spec/lib/gitlab/gpg/commit_spec.rb


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83

require 'rails_helper'

RSpec.describe Gitlab::Gpg::Commit do
  describe '#signature' do
    let!(:project) { create :project, :repository, path: 'sample-project' }

    context 'unisgned commit' do
      it 'returns nil' do
        expect(described_class.new(project.commit).signature).to be_nil
      end
    end

    context 'known and verified public key' do
      it 'returns a valid signature' do
        gpg_key = create :gpg_key, key: GpgHelpers::User1.public_key, user: create(:user, email: GpgHelpers::User1.emails.first)

        raw_commit = double(:raw_commit, signature: [
          GpgHelpers::User1.signed_commit_signature,
          GpgHelpers::User1.signed_commit_base_data
        ], sha: '0beec7b5ea3f0fdbc95d0dd47f3c5bc275da8a33')
        allow(raw_commit).to receive :save!

        commit = create :commit,
          git_commit: raw_commit,
          project: project

        expect(described_class.new(commit).signature).to have_attributes(
          commit_sha: '0beec7b5ea3f0fdbc95d0dd47f3c5bc275da8a33',
          project: project,
          gpg_key: gpg_key,
          gpg_key_primary_keyid: GpgHelpers::User1.primary_keyid,
          valid_signature: true
        )
      end
    end

    context 'known but unverified public key' do
      it 'returns an invalid signature' do
        gpg_key = create :gpg_key, key: GpgHelpers::User1.public_key

        raw_commit = double(:raw_commit, signature: [
          GpgHelpers::User1.signed_commit_signature,
          GpgHelpers::User1.signed_commit_base_data
        ], sha: '0beec7b5ea3f0fdbc95d0dd47f3c5bc275da8a33')
        allow(raw_commit).to receive :save!

        commit = create :commit,
          git_commit: raw_commit,
          project: project

        expect(described_class.new(commit).signature).to have_attributes(
          commit_sha: '0beec7b5ea3f0fdbc95d0dd47f3c5bc275da8a33',
          project: project,
          gpg_key: gpg_key,
          gpg_key_primary_keyid: GpgHelpers::User1.primary_keyid,
          valid_signature: false
        )
      end
    end

    context 'unknown public key' do
      it 'returns an invalid signature', :gpg do
        raw_commit = double(:raw_commit, signature: [
          GpgHelpers::User1.signed_commit_signature,
          GpgHelpers::User1.signed_commit_base_data
        ], sha: '0beec7b5ea3f0fdbc95d0dd47f3c5bc275da8a33')
        allow(raw_commit).to receive :save!

        commit = create :commit,
          git_commit: raw_commit,
          project: project

        expect(described_class.new(commit).signature).to have_attributes(
          commit_sha: '0beec7b5ea3f0fdbc95d0dd47f3c5bc275da8a33',
          project: project,
          gpg_key: nil,
          gpg_key_primary_keyid: nil,
          valid_signature: false
        )
      end
    end
  end
end