From 3d5aacda4ce674df751f606ceba6052de84b4730 Mon Sep 17 00:00:00 2001 From: cmrd Senya Date: Fri, 11 Dec 2015 14:18:41 +0300 Subject: [PATCH 1/2] Add rspec persistance file --- spec/spec_helper.rb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index ca444256a..586ec2824 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -73,6 +73,8 @@ RSpec.configure do |config| config.include Devise::TestHelpers, :type => :controller config.mock_with :rspec + config.example_status_persistence_file_path = "tmp/rspec-persistance.txt" + config.render_views config.use_transactional_fixtures = true config.infer_spec_type_from_file_location! From a2ce47fae5e969cf438b4816bae5d05f1ef83770 Mon Sep 17 00:00:00 2001 From: cmrd Senya Date: Sat, 12 Dec 2015 23:16:19 +0300 Subject: [PATCH 2/2] Remove parent author signature for relayables from the DB since it is considered redundant --- app/models/message.rb | 5 ----- ...151210213023_remove_signatures_from_relayables.rb | 9 +++++++++ db/schema.rb | 7 +------ lib/diaspora/relayable.rb | 12 ++++++++---- spec/shared_behaviors/relayable.rb | 11 ----------- 5 files changed, 18 insertions(+), 26 deletions(-) create mode 100644 db/migrate/20151210213023_remove_signatures_from_relayables.rb diff --git a/app/models/message.rb b/app/models/message.rb index 91ef04057..d07f4a8f7 100644 --- a/app/models/message.rb +++ b/app/models/message.rb @@ -21,11 +21,6 @@ class Message < ActiveRecord::Base # inside, which would cause an infinite recursion #sign comment as commenter self.author_signature = self.sign_with_key(self.author.owner.encryption_key) if self.author.owner - - if self.author.owns?(self.parent) - #sign comment as post owner - self.parent_author_signature = self.sign_with_key(self.parent.author.owner.encryption_key) if self.parent.author.owner - end self.save! self end diff --git a/db/migrate/20151210213023_remove_signatures_from_relayables.rb b/db/migrate/20151210213023_remove_signatures_from_relayables.rb new file mode 100644 index 000000000..1d2cb485c --- /dev/null +++ b/db/migrate/20151210213023_remove_signatures_from_relayables.rb @@ -0,0 +1,9 @@ +class RemoveSignaturesFromRelayables < ActiveRecord::Migration + def change + remove_column :comments, :parent_author_signature, :text + remove_column :poll_participations, :parent_author_signature, :text + remove_column :messages, :parent_author_signature, :text + remove_column :participations, :parent_author_signature, :text + remove_column :likes, :parent_author_signature, :text + end +end diff --git a/db/schema.rb b/db/schema.rb index 6a526fe46..a5cab0797 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -11,7 +11,7 @@ # # It's strongly recommended that you check this file into your version control system. -ActiveRecord::Schema.define(version: 20151003142048) do +ActiveRecord::Schema.define(version: 20151210213023) do create_table "account_deletions", force: :cascade do |t| t.string "diaspora_handle", limit: 255 @@ -92,7 +92,6 @@ ActiveRecord::Schema.define(version: 20151003142048) do t.integer "author_id", limit: 4, null: false t.string "guid", limit: 255, null: false t.text "author_signature", limit: 65535 - t.text "parent_author_signature", limit: 65535 t.datetime "created_at", null: false t.datetime "updated_at", null: false t.integer "likes_count", limit: 4, default: 0, null: false @@ -168,7 +167,6 @@ ActiveRecord::Schema.define(version: 20151003142048) do t.integer "author_id", limit: 4 t.string "guid", limit: 255 t.text "author_signature", limit: 65535 - t.text "parent_author_signature", limit: 65535 t.datetime "created_at", null: false t.datetime "updated_at", null: false t.string "target_type", limit: 60, null: false @@ -205,7 +203,6 @@ ActiveRecord::Schema.define(version: 20151003142048) do t.datetime "created_at", null: false t.datetime "updated_at", null: false t.text "author_signature", limit: 65535 - t.text "parent_author_signature", limit: 65535 end add_index "messages", ["author_id"], name: "index_messages_on_author_id", using: :btree @@ -257,7 +254,6 @@ ActiveRecord::Schema.define(version: 20151003142048) do t.string "target_type", limit: 60, null: false t.integer "author_id", limit: 4 t.text "author_signature", limit: 65535 - t.text "parent_author_signature", limit: 65535 t.datetime "created_at", null: false t.datetime "updated_at", null: false t.integer "count", limit: 4, default: 1, null: false @@ -338,7 +334,6 @@ ActiveRecord::Schema.define(version: 20151003142048) do t.integer "poll_id", limit: 4, null: false t.string "guid", limit: 255 t.text "author_signature", limit: 65535 - t.text "parent_author_signature", limit: 65535 t.datetime "created_at" t.datetime "updated_at" end diff --git a/lib/diaspora/relayable.rb b/lib/diaspora/relayable.rb index 3edd989c4..11628ec5a 100644 --- a/lib/diaspora/relayable.rb +++ b/lib/diaspora/relayable.rb @@ -8,6 +8,8 @@ module Diaspora def self.included(model) model.class_eval do + attr_writer :parent_author_signature + #these fields must be in the schema for a relayable model xml_attr :parent_guid xml_attr :parent_author_signature @@ -77,7 +79,7 @@ module Diaspora # Check to make sure the signature of the comment or like comes from the person claiming to author it unless comment_or_like.parent_author == user.person || comment_or_like.verify_parent_author_signature - logger.warn "event=receive status=abort reason='object signature not valid' recipient=#{user.diaspora_handle} "\ + logger.warn "event=receive status=abort reason='sender is not valid' recipient=#{user.diaspora_handle} "\ "sender=#{parent.author.diaspora_handle} payload_type=#{self.class} parent_id=#{parent.id}" return end @@ -108,11 +110,13 @@ module Diaspora def initialize_signatures #sign relayable as model creator self.author_signature = self.sign_with_key(author.owner.encryption_key) + end - if !self.parent.blank? && self.author.owns?(self.parent) - #sign relayable as parent object owner - self.parent_author_signature = sign_with_key(author.owner.encryption_key) + def parent_author_signature + unless parent.blank? || parent.author.owner.nil? + @parent_author_signature = sign_with_key(parent.author.owner.encryption_key) end + @parent_author_signature end # @return [Boolean] diff --git a/spec/shared_behaviors/relayable.rb b/spec/shared_behaviors/relayable.rb index 6973f6e1f..e4532114d 100644 --- a/spec/shared_behaviors/relayable.rb +++ b/spec/shared_behaviors/relayable.rb @@ -61,11 +61,6 @@ shared_examples_for "it is relayable" do expect(@object_by_parent_author.verify_parent_author_signature).to be true end - it 'does not sign as the parent author is not parent' do - @object_by_recipient.author_signature = @object_by_recipient.send(:sign_with_key, @local_leia.encryption_key) - expect(@object_by_recipient.verify_parent_author_signature).to be false - end - it 'should verify a object made on a remote post by a different contact' do @object_by_recipient.author_signature = @object_by_recipient.send(:sign_with_key, @local_leia.encryption_key) @object_by_recipient.parent_author_signature = @object_by_recipient.send(:sign_with_key, @local_luke.encryption_key) @@ -90,12 +85,6 @@ shared_examples_for "it is relayable" do }.to_not change { @dup_object_by_parent_author.class.count } end - it 'does not process if post_creator_signature is invalid' do - @object_by_parent_author.delete # remove object from db so we set a creator sig - @dup_object_by_parent_author.parent_author_signature = "dsfadsfdsa" - expect(@dup_object_by_parent_author.receive(@local_leia, @local_luke.person)).to eq(nil) - end - it 'signs when the person receiving is the parent author' do @object_by_recipient.save @object_by_recipient.receive(@local_luke, @local_leia.person)