debian-mirror-gitlab/spec/lib/gitlab/ssh/commit_spec.rb

# frozen_string_literal: true
require 'spec_helper'

RSpec.describe Gitlab::Ssh::Commit, feature_category: :source_code_management do
  let_it_be(:project) { create(:project, :repository) }
  let_it_be(:signed_by_key) { create(:key) }
  let_it_be(:fingerprint) { signed_by_key.fingerprint_sha256 }

  let(:commit) { create(:commit, project: project) }
  let(:signature_text) { 'signature_text' }
  let(:signed_text) { 'signed_text' }
  let(:signature_data) { [signature_text, signed_text] }
  let(:verifier) { instance_double('Gitlab::Ssh::Signature') }
  let(:verification_status) { :verified }

  subject(:signature) { described_class.new(commit).signature }

  before do
    allow(Gitlab::Git::Commit).to receive(:extract_signature_lazily)
      .with(Gitlab::Git::Repository, commit.sha)
      .and_return(signature_data)

    allow(verifier).to receive_messages({
      verification_status: verification_status,
      signed_by_key: signed_by_key,
      key_fingerprint: fingerprint
    })

    allow(Gitlab::Ssh::Signature).to receive(:new)
      .with(signature_text, signed_text, commit.committer_email)
      .and_return(verifier)
  end

  describe '#signature' do
    it 'returns the cached signature on multiple calls' do
      ssh_commit = described_class.new(commit)

      expect(ssh_commit).to receive(:create_cached_signature!).and_call_original
      ssh_commit.signature

      expect(ssh_commit).not_to receive(:create_cached_signature!)
      ssh_commit.signature
    end

    context 'when all expected data is present' do
      it 'calls signature verifier and uses returned attributes' do
        expect(signature).to have_attributes(
          commit_sha: commit.sha,
          project: project,
          key_id: signed_by_key.id,
          key_fingerprint_sha256: signed_by_key.fingerprint_sha256,
          user_id: signed_by_key.user_id,
          verification_status: 'verified'
        )
      end
    end

    context 'when signed_by_key is nil' do
      let_it_be(:signed_by_key) { nil }
      let_it_be(:fingerprint) { nil }

      let(:verification_status) { :unknown_key }

      it 'creates signature without a key_id' do
        expect(signature).to have_attributes(
          commit_sha: commit.sha,
          project: project,
          key_id: nil,
          key_fingerprint_sha256: nil,
          user_id: nil,
          verification_status: 'unknown_key'
        )
      end
    end
  end

  describe '#update_signature!' do
    it 'updates verification status' do
      allow(verifier).to receive(:verification_status).and_return(:unverified)
      signature

      stored_signature = CommitSignatures::SshSignature.find_by_commit_sha(commit.sha)

      allow(verifier).to receive(:verification_status).and_return(:verified)

      expect { described_class.new(commit).update_signature!(stored_signature) }.to(
        change { signature.reload.verification_status }.from('unverified').to('verified')
      )
    end
  end
end
New upstream version 15.3.1+ds1 2022-08-27 11:52:29 +05:30			`# frozen_string_literal: true`
			`require 'spec_helper'`

New upstream version 15.8.4+ds1 2023-03-17 16:20:25 +05:30			`RSpec.describe Gitlab::Ssh::Commit, feature_category: :source_code_management do`
New upstream version 15.3.1+ds1 2022-08-27 11:52:29 +05:30			`let_it_be(:project) { create(:project, :repository) }`
			`let_it_be(:signed_by_key) { create(:key) }`
New upstream version 15.8.4+ds1 2023-03-17 16:20:25 +05:30			`let_it_be(:fingerprint) { signed_by_key.fingerprint_sha256 }`
New upstream version 15.3.1+ds1 2022-08-27 11:52:29 +05:30
			`let(:commit) { create(:commit, project: project) }`
			`let(:signature_text) { 'signature_text' }`
			`let(:signed_text) { 'signed_text' }`
			`let(:signature_data) { [signature_text, signed_text] }`
			`let(:verifier) { instance_double('Gitlab::Ssh::Signature') }`
			`let(:verification_status) { :verified }`

			`subject(:signature) { described_class.new(commit).signature }`

			`before do`
			`allow(Gitlab::Git::Commit).to receive(:extract_signature_lazily)`
			`.with(Gitlab::Git::Repository, commit.sha)`
			`.and_return(signature_data)`

New upstream version 15.8.4+ds1 2023-03-17 16:20:25 +05:30			`allow(verifier).to receive_messages({`
			`verification_status: verification_status,`
			`signed_by_key: signed_by_key,`
			`key_fingerprint: fingerprint`
			`})`
New upstream version 15.3.1+ds1 2022-08-27 11:52:29 +05:30
			`allow(Gitlab::Ssh::Signature).to receive(:new)`
			`.with(signature_text, signed_text, commit.committer_email)`
			`.and_return(verifier)`
			`end`

			`describe '#signature' do`
			`it 'returns the cached signature on multiple calls' do`
			`ssh_commit = described_class.new(commit)`

			`expect(ssh_commit).to receive(:create_cached_signature!).and_call_original`
			`ssh_commit.signature`

			`expect(ssh_commit).not_to receive(:create_cached_signature!)`
			`ssh_commit.signature`
			`end`

			`context 'when all expected data is present' do`
			`it 'calls signature verifier and uses returned attributes' do`
			`expect(signature).to have_attributes(`
			`commit_sha: commit.sha,`
			`project: project,`
			`key_id: signed_by_key.id,`
New upstream version 15.8.4+ds1 2023-03-17 16:20:25 +05:30			`key_fingerprint_sha256: signed_by_key.fingerprint_sha256,`
			`user_id: signed_by_key.user_id,`
New upstream version 15.3.1+ds1 2022-08-27 11:52:29 +05:30			`verification_status: 'verified'`
			`)`
			`end`
			`end`

			`context 'when signed_by_key is nil' do`
			`let_it_be(:signed_by_key) { nil }`
New upstream version 15.8.4+ds1 2023-03-17 16:20:25 +05:30			`let_it_be(:fingerprint) { nil }`
New upstream version 15.3.1+ds1 2022-08-27 11:52:29 +05:30
			`let(:verification_status) { :unknown_key }`

			`it 'creates signature without a key_id' do`
			`expect(signature).to have_attributes(`
			`commit_sha: commit.sha,`
			`project: project,`
			`key_id: nil,`
New upstream version 15.8.4+ds1 2023-03-17 16:20:25 +05:30			`key_fingerprint_sha256: nil,`
			`user_id: nil,`
New upstream version 15.3.1+ds1 2022-08-27 11:52:29 +05:30			`verification_status: 'unknown_key'`
			`)`
			`end`
			`end`
			`end`

			`describe '#update_signature!' do`
			`it 'updates verification status' do`
			`allow(verifier).to receive(:verification_status).and_return(:unverified)`
			`signature`

			`stored_signature = CommitSignatures::SshSignature.find_by_commit_sha(commit.sha)`

			`allow(verifier).to receive(:verification_status).and_return(:verified)`

			`expect { described_class.new(commit).update_signature!(stored_signature) }.to(`
			`change { signature.reload.verification_status }.from('unverified').to('verified')`
			`)`
			`end`
			`end`
			`end`