From 718ea942dc1b2ef749bf852a19a86f0928e4b36d Mon Sep 17 00:00:00 2001
From: Grzegorz Bizon <grzesiek.bizon@gmail.com>
Date: Fri, 23 Nov 2018 10:43:47 +0100
Subject: [PATCH] Improve test cases description in token-related specs

---
 .../token_authenticatable_strategies/encrypted.rb    |  8 +++-----
 .../models/encrypt_columns/runner.rb                 |  2 +-
 spec/models/ci/build_spec.rb                         |  4 ++--
 .../encrypted_spec.rb                                | 12 ++++++------
 4 files changed, 12 insertions(+), 14 deletions(-)

diff --git a/app/models/concerns/token_authenticatable_strategies/encrypted.rb b/app/models/concerns/token_authenticatable_strategies/encrypted.rb
index 3d23eed164e..8e052a3ef68 100644
--- a/app/models/concerns/token_authenticatable_strategies/encrypted.rb
+++ b/app/models/concerns/token_authenticatable_strategies/encrypted.rb
@@ -15,8 +15,6 @@ module TokenAuthenticatableStrategies
       end
 
       token_authenticatable
-    rescue ActiveRecord::StatementInvalid
-      nil
     end
 
     def ensure_token(instance)
@@ -38,8 +36,8 @@ module TokenAuthenticatableStrategies
     end
 
     def get_token(instance)
-      raw_token = instance.read_attribute(encrypted_field)
-      token = Gitlab::CryptoHelper.aes256_gcm_decrypt(raw_token)
+      encrypted_token = instance.read_attribute(encrypted_field)
+      token = Gitlab::CryptoHelper.aes256_gcm_decrypt(encrypted_token)
 
       token || (fallback_strategy.get_token(instance) if fallback?)
     end
@@ -61,7 +59,7 @@ module TokenAuthenticatableStrategies
 
     def token_set?(instance)
       raw_token = instance.read_attribute(encrypted_field)
-      raw_token ||= (instance.read_attribute(token_field) if fallback?)
+      raw_token ||= (fallback_strategy.get_token(instance) if fallback?)
 
       raw_token.present?
     end
diff --git a/lib/gitlab/background_migration/models/encrypt_columns/runner.rb b/lib/gitlab/background_migration/models/encrypt_columns/runner.rb
index 425f9f6c346..14ddce4b147 100644
--- a/lib/gitlab/background_migration/models/encrypt_columns/runner.rb
+++ b/lib/gitlab/background_migration/models/encrypt_columns/runner.rb
@@ -13,7 +13,7 @@ module Gitlab
           self.table_name = 'ci_runners'
           self.inheritance_column = :_type_disabled
 
-          def runners_token=(value)
+          def token=(value)
             self.token_encrypted =
               ::Gitlab::CryptoHelper.aes256_gcm_encrypt(value)
           end
diff --git a/spec/models/ci/build_spec.rb b/spec/models/ci/build_spec.rb
index 49b3d6ad959..4cdcae5f670 100644
--- a/spec/models/ci/build_spec.rb
+++ b/spec/models/ci/build_spec.rb
@@ -771,13 +771,13 @@ describe Ci::Build do
     context 'hide runners token' do
       let(:data) { "new #{project.runners_token} data"}
 
-      it { is_expected.to match(/^new [x]+ data$/) }
+      it { is_expected.to match(/^new x+ data$/) }
     end
 
     context 'hide build token' do
       let(:data) { "new #{build.token} data"}
 
-      it { is_expected.to match(/^new [x]+ data$/) }
+      it { is_expected.to match(/^new x+ data$/) }
     end
   end
 
diff --git a/spec/models/concerns/token_authenticatable_strategies/encrypted_spec.rb b/spec/models/concerns/token_authenticatable_strategies/encrypted_spec.rb
index cbf7bf085ef..4c074470f63 100644
--- a/spec/models/concerns/token_authenticatable_strategies/encrypted_spec.rb
+++ b/spec/models/concerns/token_authenticatable_strategies/encrypted_spec.rb
@@ -14,7 +14,7 @@ describe TokenAuthenticatableStrategies::Encrypted do
   end
 
   describe '#find_token_authenticatable' do
-    it 'finds a relevant resource by encrypted value' do
+    it 'finds the encrypted resource by cleartext' do
       allow(model).to receive(:find_by)
         .with('some_field_encrypted' => encrypted)
         .and_return('encrypted resource')
@@ -23,8 +23,8 @@ describe TokenAuthenticatableStrategies::Encrypted do
         .to eq 'encrypted resource'
     end
 
-    it 'uses fallback strategy when token can not be found' do
-      allow_any_instance_of(TokenAuthenticatableStrategies::Insecure)
+    it 'uses fallback strategy when encrypted token cannot be found' do
+      allow(subject.send(:fallback_strategy))
         .to receive(:find_token_authenticatable)
         .and_return('plaintext resource')
 
@@ -38,7 +38,7 @@ describe TokenAuthenticatableStrategies::Encrypted do
   end
 
   describe '#get_token' do
-    it 'decrypts a token when encrypted token is present' do
+    it 'returns decrypted token when an encrypted token is present' do
       allow(instance).to receive(:read_attribute)
         .with('some_field_encrypted')
         .and_return(encrypted)
@@ -46,7 +46,7 @@ describe TokenAuthenticatableStrategies::Encrypted do
       expect(subject.get_token(instance)).to eq 'my-value'
     end
 
-    it 'reads a plaintext token when encrypted token is not present' do
+    it 'returns the plaintext token when encrypted token is not present' do
       allow(instance).to receive(:read_attribute)
         .with('some_field_encrypted')
         .and_return(nil)
@@ -60,7 +60,7 @@ describe TokenAuthenticatableStrategies::Encrypted do
   end
 
   describe '#set_token' do
-    it 'writes encrypted token to a model instance and returns it' do
+    it 'writes encrypted token and removes plaintext token and returns it' do
       expect(instance).to receive(:[]=)
         .with('some_field_encrypted', encrypted)
       expect(instance).to receive(:[]=)