[minor] make api required signatures a config option

2016-03-02 14:30:56 -06:00 · 2016-03-02 14:30:56 -06:00 · d056b5b4fb
--- a/conf/api.cfg.inc
+++ b/conf/api.cfg.inc
@ -9,6 +9,11 @@
    # within this duration of the local clock
    tokenduration = 10m

+[manifest]
+    # used with mig manifests, this indicates the number of valid signatures
+    # that must be applied to a manifest for the api to mark it as active
+    requiredsignatures = 2
+
 [server]
    # local listening ip
    ip = "127.0.0.1"
--- a/database/manifest.go
+++ b/database/manifest.go
@ -12,10 +12,6 @@ import (
 	"mig.ninja/mig"
 )

-// The number of signatures required for a manifest to be marked as active.
-// XXX This should probably be somewhere else like in the configuration file.
-const REQUIRED_SIGNATURES int = 1
-
 // Add a new manifest record to the database
 func (db *DB) ManifestAdd(mr mig.ManifestRecord) (err error) {
 	_, err = db.c.Exec(`INSERT INTO manifests VALUES
@ -25,7 +21,7 @@ func (db *DB) ManifestAdd(mr mig.ManifestRecord) (err error) {
 }

 // Add a signature to the database for an existing manifest
-func (db *DB) ManifestAddSignature(mid float64, sig string, invid float64) (err error) {
+func (db *DB) ManifestAddSignature(mid float64, sig string, invid float64, reqsig int) (err error) {
 	res, err := db.c.Exec(`INSERT INTO manifestsig
 		(manifestid, pgpsignature, investigatorid)
 		SELECT $1, $2, $3
@ -42,7 +38,7 @@ func (db *DB) ManifestAddSignature(mid float64, sig string, invid float64) (err
 		return fmt.Errorf("Manifest signing operation failed")
 	}

-	err = db.ManifestUpdateStatus(mid)
+	err = db.ManifestUpdateStatus(mid, reqsig)
 	return
 }

@ -56,8 +52,10 @@ func (db *DB) ManifestDisable(mid float64) (err error) {
 	return
 }

-// Update the status of a manifest based on the number of signatures it has
-func (db *DB) ManifestUpdateStatus(mid float64) (err error) {
+// Update the status of a manifest based on the number of signatures it has,
+// reqsig is passed as an argument that indicates the number of signatures
+// a manifest must have to be considered active
+func (db *DB) ManifestUpdateStatus(mid float64, reqsig int) (err error) {
 	var cnt int
 	err = db.c.QueryRow(`SELECT COUNT(*) FROM manifestsig
 		WHERE manifestid=$1`, mid).Scan(&cnt)
@ -65,7 +63,7 @@ func (db *DB) ManifestUpdateStatus(mid float64) (err error) {
 		return err
 	}
 	status := "staged"
-	if cnt >= REQUIRED_SIGNATURES {
+	if cnt >= reqsig {
 		status = "active"
 	}
 	_, err = db.c.Exec(`UPDATE manifests SET status=$1 WHERE
--- a/mig-api/context.go
+++ b/mig-api/context.go
@ -34,6 +34,9 @@ type Context struct {
 		Mutex      sync.Mutex
 		UpdateTime time.Time
 	}
+	Manifest struct {
+		RequiredSignatures int
+	}
 	Postgres struct {
 		Host, User, Password, DBName, SSLMode string
 		Port, MaxConn                         int
@ -80,6 +83,10 @@ func Init(path string, debug bool) (ctx Context, err error) {
 		panic(err)
 	}

+	if ctx.Manifest.RequiredSignatures < 1 {
+		panic("manifest:requiredsignatures must be at least 1 in config file")
+	}
+
 	ctx, err = initDB(ctx)
 	if err != nil {
 		panic(err)
--- a/mig-api/manifest_endpoints.go
+++ b/mig-api/manifest_endpoints.go
@ -72,7 +72,7 @@ func statusManifest(respWriter http.ResponseWriter, request *http.Request) {
 		if err != nil {
 			panic(err)
 		}
-		err = ctx.DB.ManifestUpdateStatus(manifestid)
+		err = ctx.DB.ManifestUpdateStatus(manifestid, ctx.Manifest.RequiredSignatures)
 		if err != nil {
 			panic(err)
 		}
@ -118,7 +118,8 @@ func signManifest(respWriter http.ResponseWriter, request *http.Request) {
 		panic("Invalid signature specified")
 	}

-	err = ctx.DB.ManifestAddSignature(manifestid, sig, getInvID(request))
+	err = ctx.DB.ManifestAddSignature(manifestid, sig, getInvID(request),
+		ctx.Manifest.RequiredSignatures)
 	if err != nil {
 		panic(err)
 	}