gitlab-org--gitlab-foss/app/models/gpg_key.rb

class GpgKey < ActiveRecord::Base
  include AfterCommitQueue

  KEY_PREFIX = '-----BEGIN PGP PUBLIC KEY BLOCK-----'.freeze

  belongs_to :user

  validates :key,
    presence: true,
    uniqueness: true,
    format: {
      with: /\A#{KEY_PREFIX}((?!#{KEY_PREFIX}).)+\Z/m,
      message: "is invalid. A valid public GPG key begins with '#{KEY_PREFIX}'"
    }

  validates :fingerprint,
    presence: true,
    uniqueness: true,
    # only validate when the `key` is valid, as we don't want the user to show
    # the error about the fingerprint
    unless: -> { errors.has_key?(:key) }

  validates :primary_keyid,
    presence: true,
    uniqueness: true,
    # only validate when the `key` is valid, as we don't want the user to show
    # the error about the fingerprint
    unless: -> { errors.has_key?(:key) }

  before_validation :extract_fingerprint, :extract_primary_keyid
  after_create :update_invalid_gpg_signatures_after_create
  after_create :notify_user

  def key=(value)
    value.strip! unless value.blank?
    write_attribute(:key, value)
  end

  def emails
    @emails ||= Gitlab::Gpg.emails_from_key(key)
  end

  def emails_with_verified_status
    emails.map do |email|
      [
        email,
        email == user.email
      ]
    end
  end

  def verified?
    emails_with_verified_status.any? { |_email, verified| verified }
  end

  def update_invalid_gpg_signatures
    InvalidGpgSignatureUpdateWorker.perform_async(self.id)
  end

  private

  def extract_fingerprint
    # we can assume that the result only contains one item as the validation
    # only allows one key
    self.fingerprint = Gitlab::Gpg.fingerprints_from_key(key).first
  end

  def extract_primary_keyid
    # we can assume that the result only contains one item as the validation
    # only allows one key
    self.primary_keyid = Gitlab::Gpg.primary_keyids_from_key(key).first
  end

  def notify_user
    run_after_commit { NotificationService.new.new_gpg_key(self) }
  end

  def update_invalid_gpg_signatures_after_create
    run_after_commit { update_invalid_gpg_signatures }
  end
end
add gpg key model 2017-02-22 11:49:17 +00:00			`class GpgKey < ActiveRecord::Base`
notification email on add new gpg key 2017-02-28 09:49:59 +00:00			`include AfterCommitQueue`

add gpg key model 2017-02-22 11:49:17 +00:00			`KEY_PREFIX = '-----BEGIN PGP PUBLIC KEY BLOCK-----'.freeze`

			`belongs_to :user`

			`validates :key,`
			`presence: true,`
			`uniqueness: true,`
			`format: {`
only validate gpg_key#fingerprint "internally" 2017-02-22 15:22:39 +00:00			`with: /\A#{KEY_PREFIX}((?!#{KEY_PREFIX}).)+\Z/m,`
			`message: "is invalid. A valid public GPG key begins with '#{KEY_PREFIX}'"`
add gpg key model 2017-02-22 11:49:17 +00:00			`}`

only validate gpg_key#fingerprint "internally" 2017-02-22 15:22:39 +00:00			`validates :fingerprint,`
			`presence: true,`
			`uniqueness: true,`
			# only validate when the `key` is valid, as we don't want the user to show
			`# the error about the fingerprint`
			`unless: -> { errors.has_key?(:key) }`

add primary keyid attribute to gpg keys 2017-06-13 11:46:43 +00:00			`validates :primary_keyid,`
			`presence: true,`
			`uniqueness: true,`
			# only validate when the `key` is valid, as we don't want the user to show
			`# the error about the fingerprint`
			`unless: -> { errors.has_key?(:key) }`

			`before_validation :extract_fingerprint, :extract_primary_keyid`
perform signature update in sidekiq worker 2017-06-22 12:18:01 +00:00			`after_create :update_invalid_gpg_signatures_after_create`
notification email on add new gpg key 2017-02-28 09:49:59 +00:00			`after_create :notify_user`
add gpg key model 2017-02-22 11:49:17 +00:00
			`def key=(value)`
			`value.strip! unless value.blank?`
			`write_attribute(:key, value)`
			`end`

add emails method to GgpKey 2017-02-22 14:37:49 +00:00			`def emails`
remove gpg from keychain when user's email changes 2017-02-28 14:25:12 +00:00			`@emails \|\|= Gitlab::Gpg.emails_from_key(key)`
add emails method to GgpKey 2017-02-22 14:37:49 +00:00			`end`

remove gpg from keychain when user's email changes 2017-02-28 14:25:12 +00:00			`def emails_with_verified_status`
			`emails.map do \|email\|`
gpg email verification 2017-02-24 20:28:26 +00:00			`[`
			`email,`
don't sync to keychain file 2017-06-12 14:16:33 +00:00			`email == user.email`
gpg email verification 2017-02-24 20:28:26 +00:00			`]`
			`end`
			`end`

gpg signature is only valid when key is verified 2017-06-15 07:57:50 +00:00			`def verified?`
			`emails_with_verified_status.any? { \|_email, verified\| verified }`
			`end`

update invalid gpg signatures when email changes 2017-06-15 13:07:44 +00:00			`def update_invalid_gpg_signatures`
perform signature update in sidekiq worker 2017-06-22 12:18:01 +00:00			`InvalidGpgSignatureUpdateWorker.perform_async(self.id)`
update invalid gpg signatures when email changes 2017-06-15 13:07:44 +00:00			`end`

add gpg key model 2017-02-22 11:49:17 +00:00			`private`

			`def extract_fingerprint`
			`# we can assume that the result only contains one item as the validation`
			`# only allows one key`
extract gpg functionality to lib class 2017-02-22 16:20:42 +00:00			`self.fingerprint = Gitlab::Gpg.fingerprints_from_key(key).first`
add gpg key model 2017-02-22 11:49:17 +00:00			`end`
add / remove gpg keys to / from system keychain 2017-02-22 17:36:25 +00:00
add primary keyid attribute to gpg keys 2017-06-13 11:46:43 +00:00			`def extract_primary_keyid`
			`# we can assume that the result only contains one item as the validation`
			`# only allows one key`
			`self.primary_keyid = Gitlab::Gpg.primary_keyids_from_key(key).first`
			`end`

notification email on add new gpg key 2017-02-28 09:49:59 +00:00			`def notify_user`
			`run_after_commit { NotificationService.new.new_gpg_key(self) }`
			`end`
perform signature update in sidekiq worker 2017-06-22 12:18:01 +00:00
			`def update_invalid_gpg_signatures_after_create`
			`run_after_commit { update_invalid_gpg_signatures }`
			`end`
add gpg key model 2017-02-22 11:49:17 +00:00			`end`