Commit 936be35b authored by Alexis Reigel's avatar Alexis Reigel

update signature badges to reflect new states

parent 978252a3
- title = capture do
.gpg-popover-icon.invalid
= render 'shared/icons/icon_status_notfound_borderless.svg'
%div
This commit was signed with a different user's verified signature.
- content = capture do
= render partial: 'projects/commit/signature_badge_user', locals: { signature: signature }
- locals = { signature: signature, title: title, content: content, label: 'Unverified', css_classes: ['invalid'] }
= render partial: 'projects/commit/signature_badge', locals: locals
- title = capture do
.gpg-popover-icon.invalid
= render 'shared/icons/icon_status_notfound_borderless.svg'
%div
This commit was signed with a verified signature, but the committer email
is <strong>not verified</strong> to belong to the same user.
- content = capture do
= render partial: 'projects/commit/signature_badge_user', locals: { signature: signature }
- locals = { signature: signature, title: title, content: content, label: 'Unverified', css_classes: ['invalid'] }
= render partial: 'projects/commit/signature_badge', locals: locals
- if signature - if signature
- if signature.verified? = render partial: "projects/commit/#{signature.verification_status}_signature_badge", locals: { signature: signature }
= render partial: 'projects/commit/valid_signature_badge', locals: { signature: signature }
- else
= render partial: 'projects/commit/invalid_signature_badge', locals: { signature: signature }
= render partial: 'projects/commit/unverified_signature_badge', locals: { signature: signature }
= render partial: 'projects/commit/unverified_signature_badge', locals: { signature: signature }
...@@ -2,7 +2,8 @@ ...@@ -2,7 +2,8 @@
.gpg-popover-icon.valid .gpg-popover-icon.valid
= render 'shared/icons/icon_status_success_borderless.svg' = render 'shared/icons/icon_status_success_borderless.svg'
%div %div
This commit was signed with a <strong>verified</strong> signature. This commit was signed with a <strong>verified</strong> signature and the
committer email is verified to belong to the same user.
- content = capture do - content = capture do
= render partial: 'projects/commit/signature_badge_user', locals: { signature: signature } = render partial: 'projects/commit/signature_badge_user', locals: { signature: signature }
......
...@@ -60,45 +60,120 @@ describe 'GPG signed commits', :js do ...@@ -60,45 +60,120 @@ describe 'GPG signed commits', :js do
end end
end end
it 'shows popover badges' do context 'shows popover badges' do
gpg_user = create :user, email: GpgHelpers::User1.emails.first, username: 'nannie.bernhard', name: 'Nannie Bernhard' let(:user_1) do
create :user, email: GpgHelpers::User1.emails.first, username: 'nannie.bernhard', name: 'Nannie Bernhard'
end
let(:user_1_key) do
Sidekiq::Testing.inline! do Sidekiq::Testing.inline! do
create :gpg_key, key: GpgHelpers::User1.public_key, user: gpg_user create :gpg_key, key: GpgHelpers::User1.public_key, user: user_1
end
end
let(:user_2) do
create(:user, email: GpgHelpers::User2.emails.first, username: 'bette.cartwright', name: 'Bette Cartwright').tap do |user|
# secondary, unverified email
create :email, user: user, email: GpgHelpers::User2.emails.last
end
end end
let(:user_2_key) do
Sidekiq::Testing.inline! do
create :gpg_key, key: GpgHelpers::User2.public_key, user: user_2
end
end
before do
user = create :user user = create :user
project.team << [user, :master] project.team << [user, :master]
sign_in(user) sign_in(user)
end
it 'unverified signature' do
visit project_commits_path(project, :'signed-commits') visit project_commits_path(project, :'signed-commits')
# unverified signature within(find('.commit', text: 'signed commit by bette cartwright')) do
click_on 'Unverified', match: :first click_on 'Unverified'
within '.popover' do within '.popover' do
expect(page).to have_content 'This commit was signed with an unverified signature.' expect(page).to have_content 'This commit was signed with an unverified signature.'
expect(page).to have_content "GPG Key ID: #{GpgHelpers::User2.primary_keyid}" expect(page).to have_content "GPG Key ID: #{GpgHelpers::User2.primary_keyid}"
end end
end
end
it 'unverified signature: user email does not match the committer email, but is the same user' do
user_2_key
visit project_commits_path(project, :'signed-commits')
within(find('.commit', text: 'signed and authored commit by bette cartwright, different email')) do
click_on 'Unverified'
within '.popover' do
expect(page).to have_content 'This commit was signed with a verified signature, but the committer email is not verified to belong to the same user.'
expect(page).to have_content 'Bette Cartwright'
expect(page).to have_content '@bette.cartwright'
expect(page).to have_content "GPG Key ID: #{GpgHelpers::User2.primary_keyid}"
end
end
end
it 'unverified signature: user email does not match the committer email' do
user_2_key
visit project_commits_path(project, :'signed-commits')
within(find('.commit', text: 'signed commit by bette cartwright')) do
click_on 'Unverified'
within '.popover' do
expect(page).to have_content "This commit was signed with a different user's verified signature."
expect(page).to have_content 'Bette Cartwright'
expect(page).to have_content '@bette.cartwright'
expect(page).to have_content "GPG Key ID: #{GpgHelpers::User2.primary_keyid}"
end
end
end
it 'verified and the gpg user has a gitlab profile' do
user_1_key
# verified and the gpg user has a gitlab profile visit project_commits_path(project, :'signed-commits')
click_on 'Verified', match: :first
within(find('.commit', text: 'signed and authored commit by nannie bernhard')) do
click_on 'Verified'
within '.popover' do within '.popover' do
expect(page).to have_content 'This commit was signed with a verified signature.' expect(page).to have_content 'This commit was signed with a verified signature and the committer email is verified to belong to the same user.'
expect(page).to have_content 'Nannie Bernhard' expect(page).to have_content 'Nannie Bernhard'
expect(page).to have_content '@nannie.bernhard' expect(page).to have_content '@nannie.bernhard'
expect(page).to have_content "GPG Key ID: #{GpgHelpers::User1.primary_keyid}" expect(page).to have_content "GPG Key ID: #{GpgHelpers::User1.primary_keyid}"
end end
end
end
# verified and the gpg user's profile doesn't exist anymore it "verified and the gpg user's profile doesn't exist anymore" do
gpg_user.destroy! user_1_key
visit project_commits_path(project, :'signed-commits') visit project_commits_path(project, :'signed-commits')
click_on 'Verified', match: :first # wait for the signature to get generated
within(find('.commit', text: 'signed and authored commit by nannie bernhard')) do
expect(page).to have_content 'Verified'
end
user_1.destroy!
refresh
within(find('.commit', text: 'signed and authored commit by nannie bernhard')) do
click_on 'Verified'
within '.popover' do within '.popover' do
expect(page).to have_content 'This commit was signed with a verified signature.' expect(page).to have_content 'This commit was signed with a verified signature and the committer email is verified to belong to the same user.'
expect(page).to have_content 'Nannie Bernhard' expect(page).to have_content 'Nannie Bernhard'
expect(page).to have_content 'nannie.bernhard@example.com' expect(page).to have_content 'nannie.bernhard@example.com'
expect(page).to have_content "GPG Key ID: #{GpgHelpers::User1.primary_keyid}" expect(page).to have_content "GPG Key ID: #{GpgHelpers::User1.primary_keyid}"
end end
end end
end
end
end end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment