nocebo/diaspora
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge branch 'master' of github.com:diaspora/diaspora_rails

Browse source 
Conflicts:
	app/models/post.rb
This commit is contained in:
danielvincent 2010-07-17 19:00:53 -07:00
commit c53efbe56f
15 changed files with 90 additions and 45 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
app/controllers/requests_controller.rb
View file

@ -26,7 +26,7 @@ class RequestsController < ApplicationController
def create
url = diaspora_url(params[:request][:destination_url])
@request = current_user.send_friend_request_to(url) unless url.include?('@')
@request = current_user.send_friend_request_to(url) unless url.include?('@')|| url == ''
if @request
flash[:notice] = "a friend request was sent to #{@request.destination_url}"
redirect_to requests_url

1
app/models/comment.rb
View file

@ -52,6 +52,7 @@ class Comment
def verify_post_creator_signature
unless person == User.owner
puts "verifying post creator sig from #{post.person.real_name}"
verify_signature(post_creator_signature, post.person)
else
true

4
app/models/photo.rb
View file

@ -1,6 +1,8 @@
class Photo < Post
require 'carrierwave/orm/mongomapper'
include MongoMapper::Document
before_validation {puts "I'M GONNA VALIDATE"}
before_save {puts "I'M GONNA SAVE"}
before_create {puts "I'M GONNA CREATE"}
mount_uploader :image, ImageUploader
end

10
app/models/post.rb
View file

@ -36,16 +36,16 @@ class Post
self.first(:person_id => person.id, :order => '_id desc')
end
def self.my_newest
self.newest(User.owner)
end
def self.my_newest
self.newest(User.owner)
end
def self.newest_by_email(email)
self.newest(Person.first(:email => email))
end
#ENCRYPTION
#before_validation :sign_if_mine
#validates_true_for :creator_signature, :logic => lambda {self.verify_creator_signature}
before_validation :sign_if_mine
validates_true_for :creator_signature, :logic => lambda {self.verify_creator_signature}
xml_accessor :creator_signature
key :creator_signature, String

1
app/views/requests/_form.haml
View file

@ -5,6 +5,5 @@
= f.label :destination_url
= f.text_field :destination_url
%p
= f.submit

2
app/views/requests/_new_request.haml
View file

@ -2,8 +2,8 @@
= f.error_messages
%p
enter a diaspora url, diaspora username, or random email address:
= f.label :destination_url
= f.text_field :destination_url
%p
= f.submit

2
config/sprinkle/packages/ruby.rb
View file

@ -33,7 +33,7 @@ end
package :diaspora_dependencies do
description 'random dependencies'
apt %w(libxslt1.1 libxslt1-dev libxml2 libgpgme11-dev )
apt %w(libxslt1.1 libxslt1-dev libxml2 libgpgme11-dev imagemagick libmagick9-dev)
end
#package :diaspora do
# description 'Diaspora'

1
lib/common.rb
View file

@ -30,6 +30,7 @@ module Diaspora
def store_objects_from_xml(xml)
objects = parse_objects_from_xml(xml)
objects.each do |p|
Rails.logger.info("Receiving object:\n#{p.inspect}")
if p.is_a? Retraction
p.perform
elsif p.is_a? Request

18
lib/encryptable.rb
View file

@ -3,30 +3,38 @@
""
end
def verify_creator_signature
#creator_signature = sign if creator_signature.nil? && person == User.owner
verify_signature(creator_signature, person)
end
def verify_signature(signature, person)
return false unless signature && person.key_fingerprint
validity = nil
GPGME::verify(creator_signature, signable_string,
{:armor => true, :always_trust => true}){ |signature|
validity = signature.status == GPGME::GPG_ERR_NO_ERROR &&
signature.fpr == person.key_fingerprint
GPGME::verify(signature, signable_string,
{:armor => true, :always_trust => true}){ |signature_analysis|
puts signature_analysis
validity = signature_analysis.status == GPGME::GPG_ERR_NO_ERROR &&
signature_analysis.fpr == person.key_fingerprint
}
return validity
end
protected
def sign_if_mine
puts "In sign_if_mine"
if self.person == User.owner
self.creator_signature = sign
end
end
def sign
puts "signing"
sign_with_key(User.owner.key)
end
def sign_with_key(key)
GPGME::sign(signable_string,nil,
{:armor=> true, :mode => GPGME::SIG_MODE_DETACH, :signers => [User.owner.key]})
{:armor=> true, :mode => GPGME::SIG_MODE_DETACH, :signers => [key]})
end
end

1
spec/controllers/requests_controller_spec.rb
View file

@ -3,6 +3,7 @@ require File.dirname(__FILE__) + '/../spec_helper'
describe RequestsController do
describe "profile" do
it 'should fetch the public webfinger profile on request' do
pending "Duplicate test"
#post :create {:request => {:destination_url => 'tom@tom.joindiaspora.com'}
url = RequestsController.diaspora_url('http://tom.joindiaspora.com/')

1
spec/helpers/requests_helper_spec.rb
View file

@ -5,6 +5,7 @@ include RequestsHelper
describe RequestsHelper do
describe "profile" do
it 'should fetch the public webfinger profile on request' do
pending "Can we please find a way to do this that doesn't freak me out if my internet connection is down? Thanks, Rafi"
#post :create {:request => {:destination_url => 'tom@tom.joindiaspora.com'}
url = diaspora_url('http://tom.joindiaspora.com/')

4
spec/lib/parser_spec.rb
View file

@ -127,8 +127,8 @@ describe "parser in application helper" do
it "should activate the Person if I initiated a request to that url" do
request = Request.instantiate(:to => @person.url, :from => @user).save
request_remote = Request.new(:_id => request.id)#
request_remote = Request.new
request_remote.destination_url = @user.url
request_remote.callback_url = @user.url
request_remote.person = @person

28
spec/models/photo_spec.rb
View file

@ -1,19 +1,39 @@
require File.dirname(__FILE__) + '/../spec_helper'
describe Photo do
before do
@user = Factory.create(:user)
@fixture_name = File.dirname(__FILE__) + '/../fixtures/bp.jpeg'
end
it 'should save a photo to GridFS' do
photo = Photo.new
fixture_name = File.dirname(__FILE__) + '/../fixtures/bp.jpeg'
file = File.open(fixture_name)
photo = Photo.new(:person => @user)
file = File.open(@fixture_name)
photo.image = file
photo.save.should == true
binary = photo.image.read
fixture_binary = File.open(fixture_name).read
fixture_binary = File.open(@fixture_name).read
binary.should == fixture_binary
end
it 'should create thumbnails' do
pending('need to figure this out... tearing issue')
end
describe 'with encryption' do
before do
unstub_mocha_stubs
end
after do
stub_signature_verification
end
it 'should save a signed photo to GridFS' do
photo = Photo.new(:person => @user)
photo.image = File.open(@fixture_name)
photo.save.should == true
photo.verify_creator_signature.should be true
end
end
end

26
spec/spec_helper.rb
View file

@ -42,11 +42,18 @@ end
end
def stub_signature_verification
Post.any_instance.stubs(:verify_creator_signature).returns(true)
StatusMessage.any_instance.stubs(:verify_creator_signature).returns(true)
Blog.any_instance.stubs(:verify_creator_signature).returns(true)
Bookmark.any_instance.stubs(:verify_creator_signature).returns(true)
Comment.any_instance.stubs(:verify_creator_signature).returns(true)
post_models = []
get_models.each{ |model|
constant_model = model.camelize.constantize
if constant_model == Post || constant_model.superclass == Post
post_models << constant_model
end
}
post_models.each{ | model|
model.any_instance.stubs(:verify_creator_signature).returns(true)
}
Comment.any_instance.stubs(:verify_post_creator_signature).returns(true)
Person.any_instance.stubs(:remove_key).returns(true)
User.any_instance.stubs(:remove_key).returns(true)
@ -54,5 +61,12 @@ end
def unstub_mocha_stubs
Mocha::Mockery.instance.stubba.unstub_all
end
def get_models
models = []
Dir.glob( File.dirname(__FILE__) + '/../app/models/*' ).each do |f|
models << File.basename( f ).gsub( /^(.+).rb/, '\1')
end
models
end

34
spec/user_encryption_spec.rb
View file

@ -100,8 +100,7 @@ describe 'user encryption' do
it 'should verify a remote signature' do
message = Factory.build(:status_message, :person => @person)
message.creator_signature = GPGME.sign(message.signable_string, nil,
{:mode => GPGME::SIG_MODE_DETACH, :armor => true, :signers => [@person.key]})
message.creator_signature = message.send(:sign_with_key,@person.key)
message.save(:validate => false)
message.verify_creator_signature.should be true
end
@ -109,16 +108,14 @@ describe 'user encryption' do
it 'should know if the signature is from the wrong person' do
message = Factory.build(:status_message, :person => @person)
message.save(:validate => false)
message.creator_signature = GPGME.sign(message.signable_string, nil,
{:mode => GPGME::SIG_MODE_DETACH, :armor => true, :signers => [@person.key]})
message.creator_signature = message.send(:sign_with_key,@person.key)
message.person = @user
message.verify_creator_signature.should be false
end
it 'should know if the signature is for the wrong text' do
message = Factory.build(:status_message, :person => @person)
message.creator_signature = GPGME.sign(message.signable_string, nil,
{:mode => GPGME::SIG_MODE_DETACH, :armor => true, :signers => [@person.key]})
message.creator_signature = message.send(:sign_with_key,@person.key)
message.message = 'I love VENISON'
message.save(:validate => false)
message.verify_creator_signature.should be false
@ -133,8 +130,7 @@ describe 'user encryption' do
end
it 'A message with an invalid signature should be rejected' do
message = Factory.build(:status_message, :person => @person)
message.creator_signature = GPGME.sign(message.signable_string, nil,
{:mode => GPGME::SIG_MODE_DETACH, :armor => true, :signers => [@user.key]})
message.creator_signature = message.send(:sign )
message.save
xml = Post.build_xml_for([message])
message.destroy
@ -147,10 +143,9 @@ describe 'user encryption' do
describe 'comments' do
before do
@remote_message = Factory.build(:status_message, :person => @person)
@remote_message.creator_signature = GPGME.sign(@remote_message.signable_string, nil,
{:mode => GPGME::SIG_MODE_DETACH, :armor => true, :signers => [@person.key]})
@remote_message.creator_signature = @remote_message.send(:sign_with_key,@person.key)
@remote_message.save
@message = Factory.create(:status_message, :person => @user)
end
it 'should attach the creator signature if the user is commenting' do
@user.comment "Yeah, it was great", :on => @remote_message
@ -160,29 +155,32 @@ describe 'user encryption' do
it 'should sign the comment if the user is the post creator' do
message = Factory.create(:status_message, :person => @user)
@user.comment "Yeah, it was great", :on => message
StatusMessage.first.comments.first.verify_creator_signature.should be true
message.comments.first.verify_creator_signature.should be true
StatusMessage.first.comments.first.verify_post_creator_signature.should be true
end
it 'should verify a comment made on a remote post by a different friend' do
comment = Comment.new(:person => @person2, :text => "balls", :post => @remote_message)
comment.creator_signature = GPGME.sign(comment.signable_string, nil,
{:mode => GPGME::SIG_MODE_DETACH, :armor => true, :signers => [@person2.key]})
comment.creator_signature = comment.send(:sign_with_key,@person2.key)
comment.verify_creator_signature.should be true
comment.valid?.should be false
comment.post_creator_signature = comment.send(:sign_with_key,@person.key)
comment.verify_post_creator_signature.should be true
comment.valid?.should be true
end
it 'should reject comments on a remote post with only a creator sig' do
comment = Comment.new(:person => @person2, :text => "balls", :post => @remote_message)
comment.creator_signature = GPGME.sign(comment.signable_string, nil,
{:mode => GPGME::SIG_MODE_DETACH, :armor => true, :signers => [@person2.key]})
comment.creator_signature = comment.send(:sign_with_key,@person2.key)
comment.verify_creator_signature.should be true
comment.verify_post_creator_signature.should be false
comment.save.should be false
end
it 'should receive remote comments on a user post with a creator sig' do
comment = Comment.new(:person => @person2, :text => "balls", :post => @message)
comment.creator_signature = comment.send(:sign_with_key,@person2.key)
comment.save.should be true
end
end