BigW Consortium Gitlab
Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
G
gitlab-ce
Project
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
Registry
Registry
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Commits
Issue Boards
Open sidebar
Forest Godfrey
gitlab-ce
Commits
dd139e65
Commit
dd139e65
authored
Oct 04, 2017
by
Rubén Dávila
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Invalidate GpgSignatures associated to GpgKeySubkeys when revoking the GpgKey
parent
2577cc99
Hide whitespace changes
Inline
Side-by-side
Showing
6 changed files
with
66 additions
and
3 deletions
+66
-3
gpg_key.rb
app/models/gpg_key.rb
+2
-1
gpg_signature.rb
app/models/gpg_signature.rb
+13
-0
20171002161539_create_gpg_key_subkeys_for_existing_gpg_keys.rb
...002161539_create_gpg_key_subkeys_for_existing_gpg_keys.rb
+1
-1
gpg_signature.rb
spec/factories/gpg_signature.rb
+1
-1
gpg_key_spec.rb
spec/models/gpg_key_spec.rb
+24
-0
gpg_signature_spec.rb
spec/models/gpg_signature_spec.rb
+25
-0
No files found.
app/models/gpg_key.rb
View file @
dd139e65
...
...
@@ -91,10 +91,11 @@ class GpgKey < ActiveRecord::Base
def
revoke
GpgSignature
.
w
here
(
gpg_key:
self
)
.
w
ith_key_and_subkeys
(
self
)
.
where
.
not
(
verification_status:
GpgSignature
.
verification_statuses
[
:unknown_key
])
.
update_all
(
gpg_key_id:
nil
,
gpg_key_subkey_id:
nil
,
verification_status:
GpgSignature
.
verification_statuses
[
:unknown_key
],
updated_at:
Time
.
zone
.
now
)
...
...
app/models/gpg_signature.rb
View file @
dd139e65
...
...
@@ -21,6 +21,19 @@ class GpgSignature < ActiveRecord::Base
validates
:project_id
,
presence:
true
validates
:gpg_key_primary_keyid
,
presence:
true
def
self
.
with_key_and_subkeys
(
gpg_key
)
return
none
unless
gpg_key
t
=
arel_table
subkey_ids
=
gpg_key
&
.
subkeys
&
.
pluck
(
:id
)
where
(
t
[
:gpg_key_id
].
eq
(
gpg_key
&
.
id
).
or
(
t
[
:gpg_key_subkey_id
].
in
(
subkey_ids
)
)
)
end
def
gpg_key
=
(
model
)
case
model
when
GpgKey
...
...
db/post_migrate/20171002161539_create_gpg_key_subkeys_for_existing_gpg_keys.rb
View file @
dd139e65
...
...
@@ -30,7 +30,7 @@ class CreateGpgKeySubkeysForExistingGpgKeys < ActiveRecord::Migration
def
up
GpgKey
.
with_subkeys
.
each_batch
do
|
batch
|
batch
.
each
do
|
gpg_key
|
return
if
gpg_key
.
subkeys
.
any?
next
if
gpg_key
.
subkeys
.
any?
create_subkeys
(
gpg_key
)
&&
update_signatures
(
gpg_key
)
end
...
...
spec/factories/gpg_signature.rb
View file @
dd139e65
...
...
@@ -5,7 +5,7 @@ FactoryGirl.define do
commit_sha
{
Digest
::
SHA1
.
hexdigest
(
SecureRandom
.
hex
)
}
project
gpg_key
gpg_key_primary_keyid
{
gpg_key
.
primary_
keyid
}
gpg_key_primary_keyid
{
gpg_key
.
keyid
}
verification_status
:verified
end
end
spec/models/gpg_key_spec.rb
View file @
dd139e65
...
...
@@ -191,5 +191,29 @@ describe GpgKey do
expect
(
unrelated_gpg_key
.
destroyed?
).
to
be
false
end
it
'deletes all the associated subkeys'
do
gpg_key
=
create
:gpg_key
,
key:
GpgHelpers
::
User3
.
public_key
expect
(
gpg_key
.
subkeys
).
to
be_present
gpg_key
.
revoke
expect
(
gpg_key
.
subkeys
(
true
)).
to
be_blank
end
it
'invalidates all signatures associated to the subkeys'
do
gpg_key
=
create
:gpg_key
,
key:
GpgHelpers
::
User3
.
public_key
gpg_key_subkey
=
gpg_key
.
subkeys
.
last
gpg_signature
=
create
:gpg_signature
,
verification_status: :verified
,
gpg_key:
gpg_key_subkey
gpg_key
.
revoke
expect
(
gpg_signature
.
reload
).
to
have_attributes
(
verification_status:
'unknown_key'
,
gpg_key:
nil
,
gpg_key_subkey:
nil
)
end
end
end
spec/models/gpg_signature_spec.rb
View file @
dd139e65
require
'rails_helper'
RSpec
.
describe
GpgSignature
do
let
(
:gpg_key
)
{
create
(
:gpg_key
)
}
let
(
:gpg_key_subkey
)
{
create
(
:gpg_key_subkey
)
}
describe
'associations'
do
it
{
is_expected
.
to
belong_to
(
:project
)
}
it
{
is_expected
.
to
belong_to
(
:gpg_key
)
}
...
...
@@ -26,4 +29,26 @@ RSpec.describe GpgSignature do
gpg_signature
.
commit
end
end
describe
'#gpg_key='
do
it
'supports the assignment of a GpgKey'
do
gpg_signature
=
create
(
:gpg_signature
,
gpg_key:
gpg_key
)
expect
(
gpg_signature
.
gpg_key
).
to
be_an_instance_of
(
GpgKey
)
end
it
'supports the assignment of a GpgKeySubkey'
do
gpg_signature
=
create
(
:gpg_signature
,
gpg_key:
gpg_key_subkey
)
expect
(
gpg_signature
.
gpg_key
).
to
be_an_instance_of
(
GpgKeySubkey
)
end
it
'clears gpg_key and gpg_key_subkey_id when passing nil'
do
gpg_signature
=
create
(
:gpg_signature
,
gpg_key:
gpg_key_subkey
)
gpg_signature
.
update_attribute
(
:gpg_key
,
nil
)
expect
(
gpg_signature
.
gpg_key_id
).
to
be_nil
expect
(
gpg_signature
.
gpg_key_subkey_id
).
to
be_nil
end
end
end
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment