also update gpg_signatures when gpg_key is null

2017-07-06 11:15:31 +02:00 · 2017-07-06 11:15:31 +02:00 · b66e3726dc
parent 7f03282f0f
commit b66e3726dc
2 changed files with 56 additions and 16 deletions
--- a/lib/gitlab/gpg/invalid_gpg_signature_updater.rb
+++ b/lib/gitlab/gpg/invalid_gpg_signature_updater.rb
@ -7,7 +7,7 @@ module Gitlab

      def run
        GpgSignature
-          .where(valid_signature: false)
+          .where('gpg_key_id IS NULL OR valid_signature = ?', false)
          .where(gpg_key_primary_keyid: @gpg_key.primary_keyid)
          .find_each do |gpg_signature|
            Gitlab::Gpg::Commit.new(gpg_signature.commit).update_signature!(gpg_signature)
--- a/spec/lib/gitlab/gpg/invalid_gpg_signature_updater_spec.rb
+++ b/spec/lib/gitlab/gpg/invalid_gpg_signature_updater_spec.rb
@ -19,29 +19,60 @@ RSpec.describe Gitlab::Gpg::InvalidGpgSignatureUpdater do
      create :commit, git_commit: raw_commit, project: project
    end

-    let!(:gpg_signature) do
-      create :gpg_signature,
-        project: project,
-        commit_sha: commit_sha,
-        gpg_key: nil,
-        gpg_key_primary_keyid: GpgHelpers::User1.primary_keyid,
-        valid_signature: false
-    end
-
    before do
      allow_any_instance_of(GpgSignature).to receive(:commit).and_return(commit)
    end

+    context 'gpg signature did have an associated gpg key which was removed later' do
+      let!(:user) { create :user, email: GpgHelpers::User1.emails.first }
+
+      let!(:valid_gpg_signature) do
+        create :gpg_signature,
+          project: project,
+          commit_sha: commit_sha,
+          gpg_key: nil,
+          gpg_key_primary_keyid: GpgHelpers::User1.primary_keyid,
+          valid_signature: true
+      end
+
+      it 'assigns the gpg key to the signature when the missing gpg key is added' do
+        # InvalidGpgSignatureUpdater is called by the after_create hook
+        gpg_key = create :gpg_key,
+          key: GpgHelpers::User1.public_key,
+          user: user
+
+        expect(valid_gpg_signature.reload.gpg_key).to eq gpg_key
+      end
+
+      it 'does not assign the gpg key when an unrelated gpg key is added' do
+        # InvalidGpgSignatureUpdater is called by the after_create hook
+        create :gpg_key,
+          key: GpgHelpers::User2.public_key,
+          user: user
+
+        expect(valid_gpg_signature.reload.gpg_key).to be_nil
+      end
+    end
+
    context 'gpg signature did not have an associated gpg key' do
      let!(:user) { create :user, email: GpgHelpers::User1.emails.first }

+      let!(:invalid_gpg_signature) do
+        create :gpg_signature,
+          project: project,
+          commit_sha: commit_sha,
+          gpg_key: nil,
+          gpg_key_primary_keyid: GpgHelpers::User1.primary_keyid,
+          valid_signature: false
+      end
+
      it 'updates the signature to being valid when the missing gpg key is added' do
        # InvalidGpgSignatureUpdater is called by the after_create hook
        create :gpg_key,
          key: GpgHelpers::User1.public_key,
          user: user

-        expect(gpg_signature.reload.valid_signature).to be_truthy
+        expect(invalid_gpg_signature.reload.valid_signature).to be_truthy
      end

      it 'keeps the signature at being invalid when an unrelated gpg key is added' do
@ -50,7 +81,7 @@ RSpec.describe Gitlab::Gpg::InvalidGpgSignatureUpdater do
          key: GpgHelpers::User2.public_key,
          user: user

-        expect(gpg_signature.reload.valid_signature).to be_falsey
+        expect(invalid_gpg_signature.reload.valid_signature).to be_falsey
      end
    end

@ -61,17 +92,26 @@ RSpec.describe Gitlab::Gpg::InvalidGpgSignatureUpdater do
        end
      end

+      let!(:invalid_gpg_signature) do
+        create :gpg_signature,
+          project: project,
+          commit_sha: commit_sha,
+          gpg_key: nil,
+          gpg_key_primary_keyid: GpgHelpers::User1.primary_keyid,
+          valid_signature: false
+      end
+
      it 'updates the signature to being valid when the user updates the email address' do
        create :gpg_key,
          key: GpgHelpers::User1.public_key,
          user: user

-        expect(gpg_signature.reload.valid_signature).to be_falsey
+        expect(invalid_gpg_signature.reload.valid_signature).to be_falsey

        # InvalidGpgSignatureUpdater is called by the after_update hook
        user.update_attributes!(email: GpgHelpers::User1.emails.first)

-        expect(gpg_signature.reload.valid_signature).to be_truthy
+        expect(invalid_gpg_signature.reload.valid_signature).to be_truthy
      end

      it 'keeps the signature at being invalid when the changed email address is still unrelated' do
@ -79,12 +119,12 @@ RSpec.describe Gitlab::Gpg::InvalidGpgSignatureUpdater do
          key: GpgHelpers::User1.public_key,
          user: user

-        expect(gpg_signature.reload.valid_signature).to be_falsey
+        expect(invalid_gpg_signature.reload.valid_signature).to be_falsey

        # InvalidGpgSignatureUpdater is called by the after_update hook
        user.update_attributes!(email: 'still.unrelated@example.com')

-        expect(gpg_signature.reload.valid_signature).to be_falsey
+        expect(invalid_gpg_signature.reload.valid_signature).to be_falsey
      end
    end
  end