Commit graph

31 commits

Author SHA1 Message Date
Rubén Dávila
dd139e65b5 Invalidate GpgSignatures associated to GpgKeySubkeys when revoking the GpgKey 2017-10-05 08:26:02 -05:00
Rubén Dávila
b27549df97 Add some basic specs and refactor model and validations 2017-10-05 08:25:27 -05:00
Douwe Maan
0c0c2ecd99 Merge branch 'master' into digitalmoksha/gitlab-ce-feature/verify_secondary_emails
# Conflicts:
#	app/controllers/admin/users_controller.rb
#	app/controllers/confirmations_controller.rb
#	app/controllers/profiles/emails_controller.rb
#	app/models/user.rb
#	app/services/emails/base_service.rb
#	app/services/emails/destroy_service.rb
#	app/views/devise/mailer/confirmation_instructions.html.haml
#	lib/api/users.rb
#	spec/services/emails/destroy_service_spec.rb
2017-10-05 12:48:22 +02:00
Tim Bishop
a212391f0f Make GPG validation case insensitive.
In line with other changes in GitLab, make email address validation
properly case insensitive. The email address in the commit may be in
any case, so it needs downcasing to match the address stored in GitLab
for the user. Without this change the comparison fails and commits are
not marked as verified.

See #37009.
2017-09-29 20:30:58 +01:00
Brett Walker
a32f1dddf2 fixes for rubocop 2017-09-23 15:26:04 +02:00
Brett Walker
a9b3178697 Make GPG signature verification work with non-primary email (#36959) 2017-09-23 15:24:53 +02:00
haseeb
cc2daa74d8 created services for keys 2017-09-15 15:35:24 +00:00
Alexis Reigel
978252a3fa use new #verification_status 2017-09-05 12:18:33 +02:00
Alexis Reigel
64855c8e30 match the committer's email against the gpg key
the updated verification of a gpg signature requires the committer's
email to also match the user's and the key's emails.
2017-09-05 12:18:31 +02:00
Lin Jen-Shin
bb5f79d43e Don't include EmailHelpers manually, pick with rspec
`:mailer` is needed to pick it easily, while
`type: :mailer` is needed for picking it automatically for
tests located in spec/mailers/*_spec.rb

It's a bit complicated in spec/services/notification_service_spec.rb
but we'll leave it alone for now.
2017-08-03 21:55:48 +08:00
Alexis Reigel
f1ccecc997 improve gpg key validation
when omitting the end part of the key ('-----END PGP PUBLIC KEY
BLOCK-----') the error message was not about the key anymore, but about
the missing fingerprint and primary_keyid, which was confusing for the
user.
the new validation checks that the end also matches the expected format.
2017-07-27 15:46:04 +02:00
Alexis Reigel
843b1de0de simplify nil handling 2017-07-27 15:46:03 +02:00
Alexis Reigel
cd01e82873 store gpg user name and email on the signature 2017-07-27 15:44:39 +02:00
Alexis Reigel
027309eb2a user may now revoke a gpg key
other than just removing a key, which doesn't affect the verified state
of a commit, revoking a key unverifies all signed commits.
2017-07-27 15:43:37 +02:00
Alexis Reigel
e79e2ae1f4 validate presence of user on gpg_key 2017-07-27 15:43:37 +02:00
Alexis Reigel
d9fd3709ab use hash instead of 2d array 2017-07-27 15:43:37 +02:00
Alexis Reigel
e9515dff84 remove the :gpg rspec tag
since everything (except the CurrentKeyChain method) operates on a
tempoary keychain anyway we don't need this anymore.
2017-07-27 15:43:37 +02:00
Alexis Reigel
7b616d39ef gpg signature is only valid when key is verified 2017-07-27 15:42:53 +02:00
Alexis Reigel
3c42d73098 add primary keyid attribute to gpg keys 2017-07-27 15:42:53 +02:00
Alexis Reigel
7e13d96715 don't sync to keychain file 2017-07-27 15:42:53 +02:00
Alexis Reigel
8bd94a7304 remove gpg from keychain when user's email changes 2017-07-27 15:42:04 +02:00
Alexis Reigel
c1281982bd notification email on add new gpg key 2017-07-27 15:40:41 +02:00
Alexis Reigel
f0fe1b9d43 gpg email verification 2017-07-27 15:40:41 +02:00
Alexis Reigel
0668521b2b move current keychain methods to namespace 2017-07-27 15:40:41 +02:00
Alexis Reigel
41c96c45f2 test with a gpg key with multiple emails 2017-07-27 15:40:41 +02:00
Alexis Reigel
5ce61120b1 use example gpg key instead of my own 2017-07-27 15:40:41 +02:00
Alexis Reigel
eb77e1068c add second gpg key for specs 2017-07-27 15:40:41 +02:00
Alexis Reigel
87c0fd3455 add / remove gpg keys to / from system keychain 2017-07-27 15:40:41 +02:00
Alexis Reigel
ab4120de31 only validate gpg_key#fingerprint "internally" 2017-07-27 15:40:40 +02:00
Alexis Reigel
7b7cd6f69d add emails method to GgpKey 2017-07-27 15:40:40 +02:00
Alexis Reigel
fbf1fd1a20 add gpg key model 2017-07-27 15:40:40 +02:00