39d214f87c9bf0559d6e360af7b35fe3a6258454 (patch)
tree	e4b053063a31d289e4fb4e3e0fa671f8709ac435 /alot/commands
parent	6554345a0523b0221fc54a771ab53682086ef603 (diff)
parent	39e4208cd8a677d986cf9489769e19bccec30c8b (diff)