// ImportKeys imports new authorised ssh keys from the specified key ids for the specified user.
func (api *KeyManagerAPI) ImportKeys(arg params.ModifyUserSSHKeys) (params.ErrorResults, error) {
result := params.ErrorResults{
Results: make([]params.ErrorResult, len(arg.Keys)),
}
if len(arg.Keys) == 0 {
return result, nil
}
canWrite, err := api.getCanWrite()
if err != nil {
return params.ErrorResults{}, common.ServerError(err)
}
if !canWrite(arg.User) {
return params.ErrorResults{}, common.ServerError(common.ErrPerm)
}
// For now, authorised keys are global, common to all users.
sshKeys, currentFingerprints, err := api.currentKeyDataForAdd()
if err != nil {
return params.ErrorResults{}, common.ServerError(fmt.Errorf("reading current key data: %v", err))
}
importedKeyInfo := runSSHKeyImport(arg.Keys)
// Ensure we are not going to add invalid or duplicate keys.
result.Results = make([]params.ErrorResult, len(importedKeyInfo))
for i, keyInfo := range importedKeyInfo {
if keyInfo.err != nil {
result.Results[i].Error = common.ServerError(keyInfo.err)
continue
}
if currentFingerprints.Contains(keyInfo.fingerprint) {
result.Results[i].Error = common.ServerError(fmt.Errorf("duplicate ssh key: %s", keyInfo.key))
continue
}
sshKeys = append(sshKeys, keyInfo.key)
}
err = api.writeSSHKeys(sshKeys)
if err != nil {
return params.ErrorResults{}, common.ServerError(err)
}
return result, nil
}
