Class: UserManager

Inherits:

FileManager

• Object
• FileManager
• UserManager

Defined in:

lib/team-secrets/user_manager.rb

Constant Summary

HASH_ALG =

:sha256

Instance Attribute Summary

• #master_key ⇒ Object

  Returns the value of attribute master_key.

• #user_dir ⇒ Object

  Returns the value of attribute user_dir.

• #working_dir ⇒ Object

  Returns the value of attribute working_dir.

Attributes inherited from FileManager

#data

Class Method Summary

• .calcHash(algo, string) ⇒ Object

Instance Method Summary

• #add(user_name, public_key_file) ⇒ Object

  Add a user - Store public key - Add to listing.

• #all ⇒ Object

  List all user names.

• #find(user_name) ⇒ Object

  Search for a user.

• #getUserKey(file_name, check_hash) ⇒ Object

  Get the user’s public key as a string.

• #initialize(master_key = nil) ⇒ UserManager constructor

  A new instance of UserManager.

• #remove(user_name) ⇒ Object

  Remove a user - Remove public key - Remove from listing.

• #rotateMasterKey ⇒ Object

  Rotate master key - Create a new master key - Update all lock boxes.

Methods inherited from FileManager

#loadFile, #writeFile

Constructor Details

#initialize(master_key = nil) ⇒ UserManager

Returns a new instance of UserManager.

# File 'lib/team-secrets/user_manager.rb', line 11

def initialize(master_key = nil)
    @@working_dir = Dir.pwd
    @@user_dir = @@working_dir + '/users'
    @data = @data || []
    @master_key = master_key unless master_key.nil?
end

Instance Attribute Details

#master_key ⇒ Object

Returns the value of attribute master_key.

# File 'lib/team-secrets/user_manager.rb', line 7

def master_key
  @master_key
end

#user_dir ⇒ Object

Returns the value of attribute user_dir.

# File 'lib/team-secrets/user_manager.rb', line 7

def user_dir
  @user_dir
end

#working_dir ⇒ Object

Returns the value of attribute working_dir.

# File 'lib/team-secrets/user_manager.rb', line 7

def working_dir
  @working_dir
end

Class Method Details

.calcHash(algo, string) ⇒ Object

# File 'lib/team-secrets/user_manager.rb', line 105

def self.calcHash(algo, string)
    raise 'Hash algorithim not supported' unless algo == HASH_ALG
    Digest::SHA256.hexdigest string
end

Instance Method Details

#add(user_name, public_key_file) ⇒ Object

Add a user

- Store public key
- Add to listing

# File 'lib/team-secrets/user_manager.rb', line 21

def add(user_name, public_key_file)
    unless find(user_name).nil?
        raise 'User already exists, delete existing user record to replace'
    end

    public_key = KeyHelper.getPublicKey(public_key_file)
    key_file_hash = self.class.calcHash(HASH_ALG, public_key)

    unique_file_name = self.class.calcHash(HASH_ALG, key_file_hash + user_name)
    key_file = 'users/' + unique_file_name[0..10] + '.pem'

    Dir.mkdir(@@user_dir) unless File.exists?(@@user_dir)
    File.write(@@working_dir +'/'+ key_file, public_key)

    # - user: george
    #   public_key: users/eb0545f9010.pem
    #   added: 2017-01-14 09:02:16.906998000 -05:00
    #   sha256: eb0545f9010b606069e6e63cd24c9cf60d08351775539d878055cbf3330afafa
    #   lock_Box: 010b606069e6e63cd24c9cf60d08351775539...

    user_data = {
        user: user_name,
        public_key: key_file, # folder & file, relative to working directory
        added: Time.now,
        lock_box: 'error - should be replaced'
    }

    user_data[HASH_ALG] = key_file_hash

    @data.push user_data
    rotateMasterKey

end

#all ⇒ Object

List all user names

# File 'lib/team-secrets/user_manager.rb', line 76

def all
    ret = []
    @data.each { |user_data| ret.push user_data[:user] }
    ret
end

#find(user_name) ⇒ Object

Search for a user

# File 'lib/team-secrets/user_manager.rb', line 68

def find(user_name)
    @data.each do |user_data|
        return user_data if user_data[:user] == user_name
    end
    nil
end

#getUserKey(file_name, check_hash) ⇒ Object

Get the user’s public key as a string

# File 'lib/team-secrets/user_manager.rb', line 96

def getUserKey(file_name, check_hash)
    raise 'User key doesn\'t exist' unless File.exists?(@@working_dir +'/'+ file_name)
    file_data = File.read(@@working_dir +'/'+ file_name)
    unless (self.class.calcHash(HASH_ALG, file_data) == check_hash)
        raise('Key digest mismatch for '+ file_name)
    end
    file_data
end

#remove(user_name) ⇒ Object

Remove a user

- Remove public key
- Remove from listing

# File 'lib/team-secrets/user_manager.rb', line 58

def remove(user_name)
    @data = @data.keep_if do |user_data|
        next true if user_data[:user] != user_name
        File.delete(@@working_dir +'/'+ user_data[:public_key])
        false
    end
    rotateMasterKey
end

#rotateMasterKey ⇒ Object

Rotate master key

- Create a new master key
- Update all lock boxes

# File 'lib/team-secrets/user_manager.rb', line 85

def rotateMasterKey
    @master_key = MasterKey.generate

    @data.map! do |user_data|
        public_key = getUserKey user_data[:public_key], user_data[HASH_ALG]
        user_data[:lock_box] = MasterKey.bin_to_hex @master_key.encryptWithPublicKey(public_key)
        user_data
    end
end