bail if the commit has no signature

2017-06-15 09:16:50 +02:00 · 2017-06-15 09:16:50 +02:00 · 8c4b6a32fc
parent 69e511c4c2
commit 8c4b6a32fc
3 changed files with 11 additions and 7 deletions
--- a/app/models/commit.rb
+++ b/app/models/commit.rb
@ -242,11 +242,7 @@ class Commit
    cached_signature = GpgSignature.find_by(commit_sha: sha)
    return cached_signature if cached_signature.present?

-    gpg_commit = Gitlab::Gpg::Commit.new(self)
-
-    return unless gpg_commit.has_signature?
-
-    @signature = gpg_commit.signature
+    @signature = Gitlab::Gpg::Commit.new(self).signature
  end

  def revert_branch_name
--- a/lib/gitlab/gpg/commit.rb
+++ b/lib/gitlab/gpg/commit.rb
@ -10,10 +10,12 @@ module Gitlab
      end

      def has_signature?
-        @signature_text && @signed_text
+        !!(@signature_text && @signed_text)
      end

      def signature
+        return unless has_signature?
+
        Gitlab::Gpg.using_tmp_keychain do
          # first we need to get the keyid from the signature to query the gpg
          # key belonging to the keyid.
@ -43,7 +45,7 @@ module Gitlab
          project: commit.project,
          gpg_key: gpg_key,
          gpg_key_primary_keyid: gpg_key&.primary_keyid,
-          valid_signature: !!(gpg_key && verified_signature&.valid?)
+          valid_signature: !!(gpg_key && verified_signature.valid?)
        )
      end
    end
--- a/spec/lib/gitlab/gpg/commit_spec.rb
+++ b/spec/lib/gitlab/gpg/commit_spec.rb
@ -4,6 +4,12 @@ RSpec.describe Gitlab::Gpg::Commit do
  describe '#signature' do
    let!(:project) { create :project, :repository, path: 'sample-project' }

+    context 'unisgned commit' do
+      it 'returns nil' do
+        expect(described_class.new(project.commit).signature).to be_nil
+      end
+    end
+
    context 'known public key' do
      it 'returns a valid signature' do
        gpg_key = create :gpg_key, key: GpgHelpers::User1.public_key