commit signature with spec

28bb5e3d · Alexis Reigel · 817d9558 · 28bb5e3d · 28bb5e3d · 28bb5e3d
Commit 28bb5e3d authored Feb 16, 2017 by Alexis Reigel
5 changed files
--- a/app/models/commit.rb
+++ b/app/models/commit.rb
@@ -237,7 +237,7 @@ class Commit
  def signature
    return @signature if defined?(@signature)

-    sig, signed = @raw.extract_signature(project.repository.raw_repository)
+    sig, signed = @raw.signature(project.repository)
    if sig && signed
      GPGME::Crypto.new.verify(sig, signed_text: signed) do |sign|
        @signature = sign

--- a/lib/gitlab/git/commit.rb
+++ b/lib/gitlab/git/commit.rb
@@ -319,7 +319,12 @@ module Gitlab
        end
      end

-      def extract_signature(repo)
+      # Get the gpg signature of this commit.
+      #
+      # Ex.
+      #   commit.signature(repo)
+      #
+      def signature(repo)
        Rugged::Commit.extract_signature(repo.rugged, sha)
      end


--- a/spec/models/commit_spec.rb
+++ b/spec/models/commit_spec.rb
@@ -414,4 +414,44 @@ eos
      expect(described_class.valid_hash?('a' * 41)).to be false
    end
  end
+
+  describe '#signature' do
+    it 'returns nil if the commit is not signed' do
+      expect(commit.signature).to be_nil
+    end
+
+    context 'signed commit', :gpg do
+      it 'returns a valid signature if the public key is known' do
+        GPGME::Key.import(GpgHelpers.public_key)
+
+        raw_commit = double(:raw_commit, signature: [
+          GpgHelpers.signed_commit_signature,
+          GpgHelpers.signed_commit_base_data
+        ])
+        allow(raw_commit).to receive :save!
+
+        commit = create :commit,
+          git_commit: raw_commit,
+          project: project
+
+        expect(commit.signature).to be_a GPGME::Signature
+        expect(commit.signature.valid?).to be_truthy
+      end
+
+      it 'returns an invalid signature if the public commit is unknown', :gpg do
+        raw_commit = double(:raw_commit, signature: [
+          GpgHelpers.signed_commit_signature,
+          GpgHelpers.signed_commit_base_data
+        ])
+        allow(raw_commit).to receive :save!
+
+        commit = create :commit,
+          git_commit: raw_commit,
+          project: project
+
+        expect(commit.signature).to be_a GPGME::Signature
+        expect(commit.signature.valid?).to be_falsey
+      end
+    end
+  end
 end
--- a/spec/spec_helper.rb
+++ b/spec/spec_helper.rb
@@ -141,6 +141,18 @@ RSpec.configure do |config|
  config.around(:each, :postgresql) do |example|
    example.run if Gitlab::Database.postgresql?
  end
+
+  config.around(:each, :gpg) do |example|
+    Dir.mktmpdir do |dir|
+      original_dir = GPGME::Engine.dirinfo('homedir')
+
+      GPGME::Engine.home_dir = dir
+
+      example.run
+
+      GPGME::Engine.home_dir = original_dir
+    end
+  end
 end

 FactoryGirl::SyntaxRunner.class_eval do

--- a/spec/support/gpg_helpers.rb
+++ b/spec/support/gpg_helpers.rb