Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Jérome Perrin
gitlab-ce
Commits
7e13d967
Commit
7e13d967
authored
Jun 12, 2017
by
Alexis Reigel
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
don't sync to keychain file
parent
d1101ec0
Changes
6
Hide whitespace changes
Inline
Side-by-side
Showing
6 changed files
with
9 additions
and
190 deletions
+9
-190
app/models/gpg_key.rb
app/models/gpg_key.rb
+1
-25
app/models/user.rb
app/models/user.rb
+0
-7
lib/gitlab/gpg.rb
lib/gitlab/gpg.rb
+0
-18
spec/lib/gitlab/gpg_spec.rb
spec/lib/gitlab/gpg_spec.rb
+0
-33
spec/models/gpg_key_spec.rb
spec/models/gpg_key_spec.rb
+8
-87
spec/models/user_spec.rb
spec/models/user_spec.rb
+0
-20
No files found.
app/models/gpg_key.rb
View file @
7e13d967
...
...
@@ -21,9 +21,7 @@ class GpgKey < ActiveRecord::Base
unless:
->
{
errors
.
has_key?
(
:key
)
}
before_validation
:extract_fingerprint
after_create
:synchronize_keychain
after_create
:notify_user
after_destroy
:synchronize_keychain
def
key
=
(
value
)
value
.
strip!
unless
value
.
blank?
...
...
@@ -34,29 +32,15 @@ class GpgKey < ActiveRecord::Base
@emails
||=
Gitlab
::
Gpg
.
emails_from_key
(
key
)
end
def
emails_in_keychain
@emails_in_keychain
||=
Gitlab
::
Gpg
::
CurrentKeyChain
.
emails
(
fingerprint
)
end
def
emails_with_verified_status
emails
.
map
do
|
email
|
[
email
,
email
==
user
.
email
&&
emails_in_keychain
.
include?
(
email
)
email
==
user
.
email
]
end
end
def
synchronize_keychain
if
emails
.
include?
(
user
.
email
)
add_to_keychain
else
remove_from_keychain
end
@emails_in_keychain
=
nil
end
private
def
extract_fingerprint
...
...
@@ -65,14 +49,6 @@ class GpgKey < ActiveRecord::Base
self
.
fingerprint
=
Gitlab
::
Gpg
.
fingerprints_from_key
(
key
).
first
end
def
add_to_keychain
Gitlab
::
Gpg
::
CurrentKeyChain
.
add
(
key
)
end
def
remove_from_keychain
Gitlab
::
Gpg
::
CurrentKeyChain
.
remove
(
fingerprint
)
end
def
notify_user
run_after_commit
{
NotificationService
.
new
.
new_gpg_key
(
self
)
}
end
...
...
app/models/user.rb
View file @
7e13d967
...
...
@@ -155,7 +155,6 @@ class User < ActiveRecord::Base
before_validation
:set_public_email
,
if: :public_email_changed?
after_update
:update_emails_with_primary_email
,
if: :email_changed?
after_update
:synchronize_gpg_keys
,
if: :email_changed?
before_save
:ensure_authentication_token
,
:ensure_incoming_email_token
before_save
:ensure_user_rights_and_limits
,
if: :external_changed?
after_save
:ensure_namespace_correct
...
...
@@ -1158,10 +1157,4 @@ class User < ActiveRecord::Base
ensure
Gitlab
::
ExclusiveLease
.
cancel
(
lease_key
,
uuid
)
end
def
synchronize_gpg_keys
gpg_keys
.
each
do
|
gpg_key
|
gpg_key
.
synchronize_keychain
end
end
end
lib/gitlab/gpg.rb
View file @
7e13d967
...
...
@@ -2,24 +2,6 @@ module Gitlab
module
Gpg
extend
self
module
CurrentKeyChain
extend
self
def
add
(
key
)
GPGME
::
Key
.
import
(
key
)
end
def
remove
(
fingerprint
)
# `#get` raises an EOFError if the keychain is empty, which is why we
# use the friendlier `#find`
GPGME
::
Key
.
find
(
:public
,
fingerprint
).
each
(
&
:delete!
)
end
def
emails
(
fingerprint
)
GPGME
::
Key
.
find
(
:public
,
fingerprint
).
flat_map
{
|
raw_key
|
raw_key
.
uids
.
map
(
&
:email
)
}
end
end
def
fingerprints_from_key
(
key
)
using_tmp_keychain
do
import
=
GPGME
::
Key
.
import
(
key
)
...
...
spec/lib/gitlab/gpg_spec.rb
View file @
7e13d967
...
...
@@ -29,36 +29,3 @@ describe Gitlab::Gpg do
end
end
end
describe
Gitlab
::
Gpg
::
CurrentKeyChain
,
:gpg
do
describe
'.emails'
do
it
'returns the emails'
do
Gitlab
::
Gpg
::
CurrentKeyChain
.
add
(
GpgHelpers
::
User2
.
public_key
)
expect
(
described_class
.
emails
(
GpgHelpers
::
User2
.
fingerprint
)
).
to
match_array
GpgHelpers
::
User2
.
emails
end
end
describe
'.add'
,
:gpg
do
it
'stores the key in the keychain'
do
expect
(
GPGME
::
Key
.
find
(
:public
,
GpgHelpers
::
User1
.
fingerprint
)).
to
eq
[]
Gitlab
::
Gpg
::
CurrentKeyChain
.
add
(
GpgHelpers
::
User1
.
public_key
)
expect
(
GPGME
::
Key
.
find
(
:public
,
GpgHelpers
::
User1
.
fingerprint
)).
not_to
eq
[]
end
end
describe
'.remove'
,
:gpg
do
it
'removes the key from the keychain'
do
Gitlab
::
Gpg
::
CurrentKeyChain
.
add
(
GpgHelpers
::
User1
.
public_key
)
expect
(
GPGME
::
Key
.
find
(
:public
,
GpgHelpers
::
User1
.
fingerprint
)).
not_to
eq
[]
Gitlab
::
Gpg
::
CurrentKeyChain
.
remove
(
GpgHelpers
::
User1
.
fingerprint
)
expect
(
GPGME
::
Key
.
find
(
:public
,
GpgHelpers
::
User1
.
fingerprint
)).
to
eq
[]
end
end
end
spec/models/gpg_key_spec.rb
View file @
7e13d967
...
...
@@ -21,20 +21,6 @@ describe GpgKey do
expect
(
gpg_key
.
fingerprint
).
to
eq
GpgHelpers
::
User1
.
fingerprint
end
end
describe
'synchronize_keychain'
do
it
'calls #synchronize_keychain after create'
do
gpg_key
=
build
:gpg_key
expect
(
gpg_key
).
to
receive
(
:synchronize_keychain
)
gpg_key
.
save!
end
it
'calls #remove_from_keychain after destroy'
do
gpg_key
=
create
:gpg_key
expect
(
gpg_key
).
to
receive
(
:synchronize_keychain
)
gpg_key
.
destroy!
end
end
end
describe
'#key='
do
...
...
@@ -59,80 +45,15 @@ describe GpgKey do
end
end
describe
'#emails_in_keychain'
,
:gpg
do
it
'returns the emails from the keychain'
do
user
=
create
:user
,
email:
GpgHelpers
::
User1
.
emails
.
first
gpg_key
=
create
:gpg_key
,
key:
GpgHelpers
::
User1
.
public_key
,
user:
user
expect
(
gpg_key
.
emails_in_keychain
).
to
eq
GpgHelpers
::
User1
.
emails
end
end
describe
'#emails_with_verified_status'
,
:gpg
do
context
'key is in the keychain'
do
it
'email is verified if the user has the matching email'
do
user
=
create
:user
,
email:
'bette.cartwright@example.com'
gpg_key
=
create
:gpg_key
,
key:
GpgHelpers
::
User2
.
public_key
,
user:
user
expect
(
gpg_key
.
emails_with_verified_status
).
to
match_array
[
[
'bette.cartwright@example.com'
,
true
],
[
'bette.cartwright@example.net'
,
false
]
]
end
end
context
'key is in not the keychain'
do
it
'emails are unverified'
do
user
=
create
:user
,
email:
'bette.cartwright@example.com'
gpg_key
=
create
:gpg_key
,
key:
GpgHelpers
::
User2
.
public_key
,
user:
user
Gitlab
::
Gpg
::
CurrentKeyChain
.
remove
(
GpgHelpers
::
User2
.
fingerprint
)
expect
(
gpg_key
.
emails_with_verified_status
).
to
match_array
[
[
'bette.cartwright@example.com'
,
false
],
[
'bette.cartwright@example.net'
,
false
]
]
end
end
end
describe
'#synchronize_keychain'
,
:gpg
do
context
"user's email matches one of the key's emails"
do
it
'adds the key to the keychain'
do
user
=
create
:user
,
email:
GpgHelpers
::
User1
.
emails
.
first
gpg_key
=
create
:gpg_key
,
user:
user
expect
(
gpg_key
).
to
receive
(
:add_to_keychain
)
gpg_key
.
synchronize_keychain
end
end
context
"user's email does not match one of the key's emails"
do
it
'does not add the key to the keychain'
do
user
=
create
:user
,
email:
'stepanie@cole.us'
gpg_key
=
create
:gpg_key
,
user:
user
expect
(
gpg_key
).
to
receive
(
:remove_from_keychain
)
gpg_key
.
synchronize_keychain
end
end
end
describe
'#add_to_keychain'
,
:gpg
do
it
'calls .add_to_keychain'
do
expect
(
Gitlab
::
Gpg
::
CurrentKeyChain
).
to
receive
(
:add
).
with
(
GpgHelpers
::
User2
.
public_key
)
gpg_key
=
create
:gpg_key
,
key:
GpgHelpers
::
User2
.
public_key
gpg_key
.
send
(
:add_to_keychain
)
end
end
describe
'#remove_from_keychain'
,
:gpg
do
it
'calls .remove_from_keychain'
do
allow
(
Gitlab
::
Gpg
::
CurrentKeyChain
).
to
receive
(
:remove
).
with
(
GpgHelpers
::
User2
.
fingerprint
)
gpg_key
=
create
:gpg_key
,
key:
GpgHelpers
::
User2
.
public_key
gpg_key
.
send
(
:remove_from_keychain
)
it
'email is verified if the user has the matching email'
do
user
=
create
:user
,
email:
'bette.cartwright@example.com'
gpg_key
=
create
:gpg_key
,
key:
GpgHelpers
::
User2
.
public_key
,
user:
user
expect
(
gpg_key
.
emails_with_verified_status
).
to
match_array
[
[
'bette.cartwright@example.com'
,
true
],
[
'bette.cartwright@example.net'
,
false
]
]
end
end
...
...
spec/models/user_spec.rb
View file @
7e13d967
...
...
@@ -1956,24 +1956,4 @@ describe User, models: true do
expect
(
user
.
allow_password_authentication?
).
to
be_falsey
end
end
context
'callbacks'
do
context
'.synchronize_gpg_keys'
do
let
(
:user
)
do
create
(
:user
,
email:
'tula.torphy@abshire.ca'
).
tap
do
|
user
|
user
.
skip_reconfirmation!
end
end
it
'does nothing when the name is updated'
do
expect
(
user
).
not_to
receive
(
:synchronize_gpg_keys
)
user
.
update_attributes!
(
name:
'Bette'
)
end
it
'synchronizes the gpg keys when the email is updated'
do
expect
(
user
).
to
receive
(
:synchronize_gpg_keys
)
user
.
update_attributes!
(
email:
'shawnee.ritchie@denesik.com'
)
end
end
end
end
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment