nocebo/diaspora
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge branch 'master' of github.com:diaspora/diaspora_rails

Browse source 
Conflicts:
	app/models/user.rb
	spec/lib/diaspora_parser_spec.rb
This commit is contained in:
ilya 2010-08-16 18:18:30 -07:00
commit 74c70d9410
12 changed files with 66 additions and 94 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
app/models/comment.rb
View file

@ -33,9 +33,6 @@ class Comment
#ENCRYPTION
before_validation :sign_if_mine, :sign_if_my_post
validates_true_for :post_creator_signature, :logic => lambda {self.verify_post_creator_signature}
xml_accessor :creator_signature
xml_accessor :post_creator_signature
@ -57,11 +54,7 @@ class Comment
end
def verify_post_creator_signature
if person.owner.nil?
verify_signature(post_creator_signature, post.person)
else
true
end
verify_signature(post_creator_signature, post.person)
end

16
app/models/person.rb
View file

@ -51,6 +51,7 @@ class Person
raise TypeError unless new_key.class == OpenSSL::PKey::RSA
serialized_key = new_key.export
end
def export_key
encryption_key.public_key.export
end
@ -61,6 +62,7 @@ class Person
options[:person] = self
model_class = class_name.to_s.camelize.constantize
post = model_class.instantiate(options)
post.creator_signature = post.sign_with_key(encryption_key)
post.notify_people
post.socket_to_uid owner.id if (owner_id && post.respond_to?( :socket_to_uid))
post
@ -70,27 +72,25 @@ class Person
def comment(text, options = {})
raise "must comment on something!" unless options[:on]
c = Comment.new(:person_id => self.id, :text => text, :post => options[:on])
c.creator_signature = c.sign_with_key(encryption_key)
if c.save
begin
dispatch_comment c
rescue Exception => e
puts e.inspect
raise e
end
c.socket_to_uid owner.id if owner_id
true
c
else
Rails.logger.warn "this failed to save: #{c.inspect}"
false
end
false
end
def dispatch_comment( c )
if owns? c.post
c.post_creator_signature = c.sign_with_key(encryption_key)
c.save
c.push_downstream
elsif owns? c
c.save
c.push_upstream
end
end

16
app/models/post.rb
View file

@ -21,8 +21,8 @@ class Post
@@per_page = 10
timestamps!
before_destroy :propagate_retraction
before_destroy :propogate_retraction
after_destroy :destroy_comments
def self.instantiate params
@ -39,9 +39,6 @@ class Post
end
#ENCRYPTION
before_validation :sign_if_mine
validates_true_for :creator_signature, :logic => lambda {self.verify_creator_signature}
xml_accessor :creator_signature
key :creator_signature, String
@ -71,11 +68,8 @@ protected
comments.each{|c| c.destroy}
end
def propagate_retraction
Retraction.for(self).notify_people
end
def propogate_retraction
self.person.owner.retract(self)
end
end

20
app/models/retraction.rb
View file

@ -13,7 +13,6 @@ class Retraction
retraction.type = object.class.to_s
end
retraction.person_id = person_id_from(object)
retraction.send(:sign_if_mine)
retraction
end
@ -60,21 +59,7 @@ class Retraction
end
#ENCRYPTION
xml_reader :creator_signature
def creator_signature
object = self.type.constantize.first(:id => post_id)
if object.class == Person && person_id == object.id
@creator_signature || sign_with_key(object.key)
elsif person_id == object.person.id
@creator_signature || sign_if_mine
end
end
def creator_signature= input
@creator_signature = input
end
xml_accessor :creator_signature
def signable_accessors
accessors = self.class.roxml_attrs.collect{|definition|
@ -86,7 +71,8 @@ class Retraction
def signable_string
signable_accessors.collect{|accessor|
(self.send accessor.to_sym).to_s}.join ';'
(self.send accessor.to_sym).to_s
}.join ';'
end
end

20
app/models/user.rb
View file

@ -39,6 +39,14 @@ class User
Group.create(opts)
end
######### Posts and Such ###############
def retract( post )
retraction = Retraction.for(post)
retraction.creator_signature = retraction.sign_with_key( encryption_key )
retraction.notify_people
retraction
end
######### Friend Requesting ###########
def send_friend_request_to(friend_url, group_id)
unless self.friends.detect{ |x| x.receive_url == friend_url}
@ -107,7 +115,9 @@ class User
def unfriend(bad_friend)
Rails.logger.info("#{self.real_name} is unfriending #{bad_friend.inspect}")
Retraction.for(self).push_to_url(bad_friend.receive_url)
retraction = Retraction.for(self)
retraction.creator_signature = retraction.sign_with_key(encryption_key)
retraction.push_to_url(bad_friend.receive_url)
remove_friend(bad_friend)
end
@ -165,7 +175,6 @@ class User
def receive xml
object = Diaspora::Parser.from_xml(xml)
Rails.logger.debug("Receiving object:\n#{object.inspect}")
if object.is_a? Retraction
if object.type == 'Person' && object.signature_valid?
@ -189,7 +198,6 @@ class User
person.profile = object
person.save
elsif object.is_a?(Post) && object.verify_creator_signature == true
Rails.logger.debug("Saving post: #{object}")
object.save
@ -198,14 +206,16 @@ class User
object.socket_to_uid(id) if (object.respond_to?(:socket_to_uid) && !self.owns?(object))
dispatch_comment object if object.is_a?(Comment) && !owns?(object)
elsif object.is_a?(Comment) && object.verify_post_creator_signature
if object.verify_creator_signature || object.person.nil?
dispatch_comment object unless owns?(object)
end
elsif object.verify_creator_signature == true
Rails.logger.debug("Saving object: #{object}")
object.save
object.socket_to_uid( id) if (object.respond_to?(:socket_to_uid) && !self.owns?(object))
dispatch_comment object if object.is_a?(Comment) && !owns?(object)
end
end

8
lib/encryptable.rb
View file

@ -1,6 +1,6 @@
module Encryptable
def signable_string
""
raise NotImplementedException("Override this in your encryptable class")
end
def verify_creator_signature
verify_signature(creator_signature, person)
@ -23,15 +23,9 @@
validity
end
protected
def sign_if_mine
self.creator_signature = sign_with_key(person.encryption_key) unless person.owner_id.nil?
end
def sign_with_key(key)
Rails.logger.debug("Signing #{signable_string}")
Base64.encode64(key.sign "SHA", signable_string)
end
end

8
spec/helpers/requests_helper_spec.rb
View file

@ -10,19 +10,11 @@ describe RequestsHelper do
@max = Redfinger.finger('mbs348@gmail.com')
end
describe "profile" do
it 'should detect how to subscribe to a diaspora or webfinger profile' do
subscription_mode(@tom).should == :friend
subscription_mode(@evan).should == :none
subscription_mode(@max).should == :none
end
it 'should return the correct tag and url for a given address' do
relationship_flow('tom@tom.joindiaspora.com')[:friend].include?("receive/user").should == true
end
end
end

12
spec/lib/diaspora_parser_spec.rb
View file

@ -13,18 +13,6 @@ describe Diaspora::Parser do
@user2 = Factory.create(:user)
end
it "should associate the post with a group" do
@user.activate_friend(@person, @group)
status_message = Factory.build(:status_message, :message => "hey!", :person => @person)
@user.receive status_message.to_diaspora_xml
@user.posts.count.should == 1
end
describe 'with encryption' do
before do
unstub_mocha_stubs

25
spec/models/comments_spec.rb
View file

@ -31,9 +31,16 @@ describe Comment do
describe 'comment propagation' do
before do
@group = @user.group(:name => "Doofuses")
@user2 = Factory.create(:user)
@group2 = @user2.group(:name => "Lame-faces")
request = @user.send_friend_request_to(@user2.receive_url, @group.id)
reversed_request = @user2.accept_friend_request( request.id, @group2.id )
@user.receive reversed_request.to_diaspora_xml
@person = Factory.create(:person)
@user.friends << Factory.create(:person)
@user.save
@person2 = Factory.create(:person)
@person_status = Factory.build(:status_message, :person => @person)
@user_status = Factory.build(:status_message, :person => @user.person)
@ -52,16 +59,24 @@ describe Comment do
it 'should send a comment a person made on your post to all people' do
message_queue.should_receive(:add_post_request)
@person.comment "balls", :on => @user_status
comment = Comment.new(:person_id => @person.id, :text => "balls", :post => @user_status)
@user.receive(comment.to_diaspora_xml)
end
it 'should send a comment a user made on your post to all people' do
message_queue.should_receive(:add_post_request).twice
comment = @user2.comment( "balls", :on => @user_status)
@user.receive(comment.to_diaspora_xml)
end
it 'should not send a comment a person made on his own post to anyone' do
message_queue.should_not_receive(:add_post_request)
@person.comment "balls", :on => @person_status
comment = Comment.new(:person_id => @person.id, :text => "balls", :post => @person_status)
@user.receive(comment.to_diaspora_xml)
end
it 'should not send a comment a person made on a person post to anyone' do
message_queue.should_not_receive(:add_post_request)
@person2.comment "balls", :on => @person_status
comment = Comment.new(:person_id => @person2.id, :text => "balls", :post => @person_status)
@user.receive(comment.to_diaspora_xml)
end
end
end

2
spec/models/photo_spec.rb
View file

@ -86,7 +86,7 @@ describe Photo do
end
it 'should save a signed photo to GridFS' do
photo = Photo.create(:person => @user.person, :album => @album, :image => File.open(@fixture_name))
photo = @user.post(:photo, :album => @album, :user_file => [File.open(@fixture_name)])
photo.save.should == true
photo.verify_creator_signature.should be true
end

1
spec/spec_helper.rb
View file

@ -58,6 +58,7 @@ end
Retraction.any_instance.stubs(:verify_signature).returns(true)
Request.any_instance.stubs(:verify_signature).returns(true)
Comment.any_instance.stubs(:verify_post_creator_signature).returns(true)
Comment.any_instance.stubs(:verify_creator_signature).returns(true)
end
def unstub_mocha_stubs

23
spec/user_encryption_spec.rb
View file

@ -69,7 +69,7 @@ describe 'user encryption' do
message = @user.post :status_message, :message => "hi"
retraction = Retraction.for(message)
retraction = @user.retract(message)
retraction.verify_creator_signature.should be true
end
@ -145,29 +145,28 @@ describe 'user encryption' do
message.comments.first.verify_creator_signature.should be true
message.comments.first.verify_post_creator_signature.should be true
end
it 'should verify a comment made on a remote post by a different friend' do
comment = Comment.new(:person => @person2, :text => "balls", :post => @remote_message)
comment.creator_signature = comment.send(:sign_with_key,@person2.encryption_key)
comment.verify_creator_signature.should be true
comment.valid?.should be false
comment.verify_post_creator_signature.should be false
comment.post_creator_signature = comment.send(:sign_with_key,@person.encryption_key)
comment.verify_post_creator_signature.should be true
comment.valid?.should be true
end
it 'should reject comments on a remote post with only a creator sig' do
comment = Comment.new(:person => @person2, :text => "balls", :post => @remote_message)
comment.creator_signature = comment.send(:sign_with_key,@person2.encryption_key)
comment.verify_creator_signature.should be true
comment.verify_post_creator_signature.should be false
comment.save.should be false
comment = Comment.new(:person => @person2, :text => "balls", :post => @remote_message)
comment.creator_signature = comment.send(:sign_with_key,@person2.encryption_key)
comment.verify_creator_signature.should be true
comment.verify_post_creator_signature.should be false
end
it 'should receive remote comments on a user post with a creator sig' do
comment = Comment.new(:person => @person2, :text => "balls", :post => @message)
comment.creator_signature = comment.send(:sign_with_key,@person2.encryption_key)
comment.save.should be true
comment = Comment.new(:person => @person2, :text => "balls", :post => @message)
comment.creator_signature = comment.send(:sign_with_key,@person2.encryption_key)
comment.verify_creator_signature.should be true
comment.verify_post_creator_signature.should be false
end
end