Commit 7e13d967 authored by Alexis Reigel's avatar Alexis Reigel

don't sync to keychain file

parent d1101ec0
...@@ -21,9 +21,7 @@ class GpgKey < ActiveRecord::Base ...@@ -21,9 +21,7 @@ class GpgKey < ActiveRecord::Base
unless: -> { errors.has_key?(:key) } unless: -> { errors.has_key?(:key) }
before_validation :extract_fingerprint before_validation :extract_fingerprint
after_create :synchronize_keychain
after_create :notify_user after_create :notify_user
after_destroy :synchronize_keychain
def key=(value) def key=(value)
value.strip! unless value.blank? value.strip! unless value.blank?
...@@ -34,29 +32,15 @@ class GpgKey < ActiveRecord::Base ...@@ -34,29 +32,15 @@ class GpgKey < ActiveRecord::Base
@emails ||= Gitlab::Gpg.emails_from_key(key) @emails ||= Gitlab::Gpg.emails_from_key(key)
end end
def emails_in_keychain
@emails_in_keychain ||= Gitlab::Gpg::CurrentKeyChain.emails(fingerprint)
end
def emails_with_verified_status def emails_with_verified_status
emails.map do |email| emails.map do |email|
[ [
email, email,
email == user.email && emails_in_keychain.include?(email) email == user.email
] ]
end end
end end
def synchronize_keychain
if emails.include?(user.email)
add_to_keychain
else
remove_from_keychain
end
@emails_in_keychain = nil
end
private private
def extract_fingerprint def extract_fingerprint
...@@ -65,14 +49,6 @@ class GpgKey < ActiveRecord::Base ...@@ -65,14 +49,6 @@ class GpgKey < ActiveRecord::Base
self.fingerprint = Gitlab::Gpg.fingerprints_from_key(key).first self.fingerprint = Gitlab::Gpg.fingerprints_from_key(key).first
end end
def add_to_keychain
Gitlab::Gpg::CurrentKeyChain.add(key)
end
def remove_from_keychain
Gitlab::Gpg::CurrentKeyChain.remove(fingerprint)
end
def notify_user def notify_user
run_after_commit { NotificationService.new.new_gpg_key(self) } run_after_commit { NotificationService.new.new_gpg_key(self) }
end end
......
...@@ -155,7 +155,6 @@ class User < ActiveRecord::Base ...@@ -155,7 +155,6 @@ class User < ActiveRecord::Base
before_validation :set_public_email, if: :public_email_changed? before_validation :set_public_email, if: :public_email_changed?
after_update :update_emails_with_primary_email, if: :email_changed? after_update :update_emails_with_primary_email, if: :email_changed?
after_update :synchronize_gpg_keys, if: :email_changed?
before_save :ensure_authentication_token, :ensure_incoming_email_token before_save :ensure_authentication_token, :ensure_incoming_email_token
before_save :ensure_user_rights_and_limits, if: :external_changed? before_save :ensure_user_rights_and_limits, if: :external_changed?
after_save :ensure_namespace_correct after_save :ensure_namespace_correct
...@@ -1158,10 +1157,4 @@ class User < ActiveRecord::Base ...@@ -1158,10 +1157,4 @@ class User < ActiveRecord::Base
ensure ensure
Gitlab::ExclusiveLease.cancel(lease_key, uuid) Gitlab::ExclusiveLease.cancel(lease_key, uuid)
end end
def synchronize_gpg_keys
gpg_keys.each do |gpg_key|
gpg_key.synchronize_keychain
end
end
end end
...@@ -2,24 +2,6 @@ module Gitlab ...@@ -2,24 +2,6 @@ module Gitlab
module Gpg module Gpg
extend self extend self
module CurrentKeyChain
extend self
def add(key)
GPGME::Key.import(key)
end
def remove(fingerprint)
# `#get` raises an EOFError if the keychain is empty, which is why we
# use the friendlier `#find`
GPGME::Key.find(:public, fingerprint).each(&:delete!)
end
def emails(fingerprint)
GPGME::Key.find(:public, fingerprint).flat_map { |raw_key| raw_key.uids.map(&:email) }
end
end
def fingerprints_from_key(key) def fingerprints_from_key(key)
using_tmp_keychain do using_tmp_keychain do
import = GPGME::Key.import(key) import = GPGME::Key.import(key)
......
...@@ -29,36 +29,3 @@ describe Gitlab::Gpg do ...@@ -29,36 +29,3 @@ describe Gitlab::Gpg do
end end
end end
end end
describe Gitlab::Gpg::CurrentKeyChain, :gpg do
describe '.emails' do
it 'returns the emails' do
Gitlab::Gpg::CurrentKeyChain.add(GpgHelpers::User2.public_key)
expect(
described_class.emails(GpgHelpers::User2.fingerprint)
).to match_array GpgHelpers::User2.emails
end
end
describe '.add', :gpg do
it 'stores the key in the keychain' do
expect(GPGME::Key.find(:public, GpgHelpers::User1.fingerprint)).to eq []
Gitlab::Gpg::CurrentKeyChain.add(GpgHelpers::User1.public_key)
expect(GPGME::Key.find(:public, GpgHelpers::User1.fingerprint)).not_to eq []
end
end
describe '.remove', :gpg do
it 'removes the key from the keychain' do
Gitlab::Gpg::CurrentKeyChain.add(GpgHelpers::User1.public_key)
expect(GPGME::Key.find(:public, GpgHelpers::User1.fingerprint)).not_to eq []
Gitlab::Gpg::CurrentKeyChain.remove(GpgHelpers::User1.fingerprint)
expect(GPGME::Key.find(:public, GpgHelpers::User1.fingerprint)).to eq []
end
end
end
...@@ -21,20 +21,6 @@ describe GpgKey do ...@@ -21,20 +21,6 @@ describe GpgKey do
expect(gpg_key.fingerprint).to eq GpgHelpers::User1.fingerprint expect(gpg_key.fingerprint).to eq GpgHelpers::User1.fingerprint
end end
end end
describe 'synchronize_keychain' do
it 'calls #synchronize_keychain after create' do
gpg_key = build :gpg_key
expect(gpg_key).to receive(:synchronize_keychain)
gpg_key.save!
end
it 'calls #remove_from_keychain after destroy' do
gpg_key = create :gpg_key
expect(gpg_key).to receive(:synchronize_keychain)
gpg_key.destroy!
end
end
end end
describe '#key=' do describe '#key=' do
...@@ -59,17 +45,7 @@ describe GpgKey do ...@@ -59,17 +45,7 @@ describe GpgKey do
end end
end end
describe '#emails_in_keychain', :gpg do
it 'returns the emails from the keychain' do
user = create :user, email: GpgHelpers::User1.emails.first
gpg_key = create :gpg_key, key: GpgHelpers::User1.public_key, user: user
expect(gpg_key.emails_in_keychain).to eq GpgHelpers::User1.emails
end
end
describe '#emails_with_verified_status', :gpg do describe '#emails_with_verified_status', :gpg do
context 'key is in the keychain' do
it 'email is verified if the user has the matching email' do it 'email is verified if the user has the matching email' do
user = create :user, email: 'bette.cartwright@example.com' user = create :user, email: 'bette.cartwright@example.com'
gpg_key = create :gpg_key, key: GpgHelpers::User2.public_key, user: user gpg_key = create :gpg_key, key: GpgHelpers::User2.public_key, user: user
...@@ -81,61 +57,6 @@ describe GpgKey do ...@@ -81,61 +57,6 @@ describe GpgKey do
end end
end end
context 'key is in not the keychain' do
it 'emails are unverified' do
user = create :user, email: 'bette.cartwright@example.com'
gpg_key = create :gpg_key, key: GpgHelpers::User2.public_key, user: user
Gitlab::Gpg::CurrentKeyChain.remove(GpgHelpers::User2.fingerprint)
expect(gpg_key.emails_with_verified_status).to match_array [
['bette.cartwright@example.com', false],
['bette.cartwright@example.net', false]
]
end
end
end
describe '#synchronize_keychain', :gpg do
context "user's email matches one of the key's emails" do
it 'adds the key to the keychain' do
user = create :user, email: GpgHelpers::User1.emails.first
gpg_key = create :gpg_key, user: user
expect(gpg_key).to receive(:add_to_keychain)
gpg_key.synchronize_keychain
end
end
context "user's email does not match one of the key's emails" do
it 'does not add the key to the keychain' do
user = create :user, email: 'stepanie@cole.us'
gpg_key = create :gpg_key, user: user
expect(gpg_key).to receive(:remove_from_keychain)
gpg_key.synchronize_keychain
end
end
end
describe '#add_to_keychain', :gpg do
it 'calls .add_to_keychain' do
expect(Gitlab::Gpg::CurrentKeyChain).to receive(:add).with(GpgHelpers::User2.public_key)
gpg_key = create :gpg_key, key: GpgHelpers::User2.public_key
gpg_key.send(:add_to_keychain)
end
end
describe '#remove_from_keychain', :gpg do
it 'calls .remove_from_keychain' do
allow(Gitlab::Gpg::CurrentKeyChain).to receive(:remove).with(GpgHelpers::User2.fingerprint)
gpg_key = create :gpg_key, key: GpgHelpers::User2.public_key
gpg_key.send(:remove_from_keychain)
end
end
describe 'notification' do describe 'notification' do
include EmailHelpers include EmailHelpers
......
...@@ -1956,24 +1956,4 @@ describe User, models: true do ...@@ -1956,24 +1956,4 @@ describe User, models: true do
expect(user.allow_password_authentication?).to be_falsey expect(user.allow_password_authentication?).to be_falsey
end end
end end
context 'callbacks' do
context '.synchronize_gpg_keys' do
let(:user) do
create(:user, email: 'tula.torphy@abshire.ca').tap do |user|
user.skip_reconfirmation!
end
end
it 'does nothing when the name is updated' do
expect(user).not_to receive(:synchronize_gpg_keys)
user.update_attributes!(name: 'Bette')
end
it 'synchronizes the gpg keys when the email is updated' do
expect(user).to receive(:synchronize_gpg_keys)
user.update_attributes!(email: 'shawnee.ritchie@denesik.com')
end
end
end
end end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment