user may now revoke a gpg key

other than just removing a key, which doesn't affect the verified state
of a commit, revoking a key unverifies all signed commits.

1 files changed, 11 insertions, 0 deletions

diff --git a/app/models/gpg_key.rb b/app/models/gpg_key.rb
index 050245bd502..1977023536e 100644
--- a/app/models/gpg_key.rb
+++ b/app/models/gpg_key.rb
@@ -58,6 +58,17 @@ class GpgKey < ActiveRecord::Base
     InvalidGpgSignatureUpdateWorker.perform_async(self.id)
   end
 
+  def revoke
+    GpgSignature.where(gpg_key: self, valid_signature: true).find_each do |gpg_signature|
+      gpg_signature.update_attributes!(
+        gpg_key: nil,
+        valid_signature: false
+      )
+    end
+
+    destroy
+  end
+
   private
 
   def extract_fingerprint