gitlab-org--gitlab-foss/spec/models/gpg_key_spec.rb

require 'rails_helper'

describe GpgKey do
  describe "associations" do
    it { is_expected.to belong_to(:user) }
    it { is_expected.to have_many(:subkeys) }
  end

  describe "validation" do
    it { is_expected.to validate_presence_of(:user) }

    it { is_expected.to validate_presence_of(:key) }
    it { is_expected.to validate_uniqueness_of(:key) }

    it { is_expected.to allow_value("-----BEGIN PGP PUBLIC KEY BLOCK-----\nkey\n-----END PGP PUBLIC KEY BLOCK-----").for(:key) }

    it { is_expected.not_to allow_value("-----BEGIN PGP PUBLIC KEY BLOCK-----\nkey").for(:key) }
    it { is_expected.not_to allow_value("-----BEGIN PGP PUBLIC KEY BLOCK-----\nkey\n-----BEGIN PGP PUBLIC KEY BLOCK-----").for(:key) }
    it { is_expected.not_to allow_value("-----BEGIN PGP PUBLIC KEY BLOCK----------END PGP PUBLIC KEY BLOCK-----").for(:key) }
    it { is_expected.not_to allow_value("-----BEGIN PGP PUBLIC KEY BLOCK-----").for(:key) }
    it { is_expected.not_to allow_value("-----END PGP PUBLIC KEY BLOCK-----").for(:key) }
    it { is_expected.not_to allow_value("key\n-----END PGP PUBLIC KEY BLOCK-----").for(:key) }
    it { is_expected.not_to allow_value('BEGIN PGP').for(:key) }
  end

  context 'callbacks' do
    describe 'extract_fingerprint' do
      it 'extracts the fingerprint from the gpg key' do
        gpg_key = described_class.new(key: GpgHelpers::User1.public_key)
        gpg_key.valid?
        expect(gpg_key.fingerprint).to eq GpgHelpers::User1.fingerprint
      end
    end

    describe 'extract_primary_keyid' do
      it 'extracts the primary keyid from the gpg key' do
        gpg_key = described_class.new(key: GpgHelpers::User1.public_key)
        gpg_key.valid?
        expect(gpg_key.primary_keyid).to eq GpgHelpers::User1.primary_keyid
      end
    end

    describe 'generate_subkeys' do
      it 'extracts the subkeys from the gpg key' do
        gpg_key = create(:gpg_key, key: GpgHelpers::User1.public_key_with_extra_signing_key)

        expect(gpg_key.subkeys.count).to eq(2)
      end
    end
  end

  describe '#key=' do
    it 'strips white spaces' do
      key = <<~KEY.strip
        -----BEGIN PGP PUBLIC KEY BLOCK-----
        Version: GnuPG v1

        mQENBFMOSOgBCADFCYxmnXFbrDhfvlf03Q/bQuT+nZu46BFGbo7XkUjDowFXJQhP
        -----END PGP PUBLIC KEY BLOCK-----
      KEY

      expect(described_class.new(key: " #{key} ").key).to eq(key)
    end

    it 'does not strip when the key is nil' do
      expect(described_class.new(key: nil).key).to be_nil
    end
  end

  describe '#user_infos' do
    it 'returns the user infos from the gpg key' do
      gpg_key = create :gpg_key, key: GpgHelpers::User1.public_key
      expect(Gitlab::Gpg).to receive(:user_infos_from_key).with(gpg_key.key)

      gpg_key.user_infos
    end
  end

  describe '#verified_user_infos' do
    it 'returns the user infos if it is verified' do
      user = create :user, email: GpgHelpers::User1.emails.first
      gpg_key = create :gpg_key, key: GpgHelpers::User1.public_key, user: user

      expect(gpg_key.verified_user_infos).to eq([{
        name: GpgHelpers::User1.names.first,
        email: GpgHelpers::User1.emails.first
      }])
    end

    it 'returns an empty array if the user info is not verified' do
      user = create :user, email: 'unrelated@example.com'
      gpg_key = create :gpg_key, key: GpgHelpers::User1.public_key, user: user

      expect(gpg_key.verified_user_infos).to eq([])
    end
  end

  describe '#emails_with_verified_status' do
    it 'email is verified if the user has the matching email' do
      user = create :user, email: 'bette.cartwright@example.com'
      gpg_key = create :gpg_key, key: GpgHelpers::User2.public_key, user: user
      create :email, user: user
      user.reload

      expect(gpg_key.emails_with_verified_status).to eq(
        'bette.cartwright@example.com' => true,
        'bette.cartwright@example.net' => false
      )

      create :email, :confirmed, user: user, email: 'bette.cartwright@example.net'
      user.reload
      expect(gpg_key.emails_with_verified_status).to eq(
        'bette.cartwright@example.com' => true,
        'bette.cartwright@example.net' => true
      )
    end
  end

  describe '#verified?' do
    it 'returns true if one of the email addresses in the key belongs to the user' do
      user = create :user, email: 'bette.cartwright@example.com'
      gpg_key = create :gpg_key, key: GpgHelpers::User2.public_key, user: user

      expect(gpg_key.verified?).to be_truthy
    end

    it 'returns false if none of the email addresses in the key does not belong to the user' do
      user = create :user, email: 'someone.else@example.com'
      gpg_key = create :gpg_key, key: GpgHelpers::User2.public_key, user: user

      expect(gpg_key.verified?).to be_falsey
    end
  end

  describe 'verified_and_belongs_to_email?' do
    it 'returns false if none of the email addresses in the key does not belong to the user' do
      user = create :user, email: 'someone.else@example.com'
      gpg_key = create :gpg_key, key: GpgHelpers::User2.public_key, user: user

      expect(gpg_key.verified?).to be_falsey
      expect(gpg_key.verified_and_belongs_to_email?('someone.else@example.com')).to be_falsey
    end

    it 'returns false if one of the email addresses in the key belongs to the user and does not match the provided email' do
      user = create :user, email: 'bette.cartwright@example.com'
      gpg_key = create :gpg_key, key: GpgHelpers::User2.public_key, user: user

      expect(gpg_key.verified?).to be_truthy
      expect(gpg_key.verified_and_belongs_to_email?('bette.cartwright@example.net')).to be_falsey
    end

    it 'returns true if one of the email addresses in the key belongs to the user and matches the provided email' do
      user = create :user, email: 'bette.cartwright@example.com'
      gpg_key = create :gpg_key, key: GpgHelpers::User2.public_key, user: user

      expect(gpg_key.verified?).to be_truthy
      expect(gpg_key.verified_and_belongs_to_email?('bette.cartwright@example.com')).to be_truthy
    end

    it 'returns true if one of the email addresses in the key belongs to the user and case-insensitively matches the provided email' do
      user = create :user, email: 'bette.cartwright@example.com'
      gpg_key = create :gpg_key, key: GpgHelpers::User2.public_key, user: user

      expect(gpg_key.verified?).to be_truthy
      expect(gpg_key.verified_and_belongs_to_email?('Bette.Cartwright@example.com')).to be_truthy
    end
  end

  describe '#revoke' do
    it 'invalidates all associated gpg signatures and destroys the key' do
      gpg_key = create :gpg_key
      gpg_signature = create :gpg_signature, verification_status: :verified, gpg_key: gpg_key

      unrelated_gpg_key = create :gpg_key, key: GpgHelpers::User2.public_key
      unrelated_gpg_signature = create :gpg_signature, verification_status: :verified, gpg_key: unrelated_gpg_key

      gpg_key.revoke

      expect(gpg_signature.reload).to have_attributes(
        verification_status: 'unknown_key',
        gpg_key: nil
      )

      expect(gpg_key.destroyed?).to be true

      # unrelated signature is left untouched
      expect(unrelated_gpg_signature.reload).to have_attributes(
        verification_status: 'verified',
        gpg_key: unrelated_gpg_key
      )

      expect(unrelated_gpg_key.destroyed?).to be false
    end

    it 'deletes all the associated subkeys' do
      gpg_key = create :gpg_key, key: GpgHelpers::User3.public_key

      expect(gpg_key.subkeys).to be_present

      gpg_key.revoke

      expect(gpg_key.subkeys(true)).to be_blank
    end

    it 'invalidates all signatures associated to the subkeys' do
      gpg_key = create :gpg_key, key: GpgHelpers::User3.public_key
      gpg_key_subkey = gpg_key.subkeys.last
      gpg_signature = create :gpg_signature, verification_status: :verified, gpg_key: gpg_key_subkey

      gpg_key.revoke

      expect(gpg_signature.reload).to have_attributes(
        verification_status: 'unknown_key',
        gpg_key: nil,
        gpg_key_subkey: nil
      )
    end
  end
end
add gpg key model 2017-02-22 06:49:17 -05:00			`require 'rails_helper'`

			`describe GpgKey do`
			`describe "associations" do`
			`it { is_expected.to belong_to(:user) }`
Add some basic specs and refactor model and validations 2017-09-28 14:26:16 -04:00			`it { is_expected.to have_many(:subkeys) }`
add gpg key model 2017-02-22 06:49:17 -05:00			`end`

			`describe "validation" do`
validate presence of user on gpg_key 2017-07-05 08:03:36 -04:00			`it { is_expected.to validate_presence_of(:user) }`
improve gpg key validation when omitting the end part of the key ('-----END PGP PUBLIC KEY BLOCK-----') the error message was not about the key anymore, but about the missing fingerprint and primary_keyid, which was confusing for the user. the new validation checks that the end also matches the expected format. 2017-07-26 09:47:00 -04:00
add gpg key model 2017-02-22 06:49:17 -05:00			`it { is_expected.to validate_presence_of(:key) }`
			`it { is_expected.to validate_uniqueness_of(:key) }`
improve gpg key validation when omitting the end part of the key ('-----END PGP PUBLIC KEY BLOCK-----') the error message was not about the key anymore, but about the missing fingerprint and primary_keyid, which was confusing for the user. the new validation checks that the end also matches the expected format. 2017-07-26 09:47:00 -04:00
			`it { is_expected.to allow_value("-----BEGIN PGP PUBLIC KEY BLOCK-----\nkey\n-----END PGP PUBLIC KEY BLOCK-----").for(:key) }`

			`it { is_expected.not_to allow_value("-----BEGIN PGP PUBLIC KEY BLOCK-----\nkey").for(:key) }`
add gpg key model 2017-02-22 06:49:17 -05:00			`it { is_expected.not_to allow_value("-----BEGIN PGP PUBLIC KEY BLOCK-----\nkey\n-----BEGIN PGP PUBLIC KEY BLOCK-----").for(:key) }`
improve gpg key validation when omitting the end part of the key ('-----END PGP PUBLIC KEY BLOCK-----') the error message was not about the key anymore, but about the missing fingerprint and primary_keyid, which was confusing for the user. the new validation checks that the end also matches the expected format. 2017-07-26 09:47:00 -04:00			`it { is_expected.not_to allow_value("-----BEGIN PGP PUBLIC KEY BLOCK----------END PGP PUBLIC KEY BLOCK-----").for(:key) }`
			`it { is_expected.not_to allow_value("-----BEGIN PGP PUBLIC KEY BLOCK-----").for(:key) }`
			`it { is_expected.not_to allow_value("-----END PGP PUBLIC KEY BLOCK-----").for(:key) }`
			`it { is_expected.not_to allow_value("key\n-----END PGP PUBLIC KEY BLOCK-----").for(:key) }`
add gpg key model 2017-02-22 06:49:17 -05:00			`it { is_expected.not_to allow_value('BEGIN PGP').for(:key) }`
			`end`

remove the :gpg rspec tag since everything (except the CurrentKeyChain method) operates on a tempoary keychain anyway we don't need this anymore. 2017-06-28 07:08:29 -04:00			`context 'callbacks' do`
add gpg key model 2017-02-22 06:49:17 -05:00			`describe 'extract_fingerprint' do`
add / remove gpg keys to / from system keychain 2017-02-22 12:36:25 -05:00			`it 'extracts the fingerprint from the gpg key' do`
add second gpg key for specs 2017-02-23 06:02:36 -05:00			`gpg_key = described_class.new(key: GpgHelpers::User1.public_key)`
add gpg key model 2017-02-22 06:49:17 -05:00			`gpg_key.valid?`
use example gpg key instead of my own 2017-02-23 08:07:51 -05:00			`expect(gpg_key.fingerprint).to eq GpgHelpers::User1.fingerprint`
add gpg key model 2017-02-22 06:49:17 -05:00			`end`
			`end`
add primary keyid attribute to gpg keys 2017-06-13 07:46:43 -04:00
			`describe 'extract_primary_keyid' do`
			`it 'extracts the primary keyid from the gpg key' do`
			`gpg_key = described_class.new(key: GpgHelpers::User1.public_key)`
			`gpg_key.valid?`
			`expect(gpg_key.primary_keyid).to eq GpgHelpers::User1.primary_keyid`
			`end`
			`end`
Add some basic specs and refactor model and validations 2017-09-28 14:26:16 -04:00
			`describe 'generate_subkeys' do`
			`it 'extracts the subkeys from the gpg key' do`
			`gpg_key = create(:gpg_key, key: GpgHelpers::User1.public_key_with_extra_signing_key)`

			`expect(gpg_key.subkeys.count).to eq(2)`
			`end`
			`end`
add gpg key model 2017-02-22 06:49:17 -05:00			`end`

			`describe '#key=' do`
			`it 'strips white spaces' do`
			`key = <<~KEY.strip`
			`-----BEGIN PGP PUBLIC KEY BLOCK-----`
			`Version: GnuPG v1`

			`mQENBFMOSOgBCADFCYxmnXFbrDhfvlf03Q/bQuT+nZu46BFGbo7XkUjDowFXJQhP`
			`-----END PGP PUBLIC KEY BLOCK-----`
			`KEY`

			`expect(described_class.new(key: " #{key} ").key).to eq(key)`
			`end`
simplify nil handling 2017-07-25 14:35:44 -04:00
			`it 'does not strip when the key is nil' do`
			`expect(described_class.new(key: nil).key).to be_nil`
			`end`
add gpg key model 2017-02-22 06:49:17 -05:00			`end`
add emails method to GgpKey 2017-02-22 09:37:49 -05:00
store gpg user name and email on the signature 2017-07-13 09:22:15 -04:00			`describe '#user_infos' do`
			`it 'returns the user infos from the gpg key' do`
use example gpg key instead of my own 2017-02-23 08:07:51 -05:00			`gpg_key = create :gpg_key, key: GpgHelpers::User1.public_key`
store gpg user name and email on the signature 2017-07-13 09:22:15 -04:00			`expect(Gitlab::Gpg).to receive(:user_infos_from_key).with(gpg_key.key)`
add emails method to GgpKey 2017-02-22 09:37:49 -05:00
store gpg user name and email on the signature 2017-07-13 09:22:15 -04:00			`gpg_key.user_infos`
			`end`
			`end`

			`describe '#verified_user_infos' do`
			`it 'returns the user infos if it is verified' do`
			`user = create :user, email: GpgHelpers::User1.emails.first`
			`gpg_key = create :gpg_key, key: GpgHelpers::User1.public_key, user: user`

			`expect(gpg_key.verified_user_infos).to eq([{`
			`name: GpgHelpers::User1.names.first,`
			`email: GpgHelpers::User1.emails.first`
			`}])`
			`end`

			`it 'returns an empty array if the user info is not verified' do`
			`user = create :user, email: 'unrelated@example.com'`
			`gpg_key = create :gpg_key, key: GpgHelpers::User1.public_key, user: user`

			`expect(gpg_key.verified_user_infos).to eq([])`
add emails method to GgpKey 2017-02-22 09:37:49 -05:00			`end`
			`end`
gpg email verification 2017-02-24 15:28:26 -05:00
remove the :gpg rspec tag since everything (except the CurrentKeyChain method) operates on a tempoary keychain anyway we don't need this anymore. 2017-06-28 07:08:29 -04:00			`describe '#emails_with_verified_status' do`
don't sync to keychain file 2017-06-12 10:16:33 -04:00			`it 'email is verified if the user has the matching email' do`
fixes for rubocop 2017-09-14 10:18:32 -04:00			`user = create :user, email: 'bette.cartwright@example.com'`
don't sync to keychain file 2017-06-12 10:16:33 -04:00			`gpg_key = create :gpg_key, key: GpgHelpers::User2.public_key, user: user`
fixes for rubocop 2017-09-14 10:18:32 -04:00			`create :email, user: user`
Make GPG signature verification work with non-primary email (#36959) 2017-09-11 13:12:57 -04:00			`user.reload`

			`expect(gpg_key.emails_with_verified_status).to eq(`
			`'bette.cartwright@example.com' => true,`
fixes for rubocop 2017-09-14 10:18:32 -04:00			`'bette.cartwright@example.net' => false`
Make GPG signature verification work with non-primary email (#36959) 2017-09-11 13:12:57 -04:00			`)`
don't sync to keychain file 2017-06-12 10:16:33 -04:00
fixes for rubocop 2017-09-14 10:18:32 -04:00			`create :email, :confirmed, user: user, email: 'bette.cartwright@example.net'`
Make GPG signature verification work with non-primary email (#36959) 2017-09-11 13:12:57 -04:00			`user.reload`
use hash instead of 2d array 2017-07-05 07:16:50 -04:00			`expect(gpg_key.emails_with_verified_status).to eq(`
			`'bette.cartwright@example.com' => true,`
Make GPG signature verification work with non-primary email (#36959) 2017-09-11 13:12:57 -04:00			`'bette.cartwright@example.net' => true`
use hash instead of 2d array 2017-07-05 07:16:50 -04:00			`)`
remove gpg from keychain when user's email changes 2017-02-28 09:25:12 -05:00			`end`
			`end`

gpg signature is only valid when key is verified 2017-06-15 03:57:50 -04:00			`describe '#verified?' do`
match the committer's email against the gpg key the updated verification of a gpg signature requires the committer's email to also match the user's and the key's emails. 2017-08-24 08:21:30 -04:00			`it 'returns true if one of the email addresses in the key belongs to the user' do`
gpg signature is only valid when key is verified 2017-06-15 03:57:50 -04:00			`user = create :user, email: 'bette.cartwright@example.com'`
			`gpg_key = create :gpg_key, key: GpgHelpers::User2.public_key, user: user`

			`expect(gpg_key.verified?).to be_truthy`
			`end`

match the committer's email against the gpg key the updated verification of a gpg signature requires the committer's email to also match the user's and the key's emails. 2017-08-24 08:21:30 -04:00			`it 'returns false if none of the email addresses in the key does not belong to the user' do`
gpg signature is only valid when key is verified 2017-06-15 03:57:50 -04:00			`user = create :user, email: 'someone.else@example.com'`
			`gpg_key = create :gpg_key, key: GpgHelpers::User2.public_key, user: user`

			`expect(gpg_key.verified?).to be_falsey`
			`end`
			`end`

match the committer's email against the gpg key the updated verification of a gpg signature requires the committer's email to also match the user's and the key's emails. 2017-08-24 08:21:30 -04:00			`describe 'verified_and_belongs_to_email?' do`
			`it 'returns false if none of the email addresses in the key does not belong to the user' do`
			`user = create :user, email: 'someone.else@example.com'`
			`gpg_key = create :gpg_key, key: GpgHelpers::User2.public_key, user: user`

			`expect(gpg_key.verified?).to be_falsey`
			`expect(gpg_key.verified_and_belongs_to_email?('someone.else@example.com')).to be_falsey`
			`end`

			`it 'returns false if one of the email addresses in the key belongs to the user and does not match the provided email' do`
			`user = create :user, email: 'bette.cartwright@example.com'`
			`gpg_key = create :gpg_key, key: GpgHelpers::User2.public_key, user: user`

			`expect(gpg_key.verified?).to be_truthy`
			`expect(gpg_key.verified_and_belongs_to_email?('bette.cartwright@example.net')).to be_falsey`
			`end`

			`it 'returns true if one of the email addresses in the key belongs to the user and matches the provided email' do`
			`user = create :user, email: 'bette.cartwright@example.com'`
			`gpg_key = create :gpg_key, key: GpgHelpers::User2.public_key, user: user`

			`expect(gpg_key.verified?).to be_truthy`
			`expect(gpg_key.verified_and_belongs_to_email?('bette.cartwright@example.com')).to be_truthy`
			`end`
Make GPG validation case insensitive. In line with other changes in GitLab, make email address validation properly case insensitive. The email address in the commit may be in any case, so it needs downcasing to match the address stored in GitLab for the user. Without this change the comparison fails and commits are not marked as verified. See #37009. 2017-09-19 13:57:01 -04:00
			`it 'returns true if one of the email addresses in the key belongs to the user and case-insensitively matches the provided email' do`
			`user = create :user, email: 'bette.cartwright@example.com'`
			`gpg_key = create :gpg_key, key: GpgHelpers::User2.public_key, user: user`

			`expect(gpg_key.verified?).to be_truthy`
			`expect(gpg_key.verified_and_belongs_to_email?('Bette.Cartwright@example.com')).to be_truthy`
			`end`
match the committer's email against the gpg key the updated verification of a gpg signature requires the committer's email to also match the user's and the key's emails. 2017-08-24 08:21:30 -04:00			`end`

user may now revoke a gpg key other than just removing a key, which doesn't affect the verified state of a commit, revoking a key unverifies all signed commits. 2017-07-12 01:59:28 -04:00			`describe '#revoke' do`
			`it 'invalidates all associated gpg signatures and destroys the key' do`
			`gpg_key = create :gpg_key`
use new #verification_status 2017-08-30 07:27:40 -04:00			`gpg_signature = create :gpg_signature, verification_status: :verified, gpg_key: gpg_key`
user may now revoke a gpg key other than just removing a key, which doesn't affect the verified state of a commit, revoking a key unverifies all signed commits. 2017-07-12 01:59:28 -04:00
			`unrelated_gpg_key = create :gpg_key, key: GpgHelpers::User2.public_key`
use new #verification_status 2017-08-30 07:27:40 -04:00			`unrelated_gpg_signature = create :gpg_signature, verification_status: :verified, gpg_key: unrelated_gpg_key`
user may now revoke a gpg key other than just removing a key, which doesn't affect the verified state of a commit, revoking a key unverifies all signed commits. 2017-07-12 01:59:28 -04:00
			`gpg_key.revoke`

			`expect(gpg_signature.reload).to have_attributes(`
use new #verification_status 2017-08-30 07:27:40 -04:00			`verification_status: 'unknown_key',`
user may now revoke a gpg key other than just removing a key, which doesn't affect the verified state of a commit, revoking a key unverifies all signed commits. 2017-07-12 01:59:28 -04:00			`gpg_key: nil`
			`)`

			`expect(gpg_key.destroyed?).to be true`

			`# unrelated signature is left untouched`
			`expect(unrelated_gpg_signature.reload).to have_attributes(`
use new #verification_status 2017-08-30 07:27:40 -04:00			`verification_status: 'verified',`
user may now revoke a gpg key other than just removing a key, which doesn't affect the verified state of a commit, revoking a key unverifies all signed commits. 2017-07-12 01:59:28 -04:00			`gpg_key: unrelated_gpg_key`
			`)`

			`expect(unrelated_gpg_key.destroyed?).to be false`
			`end`
Invalidate GpgSignatures associated to GpgKeySubkeys when revoking the GpgKey 2017-10-04 19:44:49 -04:00
			`it 'deletes all the associated subkeys' do`
			`gpg_key = create :gpg_key, key: GpgHelpers::User3.public_key`

			`expect(gpg_key.subkeys).to be_present`

			`gpg_key.revoke`

			`expect(gpg_key.subkeys(true)).to be_blank`
			`end`

			`it 'invalidates all signatures associated to the subkeys' do`
			`gpg_key = create :gpg_key, key: GpgHelpers::User3.public_key`
			`gpg_key_subkey = gpg_key.subkeys.last`
			`gpg_signature = create :gpg_signature, verification_status: :verified, gpg_key: gpg_key_subkey`

			`gpg_key.revoke`

			`expect(gpg_signature.reload).to have_attributes(`
			`verification_status: 'unknown_key',`
			`gpg_key: nil,`
			`gpg_key_subkey: nil`
			`)`
			`end`
user may now revoke a gpg key other than just removing a key, which doesn't affect the verified state of a commit, revoking a key unverifies all signed commits. 2017-07-12 01:59:28 -04:00			`end`
add gpg key model 2017-02-22 06:49:17 -05:00			`end`