(release) Harden SSH key edit and delete flow

Make SSH credential management more explicit by adding an edit action in the key overview and requiring name confirmation before deletion. Keep deletion blocked while a key is still selected by hosts or global config, and cover rename, delete confirmation, and in-use protection in view tests. Refs #20 Refs #8
2026-05-21 03:38:55 +02:00
parent c2e5a534aa
commit 5b5a5bc637
4 changed files with 55 additions and 4 deletions
--- a/src/pobsync_backend/views.py
+++ b/src/pobsync_backend/views.py
@@ -239,6 +239,9 @@ def delete_ssh_credential(request, credential_id: int):
    if credential.hosts.exists() or credential.global_configs.exists():
        messages.error(request, f"SSH key {credential.name} is still in use and cannot be deleted.")
        return redirect("edit_ssh_credential", credential_id=credential.id)
+    if request.POST.get("confirm_name", "").strip() != credential.name:
+        messages.error(request, f"Type {credential.name} to confirm SSH key deletion.")
+        return redirect("edit_ssh_credential", credential_id=credential.id)

    name = credential.name
    try: