# frozen_string_literal: true require 'spec_helper' RSpec.describe 'Profile > SSH Keys', feature_category: :user_profile do let(:user) { create(:user) } before do sign_in(user) end describe 'User adds a key' do before do visit profile_keys_path end it 'auto-populates the title', :js do fill_in('Key', with: attributes_for(:key).fetch(:key)) expect(page).to have_field("Title", with: "dummy@gitlab.com") end it 'saves the new key' do attrs = attributes_for(:key) fill_in('Key', with: attrs[:key]) fill_in('Title', with: attrs[:title]) click_button('Add key') expect(page).to have_content("Title: #{attrs[:title]}") expect(page).to have_content(attrs[:key]) expect(find('[data-testid="breadcrumb-current-link"]')).to have_link(attrs[:title]) end it 'shows a confirmable warning if the key begins with an algorithm name that is unsupported' do attrs = attributes_for(:key) fill_in('Key', with: 'unsupported-ssh-rsa key') fill_in('Title', with: attrs[:title]) click_button('Add key') expect(page).to have_selector('.js-add-ssh-key-validation-warning') find('.js-add-ssh-key-validation-confirm-submit').click expect(page).to have_content('Key is invalid') end context 'when only DSA and ECDSA keys are allowed' do before do forbidden = ApplicationSetting::FORBIDDEN_KEY_VALUE stub_application_setting( rsa_key_restriction: forbidden, ed25519_key_restriction: forbidden, ecdsa_sk_key_restriction: forbidden, ed25519_sk_key_restriction: forbidden ) end it 'shows a validation error' do attrs = attributes_for(:key) fill_in('Key', with: attrs[:key]) fill_in('Title', with: attrs[:title]) click_button('Add key') expect(page).to have_content('Key type is forbidden. Must be DSA or ECDSA') end end end it 'user sees their keys' do key = create(:key, user: user) visit profile_keys_path expect(page).to have_content(key.title) end def destroy_key(path, action, confirmation_button) visit path page.click_button(action) page.within('.modal') do page.click_button(confirmation_button) end expect(page).to have_content('Your SSH keys (0)') end describe 'User removes a key', :js do let!(:key) { create(:key, user: user) } context 'via the key index' do it 'removes key' do destroy_key(profile_keys_path, 'Remove', 'Delete') end end context 'via its details page' do it 'removes key' do destroy_key(profile_keys_path(key), 'Remove', 'Delete') end end end describe 'User revokes a key', :js do context 'when a commit is signed using SSH key' do let!(:project) { create(:project, :repository) } let!(:key) { create(:key, user: user) } let!(:commit) { project.commit('ssh-signed-commit') } let!(:signature) do create(:ssh_signature, project: project, key: key, key_fingerprint_sha256: key.fingerprint_sha256, commit_sha: commit.sha) end before do project.add_developer(user) end it 'revoking the SSH key marks commits as unverified' do visit project_commit_path(project, commit) wait_for_all_requests find('a.signature-badge', text: 'Verified').click within('.popover') do expect(page).to have_content("Verified commit") expect(page).to have_content("SSH key fingerprint: #{key.fingerprint_sha256}") end destroy_key(profile_keys_path, 'Revoke', 'Revoke') visit project_commit_path(project, commit) wait_for_all_requests find('a.signature-badge', text: 'Unverified').click within('.popover') do expect(page).to have_content("Unverified signature") expect(page).to have_content('This commit was signed with a key that was revoked.') expect(page).to have_content("SSH key fingerprint: #{signature.key_fingerprint_sha256}") end end end end end