Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
978252a3
Commit
978252a3
authored
Aug 30, 2017
by
Alexis Reigel
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
use new #verification_status
parent
31ad752e
Changes
11
Show whitespace changes
Inline
Side-by-side
Showing
11 changed files
with
72 additions
and
31 deletions
+72
-31
app/models/gpg_key.rb
app/models/gpg_key.rb
+8
-5
app/models/gpg_signature.rb
app/models/gpg_signature.rb
+8
-0
app/views/projects/commit/_signature.html.haml
app/views/projects/commit/_signature.html.haml
+1
-1
lib/gitlab/gpg/commit.rb
lib/gitlab/gpg/commit.rb
+0
-1
lib/gitlab/gpg/invalid_gpg_signature_updater.rb
lib/gitlab/gpg/invalid_gpg_signature_updater.rb
+7
-1
spec/factories/gpg_signature.rb
spec/factories/gpg_signature.rb
+1
-1
spec/features/profiles/gpg_keys_spec.rb
spec/features/profiles/gpg_keys_spec.rb
+2
-2
spec/lib/gitlab/gpg/commit_spec.rb
spec/lib/gitlab/gpg/commit_spec.rb
+0
-5
spec/lib/gitlab/gpg/invalid_gpg_signature_updater_spec.rb
spec/lib/gitlab/gpg/invalid_gpg_signature_updater_spec.rb
+11
-11
spec/models/gpg_key_spec.rb
spec/models/gpg_key_spec.rb
+4
-4
spec/models/gpg_signature_spec.rb
spec/models/gpg_signature_spec.rb
+30
-0
No files found.
app/models/gpg_key.rb
View file @
978252a3
...
@@ -82,9 +82,12 @@ class GpgKey < ActiveRecord::Base
...
@@ -82,9 +82,12 @@ class GpgKey < ActiveRecord::Base
end
end
def
revoke
def
revoke
GpgSignature
.
where
(
gpg_key:
self
,
valid_signature:
true
).
update_all
(
GpgSignature
.
where
(
gpg_key:
self
)
.
where
.
not
(
verification_status:
GpgSignature
.
verification_statuses
[
:unknown_key
])
.
update_all
(
gpg_key_id:
nil
,
gpg_key_id:
nil
,
valid_signature:
false
,
verification_status:
GpgSignature
.
verification_statuses
[
:unknown_key
]
,
updated_at:
Time
.
zone
.
now
updated_at:
Time
.
zone
.
now
)
)
...
...
app/models/gpg_signature.rb
View file @
978252a3
...
@@ -20,6 +20,14 @@ class GpgSignature < ActiveRecord::Base
...
@@ -20,6 +20,14 @@ class GpgSignature < ActiveRecord::Base
validates
:project_id
,
presence:
true
validates
:project_id
,
presence:
true
validates
:gpg_key_primary_keyid
,
presence:
true
validates
:gpg_key_primary_keyid
,
presence:
true
# backwards compatibility: legacy records that weren't migrated to use the
# new `#verification_status` have `#valid_signature` set instead
def
verified?
return
valid_signature
if
verification_status
.
nil?
super
end
def
gpg_key_primary_keyid
def
gpg_key_primary_keyid
super
&
.
upcase
super
&
.
upcase
end
end
...
...
app/views/projects/commit/_signature.html.haml
View file @
978252a3
-
if
signature
-
if
signature
-
if
signature
.
v
alid_signature
?
-
if
signature
.
v
erified
?
=
render
partial:
'projects/commit/valid_signature_badge'
,
locals:
{
signature:
signature
}
=
render
partial:
'projects/commit/valid_signature_badge'
,
locals:
{
signature:
signature
}
-
else
-
else
=
render
partial:
'projects/commit/invalid_signature_badge'
,
locals:
{
signature:
signature
}
=
render
partial:
'projects/commit/invalid_signature_badge'
,
locals:
{
signature:
signature
}
lib/gitlab/gpg/commit.rb
View file @
978252a3
...
@@ -77,7 +77,6 @@ module Gitlab
...
@@ -77,7 +77,6 @@ module Gitlab
gpg_key_primary_keyid:
gpg_key
&
.
primary_keyid
||
verified_signature
.
fingerprint
,
gpg_key_primary_keyid:
gpg_key
&
.
primary_keyid
||
verified_signature
.
fingerprint
,
gpg_key_user_name:
user_infos
[
:name
],
gpg_key_user_name:
user_infos
[
:name
],
gpg_key_user_email:
user_infos
[
:email
],
gpg_key_user_email:
user_infos
[
:email
],
valid_signature:
verification_status
==
:verified
,
verification_status:
verification_status
verification_status:
verification_status
}
}
end
end
...
...
lib/gitlab/gpg/invalid_gpg_signature_updater.rb
View file @
978252a3
...
@@ -6,9 +6,15 @@ module Gitlab
...
@@ -6,9 +6,15 @@ module Gitlab
end
end
def
run
def
run
# `OR valid_signature` is for backwards compatibility: legacy records
# that weren't migrated to use the new `#verification_status` have
# `#valid_signature` set instead
GpgSignature
GpgSignature
.
select
(
:id
,
:commit_sha
,
:project_id
)
.
select
(
:id
,
:commit_sha
,
:project_id
)
.
where
(
'gpg_key_id IS NULL OR valid_signature = ?'
,
false
)
.
where
(
'gpg_key_id IS NULL OR valid_signature = ? OR verification_status <> ?'
,
false
,
GpgSignature
.
verification_statuses
[
:verified
]
)
.
where
(
gpg_key_primary_keyid:
@gpg_key
.
primary_keyid
)
.
where
(
gpg_key_primary_keyid:
@gpg_key
.
primary_keyid
)
.
find_each
{
|
sig
|
sig
.
gpg_commit
.
update_signature!
(
sig
)
}
.
find_each
{
|
sig
|
sig
.
gpg_commit
.
update_signature!
(
sig
)
}
end
end
...
...
spec/factories/gpg_signature.rb
View file @
978252a3
...
@@ -6,6 +6,6 @@ FactoryGirl.define do
...
@@ -6,6 +6,6 @@ FactoryGirl.define do
project
project
gpg_key
gpg_key
gpg_key_primary_keyid
{
gpg_key
.
primary_keyid
}
gpg_key_primary_keyid
{
gpg_key
.
primary_keyid
}
v
alid_signature
true
v
erification_status
:verified
end
end
end
end
spec/features/profiles/gpg_keys_spec.rb
View file @
978252a3
...
@@ -42,7 +42,7 @@ feature 'Profile > GPG Keys' do
...
@@ -42,7 +42,7 @@ feature 'Profile > GPG Keys' do
scenario
'User revokes a key via the key index'
do
scenario
'User revokes a key via the key index'
do
gpg_key
=
create
:gpg_key
,
user:
user
,
key:
GpgHelpers
::
User2
.
public_key
gpg_key
=
create
:gpg_key
,
user:
user
,
key:
GpgHelpers
::
User2
.
public_key
gpg_signature
=
create
:gpg_signature
,
gpg_key:
gpg_key
,
v
alid_signature:
true
gpg_signature
=
create
:gpg_signature
,
gpg_key:
gpg_key
,
v
erification_status: :verified
visit
profile_gpg_keys_path
visit
profile_gpg_keys_path
...
@@ -51,7 +51,7 @@ feature 'Profile > GPG Keys' do
...
@@ -51,7 +51,7 @@ feature 'Profile > GPG Keys' do
expect
(
page
).
to
have_content
(
'Your GPG keys (0)'
)
expect
(
page
).
to
have_content
(
'Your GPG keys (0)'
)
expect
(
gpg_signature
.
reload
).
to
have_attributes
(
expect
(
gpg_signature
.
reload
).
to
have_attributes
(
v
alid_signature:
false
,
v
erification_status:
'unknown_key'
,
gpg_key:
nil
gpg_key:
nil
)
)
end
end
...
...
spec/lib/gitlab/gpg/commit_spec.rb
View file @
978252a3
...
@@ -56,7 +56,6 @@ describe Gitlab::Gpg::Commit do
...
@@ -56,7 +56,6 @@ describe Gitlab::Gpg::Commit do
gpg_key_primary_keyid:
GpgHelpers
::
User1
.
primary_keyid
,
gpg_key_primary_keyid:
GpgHelpers
::
User1
.
primary_keyid
,
gpg_key_user_name:
GpgHelpers
::
User1
.
names
.
first
,
gpg_key_user_name:
GpgHelpers
::
User1
.
names
.
first
,
gpg_key_user_email:
GpgHelpers
::
User1
.
emails
.
first
,
gpg_key_user_email:
GpgHelpers
::
User1
.
emails
.
first
,
valid_signature:
true
,
verification_status:
'verified'
verification_status:
'verified'
)
)
end
end
...
@@ -96,7 +95,6 @@ describe Gitlab::Gpg::Commit do
...
@@ -96,7 +95,6 @@ describe Gitlab::Gpg::Commit do
gpg_key_primary_keyid:
GpgHelpers
::
User1
.
primary_keyid
,
gpg_key_primary_keyid:
GpgHelpers
::
User1
.
primary_keyid
,
gpg_key_user_name:
GpgHelpers
::
User1
.
names
.
first
,
gpg_key_user_name:
GpgHelpers
::
User1
.
names
.
first
,
gpg_key_user_email:
GpgHelpers
::
User1
.
emails
.
first
,
gpg_key_user_email:
GpgHelpers
::
User1
.
emails
.
first
,
valid_signature:
false
,
verification_status:
'same_user_different_email'
verification_status:
'same_user_different_email'
)
)
end
end
...
@@ -132,7 +130,6 @@ describe Gitlab::Gpg::Commit do
...
@@ -132,7 +130,6 @@ describe Gitlab::Gpg::Commit do
gpg_key_primary_keyid:
GpgHelpers
::
User1
.
primary_keyid
,
gpg_key_primary_keyid:
GpgHelpers
::
User1
.
primary_keyid
,
gpg_key_user_name:
GpgHelpers
::
User1
.
names
.
first
,
gpg_key_user_name:
GpgHelpers
::
User1
.
names
.
first
,
gpg_key_user_email:
GpgHelpers
::
User1
.
emails
.
first
,
gpg_key_user_email:
GpgHelpers
::
User1
.
emails
.
first
,
valid_signature:
false
,
verification_status:
'other_user'
verification_status:
'other_user'
)
)
end
end
...
@@ -169,7 +166,6 @@ describe Gitlab::Gpg::Commit do
...
@@ -169,7 +166,6 @@ describe Gitlab::Gpg::Commit do
gpg_key_primary_keyid:
GpgHelpers
::
User1
.
primary_keyid
,
gpg_key_primary_keyid:
GpgHelpers
::
User1
.
primary_keyid
,
gpg_key_user_name:
GpgHelpers
::
User1
.
names
.
first
,
gpg_key_user_name:
GpgHelpers
::
User1
.
names
.
first
,
gpg_key_user_email:
GpgHelpers
::
User1
.
emails
.
first
,
gpg_key_user_email:
GpgHelpers
::
User1
.
emails
.
first
,
valid_signature:
false
,
verification_status:
'unverified_key'
verification_status:
'unverified_key'
)
)
end
end
...
@@ -200,7 +196,6 @@ describe Gitlab::Gpg::Commit do
...
@@ -200,7 +196,6 @@ describe Gitlab::Gpg::Commit do
gpg_key_primary_keyid:
GpgHelpers
::
User1
.
primary_keyid
,
gpg_key_primary_keyid:
GpgHelpers
::
User1
.
primary_keyid
,
gpg_key_user_name:
nil
,
gpg_key_user_name:
nil
,
gpg_key_user_email:
nil
,
gpg_key_user_email:
nil
,
valid_signature:
false
,
verification_status:
'unknown_key'
verification_status:
'unknown_key'
)
)
end
end
...
...
spec/lib/gitlab/gpg/invalid_gpg_signature_updater_spec.rb
View file @
978252a3
...
@@ -46,7 +46,7 @@ RSpec.describe Gitlab::Gpg::InvalidGpgSignatureUpdater do
...
@@ -46,7 +46,7 @@ RSpec.describe Gitlab::Gpg::InvalidGpgSignatureUpdater do
commit_sha:
commit_sha
,
commit_sha:
commit_sha
,
gpg_key:
nil
,
gpg_key:
nil
,
gpg_key_primary_keyid:
GpgHelpers
::
User1
.
primary_keyid
,
gpg_key_primary_keyid:
GpgHelpers
::
User1
.
primary_keyid
,
v
alid_signature:
true
v
erification_status:
'verified'
end
end
it
'assigns the gpg key to the signature when the missing gpg key is added'
do
it
'assigns the gpg key to the signature when the missing gpg key is added'
do
...
@@ -60,7 +60,7 @@ RSpec.describe Gitlab::Gpg::InvalidGpgSignatureUpdater do
...
@@ -60,7 +60,7 @@ RSpec.describe Gitlab::Gpg::InvalidGpgSignatureUpdater do
commit_sha:
commit_sha
,
commit_sha:
commit_sha
,
gpg_key:
gpg_key
,
gpg_key:
gpg_key
,
gpg_key_primary_keyid:
GpgHelpers
::
User1
.
primary_keyid
,
gpg_key_primary_keyid:
GpgHelpers
::
User1
.
primary_keyid
,
v
alid_signature:
true
v
erification_status:
'verified'
)
)
end
end
...
@@ -75,7 +75,7 @@ RSpec.describe Gitlab::Gpg::InvalidGpgSignatureUpdater do
...
@@ -75,7 +75,7 @@ RSpec.describe Gitlab::Gpg::InvalidGpgSignatureUpdater do
commit_sha:
commit_sha
,
commit_sha:
commit_sha
,
gpg_key:
nil
,
gpg_key:
nil
,
gpg_key_primary_keyid:
GpgHelpers
::
User1
.
primary_keyid
,
gpg_key_primary_keyid:
GpgHelpers
::
User1
.
primary_keyid
,
v
alid_signature:
true
v
erification_status:
'verified'
)
)
end
end
end
end
...
@@ -89,7 +89,7 @@ RSpec.describe Gitlab::Gpg::InvalidGpgSignatureUpdater do
...
@@ -89,7 +89,7 @@ RSpec.describe Gitlab::Gpg::InvalidGpgSignatureUpdater do
commit_sha:
commit_sha
,
commit_sha:
commit_sha
,
gpg_key:
nil
,
gpg_key:
nil
,
gpg_key_primary_keyid:
GpgHelpers
::
User1
.
primary_keyid
,
gpg_key_primary_keyid:
GpgHelpers
::
User1
.
primary_keyid
,
v
alid_signature:
false
v
erification_status:
'unknown_key'
end
end
it
'updates the signature to being valid when the missing gpg key is added'
do
it
'updates the signature to being valid when the missing gpg key is added'
do
...
@@ -103,7 +103,7 @@ RSpec.describe Gitlab::Gpg::InvalidGpgSignatureUpdater do
...
@@ -103,7 +103,7 @@ RSpec.describe Gitlab::Gpg::InvalidGpgSignatureUpdater do
commit_sha:
commit_sha
,
commit_sha:
commit_sha
,
gpg_key:
gpg_key
,
gpg_key:
gpg_key
,
gpg_key_primary_keyid:
GpgHelpers
::
User1
.
primary_keyid
,
gpg_key_primary_keyid:
GpgHelpers
::
User1
.
primary_keyid
,
v
alid_signature:
true
v
erification_status:
'verified'
)
)
end
end
...
@@ -118,7 +118,7 @@ RSpec.describe Gitlab::Gpg::InvalidGpgSignatureUpdater do
...
@@ -118,7 +118,7 @@ RSpec.describe Gitlab::Gpg::InvalidGpgSignatureUpdater do
commit_sha:
commit_sha
,
commit_sha:
commit_sha
,
gpg_key:
nil
,
gpg_key:
nil
,
gpg_key_primary_keyid:
GpgHelpers
::
User1
.
primary_keyid
,
gpg_key_primary_keyid:
GpgHelpers
::
User1
.
primary_keyid
,
v
alid_signature:
false
v
erification_status:
'unknown_key'
)
)
end
end
end
end
...
@@ -136,7 +136,7 @@ RSpec.describe Gitlab::Gpg::InvalidGpgSignatureUpdater do
...
@@ -136,7 +136,7 @@ RSpec.describe Gitlab::Gpg::InvalidGpgSignatureUpdater do
commit_sha:
commit_sha
,
commit_sha:
commit_sha
,
gpg_key:
nil
,
gpg_key:
nil
,
gpg_key_primary_keyid:
GpgHelpers
::
User1
.
primary_keyid
,
gpg_key_primary_keyid:
GpgHelpers
::
User1
.
primary_keyid
,
v
alid_signature:
false
v
erification_status:
'unknown_key'
end
end
it
'updates the signature to being valid when the user updates the email address'
do
it
'updates the signature to being valid when the user updates the email address'
do
...
@@ -144,7 +144,7 @@ RSpec.describe Gitlab::Gpg::InvalidGpgSignatureUpdater do
...
@@ -144,7 +144,7 @@ RSpec.describe Gitlab::Gpg::InvalidGpgSignatureUpdater do
key:
GpgHelpers
::
User1
.
public_key
,
key:
GpgHelpers
::
User1
.
public_key
,
user:
user
user:
user
expect
(
invalid_gpg_signature
.
reload
.
v
alid_signature
).
to
be_falsey
expect
(
invalid_gpg_signature
.
reload
.
v
erification_status
).
to
eq
'unverified_key'
# InvalidGpgSignatureUpdater is called by the after_update hook
# InvalidGpgSignatureUpdater is called by the after_update hook
user
.
update_attributes!
(
email:
GpgHelpers
::
User1
.
emails
.
first
)
user
.
update_attributes!
(
email:
GpgHelpers
::
User1
.
emails
.
first
)
...
@@ -154,7 +154,7 @@ RSpec.describe Gitlab::Gpg::InvalidGpgSignatureUpdater do
...
@@ -154,7 +154,7 @@ RSpec.describe Gitlab::Gpg::InvalidGpgSignatureUpdater do
commit_sha:
commit_sha
,
commit_sha:
commit_sha
,
gpg_key:
gpg_key
,
gpg_key:
gpg_key
,
gpg_key_primary_keyid:
GpgHelpers
::
User1
.
primary_keyid
,
gpg_key_primary_keyid:
GpgHelpers
::
User1
.
primary_keyid
,
v
alid_signature:
true
v
erification_status:
'verified'
)
)
end
end
...
@@ -168,7 +168,7 @@ RSpec.describe Gitlab::Gpg::InvalidGpgSignatureUpdater do
...
@@ -168,7 +168,7 @@ RSpec.describe Gitlab::Gpg::InvalidGpgSignatureUpdater do
commit_sha:
commit_sha
,
commit_sha:
commit_sha
,
gpg_key:
gpg_key
,
gpg_key:
gpg_key
,
gpg_key_primary_keyid:
GpgHelpers
::
User1
.
primary_keyid
,
gpg_key_primary_keyid:
GpgHelpers
::
User1
.
primary_keyid
,
v
alid_signature:
false
v
erification_status:
'unverified_key'
)
)
# InvalidGpgSignatureUpdater is called by the after_update hook
# InvalidGpgSignatureUpdater is called by the after_update hook
...
@@ -179,7 +179,7 @@ RSpec.describe Gitlab::Gpg::InvalidGpgSignatureUpdater do
...
@@ -179,7 +179,7 @@ RSpec.describe Gitlab::Gpg::InvalidGpgSignatureUpdater do
commit_sha:
commit_sha
,
commit_sha:
commit_sha
,
gpg_key:
gpg_key
,
gpg_key:
gpg_key
,
gpg_key_primary_keyid:
GpgHelpers
::
User1
.
primary_keyid
,
gpg_key_primary_keyid:
GpgHelpers
::
User1
.
primary_keyid
,
v
alid_signature:
false
v
erification_status:
'unverified_key'
)
)
end
end
end
end
...
...
spec/models/gpg_key_spec.rb
View file @
978252a3
...
@@ -155,15 +155,15 @@ describe GpgKey do
...
@@ -155,15 +155,15 @@ describe GpgKey do
describe
'#revoke'
do
describe
'#revoke'
do
it
'invalidates all associated gpg signatures and destroys the key'
do
it
'invalidates all associated gpg signatures and destroys the key'
do
gpg_key
=
create
:gpg_key
gpg_key
=
create
:gpg_key
gpg_signature
=
create
:gpg_signature
,
v
alid_signature:
true
,
gpg_key:
gpg_key
gpg_signature
=
create
:gpg_signature
,
v
erification_status: :verified
,
gpg_key:
gpg_key
unrelated_gpg_key
=
create
:gpg_key
,
key:
GpgHelpers
::
User2
.
public_key
unrelated_gpg_key
=
create
:gpg_key
,
key:
GpgHelpers
::
User2
.
public_key
unrelated_gpg_signature
=
create
:gpg_signature
,
v
alid_signature:
true
,
gpg_key:
unrelated_gpg_key
unrelated_gpg_signature
=
create
:gpg_signature
,
v
erification_status: :verified
,
gpg_key:
unrelated_gpg_key
gpg_key
.
revoke
gpg_key
.
revoke
expect
(
gpg_signature
.
reload
).
to
have_attributes
(
expect
(
gpg_signature
.
reload
).
to
have_attributes
(
v
alid_signature:
false
,
v
erification_status:
'unknown_key'
,
gpg_key:
nil
gpg_key:
nil
)
)
...
@@ -171,7 +171,7 @@ describe GpgKey do
...
@@ -171,7 +171,7 @@ describe GpgKey do
# unrelated signature is left untouched
# unrelated signature is left untouched
expect
(
unrelated_gpg_signature
.
reload
).
to
have_attributes
(
expect
(
unrelated_gpg_signature
.
reload
).
to
have_attributes
(
v
alid_signature:
true
,
v
erification_status:
'verified'
,
gpg_key:
unrelated_gpg_key
gpg_key:
unrelated_gpg_key
)
)
...
...
spec/models/gpg_signature_spec.rb
View file @
978252a3
...
@@ -25,4 +25,34 @@ RSpec.describe GpgSignature do
...
@@ -25,4 +25,34 @@ RSpec.describe GpgSignature do
gpg_signature
.
commit
gpg_signature
.
commit
end
end
end
end
describe
'#verified?'
do
it
'returns true when `verification_status` is not set, but `valid_signature` is true'
do
signature
=
create
:gpg_signature
,
valid_signature:
true
,
verification_status:
nil
expect
(
signature
.
verified?
).
to
be
true
expect
(
signature
.
reload
.
verified?
).
to
be
true
end
it
'returns true when `verification_status` is set to :verified'
do
signature
=
create
:gpg_signature
,
verification_status: :verified
expect
(
signature
.
verified?
).
to
be
true
expect
(
signature
.
reload
.
verified?
).
to
be
true
end
it
'returns false when `verification_status` is set to :unknown_key'
do
signature
=
create
:gpg_signature
,
verification_status: :unknown_key
expect
(
signature
.
verified?
).
to
be
false
expect
(
signature
.
reload
.
verified?
).
to
be
false
end
it
'returns false when `verification_status` is not set, but `valid_signature` is false'
do
signature
=
create
:gpg_signature
,
valid_signature:
false
,
verification_status:
nil
expect
(
signature
.
verified?
).
to
be
false
expect
(
signature
.
reload
.
verified?
).
to
be
false
end
end
end
end
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment