Encryption removed from everything other than comments, most irrelevant specs removed

app/models/post.rb

@@ -4,7 +4,6 @@ class Post
   include ApplicationHelper 
   include ROXML
   include Diaspora::Webhooks
-  include Encryptable
   include Diaspora::Socketable
 
   xml_accessor :_id
@@ -28,22 +27,6 @@ class Post
     self.create params.to_hash
   end
 
-  #ENCRYPTION
-  xml_accessor :creator_signature
-  key :creator_signature, String
-  
-  def signable_accessors
-    accessors = self.class.roxml_attrs.collect{|definition| 
-      definition.accessor}
-    accessors.delete 'person'
-    accessors.delete 'creator_signature'
-    accessors
-  end
-
-  def signable_string
-    signable_accessors.collect{|accessor| 
-      (self.send accessor.to_sym).to_s}.join ';'
-  end
 
   def as_json(opts={})
     {

app/models/profile.rb

@@ -3,7 +3,6 @@ class Profile
   require 'lib/diaspora/webhooks'
   include Diaspora::Webhooks
   include ROXML
-  include Encryptable
 
   xml_reader :person_id
   xml_accessor :first_name
@@ -24,6 +23,4 @@ class Profile
     self._parent_document
   end
 
-  ##this needs to go once we move to Salmon
-  def signature_valid?; true; end
 end

app/models/request.rb

@@ -3,7 +3,6 @@ class Request
   include MongoMapper::Document
   include Diaspora::Webhooks
   include ROXML
-  include Encryptable
 
   xml_accessor :_id
   xml_accessor :person, :as => Person
@@ -41,27 +40,6 @@ class Request
     self.save
   end
   
-  #ENCRYPTION
-    
-  xml_accessor :creator_signature
-  key :creator_signature, String
-  
-  def signable_accessors
-    accessors = self.class.roxml_attrs.collect{|definition| 
-                definition.accessor}
-
-    accessors.delete 'person'
-    accessors.delete 'creator_signature'
-    accessors
-  end
-
-  def signable_string
-    signable_accessors.collect{|accessor| 
-                               (self.send accessor.to_sym).to_s}.join ';'
-  end
-
-  def signature_valid?; true; end
-
 protected
   def clean_link
     if self.destination_url

app/models/retraction.rb

@@ -1,7 +1,6 @@
 class Retraction
   include ROXML
   include Diaspora::Webhooks
-  include Encryptable
 
   xml_accessor :post_id
   xml_accessor :person_id
@@ -38,16 +37,6 @@ class Retraction
     end
   end
 
-  def signature_valid?
-    target = self.type.constantize.find_by_id(self.post_id)
-
-    if target.is_a? Person
-      verify_signature(@creator_signature, self.type.constantize.find_by_id(self.post_id))
-    else 
-      verify_signature(@creator_signature, self.type.constantize.find_by_id(self.post_id).person)
-    end
-  end
-
   def self.person_id_from(object)
     object.is_a?(Person) ? object.id : object.person.id
   end
@@ -56,21 +45,4 @@ class Retraction
     Person.find_by_id(self.person_id)
   end
 
-  #ENCRYPTION
-  xml_accessor :creator_signature
-
-  def signable_accessors
-    accessors = self.class.roxml_attrs.collect{|definition| 
-      definition.accessor}
-    accessors.delete 'person'
-    accessors.delete 'creator_signature'
-    accessors
-  end
-
-  def signable_string
-    signable_accessors.collect{|accessor| 
-      (self.send accessor.to_sym).to_s
-    }.join ';'
-  end
-  
 end

app/models/user.rb

@@ -101,7 +101,6 @@ class User
     options[:person] = self.person
     model_class = class_name.to_s.camelize.constantize
     post = model_class.instantiate(options)
-    post.creator_signature = post.sign_with_key(encryption_key)
     post.save
     self.raw_visible_posts << post
     self.save
@@ -111,10 +110,11 @@ class User
   def push_to_groups( post, group_ids )
     if group_ids == :all || group_ids == "all"
       groups = self.groups
+    elsif group_ids.is_a?(Array) && group_ids.first.class == Group
+      groups = group_ids
     else
       groups = self.groups.find_all_by_id( group_ids )
     end
-
     #send to the groups
     target_people = [] 
 
@@ -126,13 +126,7 @@ class User
     push_to_people(post, target_people)
   end
 
-  def people_in_groups groups
-    people = []
-    groups.each{ |group|
-      people = people | group.people
-    }
-    people
-  end
+
 
   def push_to_people(post, people)
     people.each{|person|
@@ -157,12 +151,19 @@ class User
 
   ######## Commenting  ########
   def comment(text, options = {})
+    comment = build_comment(text, options)
+    if comment
+      dispatch_comment comment
+      comment.socket_to_uid id
+    end
+    comment
+  end
+  
+  def build_comment( text, options = {})
     raise "must comment on something!" unless options[:on]
     comment = Comment.new(:person_id => self.person.id, :text => text, :post => options[:on])
     comment.creator_signature = comment.sign_with_key(encryption_key)
     if comment.save
-      dispatch_comment comment
-      comment.socket_to_uid id
       comment
     else
       Rails.logger.warn "this failed to save: #{comment.inspect}"
@@ -185,7 +186,6 @@ class User
   def retract( post )
     post.unsocket_from_uid(self.id) if post.respond_to? :unsocket_from_uid
     retraction = Retraction.for(post)
-    retraction.creator_signature = retraction.sign_with_key( encryption_key ) 
     push_to_people retraction, people_in_groups(groups_with_post(post.id))
     retraction
   end
@@ -216,10 +216,9 @@ class User
     object = Diaspora::Parser.from_xml(xml)
     Rails.logger.debug("Receiving object for #{self.real_name}:\n#{object.inspect}")
     Rails.logger.debug("From: #{object.person.inspect}") if object.person
-    raise "In receive for #{self.real_name}, signature was not valid on: #{object.inspect}" unless object.signature_valid?
 
     if object.is_a? Retraction
-      if object.type == 'Person' && object.signature_valid?
+      if object.type == 'Person'
 
         Rails.logger.info( "the person id is #{object.post_id} the friend found is #{visible_person_by_id(object.post_id).inspect}")
         unfriended_by visible_person_by_id(object.post_id)
@@ -247,14 +246,16 @@ class User
 
     elsif object.is_a?(Comment) 
       object.person = Diaspora::Parser.parse_or_find_person_from_xml( xml ).save if object.person.nil?
-      self.visible_people << object.person
+      self.visible_people = self.visible_people | [object.person]
       self.save
       Rails.logger.debug("The person parsed from comment xml is #{object.person.inspect}") unless object.person.nil?
       object.person.save
     Rails.logger.debug("From: #{object.person.inspect}") if object.person
       raise "In receive for #{self.real_name}, signature was not valid on: #{object.inspect}" unless object.post.person == self.person || object.verify_post_creator_signature
       object.save
-      dispatch_comment object unless owns?(object)
+      unless owns?(object)
+        dispatch_comment object
+      end
       object.socket_to_uid(id)  if (object.respond_to?(:socket_to_uid) && !self.owns?(object))
     else
       Rails.logger.debug("Saving object: #{object}")

lib/diaspora/user/friending.rb

@@ -79,7 +79,6 @@ module Diaspora
       def unfriend(bad_friend)
         Rails.logger.info("#{self.real_name} is unfriending #{bad_friend.inspect}")
         retraction = Retraction.for(self)
-        retraction.creator_signature = retraction.sign_with_key(encryption_key)
         retraction.push_to_url(bad_friend.receive_url) 
         remove_friend(bad_friend)
       end
@@ -109,9 +108,9 @@ module Diaspora
         person.user_refs += 1
         group.people << person
         friends << person
+        save
         person.save
         group.save
-        save
       end
 
       def request_from_me?(request)

lib/diaspora/user/querying.rb

@@ -46,6 +46,14 @@ module Diaspora
         groups.select { |g| g.person_ids.include? id}
       end
 
+      def people_in_groups groups
+        people = []
+        groups.each{ |group|
+          people = people | group.people
+        }
+        people
+      end
+
       def all_group_ids
         self.groups.all.collect{|x| x.id}
       end

lib/encryptable.rb

@@ -29,9 +29,5 @@
       Base64.encode64(key.sign "SHA", signable_string)
     end
 
-  def encrypted_xml_for(person)
-    person.encrypt self.to_diaspora_xml
-  end
-
   end
 

spec/models/comments_spec.rb

@@ -28,56 +28,78 @@ describe Comment do
 
     it 'should not send out comments when we have no people' do
       status = Factory.create(:status_message, :person => @user.person)
-      message_queue.should_not_receive(:add_post_request)
+      User::QUEUE.should_not_receive(:add_post_request)
       @user.comment "sup dog", :on => status
     end
 
     describe 'comment propagation' do
       before do
-
-
-        request = @user.send_friend_request_to(@user2, @group)
-        reversed_request = @user2.accept_friend_request( request.id, @group2.id )
-        @user.receive reversed_request.to_diaspora_xml
+        friend_users(@user, Group.first(:id => @group.id), @user2, @group2)
 
         @person = Factory.create(:person)
+        @user.activate_friend(@person, Group.first(:id => @group.id))
+
         @person2 = Factory.create(:person) 
         @person_status = Factory.build(:status_message, :person => @person)
-        @user_status = Factory.build(:status_message, :person => @user.person)
+
+        @user.reload
+        @user_status = @user.post :status_message, :message => "hi", :to => @group.id
+
+        @group.reload
+        @user.reload
+      end
+    
+      it 'should have the post in the groups post list' do
+        group = Group.first(:id => @group.id)
+        group.people.size.should == 2
+        group.post_ids.include?(@user_status.id).should be true
       end
 
       it "should send a user's comment on a person's post to that person" do
-        message_queue.should_receive(:add_post_request)
+        User::QUEUE.should_receive(:add_post_request)
         @user.comment "yo", :on => @person_status
       end
     
       it 'should send a user comment on his own post to lots of people' do
-        allowed_urls = @user.friends.map!{ |x| x = x.receive_url }
-        message_queue.should_receive(:add_post_request).with(allowed_urls, anything)
+
+        User::QUEUE.should_receive(:add_post_request).twice
         @user.comment "yo", :on => @user_status
       end
     
       it 'should send a comment a person made on your post to all people' do
-        message_queue.should_receive(:add_post_request)
         comment = Comment.new(:person_id => @person.id, :text => "balls", :post => @user_status)
+        User::QUEUE.should_receive(:add_post_request).twice
         @user.receive(comment.to_diaspora_xml)
       end
+      
       it 'should send a comment a user made on your post to all people' do
-        message_queue.should_receive(:add_post_request).twice
+        
         comment = @user2.comment( "balls", :on => @user_status)
+        User::QUEUE.should_receive(:add_post_request).twice
         @user.receive(comment.to_diaspora_xml)
       end
     
       it 'should not send a comment a person made on his own post to anyone' do
-        message_queue.should_not_receive(:add_post_request)
+        User::QUEUE.should_not_receive(:add_post_request)
         comment = Comment.new(:person_id => @person.id, :text => "balls", :post => @person_status)
         @user.receive(comment.to_diaspora_xml)
       end
+      
       it 'should not send a comment a person made on a person post to anyone' do
-        message_queue.should_not_receive(:add_post_request)
+        User::QUEUE.should_not_receive(:add_post_request)
         comment = Comment.new(:person_id => @person2.id, :text => "balls", :post => @person_status)
         @user.receive(comment.to_diaspora_xml)
       end
+
+      it 'should not clear the group post array on receiving a comment' do
+        @group.post_ids.include?(@user_status.id).should be true
+        comment = Comment.new(:person_id => @person.id, :text => "balls", :post => @user_status)
+
+        @user.receive(comment.to_diaspora_xml)
+
+        @group.reload
+        @group.post_ids.include?(@user_status.id).should be true
+      end
     end
     describe 'serialization' do
       it 'should serialize the commenter' do

spec/models/post_spec.rb

@@ -15,12 +15,6 @@ describe Post do
       @message.to_xml.to_s.include?(@user.person.email).should == true
     end
 
-    it 'should serialize to encrypted xml' do
-      enc_xml = @message.encrypted_xml_for(@user.person)
-      enc_xml.include?(@message.to_diaspora_xml).should be false
-      @user.decrypt(enc_xml).include?(@message.to_diaspora_xml).should be true
-    end
-
   end
 
   describe 'deletion' do

spec/models/user/posting_spec.rb

@@ -24,6 +24,12 @@ describe User do
     proc {@user.post(:status_message, :message => "heyheyhey")}.should raise_error /You must post to someone/ 
   end
 
+  it 'should put the post in the group post array' do
+    post = @user.post(:status_message, :message => "hey", :to => @group.id)
+    @group.reload
+    @group.post_ids.include?(post.id).should be true
+  end
+
   describe 'dispatching' do
     before do
       @post = @user.build_post :status_message, :message => "hey"

spec/user_encryption_spec.rb

@@ -70,82 +70,9 @@ describe 'user encryption' do
     end
   end
 
-  describe 'signing and verifying' do
-
-    it 'should sign a message on create' do
-      message = @user.post :status_message, :message => "hi", :to => @group.id
-      message.signature_valid?.should be true 
-    end
-
-    it 'should sign a retraction on create' do
-
-      unstub_mocha_stubs
-      message = @user.post :status_message, :message => "hi", :to => @group.id
-
-
-      retraction = @user.retract(message) 
-      retraction.signature_valid?.should be true
-
-    end
-    
-    it 'should not be able to verify a message from a person without a key' do 
-      person = Factory.create(:person, :serialized_key => "lskdfhdlfjnh;klsf")
-      message = Factory.build(:status_message, :person => person)
-      message.save(:validate => false)
-      lambda {message.signature_valid?.should be false}.should raise_error 
-    end
-    
-    it 'should verify a remote signature' do 
-      message = Factory.build(:status_message, :person => @person)
-      message.creator_signature = message.send(:sign_with_key,@person.encryption_key)
-      message.save(:validate => false)
-      message.signature_valid?.should be true
-    end
-    
-    it 'should know if the signature is from the wrong person' do
-      message = Factory.build(:status_message, :person => @person)
-      message.save(:validate => false)
-      message.creator_signature = message.send(:sign_with_key,@person.encryption_key)
-      message.person = @user
-      message.signature_valid?.should be false
-    end
-   
-    it 'should know if the signature is for the wrong text' do
-      message = Factory.build(:status_message, :person => @person)
-      message.creator_signature = message.send(:sign_with_key,@person.encryption_key)
-      message.message = 'I love VENISON'
-      message.save(:validate => false)
-      message.signature_valid?.should be false
-    end
-  end
-
-  describe 'sending and recieving signatures' do
-    it 'should contain the signature in the xml' do
-      message = @user.post :status_message, :message => "hi", :to => @group.id
-      xml = message.to_xml.to_s
-      xml.include?(message.creator_signature).should be true
-    end
-
-    it 'A message with an invalid signature should be rejected' do
-      @user2 = Factory.create :user
-
-      message = @user2.post :status_message, :message => "hey", :to => @user2.group(:name => "bruisers").id
-      message.creator_signature = "totally valid"
-      message.save(:validate => false)
-
-      xml = message.to_diaspora_xml
-      message.destroy
-      Post.count.should be 0
-      proc {@user.receive xml}.should raise_error /ignature was not valid/
-      Post.count.should be 0
-    end
-
-  end
   describe 'comments' do
     before do
-      @remote_message = Factory.build(:status_message, :person => @person)
-      @remote_message.creator_signature = @remote_message.send(:sign_with_key,@person.encryption_key)
-      @remote_message.save 
+      @remote_message = Factory.create(:status_message, :person => @person)
       @message = @user.post :status_message, :message => "hi", :to => @group.id
     end
     it 'should attach the creator signature if the user is commenting' do