Commit f0fe1b9d authored by Alexis Reigel's avatar Alexis Reigel

gpg email verification

parent 0668521b
module BadgesHelper
def verified_email_badge(email, verified)
css_classes = %w(btn btn-xs disabled)
css_classes << 'btn-success' if verified
content_tag 'span', class: css_classes do
"#{email} #{verified ? 'Verified' : 'Unverified'}"
end
end
end
...@@ -31,6 +31,18 @@ class GpgKey < ActiveRecord::Base ...@@ -31,6 +31,18 @@ class GpgKey < ActiveRecord::Base
Gitlab::Gpg::CurrentKeyChain.emails(fingerprint) Gitlab::Gpg::CurrentKeyChain.emails(fingerprint)
end end
def emails_with_verified_status
emails_in_key_chain = emails
emails_from_key = Gitlab::Gpg.emails_from_key(key)
emails_from_key.map do |email|
[
email,
email == user.email && emails_in_key_chain.include?(email)
]
end
end
private private
def extract_fingerprint def extract_fingerprint
...@@ -40,6 +52,10 @@ class GpgKey < ActiveRecord::Base ...@@ -40,6 +52,10 @@ class GpgKey < ActiveRecord::Base
end end
def add_to_keychain def add_to_keychain
emails_from_key = Gitlab::Gpg.emails_from_key(key)
return unless emails_from_key.include?(user.email)
Gitlab::Gpg::CurrentKeyChain.add(key) Gitlab::Gpg::CurrentKeyChain.add(key)
end end
......
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
.pull-left.append-right-10 .pull-left.append-right-10
= icon 'key', class: "settings-list-icon hidden-xs" = icon 'key', class: "settings-list-icon hidden-xs"
.key-list-item-info .key-list-item-info
= key.emails.join(' ') = key.emails_with_verified_status.map { |email, verified| verified_email_badge(email, verified) }.join(' ').html_safe
.description .description
= key.fingerprint = key.fingerprint
.pull-right .pull-right
......
require 'rails_helper' require 'rails_helper'
feature 'Profile > GPG Keys', :gpg do feature 'Profile > GPG Keys', :gpg do
let(:user) { create(:user) } let(:user) { create(:user, email: GpgHelpers::User2.emails.first) }
before do before do
login_as(user) login_as(user)
...@@ -13,24 +13,26 @@ feature 'Profile > GPG Keys', :gpg do ...@@ -13,24 +13,26 @@ feature 'Profile > GPG Keys', :gpg do
end end
scenario 'saves the new key' do scenario 'saves the new key' do
fill_in('Key', with: attributes_for(:gpg_key)[:key]) fill_in('Key', with: GpgHelpers::User2.public_key)
click_button('Add key') click_button('Add key')
expect(page).to have_content(GpgHelpers::User1.emails.join) expect(page).to have_content('bette.cartwright@example.com Verified')
expect(page).to have_content(GpgHelpers::User1.fingerprint) expect(page).to have_content('bette.cartwright@example.net Unverified')
expect(page).to have_content(GpgHelpers::User2.fingerprint)
end end
end end
scenario 'User sees their keys' do scenario 'User sees their key' do
create(:gpg_key, user: user) create(:gpg_key, user: user, key: GpgHelpers::User2.public_key)
visit profile_gpg_keys_path visit profile_gpg_keys_path
expect(page).to have_content(GpgHelpers::User1.emails.join) expect(page).to have_content('bette.cartwright@example.com Verified')
expect(page).to have_content(GpgHelpers::User1.fingerprint) expect(page).to have_content('bette.cartwright@example.net Unverified')
expect(page).to have_content(GpgHelpers::User2.fingerprint)
end end
scenario 'User removes a key via the key index' do scenario 'User removes a key via the key index' do
create(:gpg_key, user: user) create(:gpg_key, user: user, key: GpgHelpers::User2.public_key)
visit profile_gpg_keys_path visit profile_gpg_keys_path
click_link('Remove') click_link('Remove')
......
...@@ -23,9 +23,20 @@ describe GpgKey do ...@@ -23,9 +23,20 @@ describe GpgKey do
end end
describe 'add_to_keychain' do describe 'add_to_keychain' do
it 'calls add_to_keychain after create' do context "user's email matches one of the key's emails" do
expect(Gitlab::Gpg::CurrentKeyChain).to receive(:add).with(GpgHelpers::User1.public_key) it 'calls .add after create' do
create :gpg_key expect(Gitlab::Gpg::CurrentKeyChain).to receive(:add).with(GpgHelpers::User2.public_key)
user = create :user, email: GpgHelpers::User2.emails.first
create :gpg_key, user: user, key: GpgHelpers::User2.public_key
end
end
context "user's email does not match one of the key's emails" do
it 'does not call .add after create' do
expect(Gitlab::Gpg::CurrentKeyChain).not_to receive(:add)
user = create :user
create :gpg_key, user: user, key: GpgHelpers::User2.public_key
end
end end
end end
...@@ -64,4 +75,32 @@ describe GpgKey do ...@@ -64,4 +75,32 @@ describe GpgKey do
expect(gpg_key.emails).to eq GpgHelpers::User1.emails expect(gpg_key.emails).to eq GpgHelpers::User1.emails
end end
end end
describe '#emails_with_verified_status', :gpg do
context 'key is in the keychain' do
it 'email is verified if the user has the matching email' do
user = create :user, email: 'bette.cartwright@example.com'
gpg_key = create :gpg_key, key: GpgHelpers::User2.public_key, user: user
expect(gpg_key.emails_with_verified_status).to match_array [
['bette.cartwright@example.com', true],
['bette.cartwright@example.net', false]
]
end
end
context 'key is in not the keychain' do
it 'emails are unverified' do
user = create :user, email: 'bette.cartwright@example.com'
gpg_key = create :gpg_key, key: GpgHelpers::User2.public_key, user: user
Gitlab::Gpg::CurrentKeyChain.remove(GpgHelpers::User2.fingerprint)
expect(gpg_key.emails_with_verified_status).to match_array [
['bette.cartwright@example.com', false],
['bette.cartwright@example.net', false]
]
end
end
end
end end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment