Add admin button to generate new signing key

email_extras/admin.py

@@ -1,18 +1,69 @@
+from django.conf.urls import url
+from django.core.exceptions import PermissionDenied
+from django.http import HttpResponseRedirect
+from django.urls import reverse
 
-from email_extras.settings import USE_GNUPG
+from email_extras.settings import (
+    USE_GNUPG, GNUPG_HOME, SIGNING_KEY_DATA
+)
 
 
 if USE_GNUPG:
     from django.contrib import admin
 
+    from gnupg import GPG
+
     from email_extras.models import Key, Address
     from email_extras.forms import KeyForm
 
     class KeyAdmin(admin.ModelAdmin):
+        change_list_template = 'admin/email_extras/key/change_list.html'
         form = KeyForm
         list_display = ('__str__', 'email_addresses')
         readonly_fields = ('fingerprint', )
 
+        if SIGNING_KEY_DATA:
+            def generate_signing_key_view(self, request):
+                # Since this is a new view its permissions aren't automatically
+                # handled
+                if not request.user.is_staff:
+                    return PermissionDenied("You do not have permission to "
+                                            "generate signing keys")
+
+                if not self.has_add_permission(request):
+                    return PermissionDenied("You do not have permission to "
+                                            "add keys")
+
+                info = (
+                    self.model._meta.app_label,
+                    self.model._meta.model_name,
+                )
+                gpg = GPG(gnupghome=GNUPG_HOME)
+
+                signing_key_cmd = gpg.gen_key_input(**SIGNING_KEY_DATA)
+                new_signing_key = gpg.gen_key(signing_key_cmd)
+
+                exported_signing_key = gpg.export_keys(
+                    new_signing_key.fingerprint)
+
+                key = Key.objects.create(key=exported_signing_key,
+                                         use_asc=False)
+
+                return HttpResponseRedirect(
+                    reverse('admin:%s_%s_change' % info, args=(key.id,)))
+
+            def get_urls(self):
+                info = (
+                    self.model._meta.app_label,
+                    self.model._meta.model_name,
+                )
+                extra_urls = [
+                    url(r'^generate_signing_key/$',
+                        self.generate_signing_key_view,
+                        name="%s_%s_generate_signing_key" % info),
+                ]
+                return extra_urls + super(KeyAdmin, self).get_urls()
+
     class AddressAdmin(admin.ModelAdmin):
         list_display = ('__str__', 'key')
         readonly_fields = ('key', )

email_extras/settings.py

@@ -5,8 +5,18 @@
 
 GNUPG_HOME = getattr(settings, "EMAIL_EXTRAS_GNUPG_HOME", None)
 USE_GNUPG = getattr(settings, "EMAIL_EXTRAS_USE_GNUPG", GNUPG_HOME is not None)
+
 ALWAYS_TRUST = getattr(settings, "EMAIL_EXTRAS_ALWAYS_TRUST_KEYS", False)
 GNUPG_ENCODING = getattr(settings, "EMAIL_EXTRAS_GNUPG_ENCODING", None)
+SIGNING_KEY_DATA = {
+    'key_type': "DSA",
+    'key_length': 4096,
+    'name_real': settings.SITE_NAME,
+    'name_comment': "Outgoing email server",
+    'name_email': settings.DEFAULT_FROM_EMAIL,
+    'expire_date': '2y',
+}
+SIGNING_KEY_DATA.update(getattr(settings, "EMAIL_EXTRAS_SIGNING_KEY_DATA", {}))
 
 # Used internally
 encrypt_kwargs = {

email_extras/templates/admin/email_extras/key/change_list.html

@@ -0,0 +1,14 @@
+{% extends "admin/change_list.html" %}
+{% load i18n admin_urls static admin_list %}
+
+{% block object-tools-items %}
+  {% url cl.opts|admin_urlname:'generate_signing_key' as generate_signing_key_url %}
+  {% if generate_signing_key_url and has_add_permission %}
+  <li>
+    <a href="{{ generate_signing_key_url }}" class="addlink">
+      {% trans "Generate Signing Key" %}
+    </a>
+  </li>
+  {% endif %}
+  {{ block.super }}
+{% endblock %}