From ca922ef5f739efb6bb0f19a9c25635335c296d24 Mon Sep 17 00:00:00 2001
From: Franziska Kunsmann <hi@kunsmann.eu>
Date: Tue, 10 Nov 2020 09:12:43 +0100
Subject: [PATCH] scripts: add encrypt_file and passwords-for

---
 scripts/encrypt_file  | 42 ++++++++++++++++++++++++++++++++++++++++++
 scripts/passwords-for | 32 ++++++++++++++++++++++++++++++++
 2 files changed, 74 insertions(+)
 create mode 100755 scripts/encrypt_file
 create mode 100755 scripts/passwords-for

diff --git a/scripts/encrypt_file b/scripts/encrypt_file
new file mode 100755
index 0000000..8fa272e
--- /dev/null
+++ b/scripts/encrypt_file
@@ -0,0 +1,42 @@
+#!/usr/bin/env python3
+from os import environ
+from os.path import abspath, isfile, join, relpath
+from sys import argv
+
+from bundlewrap.repo import Repository
+
+
+path = environ.get('BW_REPO_PATH', '.')
+repo = Repository(path)
+
+if len(argv) < 3:
+    print('Usage: {} <source> <target> [encryption key, default \'encrypt\']'.format(argv[0]))
+    exit(1)
+
+target = abspath(argv[2])
+datapath = join(abspath(path), 'data')
+
+if not isfile(argv[1]):
+    print('ERROR: Source file \'{}\' does not exist.'.format(argv[1]))
+    exit(1)
+
+if not target.endswith('.vault'):
+    print('ERROR: Target file \'{}\' does not end in .vault'.format(argv[2]))
+    exit(1)
+elif not target.startswith(datapath):
+    print('ERROR: Target file \'{}\' is not in BW_REPO_PATH/data/'.format(argv[2]))
+    exit(1)
+
+if isfile(target):
+    if input('ERROR: Target file \'{}\' already exists, overwrite? [yN]'.format(argv[2])) not in ['y', 'Y']:
+        print('Abort')
+        exit(2)
+
+if len(argv) > 3:
+    key = argv[3]
+else:
+    key = 'encrypt'
+
+repo.vault.encrypt_file(argv[1], relpath(target, start=datapath), key)
+
+print('encryption successful')
diff --git a/scripts/passwords-for b/scripts/passwords-for
new file mode 100755
index 0000000..22ea113
--- /dev/null
+++ b/scripts/passwords-for
@@ -0,0 +1,32 @@
+#!/usr/bin/env python3
+from os import environ
+from sys import argv
+
+from bundlewrap.repo import Repository
+from bundlewrap.utils import Fault
+from bundlewrap.exceptions import FaultUnavailable
+
+
+path = environ.get('BW_REPO_PATH', '.')
+repo = Repository(path)
+
+def print_faults(dictionary, keypath=[]):
+    for key, value in dictionary.items():
+        if isinstance(value, Fault):
+            try:
+                resolved_fault = value.value
+            except FaultUnavailable:
+                print('{}/{}: [permission denied]'.format('/'.join(keypath), key))
+            else:
+                if '\n' not in resolved_fault:
+                    print('{}/{}: {}'.format('/'.join(keypath), key, value))
+        elif isinstance(value, dict):
+            print_faults(value, keypath=keypath+[key])
+
+
+if len(argv) == 1:
+    print('node name missing')
+    exit(1)
+
+node = repo.get_node(argv[1])
+print_faults(node.metadata)