Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
李少辉-开发者
gitlab-foss
提交
8bd94a73
G
gitlab-foss
项目概览
李少辉-开发者
/
gitlab-foss
通知
15
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
G
gitlab-foss
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
8bd94a73
编写于
2月 28, 2017
作者:
A
Alexis Reigel
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
remove gpg from keychain when user's email changes
上级
c1281982
变更
6
隐藏空白更改
内联
并排
Showing
6 changed file
with
118 addition
and
40 deletion
+118
-40
app/models/gpg_key.rb
app/models/gpg_key.rb
+19
-12
app/models/user.rb
app/models/user.rb
+7
-0
lib/gitlab/gpg.rb
lib/gitlab/gpg.rb
+3
-1
spec/features/commits_spec.rb
spec/features/commits_spec.rb
+13
-3
spec/models/gpg_key_spec.rb
spec/models/gpg_key_spec.rb
+56
-24
spec/models/user_spec.rb
spec/models/user_spec.rb
+20
-0
未找到文件。
app/models/gpg_key.rb
浏览文件 @
8bd94a73
...
...
@@ -21,9 +21,9 @@ class GpgKey < ActiveRecord::Base
unless:
->
{
errors
.
has_key?
(
:key
)
}
before_validation
:extract_fingerprint
after_create
:
add_to
_keychain
after_create
:
synchronize
_keychain
after_create
:notify_user
after_destroy
:
remove_from
_keychain
after_destroy
:
synchronize
_keychain
def
key
=
(
value
)
value
.
strip!
unless
value
.
blank?
...
...
@@ -31,21 +31,32 @@ class GpgKey < ActiveRecord::Base
end
def
emails
Gitlab
::
Gpg
::
CurrentKeyChain
.
emails
(
fingerprint
)
@emails
||=
Gitlab
::
Gpg
.
emails_from_key
(
key
)
end
def
emails_
with_verified_status
emails_in_key_chain
=
emails
emails_from_key
=
Gitlab
::
Gpg
.
emails_from_key
(
key
)
def
emails_
in_keychain
@emails_in_keychain
||=
Gitlab
::
Gpg
::
CurrentKeyChain
.
emails
(
fingerprint
)
end
emails_from_key
.
map
do
|
email
|
def
emails_with_verified_status
emails
.
map
do
|
email
|
[
email
,
email
==
user
.
email
&&
emails_in_key
_
chain
.
include?
(
email
)
email
==
user
.
email
&&
emails_in_keychain
.
include?
(
email
)
]
end
end
def
synchronize_keychain
if
emails
.
include?
(
user
.
email
)
add_to_keychain
else
remove_from_keychain
end
@emails_in_keychain
=
nil
end
private
def
extract_fingerprint
...
...
@@ -55,10 +66,6 @@ class GpgKey < ActiveRecord::Base
end
def
add_to_keychain
emails_from_key
=
Gitlab
::
Gpg
.
emails_from_key
(
key
)
return
unless
emails_from_key
.
include?
(
user
.
email
)
Gitlab
::
Gpg
::
CurrentKeyChain
.
add
(
key
)
end
...
...
app/models/user.rb
浏览文件 @
8bd94a73
...
...
@@ -155,6 +155,7 @@ class User < ActiveRecord::Base
before_validation
:set_public_email
,
if: :public_email_changed?
after_update
:update_emails_with_primary_email
,
if: :email_changed?
after_update
:synchronize_gpg_keys
,
if: :email_changed?
before_save
:ensure_authentication_token
,
:ensure_incoming_email_token
before_save
:ensure_user_rights_and_limits
,
if: :external_changed?
after_save
:ensure_namespace_correct
...
...
@@ -1157,4 +1158,10 @@ class User < ActiveRecord::Base
ensure
Gitlab
::
ExclusiveLease
.
cancel
(
lease_key
,
uuid
)
end
def
synchronize_gpg_keys
gpg_keys
.
each
do
|
gpg_key
|
gpg_key
.
synchronize_keychain
end
end
end
lib/gitlab/gpg.rb
浏览文件 @
8bd94a73
...
...
@@ -10,7 +10,9 @@ module Gitlab
end
def
remove
(
fingerprint
)
GPGME
::
Key
.
get
(
fingerprint
).
delete!
# `#get` raises an EOFError if the keychain is empty, which is why we
# use the friendlier `#find`
GPGME
::
Key
.
find
(
:public
,
fingerprint
).
each
(
&
:delete!
)
end
def
emails
(
fingerprint
)
...
...
spec/features/commits_spec.rb
浏览文件 @
8bd94a73
...
...
@@ -206,7 +206,8 @@ describe 'Commits' do
end
describe
'GPG signed commits'
do
let
(
:user
)
{
create
(
:user
)
}
let!
(
:user
)
{
create
:user
,
email:
GpgHelpers
::
User1
.
emails
.
first
}
let!
(
:gpg_key
)
{
create
:gpg_key
,
key:
GpgHelpers
::
User1
.
public_key
,
user:
user
}
before
do
project
.
team
<<
[
user
,
:master
]
...
...
@@ -214,8 +215,6 @@ describe 'Commits' do
end
it
'shows the signed status'
,
:gpg
do
GPGME
::
Key
.
import
(
GpgHelpers
::
User1
.
public_key
)
# FIXME: add this to the test repository directly
remote_path
=
project
.
repository
.
path_to_repo
Dir
.
mktmpdir
do
|
dir
|
...
...
@@ -233,6 +232,17 @@ describe 'Commits' do
expect
(
page
).
to
have_content
'Unverified'
expect
(
page
).
to
have_content
'Verified'
end
# user changes his email which makes the gpg key unverified
user
.
skip_reconfirmation!
user
.
update_attributes!
(
email:
'bette.cartwright@example.org'
)
visit
namespace_project_commits_path
(
project
.
namespace
,
project
,
:master
)
within
'#commits-list'
do
expect
(
page
).
to
have_content
'Unverified'
expect
(
page
).
not_to
have_content
'Verified'
end
end
end
end
spec/models/gpg_key_spec.rb
浏览文件 @
8bd94a73
...
...
@@ -22,33 +22,16 @@ describe GpgKey do
end
end
describe
'add_to_keychain'
do
context
"user's email matches one of the key's emails"
do
it
'calls .add after create'
do
expect
(
Gitlab
::
Gpg
::
CurrentKeyChain
).
to
receive
(
:add
).
with
(
GpgHelpers
::
User2
.
public_key
)
user
=
create
:user
,
email:
GpgHelpers
::
User2
.
emails
.
first
create
:gpg_key
,
user:
user
,
key:
GpgHelpers
::
User2
.
public_key
end
describe
'synchronize_keychain'
do
it
'calls #synchronize_keychain after create'
do
gpg_key
=
build
:gpg_key
expect
(
gpg_key
).
to
receive
(
:synchronize_keychain
)
gpg_key
.
save!
end
context
"user's email does not match one of the key's emails"
do
it
'does not call .add after create'
do
expect
(
Gitlab
::
Gpg
::
CurrentKeyChain
).
not_to
receive
(
:add
)
user
=
create
:user
create
:gpg_key
,
user:
user
,
key:
GpgHelpers
::
User2
.
public_key
end
end
end
describe
'remove_from_keychain'
do
it
'calls remove_from_keychain after destroy'
do
allow
(
Gitlab
::
Gpg
::
CurrentKeyChain
).
to
receive
:add
it
'calls #remove_from_keychain after destroy'
do
gpg_key
=
create
:gpg_key
expect
(
Gitlab
::
Gpg
::
CurrentKeyChain
).
to
receive
(
:remove
).
with
(
GpgHelpers
::
User1
.
fingerprint
)
expect
(
gpg_key
).
to
receive
(
:synchronize_keychain
)
gpg_key
.
destroy!
end
end
...
...
@@ -76,6 +59,15 @@ describe GpgKey do
end
end
describe
'#emails_in_keychain'
,
:gpg
do
it
'returns the emails from the keychain'
do
user
=
create
:user
,
email:
GpgHelpers
::
User1
.
emails
.
first
gpg_key
=
create
:gpg_key
,
key:
GpgHelpers
::
User1
.
public_key
,
user:
user
expect
(
gpg_key
.
emails_in_keychain
).
to
eq
GpgHelpers
::
User1
.
emails
end
end
describe
'#emails_with_verified_status'
,
:gpg
do
context
'key is in the keychain'
do
it
'email is verified if the user has the matching email'
do
...
...
@@ -104,6 +96,46 @@ describe GpgKey do
end
end
describe
'#synchronize_keychain'
,
:gpg
do
context
"user's email matches one of the key's emails"
do
it
'adds the key to the keychain'
do
user
=
create
:user
,
email:
GpgHelpers
::
User1
.
emails
.
first
gpg_key
=
create
:gpg_key
,
user:
user
expect
(
gpg_key
).
to
receive
(
:add_to_keychain
)
gpg_key
.
synchronize_keychain
end
end
context
"user's email does not match one of the key's emails"
do
it
'does not add the key to the keychain'
do
user
=
create
:user
,
email:
'stepanie@cole.us'
gpg_key
=
create
:gpg_key
,
user:
user
expect
(
gpg_key
).
to
receive
(
:remove_from_keychain
)
gpg_key
.
synchronize_keychain
end
end
end
describe
'#add_to_keychain'
,
:gpg
do
it
'calls .add_to_keychain'
do
expect
(
Gitlab
::
Gpg
::
CurrentKeyChain
).
to
receive
(
:add
).
with
(
GpgHelpers
::
User2
.
public_key
)
gpg_key
=
create
:gpg_key
,
key:
GpgHelpers
::
User2
.
public_key
gpg_key
.
send
(
:add_to_keychain
)
end
end
describe
'#remove_from_keychain'
,
:gpg
do
it
'calls .remove_from_keychain'
do
allow
(
Gitlab
::
Gpg
::
CurrentKeyChain
).
to
receive
(
:remove
).
with
(
GpgHelpers
::
User2
.
fingerprint
)
gpg_key
=
create
:gpg_key
,
key:
GpgHelpers
::
User2
.
public_key
gpg_key
.
send
(
:remove_from_keychain
)
end
end
describe
'notification'
do
include
EmailHelpers
...
...
spec/models/user_spec.rb
浏览文件 @
8bd94a73
...
...
@@ -1956,4 +1956,24 @@ describe User, models: true do
expect
(
user
.
allow_password_authentication?
).
to
be_falsey
end
end
context
'callbacks'
do
context
'.synchronize_gpg_keys'
do
let
(
:user
)
do
create
(
:user
,
email:
'tula.torphy@abshire.ca'
).
tap
do
|
user
|
user
.
skip_reconfirmation!
end
end
it
'does nothing when the name is updated'
do
expect
(
user
).
not_to
receive
(
:synchronize_gpg_keys
)
user
.
update_attributes!
(
name:
'Bette'
)
end
it
'synchronizes the gpg keys when the email is updated'
do
expect
(
user
).
to
receive
(
:synchronize_gpg_keys
)
user
.
update_attributes!
(
email:
'shawnee.ritchie@denesik.com'
)
end
end
end
end
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录