diff --git a/app/models/post.rb b/app/models/post.rb index 6b5688914..a072d1dc3 100644 --- a/app/models/post.rb +++ b/app/models/post.rb @@ -4,7 +4,6 @@ class Post include ApplicationHelper include ROXML include Diaspora::Webhooks - include Encryptable include Diaspora::Socketable xml_accessor :_id @@ -28,22 +27,6 @@ class Post self.create params.to_hash end - #ENCRYPTION - xml_accessor :creator_signature - key :creator_signature, String - - def signable_accessors - accessors = self.class.roxml_attrs.collect{|definition| - definition.accessor} - accessors.delete 'person' - accessors.delete 'creator_signature' - accessors - end - - def signable_string - signable_accessors.collect{|accessor| - (self.send accessor.to_sym).to_s}.join ';' - end def as_json(opts={}) { diff --git a/app/models/profile.rb b/app/models/profile.rb index 509498037..3f8b18a30 100644 --- a/app/models/profile.rb +++ b/app/models/profile.rb @@ -3,7 +3,6 @@ class Profile require 'lib/diaspora/webhooks' include Diaspora::Webhooks include ROXML - include Encryptable xml_reader :person_id xml_accessor :first_name @@ -24,6 +23,4 @@ class Profile self._parent_document end - ##this needs to go once we move to Salmon - def signature_valid?; true; end end diff --git a/app/models/request.rb b/app/models/request.rb index afc1349eb..a4466ad52 100644 --- a/app/models/request.rb +++ b/app/models/request.rb @@ -3,7 +3,6 @@ class Request include MongoMapper::Document include Diaspora::Webhooks include ROXML - include Encryptable xml_accessor :_id xml_accessor :person, :as => Person @@ -41,28 +40,7 @@ class Request self.save end - #ENCRYPTION - - xml_accessor :creator_signature - key :creator_signature, String - - def signable_accessors - accessors = self.class.roxml_attrs.collect{|definition| - definition.accessor} - - accessors.delete 'person' - accessors.delete 'creator_signature' - accessors - end - - def signable_string - signable_accessors.collect{|accessor| - (self.send accessor.to_sym).to_s}.join ';' - end - - def signature_valid?; true; end - - protected +protected def clean_link if self.destination_url self.destination_url = 'http://' + self.destination_url unless self.destination_url.match('https?://') diff --git a/app/models/retraction.rb b/app/models/retraction.rb index 3d97db47b..67ca5bb92 100644 --- a/app/models/retraction.rb +++ b/app/models/retraction.rb @@ -1,7 +1,6 @@ class Retraction include ROXML include Diaspora::Webhooks - include Encryptable xml_accessor :post_id xml_accessor :person_id @@ -38,16 +37,6 @@ class Retraction end end - def signature_valid? - target = self.type.constantize.find_by_id(self.post_id) - - if target.is_a? Person - verify_signature(@creator_signature, self.type.constantize.find_by_id(self.post_id)) - else - verify_signature(@creator_signature, self.type.constantize.find_by_id(self.post_id).person) - end - end - def self.person_id_from(object) object.is_a?(Person) ? object.id : object.person.id end @@ -56,21 +45,4 @@ class Retraction Person.find_by_id(self.person_id) end - #ENCRYPTION - xml_accessor :creator_signature - - def signable_accessors - accessors = self.class.roxml_attrs.collect{|definition| - definition.accessor} - accessors.delete 'person' - accessors.delete 'creator_signature' - accessors - end - - def signable_string - signable_accessors.collect{|accessor| - (self.send accessor.to_sym).to_s - }.join ';' - end - end diff --git a/app/models/user.rb b/app/models/user.rb index f1a246d95..453e9118d 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -101,7 +101,6 @@ class User options[:person] = self.person model_class = class_name.to_s.camelize.constantize post = model_class.instantiate(options) - post.creator_signature = post.sign_with_key(encryption_key) post.save self.raw_visible_posts << post self.save @@ -111,10 +110,11 @@ class User def push_to_groups( post, group_ids ) if group_ids == :all || group_ids == "all" groups = self.groups + elsif group_ids.is_a?(Array) && group_ids.first.class == Group + groups = group_ids else groups = self.groups.find_all_by_id( group_ids ) end - #send to the groups target_people = [] @@ -126,13 +126,7 @@ class User push_to_people(post, target_people) end - def people_in_groups groups - people = [] - groups.each{ |group| - people = people | group.people - } - people - end + def push_to_people(post, people) people.each{|person| @@ -157,19 +151,26 @@ class User ######## Commenting ######## def comment(text, options = {}) + comment = build_comment(text, options) + if comment + dispatch_comment comment + comment.socket_to_uid id + end + comment + end + + def build_comment( text, options = {}) raise "must comment on something!" unless options[:on] comment = Comment.new(:person_id => self.person.id, :text => text, :post => options[:on]) comment.creator_signature = comment.sign_with_key(encryption_key) if comment.save - dispatch_comment comment - comment.socket_to_uid id comment else Rails.logger.warn "this failed to save: #{comment.inspect}" false end end - + def dispatch_comment( comment ) if owns? comment.post comment.post_creator_signature = comment.sign_with_key(encryption_key) @@ -185,7 +186,6 @@ class User def retract( post ) post.unsocket_from_uid(self.id) if post.respond_to? :unsocket_from_uid retraction = Retraction.for(post) - retraction.creator_signature = retraction.sign_with_key( encryption_key ) push_to_people retraction, people_in_groups(groups_with_post(post.id)) retraction end @@ -216,10 +216,9 @@ class User object = Diaspora::Parser.from_xml(xml) Rails.logger.debug("Receiving object for #{self.real_name}:\n#{object.inspect}") Rails.logger.debug("From: #{object.person.inspect}") if object.person - raise "In receive for #{self.real_name}, signature was not valid on: #{object.inspect}" unless object.signature_valid? if object.is_a? Retraction - if object.type == 'Person' && object.signature_valid? + if object.type == 'Person' Rails.logger.info( "the person id is #{object.post_id} the friend found is #{visible_person_by_id(object.post_id).inspect}") unfriended_by visible_person_by_id(object.post_id) @@ -247,14 +246,16 @@ class User elsif object.is_a?(Comment) object.person = Diaspora::Parser.parse_or_find_person_from_xml( xml ).save if object.person.nil? - self.visible_people << object.person + self.visible_people = self.visible_people | [object.person] self.save Rails.logger.debug("The person parsed from comment xml is #{object.person.inspect}") unless object.person.nil? object.person.save Rails.logger.debug("From: #{object.person.inspect}") if object.person raise "In receive for #{self.real_name}, signature was not valid on: #{object.inspect}" unless object.post.person == self.person || object.verify_post_creator_signature object.save - dispatch_comment object unless owns?(object) + unless owns?(object) + dispatch_comment object + end object.socket_to_uid(id) if (object.respond_to?(:socket_to_uid) && !self.owns?(object)) else Rails.logger.debug("Saving object: #{object}") diff --git a/lib/diaspora/user/friending.rb b/lib/diaspora/user/friending.rb index 37665fcf6..3cd483598 100644 --- a/lib/diaspora/user/friending.rb +++ b/lib/diaspora/user/friending.rb @@ -79,7 +79,6 @@ module Diaspora def unfriend(bad_friend) Rails.logger.info("#{self.real_name} is unfriending #{bad_friend.inspect}") retraction = Retraction.for(self) - retraction.creator_signature = retraction.sign_with_key(encryption_key) retraction.push_to_url(bad_friend.receive_url) remove_friend(bad_friend) end @@ -109,9 +108,9 @@ module Diaspora person.user_refs += 1 group.people << person friends << person + save person.save group.save - save end def request_from_me?(request) diff --git a/lib/diaspora/user/querying.rb b/lib/diaspora/user/querying.rb index 7346a8ab2..ed2bcb115 100644 --- a/lib/diaspora/user/querying.rb +++ b/lib/diaspora/user/querying.rb @@ -46,6 +46,14 @@ module Diaspora groups.select { |g| g.person_ids.include? id} end + def people_in_groups groups + people = [] + groups.each{ |group| + people = people | group.people + } + people + end + def all_group_ids self.groups.all.collect{|x| x.id} end diff --git a/lib/encryptable.rb b/lib/encryptable.rb index bcc34894a..4c39a129e 100644 --- a/lib/encryptable.rb +++ b/lib/encryptable.rb @@ -29,9 +29,5 @@ Base64.encode64(key.sign "SHA", signable_string) end - def encrypted_xml_for(person) - person.encrypt self.to_diaspora_xml - end - end diff --git a/spec/models/comments_spec.rb b/spec/models/comments_spec.rb index bdf85884d..d442b22b3 100644 --- a/spec/models/comments_spec.rb +++ b/spec/models/comments_spec.rb @@ -28,56 +28,78 @@ describe Comment do it 'should not send out comments when we have no people' do status = Factory.create(:status_message, :person => @user.person) - message_queue.should_not_receive(:add_post_request) + User::QUEUE.should_not_receive(:add_post_request) @user.comment "sup dog", :on => status end describe 'comment propagation' do before do + friend_users(@user, Group.first(:id => @group.id), @user2, @group2) - - request = @user.send_friend_request_to(@user2, @group) - reversed_request = @user2.accept_friend_request( request.id, @group2.id ) - @user.receive reversed_request.to_diaspora_xml - @person = Factory.create(:person) + @user.activate_friend(@person, Group.first(:id => @group.id)) + @person2 = Factory.create(:person) @person_status = Factory.build(:status_message, :person => @person) - @user_status = Factory.build(:status_message, :person => @user.person) + + @user.reload + @user_status = @user.post :status_message, :message => "hi", :to => @group.id + + @group.reload + @user.reload end + it 'should have the post in the groups post list' do + group = Group.first(:id => @group.id) + group.people.size.should == 2 + group.post_ids.include?(@user_status.id).should be true + end + it "should send a user's comment on a person's post to that person" do - message_queue.should_receive(:add_post_request) + User::QUEUE.should_receive(:add_post_request) @user.comment "yo", :on => @person_status end it 'should send a user comment on his own post to lots of people' do - allowed_urls = @user.friends.map!{ |x| x = x.receive_url } - message_queue.should_receive(:add_post_request).with(allowed_urls, anything) + + User::QUEUE.should_receive(:add_post_request).twice @user.comment "yo", :on => @user_status end it 'should send a comment a person made on your post to all people' do - message_queue.should_receive(:add_post_request) comment = Comment.new(:person_id => @person.id, :text => "balls", :post => @user_status) + User::QUEUE.should_receive(:add_post_request).twice @user.receive(comment.to_diaspora_xml) end - it 'should send a comment a user made on your post to all people' do - message_queue.should_receive(:add_post_request).twice + + it 'should send a comment a user made on your post to all people' do + comment = @user2.comment( "balls", :on => @user_status) + User::QUEUE.should_receive(:add_post_request).twice @user.receive(comment.to_diaspora_xml) end it 'should not send a comment a person made on his own post to anyone' do - message_queue.should_not_receive(:add_post_request) + User::QUEUE.should_not_receive(:add_post_request) comment = Comment.new(:person_id => @person.id, :text => "balls", :post => @person_status) @user.receive(comment.to_diaspora_xml) end + it 'should not send a comment a person made on a person post to anyone' do - message_queue.should_not_receive(:add_post_request) + User::QUEUE.should_not_receive(:add_post_request) comment = Comment.new(:person_id => @person2.id, :text => "balls", :post => @person_status) @user.receive(comment.to_diaspora_xml) end + + it 'should not clear the group post array on receiving a comment' do + @group.post_ids.include?(@user_status.id).should be true + comment = Comment.new(:person_id => @person.id, :text => "balls", :post => @user_status) + + @user.receive(comment.to_diaspora_xml) + + @group.reload + @group.post_ids.include?(@user_status.id).should be true + end end describe 'serialization' do it 'should serialize the commenter' do diff --git a/spec/models/post_spec.rb b/spec/models/post_spec.rb index 35e85ab21..a1c391657 100644 --- a/spec/models/post_spec.rb +++ b/spec/models/post_spec.rb @@ -14,12 +14,6 @@ describe Post do it 'should serialize to xml with its person' do @message.to_xml.to_s.include?(@user.person.email).should == true end - - it 'should serialize to encrypted xml' do - enc_xml = @message.encrypted_xml_for(@user.person) - enc_xml.include?(@message.to_diaspora_xml).should be false - @user.decrypt(enc_xml).include?(@message.to_diaspora_xml).should be true - end end diff --git a/spec/models/user/posting_spec.rb b/spec/models/user/posting_spec.rb index 627e8e78e..2365912da 100644 --- a/spec/models/user/posting_spec.rb +++ b/spec/models/user/posting_spec.rb @@ -24,6 +24,12 @@ describe User do proc {@user.post(:status_message, :message => "heyheyhey")}.should raise_error /You must post to someone/ end + it 'should put the post in the group post array' do + post = @user.post(:status_message, :message => "hey", :to => @group.id) + @group.reload + @group.post_ids.include?(post.id).should be true + end + describe 'dispatching' do before do @post = @user.build_post :status_message, :message => "hey" diff --git a/spec/user_encryption_spec.rb b/spec/user_encryption_spec.rb index 73b9db0b9..99ddcc4ca 100644 --- a/spec/user_encryption_spec.rb +++ b/spec/user_encryption_spec.rb @@ -70,82 +70,9 @@ describe 'user encryption' do end end - describe 'signing and verifying' do - - it 'should sign a message on create' do - message = @user.post :status_message, :message => "hi", :to => @group.id - message.signature_valid?.should be true - end - - it 'should sign a retraction on create' do - - unstub_mocha_stubs - message = @user.post :status_message, :message => "hi", :to => @group.id - - - retraction = @user.retract(message) - retraction.signature_valid?.should be true - - end - - it 'should not be able to verify a message from a person without a key' do - person = Factory.create(:person, :serialized_key => "lskdfhdlfjnh;klsf") - message = Factory.build(:status_message, :person => person) - message.save(:validate => false) - lambda {message.signature_valid?.should be false}.should raise_error - end - - it 'should verify a remote signature' do - message = Factory.build(:status_message, :person => @person) - message.creator_signature = message.send(:sign_with_key,@person.encryption_key) - message.save(:validate => false) - message.signature_valid?.should be true - end - - it 'should know if the signature is from the wrong person' do - message = Factory.build(:status_message, :person => @person) - message.save(:validate => false) - message.creator_signature = message.send(:sign_with_key,@person.encryption_key) - message.person = @user - message.signature_valid?.should be false - end - - it 'should know if the signature is for the wrong text' do - message = Factory.build(:status_message, :person => @person) - message.creator_signature = message.send(:sign_with_key,@person.encryption_key) - message.message = 'I love VENISON' - message.save(:validate => false) - message.signature_valid?.should be false - end - end - - describe 'sending and recieving signatures' do - it 'should contain the signature in the xml' do - message = @user.post :status_message, :message => "hi", :to => @group.id - xml = message.to_xml.to_s - xml.include?(message.creator_signature).should be true - end - - it 'A message with an invalid signature should be rejected' do - @user2 = Factory.create :user - - message = @user2.post :status_message, :message => "hey", :to => @user2.group(:name => "bruisers").id - message.creator_signature = "totally valid" - message.save(:validate => false) - - xml = message.to_diaspora_xml - message.destroy - Post.count.should be 0 - proc {@user.receive xml}.should raise_error /ignature was not valid/ - Post.count.should be 0 - end - - end describe 'comments' do before do - @remote_message = Factory.build(:status_message, :person => @person) - @remote_message.creator_signature = @remote_message.send(:sign_with_key,@person.encryption_key) - @remote_message.save + @remote_message = Factory.create(:status_message, :person => @person) @message = @user.post :status_message, :message => "hi", :to => @group.id end it 'should attach the creator signature if the user is commenting' do