user may now revoke a gpg key

other than just removing a key, which doesn't affect the verified state of a commit, revoking a key unverifies all signed commits.
author: Alexis Reigel <mail@koffeinfrei.org> 2017-07-12 08:59:28 +0300
committer: Alexis Reigel <mail@koffeinfrei.org> 2017-07-27 16:43:37 +0300
commit: 027309eb2ae54614a2ee1a0ca9e4cea76a86b94b (patch)
tree: d5479187f2a89e2a24e5a62044861effd05b841c /spec/models/gpg_key_spec.rb
parent: 111edaa9f75f402cc18c2bec5cab9aa6615d9c4d (diff)
1 files changed, 27 insertions, 0 deletions
diff --git a/spec/models/gpg_key_spec.rb b/spec/models/gpg_key_spec.rb
index ffbf8760e86..ddd0bbfb9ba 100644
--- a/spec/models/gpg_key_spec.rb
+++ b/spec/models/gpg_key_spec.rb
@@ -95,4 +95,31 @@ describe GpgKey do
       should_email(user)
     end
   end
+
+  describe '#revoke' do
+    it 'invalidates all associated gpg signatures and destroys the key' do
+      gpg_key = create :gpg_key
+      gpg_signature = create :gpg_signature, valid_signature: true, gpg_key: gpg_key
+
+      unrelated_gpg_key = create :gpg_key, key: GpgHelpers::User2.public_key
+      unrelated_gpg_signature = create :gpg_signature, valid_signature: true, gpg_key: unrelated_gpg_key
+
+      gpg_key.revoke
+
+      expect(gpg_signature.reload).to have_attributes(
+        valid_signature: false,
+        gpg_key: nil
+      )
+
+      expect(gpg_key.destroyed?).to be true
+
+      # unrelated signature is left untouched
+      expect(unrelated_gpg_signature.reload).to have_attributes(
+        valid_signature: true,
+        gpg_key: unrelated_gpg_key
+      )
+
+      expect(unrelated_gpg_key.destroyed?).to be false
+    end
+  end
 end
author	Alexis Reigel <mail@koffeinfrei.org>	2017-07-12 08:59:28 +0300
committer	Alexis Reigel <mail@koffeinfrei.org>	2017-07-27 16:43:37 +0300
commit	027309eb2ae54614a2ee1a0ca9e4cea76a86b94b (patch)
tree	d5479187f2a89e2a24e5a62044861effd05b841c /spec/models/gpg_key_spec.rb
parent	111edaa9f75f402cc18c2bec5cab9aa6615d9c4d (diff)