signed_commits_spec.rb 5.05 KB
Newer Older
1 2
# frozen_string_literal: true

3 4
require 'spec_helper'

5
describe 'GPG signed commits' do
6
  let(:project) { create(:project, :public, :repository) }
7 8

  it 'changes from unverified to verified when the user changes his email to match the gpg key' do
9 10
    ref = GpgHelpers::SIGNED_AND_AUTHORED_SHA
    user = create(:user, email: 'unrelated.user@example.org')
11

12
    perform_enqueued_jobs do
13 14 15
      create :gpg_key, key: GpgHelpers::User1.public_key, user: user
    end

16
    visit project_commit_path(project, ref)
17

18 19
    expect(page).to have_link 'Unverified'
    expect(page).not_to have_link 'Verified'
20 21

    # user changes his email which makes the gpg key verified
22
    perform_enqueued_jobs do
23
      user.skip_reconfirmation!
Lin Jen-Shin's avatar
Lin Jen-Shin committed
24
      user.update!(email: GpgHelpers::User1.emails.first)
25 26
    end

27
    visit project_commit_path(project, ref)
28

29 30
    expect(page).not_to have_link 'Unverified'
    expect(page).to have_link 'Verified'
31 32 33
  end

  it 'changes from unverified to verified when the user adds the missing gpg key' do
34 35
    ref = GpgHelpers::SIGNED_AND_AUTHORED_SHA
    user = create(:user, email: GpgHelpers::User1.emails.first)
36

37
    visit project_commit_path(project, ref)
38

39 40
    expect(page).to have_link 'Unverified'
    expect(page).not_to have_link 'Verified'
41 42

    # user adds the gpg key which makes the signature valid
43
    perform_enqueued_jobs do
44 45 46
      create :gpg_key, key: GpgHelpers::User1.public_key, user: user
    end

47
    visit project_commit_path(project, ref)
48

49 50
    expect(page).not_to have_link 'Unverified'
    expect(page).to have_link 'Verified'
51 52
  end

53
  context 'shows popover badges', :js do
54 55
    let(:user_1) do
      create :user, email: GpgHelpers::User1.emails.first, username: 'nannie.bernhard', name: 'Nannie Bernhard'
56 57
    end

58
    let(:user_1_key) do
59
      perform_enqueued_jobs do
60 61 62
        create :gpg_key, key: GpgHelpers::User1.public_key, user: user_1
      end
    end
63

64 65 66 67 68 69
    let(:user_2) do
      create(:user, email: GpgHelpers::User2.emails.first, username: 'bette.cartwright', name: 'Bette Cartwright').tap do |user|
        # secondary, unverified email
        create :email, user: user, email: GpgHelpers::User2.emails.last
      end
    end
70

71
    let(:user_2_key) do
72
      perform_enqueued_jobs do
73 74
        create :gpg_key, key: GpgHelpers::User2.public_key, user: user_2
      end
75 76
    end

77
    it 'unverified signature' do
78
      visit project_commit_path(project, GpgHelpers::SIGNED_COMMIT_SHA)
79

80
      click_on 'Unverified'
Clement Ho's avatar
Clement Ho committed
81 82 83 84

      within '.popover' do
        expect(page).to have_content 'This commit was signed with an unverified signature.'
        expect(page).to have_content "GPG Key ID: #{GpgHelpers::User2.primary_keyid}"
85 86 87 88 89 90
      end
    end

    it 'unverified signature: user email does not match the committer email, but is the same user' do
      user_2_key

91
      visit project_commit_path(project, GpgHelpers::DIFFERING_EMAIL_SHA)
92

93
      click_on 'Unverified'
Clement Ho's avatar
Clement Ho committed
94 95 96 97 98 99

      within '.popover' do
        expect(page).to have_content 'This commit was signed with a verified signature, but the committer email is not verified to belong to the same user.'
        expect(page).to have_content 'Bette Cartwright'
        expect(page).to have_content '@bette.cartwright'
        expect(page).to have_content "GPG Key ID: #{GpgHelpers::User2.primary_keyid}"
100 101 102 103 104 105
      end
    end

    it 'unverified signature: user email does not match the committer email' do
      user_2_key

106
      visit project_commit_path(project, GpgHelpers::SIGNED_COMMIT_SHA)
107

108
      click_on 'Unverified'
Clement Ho's avatar
Clement Ho committed
109 110 111 112 113 114

      within '.popover' do
        expect(page).to have_content "This commit was signed with a different user's verified signature."
        expect(page).to have_content 'Bette Cartwright'
        expect(page).to have_content '@bette.cartwright'
        expect(page).to have_content "GPG Key ID: #{GpgHelpers::User2.primary_keyid}"
115 116 117 118 119 120
      end
    end

    it 'verified and the gpg user has a gitlab profile' do
      user_1_key

121
      visit project_commit_path(project, GpgHelpers::SIGNED_AND_AUTHORED_SHA)
122

123
      click_on 'Verified'
Clement Ho's avatar
Clement Ho committed
124 125 126 127 128 129

      within '.popover' do
        expect(page).to have_content 'This commit was signed with a verified signature and the committer email is verified to belong to the same user.'
        expect(page).to have_content 'Nannie Bernhard'
        expect(page).to have_content '@nannie.bernhard'
        expect(page).to have_content "GPG Key ID: #{GpgHelpers::User1.primary_keyid}"
130 131 132 133 134 135
      end
    end

    it "verified and the gpg user's profile doesn't exist anymore" do
      user_1_key

136
      visit project_commit_path(project, GpgHelpers::SIGNED_AND_AUTHORED_SHA)
137 138

      # wait for the signature to get generated
139
      expect(page).to have_link 'Verified'
140 141 142 143

      user_1.destroy!

      refresh
144

145
      click_on 'Verified'
Clement Ho's avatar
Clement Ho committed
146 147 148 149 150 151

      within '.popover' do
        expect(page).to have_content 'This commit was signed with a verified signature and the committer email is verified to belong to the same user.'
        expect(page).to have_content 'Nannie Bernhard'
        expect(page).to have_content 'nannie.bernhard@example.com'
        expect(page).to have_content "GPG Key ID: #{GpgHelpers::User1.primary_keyid}"
152
      end
153 154 155
    end
  end
end