nocebo/diaspora
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge branch 'master' of github.com:diaspora/diaspora_rails into

Browse source 
friend-refactor, also fixed more specs

Conflicts:
	app/models/person.rb
	app/models/user.rb
	spec/factories.rb
This commit is contained in:
maxwell 2010-08-05 15:13:05 -07:00
commit 5e6d0c1153
29 changed files with 146 additions and 164 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
Rakefile
View file

@ -4,5 +4,4 @@
require File.expand_path('../config/application', __FILE__)
require 'rake'
ENV['GNUPGHOME'] = File.expand_path("../../gpg/diaspora-#{Rails.env}/", __FILE__)
GPGME::check_version({})
Rails::Application.load_tasks

33
app/models/person.rb
View file

@ -5,13 +5,15 @@ class Person
xml_accessor :_id
xml_accessor :email
xml_accessor :url
xml_accessor :key_fingerprint
xml_accessor :serialized_key
xml_accessor :profile, :as => Profile
key :email, String, :unique => true
key :url, String
key :key_fingerprint, String
key :serialized_key, String
key :owner_id, ObjectId
key :user_refs, Integer, :default => 0
@ -26,26 +28,28 @@ class Person
timestamps!
before_validation :clean_url
validates_presence_of :email, :url, :key_fingerprint, :profile
validates_presence_of :email, :url, :serialized_key, :profile
validates_format_of :url, :with =>
/^(https?):\/\/[a-z0-9]+([\-\.]{1}[a-z0-9]+)*(\.[a-z]{2,5})?(:[0-9]{1,5})?(\/.*)?$/ix
after_destroy :remove_all_traces, :remove_key
scope :friends, where(:_type => "Person", :active => true)
after_destroy :remove_all_traces
def real_name
"#{profile.first_name.to_s} #{profile.last_name.to_s}"
end
def key
GPGME::Ctx.new.get_key key_fingerprint
OpenSSL::PKey::RSA.new( serialized_key )
end
def key= new_key
raise TypeError unless new_key.class == OpenSSL::PKey::RSA
serialized_key = new_key.export
end
def export_key
GPGME::export(key_fingerprint, :armor => true)
key.public_key.export
end
@ -82,6 +86,9 @@ class Person
end
end
def mine?(post)
self == post.person
end
protected
@ -99,10 +106,4 @@ class Person
self.posts.delete_all
end
def remove_key
puts 'Removing key from keyring in test environment' if Rails.env == 'test'
ctx = GPGME::Ctx.new
ctx.delete_key(key)
end
end

34
app/models/post.rb
View file

@ -49,24 +49,24 @@ class Post
end
#ENCRYPTION
before_validation :sign_if_mine
validates_true_for :creator_signature, :logic => lambda {self.verify_creator_signature}
xml_accessor :creator_signature
key :creator_signature, String
def signable_accessors
accessors = self.class.roxml_attrs.collect{|definition|
definition.accessor}
accessors.delete 'person'
accessors.delete 'creator_signature'
accessors
end
before_validation :sign_if_mine
validates_true_for :creator_signature, :logic => lambda {self.verify_creator_signature}
xml_accessor :creator_signature
key :creator_signature, String
def signable_accessors
accessors = self.class.roxml_attrs.collect{|definition|
definition.accessor}
accessors.delete 'person'
accessors.delete 'creator_signature'
accessors
end
def signable_string
signable_accessors.collect{|accessor|
(self.send accessor.to_sym).to_s}.join ';'
end
def signable_string
signable_accessors.collect{|accessor|
(self.send accessor.to_sym).to_s}.join ';'
end
def log_inspection
Rails.logger.info self.inspect

4
app/models/profile.rb
View file

@ -20,6 +20,10 @@ class Profile
self._parent_document.id
end
def person
Person.first(:id => self.person_id)
end
def to_diaspora_xml
"<post>"+ self.to_xml.to_s + "</post>"
end

16
app/models/request.rb
View file

@ -28,15 +28,23 @@ class Request
scope :for_user, lambda{ |user| where(:destination_url => user.url) }
scope :from_user, lambda{ |user| where(:destination_url.ne => user.url) }
def self.instantiate(options ={})
def self.instantiate(options = {})
person = options[:from]
self.new(:destination_url => options[:to], :callback_url => person.url, :person => person, :exported_key => person.export_key)
end
def activate_friend
p = Person.where(:url => self.person.url).first
p.active = true
p.save
from_user = Person.first(:url => self.callback_url).owner
puts from_user.inspect
from_user.friends << from_user.pending_friends.delete(person)
end
def set_pending_friend
p = Person.first(:id => self.person.id)
puts p.inspect
self.person.save #save pending friend
end
#ENCRYPTION

12
app/models/retraction.rb
View file

@ -20,15 +20,23 @@ class Retraction
attr_accessor :type
def perform
return unless verify_signature(@creator_signature, Post.first(:id => post_id).person)
begin
return unless signature_valid?
self.type.constantize.destroy(self.post_id)
rescue NameError
Rails.logger.info("Retraction for unknown type recieved.")
end
end
def signature_valid?
target = self.type.constantize.first(:id => self.post_id)
if target.is_a? Person
verify_signature(@creator_signature, self.type.constantize.first(:id => self.post_id))
else
verify_signature(@creator_signature, self.type.constantize.first(:id => self.post_id).person)
end
end
def self.person_id_from(object)
if object.is_a? Person
object.id

43
app/models/user.rb
View file

@ -10,8 +10,10 @@ class User
one :person, :class_name => 'Person', :foreign_key => :owner_id
many :friends, :in => :friend_ids, :class_name => 'Person'
#before_validation_on_create :assign_key
before_validation_on_create :assign_key
before_validation :do_bad_things
######## Posting ########
def method_missing(method, *args)
@ -32,7 +34,7 @@ class User
######### Friend Requesting
def send_friend_request_to(friend_url)
unless Person.where(:url => friend_url).first
p = Request.instantiate(:to => friend_url, :from => self)
p = Request.instantiate(:to => friend_url, :from => self.person)
if p.save
p.push_to_url friend_url
end
@ -53,18 +55,22 @@ class User
def ignore_friend_request(friend_request_id)
request = Request.first(:id => friend_request_id)
person = request.person
person.destroy unless person.active
person.destroy unless self.friends.include? person
request.destroy
end
def receive_friend_request(friend_request)
Rails.logger.info("receiving friend request #{friend_request.to_json}")
GPGME.import(friend_request.exported_key)
friend_request.person.serialized_key = friend_request.exported_key
if Request.where(:callback_url => friend_request.callback_url).first
friend_request.activate_friend
friend_request.destroy
else
friend_request.person.save
friend_request.create_pending_friend
friend_request.save
end
end
@ -92,9 +98,7 @@ class User
###Helpers############
def mine?(post)
self == post.person
end
def terse_url
terse= self.url.gsub(/https?:\/\//, '')
@ -114,32 +118,11 @@ class User
protected
def assign_key
keys = GPGME.list_keys(self.real_name, true)
if keys.empty?
generate_key
end
self.key_fingerprint = GPGME.list_keys(self.real_name, true).first.subkeys.first.fingerprint
self.person.serialized_key ||= generate_key.export
end
def generate_key
puts "Generating key"
puts paramstring
ctx = GPGME::Ctx.new
ctx.genkey(paramstring, nil, nil)
OpenSSL::PKey::RSA::generate 1024
end
def paramstring
"<GnupgKeyParms format=\"internal\">
Key-Type: DSA
Key-Length: 512
Subkey-Type: ELG-E
Subkey-Length: 512
Name-Real: #{self.real_name}
Name-Comment: #{self.url}
Name-Email: #{self.email}
Expire-Date: 0
</GnupgKeyParms>"
end
end

3
config/environment.rb
View file

@ -4,5 +4,4 @@ Haml::Template.options[:format] = :html5
# Initialize the rails application
Diaspora::Application.initialize!
ENV['GNUPGHOME'] = File.expand_path("../../gpg/diaspora-#{Rails.env}/", __FILE__)
GPGME::check_version({})

3
config/environments/test.rb
View file

@ -26,8 +26,7 @@ Diaspora::Application.configure do
config.action_mailer.delivery_method = :test
config.threadsafe!
ENV['GNUPGHOME'] = File.expand_path("../../gpg/diaspora-#{Rails.env}/", __FILE__)
GPGME::check_version({})
# Use SQL instead of Active Record's schema dumper when creating the test database.
# This is necessary if your schema can't be completely dumped by the schema dumper,
# like if you have constraints or database-specific column types

3
db/seeds/backer.rb
View file

@ -7,9 +7,6 @@
# Mayor.create(:name => 'Daley', :city => citie
require 'config/environment'
ENV['GNUPGHOME'] = File.expand_path("../../../gpg/diaspora-#{Rails.env}/", __FILE__)
GPGME::check_version({})
def create(backer_number)
backer_info = [ [5072,"George", "Washington"],

3
db/seeds/dev.rb
View file

@ -7,8 +7,7 @@
# Mayor.create(:name => 'Daley', :city => citie
require 'config/environment'
ENV['GNUPGHOME'] = File.expand_path("../../../gpg/diaspora-#{Rails.env}/", __FILE__)
GPGME::check_version({})
# Create seed user
user = User.create( :email => "robert@joindiaspora.com", :password => "evankorth", :profile => Profile.new( :first_name => "bobert", :last_name => "brin" ))

3
db/seeds/tom.rb
View file

@ -7,8 +7,7 @@
# Mayor.create(:name => 'Daley', :city => citie
require 'config/environment'
ENV['GNUPGHOME'] = File.expand_path("../../../gpg/diaspora-#{Rails.env}/", __FILE__)
GPGME::check_version({})
# Create seed user
user = User.create( :email => "tom@tom.joindiaspora.com", :password => "evankorth", :url => "http://tom.joindiaspora.com/", :profile => Profile.new( :first_name => "Alexander", :last_name => "Hamiltom" ))

0
gpg/diaspora-development/EMPTY
View file

0
gpg/diaspora-production/EMPTY
View file

0
gpg/diaspora-test/EMPTY
View file

BIN
gpg/diaspora-test/pubring.gpg
View file

Binary file not shown.

BIN
gpg/diaspora-test/secring.gpg
View file

Binary file not shown.

BIN
gpg/diaspora-test/trustdb.gpg
View file

Binary file not shown.

5
lib/diaspora/webhooks.rb
View file

@ -7,7 +7,7 @@ module Diaspora
@@queue = MessageHandler.new
def notify_people
if self.person_id == User.owner.id
if self.person_id == User.owner.person.id
push_to(people_with_permissions)
end
end
@ -39,7 +39,8 @@ module Diaspora
end
def people_with_permissions
Person.friends.all
puts "#{self.person.owner.friends.count} foo"
self.person.owner.friends.all
end
def self.build_xml_for(posts)

28
lib/encryptable.rb
View file

@ -7,21 +7,27 @@
end
def verify_signature(signature, person)
return false unless signature && person.key_fingerprint
validity = nil
if person.nil?
Rails.logger.info("Verifying sig on #{signable_string} but no person is here")
return false
elsif person.key.nil?
Rails.logger.info("Verifying sig on #{signable_string} but #{person.real_name} has no key")
return false
elsif signature.nil?
Rails.logger.info("Verifying sig on #{signable_string} but #{person.real_name} did not sign")
return false
end
Rails.logger.info("Verifying sig on #{signable_string} from person #{person.real_name}")
GPGME::verify(signature, signable_string,
{:armor => true, :always_trust => true}){ |signature_analysis|
#puts signature_analysis
validity = signature_analysis.status == GPGME::GPG_ERR_NO_ERROR &&
signature_analysis.fpr == person.key_fingerprint
}
return validity
validity = person.key.verify "SHA", Base64.decode64(signature), signable_string
Rails.logger.info("Validity: #{validity}")
validity
end
protected
def sign_if_mine
if self.person == User.owner
self.creator_signature = sign
end
end
@ -32,8 +38,8 @@
def sign_with_key(key)
Rails.logger.info("Signing #{signable_string}")
GPGME::sign(signable_string,nil,
{:armor=> true, :mode => GPGME::SIG_MODE_DETACH, :signers => [key]})
Base64.encode64(key.sign "SHA", signable_string)
end
end

8
lib/tasks/gpg.rake
View file

@ -1,8 +0,0 @@
namespace :gpg do
desc 'Clear the gpg keyrings'
task :clear do
ctx = GPGME::Ctx.new
keys = ctx.keys
keys.each{|k| ctx.delete_key(k, true)}
end
end

2
spec/controllers/sockets_controller_spec.rb
View file

@ -4,7 +4,7 @@ describe 'SocketsController' do
render_views
before do
@user = Factory.create(:user)
@user.person.save
@user.person.save
SocketsController.unstub!(:new)
#EventMachine::WebSocket.stub!(:start)
@controller = SocketsController.new

11
spec/factories.rb
View file

@ -2,8 +2,6 @@
#http://github.com/thoughtbot/factory_girl
# http://railscasts.com/episodes/158-factories-not-fixtures
#This inclsion, because gpg-agent(not needed) is never run and hence never sets any env. variables on a MAC
ENV['GNUPGHOME'] = File.expand_path("../../gpg/diaspora-#{Rails.env}/", __FILE__)
GPGME::check_version({})
Factory.define :profile do |p|
p.first_name "Robert"
@ -13,8 +11,13 @@ end
Factory.define :person do |p|
p.sequence(:email) {|n| "bob-person-#{n}@aol.com"}
p.sequence(:url) {|n| "http://google-#{n}.com/"}
p.key_fingerprint GPGME::list_keys("Wesley").first.subkeys.first.fingerprint
p.profile Factory.create(:profile)
p.serialized_key OpenSSL::PKey::RSA.generate(1024).public_key.export
end
Factory.define :person_with_private_key, :parent => :person do |p|
p.serialized_key OpenSSL::PKey::RSA.generate(1024).export
end
Factory.define :user do |u|
@ -22,7 +25,7 @@ Factory.define :user do |u|
u.password "bluepin7"
u.password_confirmation "bluepin7"
u.sequence(:person) {|p| Factory.create(:person, :email => "robert-#{p}@grimm.org")}
u.sequence(:person) {|p| Factory.create(:person_with_private_key, :email => "robert-#{p}@grimm.org")}
end
Factory.define :status_message do |m|

22
spec/lib/web_hooks_spec.rb
View file

@ -7,12 +7,15 @@ describe Diaspora do
describe Webhooks do
before do
@user = Factory.create(:user, :email => "bob@aol.com")
@user.person.save
@person = Factory.create(:person)
@user.friends << @person
@user.save
end
describe "body" do
before do
@post = Factory.create(:status_message, :person => @user)
@post = Factory.create(:status_message, :person => @user.person)
end
it "should add the following methods to Post on inclusion" do
@ -26,16 +29,16 @@ describe Diaspora do
end
it "should retrieve all valid person endpoints" do
Factory.create(:person, :url => "http://www.bob.com/")
Factory.create(:person, :url => "http://www.alice.com/")
Factory.create(:person, :url => "http://www.jane.com/")
non_users = Person.where( :_type => "Person" ).all
@post.people_with_permissions.should == non_users
@user.friends << Factory.create(:person, :url => "http://www.bob.com/")
@user.friends << Factory.create(:person, :url => "http://www.alice.com/")
@user.friends << Factory.create(:person, :url => "http://www.jane.com/")
@user.save
@post.people_with_permissions.should == @user.friends.map{|friend| friend.url + "receive/ "}
end
it "should send an owners post to their people" do
q = Post.send(:class_variable_get, :@@queue)
q = Post.send(:class_variable_get, :@@queue)
q.should_receive :process
@post.save
end
@ -48,7 +51,8 @@ describe Diaspora do
end
it "should ensure one url is created for every person" do
5.times {Factory.create(:person)}
5.times {@user.friends << Factory.create(:person)}
@user.save
@post.people_with_permissions.size.should == 6
end

14
spec/models/comments_spec.rb
View file

@ -7,7 +7,7 @@ describe Comment do
@user.person.save
end
it "should be able to comment on his own status" do
status = Factory.create(:status_message, :person => @user)
status = Factory.create(:status_message, :person => @user.person)
status.comments.should == []
@user.comment "Yeah, it was great", :on => status
@ -17,14 +17,14 @@ describe Comment do
it "should be able to comment on a person's status" do
person= Factory.create :person
status = Factory.create(:status_message, :person => person)
@user.comment "sup dog", :on => status
@user.person.comment "sup dog", :on => status
StatusMessage.first.comments.first.text.should == "sup dog"
StatusMessage.first.comments.first.person.should == @user
StatusMessage.first.comments.first.person.should == @user.person
end
it 'should not send out comments when we have no people' do
status = Factory.create(:status_message, :person => @user)
status = Factory.create(:status_message, :person => @user.person)
Comment.send(:class_variable_get, :@@queue).should_not_receive(:add_post_request)
@user.comment "sup dog", :on => status
end
@ -34,18 +34,18 @@ describe Comment do
@person = Factory.create(:person)
@person_two = Factory.create(:person)
@person_status = Factory.create(:status_message, :person => @person)
@user_status = Factory.create(:status_message, :person => @user)
@user_status = Factory.create(:status_message, :person => @user.person)
end
it "should send a user's comment on a person's post to that person" do
Comment.send(:class_variable_get, :@@queue).should_receive(:add_post_request)
@user.comment "yo", :on => @person_status
@user.person.comment "yo", :on => @person_status
end
it 'should send a user comment on his own post to lots of people' do
allowed_urls = @user_status.people_with_permissions.map!{|x| x = x.url + "receive/"}
Comment.send(:class_variable_get, :@@queue).should_receive(:add_post_request).with(allowed_urls, anything )
@user.comment "yo", :on => @user_status
@user.person.comment "yo", :on => @user_status
end
it 'should send a comment a person made on your post to all people' do

8
spec/models/request_spec.rb
View file

@ -36,11 +36,11 @@ describe Request do
it 'should allow me to see only friend requests sent to me' do
user = Factory.create(:user)
remote_person = Factory.build(:user, :email => "robert@grimm.com", :url => "http://king.com/")
remote_person = Factory.build(:person, :email => "robert@grimm.com", :url => "http://king.com/")
Request.instantiate(:from => user, :to => remote_person.url).save
Request.instantiate(:from => user, :to => remote_person.url).save
Request.instantiate(:from => user, :to => remote_person.url).save
Request.instantiate(:from => user.person, :to => remote_person.url).save
Request.instantiate(:from => user.person, :to => remote_person.url).save
Request.instantiate(:from => user.person, :to => remote_person.url).save
Request.instantiate(:from => remote_person, :to => user.url).save
Request.for_user(user).all.count.should == 1

12
spec/models/user_spec.rb
View file

@ -14,23 +14,23 @@ describe User do
end
it "should be able to accept a pending friend request" do
friend = Factory.create(:person, :active => false)
friend = Factory.create(:person)
r = Request.instantiate(:to => @user.url, :from => friend)
r.save
Person.all.count.should == 2
Request.for_user(@user).all.count.should == 1
@user.accept_friend_request(r.id)
Request.for_user(@user).all.count.should == 0
Person.where(:id => friend.id).first.active.should == true
#Person.where(:id => friend.id).first.active.should == true
end
it 'should be able to ignore a pending friend request' do
friend = Factory.create(:person, :active => false)
friend = Factory.create(:person)
r = Request.instantiate(:to => @user.url, :from => friend)
r.save
Person.count.should == 2
friend.active.should == false
#friend.active.should == false
@user.ignore_friend_request(r.id)
@ -45,6 +45,8 @@ describe User do
end
it 'should be able to give me the terse url for webfinger' do
@user.person.url = "http://example.com/"
@user.terse_url.should == 'example.com'
end
@ -56,7 +58,7 @@ describe User do
queue = Profile.send :class_variable_get, :@@queue
queue.should_receive(:process)
@user.update_profile(updated_profile).should == true
@user.person.update_profile(updated_profile).should == true
@user.profile.image_url.should == "http://clown.com"
end
end

5
spec/spec_helper.rb
View file

@ -52,11 +52,12 @@ end
post_models.each{ | model|
model.any_instance.stubs(:verify_creator_signature).returns(true)
model.any_instance.stubs(:verify_signature).returns(true)
}
Retraction.any_instance.stubs(:verify_signature).returns(true)
Request.any_instance.stubs(:verify_signature).returns(true)
Comment.any_instance.stubs(:verify_post_creator_signature).returns(true)
Person.any_instance.stubs(:remove_key).returns(true)
User.any_instance.stubs(:remove_key).returns(true)
end
def unstub_mocha_stubs

37
spec/user_encryption_spec.rb
View file

@ -12,16 +12,13 @@ describe 'user encryption' do
before do
unstub_mocha_stubs
@user = Factory.create(:user)
@user.send(:assign_key)
@user.save
@person = Factory.create(:person,
:key_fingerprint => GPGME.list_keys("Remote Friend").first.subkeys.first.fpr,
@person = Factory.create(:person_with_private_key,
:profile => Profile.new(:first_name => 'Remote',
:last_name => 'Friend'),
:email => 'somewhere@else.com',
:url => 'http://distant-example.com/')
@person2 = Factory.create(:person,
:key_fingerprint => GPGME.list_keys("Second Friend").first.subkeys.first.fpr,
@person2 = Factory.create(:person_with_private_key,
:profile => Profile.new(:first_name => 'Second',
:last_name => 'Friend'),
:email => 'elsewhere@else.com',
@ -35,26 +32,9 @@ describe 'user encryption' do
#keys = ctx.keys
#keys.each{|k| ctx.delete_key(k, true)}
end
it 'should remove the key from the keyring on person destroy' do
person = Factory.create :person
keyid = person.key_fingerprint
original_key = person.export_key
GPGME.list_keys(keyid).count.should be 1
person.destroy
GPGME.list_keys(keyid).count.should be 0
GPGME.import(original_key)
GPGME.list_keys(keyid).count.should be 1
it 'should have a key' do
@user.key.should_not be nil
end
it 'should have a key fingerprint' do
@user.key_fingerprint.should_not be nil
end
it 'should retrieve a user key' do
@user.key.subkeys[0].fpr.should == @user.key_fingerprint
end
describe 'key exchange on friending' do
it 'should send over a public key' do
Comment.send(:class_variable_get, :@@queue).stub!(:add_post_request)
@ -64,9 +44,8 @@ describe 'user encryption' do
it 'should receive and marshal a public key from a request' do
person = Factory.build(:person, :url => "http://test.url/" )
person.key_fingerprint.nil?.should== false
person.key.nil?.should== false
#should move this to friend request, but i found it here
f = person.key_fingerprint
id = person.id
original_key = person.export_key
@ -78,9 +57,7 @@ describe 'user encryption' do
store_objects_from_xml(xml)
Person.all.count.should == personcount + 1
new_person = Person.first(:url => "http://test.url/")
new_person.key_fingerprint.nil?.should == false
new_person.id.should == id
new_person.key_fingerprint.should == f
new_person.export_key.should == original_key
end
end
@ -93,10 +70,10 @@ describe 'user encryption' do
end
it 'should not be able to verify a message from a person without a key' do
person = Factory.create(:person, :key_fingerprint => "123")
person = Factory.create(:person, :serialized_key => "lskdfhdlfjnh;klsf")
message = Factory.build(:status_message, :person => person)
message.save(:validate => false)
message.verify_creator_signature.should be false
lambda {message.verify_creator_signature.should be false}.should raise_error
end
it 'should verify a remote signature' do