debian-mirror-gitlab/spec/features/profiles/keys_spec.rb

152 lines
4.1 KiB
Ruby
Raw Normal View History

2019-10-12 21:52:04 +05:30
# frozen_string_literal: true
2019-12-04 20:38:33 +05:30
require 'spec_helper'
2016-09-29 09:46:39 +05:30
2023-04-23 21:23:45 +05:30
RSpec.describe 'Profile > SSH Keys', feature_category: :user_profile do
2016-09-29 09:46:39 +05:30
let(:user) { create(:user) }
before do
2017-09-10 17:25:29 +05:30
sign_in(user)
2016-09-29 09:46:39 +05:30
end
2016-11-03 12:29:30 +05:30
describe 'User adds a key' do
before do
visit profile_keys_path
end
2018-11-08 19:23:39 +05:30
it 'auto-populates the title', :js do
2016-09-29 09:46:39 +05:30
fill_in('Key', with: attributes_for(:key).fetch(:key))
2017-08-17 22:00:37 +05:30
expect(page).to have_field("Title", with: "dummy@gitlab.com")
2016-09-29 09:46:39 +05:30
end
2016-11-03 12:29:30 +05:30
2018-11-08 19:23:39 +05:30
it 'saves the new key' do
2016-11-03 12:29:30 +05:30
attrs = attributes_for(:key)
fill_in('Key', with: attrs[:key])
fill_in('Title', with: attrs[:title])
click_button('Add key')
expect(page).to have_content("Title: #{attrs[:title]}")
expect(page).to have_content(attrs[:key])
2022-07-16 23:28:13 +05:30
expect(find('[data-testid="breadcrumb-current-link"]')).to have_link(attrs[:title])
2018-03-17 18:26:18 +05:30
end
2022-03-02 08:16:31 +05:30
it 'shows a confirmable warning if the key begins with an algorithm name that is unsupported' do
2018-11-08 19:23:39 +05:30
attrs = attributes_for(:key)
2022-03-02 08:16:31 +05:30
fill_in('Key', with: 'unsupported-ssh-rsa key')
2018-11-08 19:23:39 +05:30
fill_in('Title', with: attrs[:title])
click_button('Add key')
expect(page).to have_selector('.js-add-ssh-key-validation-warning')
find('.js-add-ssh-key-validation-confirm-submit').click
expect(page).to have_content('Key is invalid')
end
2018-03-17 18:26:18 +05:30
context 'when only DSA and ECDSA keys are allowed' do
before do
forbidden = ApplicationSetting::FORBIDDEN_KEY_VALUE
2022-04-04 11:22:00 +05:30
stub_application_setting(
rsa_key_restriction: forbidden,
ed25519_key_restriction: forbidden,
ecdsa_sk_key_restriction: forbidden,
ed25519_sk_key_restriction: forbidden
)
2018-03-17 18:26:18 +05:30
end
2018-11-08 19:23:39 +05:30
it 'shows a validation error' do
2018-03-17 18:26:18 +05:30
attrs = attributes_for(:key)
fill_in('Key', with: attrs[:key])
fill_in('Title', with: attrs[:title])
click_button('Add key')
expect(page).to have_content('Key type is forbidden. Must be DSA or ECDSA')
end
2016-11-03 12:29:30 +05:30
end
end
2021-02-22 17:27:13 +05:30
it 'user sees their keys' do
2016-11-03 12:29:30 +05:30
key = create(:key, user: user)
visit profile_keys_path
expect(page).to have_content(key.title)
end
2023-04-23 21:23:45 +05:30
def destroy_key(path, action, confirmation_button)
visit path
page.click_button(action)
page.within('.modal') do
page.click_button(confirmation_button)
end
expect(page).to have_content('Your SSH keys (0)')
end
2021-01-03 14:25:43 +05:30
describe 'User removes a key', :js do
2023-04-23 21:23:45 +05:30
let!(:key) { create(:key, user: user) }
2016-11-03 12:29:30 +05:30
2023-04-23 21:23:45 +05:30
context 'via the key index' do
it 'removes key' do
destroy_key(profile_keys_path, 'Remove', 'Delete')
end
end
2016-11-03 12:29:30 +05:30
2023-04-23 21:23:45 +05:30
context 'via its details page' do
it 'removes key' do
destroy_key(profile_keys_path(key), 'Remove', 'Delete')
2021-01-03 14:25:43 +05:30
end
end
2023-04-23 21:23:45 +05:30
end
describe 'User revokes a key', :js do
context 'when a commit is signed using SSH key' do
let!(:project) { create(:project, :repository) }
let!(:key) { create(:key, user: user) }
let!(:commit) { project.commit('ssh-signed-commit') }
let!(:signature) do
create(:ssh_signature,
project: project,
key: key,
key_fingerprint_sha256: key.fingerprint_sha256,
commit_sha: commit.sha)
end
2016-11-03 12:29:30 +05:30
2021-01-03 14:25:43 +05:30
before do
2023-04-23 21:23:45 +05:30
project.add_developer(user)
2021-01-03 14:25:43 +05:30
end
2023-04-23 21:23:45 +05:30
it 'revoking the SSH key marks commits as unverified' do
visit project_commit_path(project, commit)
wait_for_all_requests
2016-11-03 12:29:30 +05:30
2023-04-23 21:23:45 +05:30
find('a.signature-badge', text: 'Verified').click
2016-11-03 12:29:30 +05:30
2023-04-23 21:23:45 +05:30
within('.popover') do
expect(page).to have_content("Verified commit")
expect(page).to have_content("SSH key fingerprint: #{key.fingerprint_sha256}")
end
destroy_key(profile_keys_path, 'Revoke', 'Revoke')
visit project_commit_path(project, commit)
wait_for_all_requests
2021-01-03 14:25:43 +05:30
2023-04-23 21:23:45 +05:30
find('a.signature-badge', text: 'Unverified').click
within('.popover') do
expect(page).to have_content("Unverified signature")
expect(page).to have_content('This commit was signed with a key that was revoked.')
expect(page).to have_content("SSH key fingerprint: #{signature.key_fingerprint_sha256}")
end
end
2021-01-03 14:25:43 +05:30
end
2016-09-29 09:46:39 +05:30
end
end