# 
# add_file "tests/t_automate_certs.at"
# 
# patch "ChangeLog"
#  from [228a1618c9969724c008d9c1ba854aef26efd00b]
#    to [e5d89356b437d8f23409cefc0beef01d10ea2d1c]
# 
# patch "automate.cc"
#  from [537672e70cf440a84c25999dcc6ee90cb2b50c00]
#    to [1cb54c63ccc96437b4d8238b577f12869154a7b5]
# 
# patch "monotone.texi"
#  from [323d3078e9530006322c272e068655324e1f6929]
#    to [547ea280134218686da0bec122c493465705e43c]
# 
# patch "tests/t_automate_certs.at"
#  from []
#    to [262e5a98e330efa8c3b4dfe705a42b579337ce44]
# 
# patch "testsuite.at"
#  from [fc47957f825cecd326046338309173a964f3ea28]
#    to [cc9eaf6d0d1061195b4e304d107dba977bbb3a6d]
# 
--- ChangeLog
+++ ChangeLog
@@ -1,3 +1,15 @@
+2005-05-17  Grahame Bowland  <address@hidden>
+
+	* automate.cc: (automate_certs) change "status" field 
+	to "signature". Check whether each cert is trusted, and 
+	output in the "trusted" field.
+	* testsuite.at: add t_automate_certs.at
+	* tests/t_automate_certs.at: Test that the output of 
+	"automate certs" is consistent, and that we exit with
+	error when rev is incomplete or missing.
+	* monotone.texi: update output documentation for 
+	"automate certs"
+
 2005-05-20  Emile Snyder  <address@hidden>
 
 	* annotate.{hh,cc}: Rework to handle lineage dependent line
--- automate.cc
+++ automate.cc
@@ -795,14 +795,18 @@
 //   Each certificate is contained in a basic IO stanza. For each certificate, 
 //   the following values are provided:
 //   
-//   "key" : a string indicating the key used to sign this certificate.
-//   "status": a string indicating the status of the signature. Possible 
+//   'key' : a string indicating the key used to sign this certificate.
+//   'signature': a string indicating the status of the signature. Possible 
 //   values of this string are:
-//     "ok"      : the signature is correct
-//     "bad"     : the signature is invalid
-//     "unknown" : signature was made with an unknown key
-//   "name" : the name of this certificate
-//   "value" : the value of this certificate
+//     'ok'        : the signature is correct
+//     'bad'       : the signature is invalid
+//     'unknown'   : signature was made with an unknown key
+//   'name' : the name of this certificate
+//   'value' : the value of this certificate
+//   'trust' : is this certificate trusted by the defined trust metric
+//   Possible values of this string are:
+//     'trusted'   : this certificate is trusted
+//     'untrusted' : this certificate is not trusted
 //
 // Output format: All stanzas are formatted by basic_io. Stanzas are seperated 
 // by a blank line. Values will be escaped, '\' -> '\\' and '"' -> '\"'.
@@ -825,6 +829,7 @@
   
   revision_id rid(idx(args, 0)());
   N(app.db.revision_exists(rid), F("No such revision %s") % rid);
+  hexenc<id> ident(rid.inner());
 
   std::vector< revision<cert> > ts;
   app.db.get_revision_certs(rid, ts);
@@ -854,10 +859,19 @@
       basic_io::stanza st;
       cert_status status = check_cert(app, idx(certs, i));
       cert_value tv;      
+      cert_name name = idx(certs, i).name();
+      std::set<rsa_keypair_id> signers;
+
       decode_base64(idx(certs, i).value, tv);
 
-      st.push_str_pair("key", idx(certs, i).key());
+      rsa_keypair_id keyid = idx(certs, i).key();
+      signers.insert(keyid);
 
+      bool trusted = app.lua.hook_get_revision_cert_trust(signers, ident,
+                                                          name, tv);
+
+      st.push_str_pair("key", keyid());
+
       std::string stat;
       switch (status)
         {
@@ -871,9 +885,11 @@
           stat = "unknown";
           break;
         }
-      st.push_str_pair("status", stat);
-      st.push_str_pair("name", idx(certs, i).name());
+      st.push_str_pair("signature", stat);
+
+      st.push_str_pair("name", name());
       st.push_str_pair("value", tv());
+      st.push_str_pair("trust", (trusted ? "trusted" : "untrusted"));
 
       pr.print_stanza(st);
     }
--- monotone.texi
+++ monotone.texi
@@ -4920,31 +4920,55 @@
 Prints all certificates associated with the given revision ID.
 Each certificate is contained in a basic IO stanza. For each certificate, 
 the following values are provided:
+
address@hidden
+'key'
+      a string indicating the key used to sign this certificate.
+'signature'
+      a string indicating the status of the signature. Possible 
+      values of this string are:
+            'ok'        : the signature is correct
+            'bad'       : the signature is invalid
+            'unknown'   : signature was made with an unknown key
+'name'
+      the name of this certificate
+'value'
+      the value of this certificate
+'trust'
+      is this certificate trusted by the defined trust metric?
+      Possible values of this string are:
+            'trusted'   : this certificate is trusted
+            'untrusted' : this certificate is not trusted
address@hidden verbatim
  
 @item Sample output:
 
 @verbatim
-   key "address@hidden"
-status "ok"
-  name "author"
- value "address@hidden"
+      key "address@hidden"
+signature "ok"
+     name "author"
+    value "address@hidden"
+    trust "trusted"
 
-   key "address@hidden"
-status "ok"
-  name "branch"
- value "net.venge.monotone"
+      key "address@hidden"
+signature "ok"
+     name "branch"
+    value "net.venge.monotone"
+    trust "trusted"
 
-   key "address@hidden"
-status "ok"
-  name "changelog"
- value "merge of c48bf9be32757e804a7eca4cf717b2fa5f62b397
-     and be6e404d588dcf10b544e1d64f8d2ec4bc0982c8
+      key "address@hidden"
+signature "ok"
+     name "changelog"
+    value "propagate from branch 'net.venge.monotone.annotate' (head 76a886ef7c8ae12a4bba5fc2bd252557bf863aff)
+            to branch 'net.venge.monotone' (head 2490479a4e4e99243fead6d627d78291fde592f0)
 "
+    trust "trusted"
 
-   key "address@hidden"
-status "ok"
-  name "date"
- value "2005-05-16T14:48:16"
+      key "address@hidden"
+signature "ok"
+     name "date"
+    value "2005-05-20T20:19:25"
+    trust "trusted"
 @end verbatim
 
 @item Output format:
--- tests/t_automate_certs.at
+++ tests/t_automate_certs.at
@@ -0,0 +1,54 @@
+#  -*- Autoconf -*-
+
+AT_SETUP([automate certs])
+NEED_UNB64
+MONOTONE_SETUP
+
+AT_DATA(expected, [      key "address@hidden"
+signature "ok"
+     name "author"
+    value "address@hidden"
+    trust "trusted"
+
+      key "address@hidden"
+signature "ok"
+     name "branch"
+    value "testbranch"
+    trust "trusted"
+
+      key "address@hidden"
+signature "ok"
+     name "changelog"
+    value "blah-blah"
+    trust "trusted"
+
+      key "address@hidden"
+signature "ok"
+     name "date"
+    value "2005-05-21T12:30:51"
+    trust "trusted"
+])
+
+AT_DATA(empty, [])
+
+ADD_FILE(foo, [blah
+])
+AT_CHECK(MONOTONE commit --date=2005-05-21T12:30:51 --branch=testbranch --message=blah-blah, [], [ignore], [ignore])
+BASE_R=`BASE_REVISION`
+
+# check that a correct usage produces correctly formatted output
+AT_CHECK(MONOTONE automate certs $BASE_R, [], [stdout], [ignore])
+AT_CHECK(cmp expected stdout)
+
+# ensure that missing revisions fail
+NOSUCHREV=0000000000000000000000000000000000000000
+AT_CHECK(MONOTONE automate certs $NOSUCHREV, [1], [stdout], [ignore])
+AT_CHECK(cmp empty stdout)
+
+# ensure that revisions are not being completed
+# (the above commit will have created rev 306c506078df4b58470f75c845ccd11c2ea8cb26)
+TRUNCATEDREV=306c506078df4b58470f75c845ccd1
+AT_CHECK(MONOTONE automate certs $TRUNCATEDREV, [1], [stdout], [ignore])
+AT_CHECK(cmp empty stdout)
+
+AT_CLEANUP
--- testsuite.at
+++ testsuite.at
@@ -649,3 +649,4 @@
 m4_include(tests/t_commit_message_file.at)
 m4_include(tests/t_annotate_lineage_dependent.at)
 m4_include(tests/t_annotate_split_line.at)
+m4_include(tests/t_automate_certs.at)