diff --git a/app/controllers/requests_controller.rb b/app/controllers/requests_controller.rb index b58258076..aeea38e05 100644 --- a/app/controllers/requests_controller.rb +++ b/app/controllers/requests_controller.rb @@ -26,7 +26,7 @@ class RequestsController < ApplicationController def create url = diaspora_url(params[:request][:destination_url]) - @request = current_user.send_friend_request_to(url) unless url.include?('@') + @request = current_user.send_friend_request_to(url) unless url.include?('@')|| url == '' if @request flash[:notice] = "a friend request was sent to #{@request.destination_url}" redirect_to requests_url diff --git a/app/models/comment.rb b/app/models/comment.rb index 8fbd9dd0c..7643e9eae 100644 --- a/app/models/comment.rb +++ b/app/models/comment.rb @@ -52,6 +52,7 @@ class Comment def verify_post_creator_signature unless person == User.owner + puts "verifying post creator sig from #{post.person.real_name}" verify_signature(post_creator_signature, post.person) else true diff --git a/app/models/photo.rb b/app/models/photo.rb index 8de0e993a..42e704273 100644 --- a/app/models/photo.rb +++ b/app/models/photo.rb @@ -1,6 +1,8 @@ class Photo < Post require 'carrierwave/orm/mongomapper' include MongoMapper::Document - + before_validation {puts "I'M GONNA VALIDATE"} + before_save {puts "I'M GONNA SAVE"} + before_create {puts "I'M GONNA CREATE"} mount_uploader :image, ImageUploader end diff --git a/app/models/post.rb b/app/models/post.rb index 81c66de88..383d56b10 100644 --- a/app/models/post.rb +++ b/app/models/post.rb @@ -36,16 +36,16 @@ class Post self.first(:person_id => person.id, :order => '_id desc') end - def self.my_newest - self.newest(User.owner) - end + def self.my_newest + self.newest(User.owner) + end def self.newest_by_email(email) self.newest(Person.first(:email => email)) end #ENCRYPTION - #before_validation :sign_if_mine - #validates_true_for :creator_signature, :logic => lambda {self.verify_creator_signature} + before_validation :sign_if_mine + validates_true_for :creator_signature, :logic => lambda {self.verify_creator_signature} xml_accessor :creator_signature key :creator_signature, String diff --git a/app/views/requests/_form.haml b/app/views/requests/_form.haml index 390062d8d..319265e29 100644 --- a/app/views/requests/_form.haml +++ b/app/views/requests/_form.haml @@ -5,6 +5,5 @@ = f.label :destination_url = f.text_field :destination_url - %p = f.submit diff --git a/app/views/requests/_new_request.haml b/app/views/requests/_new_request.haml index 319265e29..d44bdcea0 100644 --- a/app/views/requests/_new_request.haml +++ b/app/views/requests/_new_request.haml @@ -2,8 +2,8 @@ = f.error_messages %p + enter a diaspora url, diaspora username, or random email address: = f.label :destination_url = f.text_field :destination_url - %p = f.submit diff --git a/config/sprinkle/packages/ruby.rb b/config/sprinkle/packages/ruby.rb index e90b4e516..13ece39ca 100644 --- a/config/sprinkle/packages/ruby.rb +++ b/config/sprinkle/packages/ruby.rb @@ -33,7 +33,7 @@ end package :diaspora_dependencies do description 'random dependencies' - apt %w(libxslt1.1 libxslt1-dev libxml2 libgpgme11-dev ) + apt %w(libxslt1.1 libxslt1-dev libxml2 libgpgme11-dev imagemagick libmagick9-dev) end #package :diaspora do # description 'Diaspora' diff --git a/lib/common.rb b/lib/common.rb index f2fb5c29a..ccd4e5758 100644 --- a/lib/common.rb +++ b/lib/common.rb @@ -30,6 +30,7 @@ module Diaspora def store_objects_from_xml(xml) objects = parse_objects_from_xml(xml) objects.each do |p| + Rails.logger.info("Receiving object:\n#{p.inspect}") if p.is_a? Retraction p.perform elsif p.is_a? Request diff --git a/lib/encryptable.rb b/lib/encryptable.rb index c35ba70c3..226ae5e1f 100644 --- a/lib/encryptable.rb +++ b/lib/encryptable.rb @@ -3,30 +3,38 @@ "" end def verify_creator_signature + #creator_signature = sign if creator_signature.nil? && person == User.owner verify_signature(creator_signature, person) end def verify_signature(signature, person) return false unless signature && person.key_fingerprint validity = nil - GPGME::verify(creator_signature, signable_string, - {:armor => true, :always_trust => true}){ |signature| - validity = signature.status == GPGME::GPG_ERR_NO_ERROR && - signature.fpr == person.key_fingerprint + GPGME::verify(signature, signable_string, + {:armor => true, :always_trust => true}){ |signature_analysis| + puts signature_analysis + validity = signature_analysis.status == GPGME::GPG_ERR_NO_ERROR && + signature_analysis.fpr == person.key_fingerprint } return validity end protected def sign_if_mine + puts "In sign_if_mine" if self.person == User.owner self.creator_signature = sign end end def sign + puts "signing" + sign_with_key(User.owner.key) + end + + def sign_with_key(key) GPGME::sign(signable_string,nil, - {:armor=> true, :mode => GPGME::SIG_MODE_DETACH, :signers => [User.owner.key]}) + {:armor=> true, :mode => GPGME::SIG_MODE_DETACH, :signers => [key]}) end end diff --git a/spec/controllers/requests_controller_spec.rb b/spec/controllers/requests_controller_spec.rb index 82333f6bb..3cc8f7c41 100644 --- a/spec/controllers/requests_controller_spec.rb +++ b/spec/controllers/requests_controller_spec.rb @@ -3,6 +3,7 @@ require File.dirname(__FILE__) + '/../spec_helper' describe RequestsController do describe "profile" do it 'should fetch the public webfinger profile on request' do + pending "Duplicate test" #post :create {:request => {:destination_url => 'tom@tom.joindiaspora.com'} url = RequestsController.diaspora_url('http://tom.joindiaspora.com/') diff --git a/spec/helpers/requests_helper_spec.rb b/spec/helpers/requests_helper_spec.rb index 38d0d1cd4..b3a20f989 100644 --- a/spec/helpers/requests_helper_spec.rb +++ b/spec/helpers/requests_helper_spec.rb @@ -5,6 +5,7 @@ include RequestsHelper describe RequestsHelper do describe "profile" do it 'should fetch the public webfinger profile on request' do + pending "Can we please find a way to do this that doesn't freak me out if my internet connection is down? Thanks, Rafi" #post :create {:request => {:destination_url => 'tom@tom.joindiaspora.com'} url = diaspora_url('http://tom.joindiaspora.com/') diff --git a/spec/lib/parser_spec.rb b/spec/lib/parser_spec.rb index 4b4c7cc2d..697d773c1 100644 --- a/spec/lib/parser_spec.rb +++ b/spec/lib/parser_spec.rb @@ -127,8 +127,8 @@ describe "parser in application helper" do it "should activate the Person if I initiated a request to that url" do request = Request.instantiate(:to => @person.url, :from => @user).save - - request_remote = Request.new(:_id => request.id)# + + request_remote = Request.new request_remote.destination_url = @user.url request_remote.callback_url = @user.url request_remote.person = @person diff --git a/spec/models/photo_spec.rb b/spec/models/photo_spec.rb index 9936f6c9b..148251e8d 100644 --- a/spec/models/photo_spec.rb +++ b/spec/models/photo_spec.rb @@ -1,19 +1,39 @@ require File.dirname(__FILE__) + '/../spec_helper' describe Photo do + before do + @user = Factory.create(:user) + @fixture_name = File.dirname(__FILE__) + '/../fixtures/bp.jpeg' + end it 'should save a photo to GridFS' do - photo = Photo.new - fixture_name = File.dirname(__FILE__) + '/../fixtures/bp.jpeg' - file = File.open(fixture_name) + photo = Photo.new(:person => @user) + file = File.open(@fixture_name) photo.image = file photo.save.should == true binary = photo.image.read - fixture_binary = File.open(fixture_name).read + fixture_binary = File.open(@fixture_name).read binary.should == fixture_binary end it 'should create thumbnails' do pending('need to figure this out... tearing issue') end + describe 'with encryption' do + + before do + unstub_mocha_stubs + end + + after do + stub_signature_verification + end + it 'should save a signed photo to GridFS' do + photo = Photo.new(:person => @user) + photo.image = File.open(@fixture_name) + photo.save.should == true + photo.verify_creator_signature.should be true + end + + end end diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index f0156464d..7194908bb 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -42,11 +42,18 @@ end end def stub_signature_verification - Post.any_instance.stubs(:verify_creator_signature).returns(true) - StatusMessage.any_instance.stubs(:verify_creator_signature).returns(true) - Blog.any_instance.stubs(:verify_creator_signature).returns(true) - Bookmark.any_instance.stubs(:verify_creator_signature).returns(true) - Comment.any_instance.stubs(:verify_creator_signature).returns(true) + post_models = [] + get_models.each{ |model| + constant_model = model.camelize.constantize + if constant_model == Post || constant_model.superclass == Post + post_models << constant_model + end + } + + post_models.each{ | model| + model.any_instance.stubs(:verify_creator_signature).returns(true) + } + Comment.any_instance.stubs(:verify_post_creator_signature).returns(true) Person.any_instance.stubs(:remove_key).returns(true) User.any_instance.stubs(:remove_key).returns(true) @@ -54,5 +61,12 @@ end def unstub_mocha_stubs Mocha::Mockery.instance.stubba.unstub_all - + end + + def get_models + models = [] + Dir.glob( File.dirname(__FILE__) + '/../app/models/*' ).each do |f| + models << File.basename( f ).gsub( /^(.+).rb/, '\1') + end + models end diff --git a/spec/user_encryption_spec.rb b/spec/user_encryption_spec.rb index b0083f0ec..e05b31d29 100644 --- a/spec/user_encryption_spec.rb +++ b/spec/user_encryption_spec.rb @@ -100,8 +100,7 @@ describe 'user encryption' do it 'should verify a remote signature' do message = Factory.build(:status_message, :person => @person) - message.creator_signature = GPGME.sign(message.signable_string, nil, - {:mode => GPGME::SIG_MODE_DETACH, :armor => true, :signers => [@person.key]}) + message.creator_signature = message.send(:sign_with_key,@person.key) message.save(:validate => false) message.verify_creator_signature.should be true end @@ -109,16 +108,14 @@ describe 'user encryption' do it 'should know if the signature is from the wrong person' do message = Factory.build(:status_message, :person => @person) message.save(:validate => false) - message.creator_signature = GPGME.sign(message.signable_string, nil, - {:mode => GPGME::SIG_MODE_DETACH, :armor => true, :signers => [@person.key]}) + message.creator_signature = message.send(:sign_with_key,@person.key) message.person = @user message.verify_creator_signature.should be false end it 'should know if the signature is for the wrong text' do message = Factory.build(:status_message, :person => @person) - message.creator_signature = GPGME.sign(message.signable_string, nil, - {:mode => GPGME::SIG_MODE_DETACH, :armor => true, :signers => [@person.key]}) + message.creator_signature = message.send(:sign_with_key,@person.key) message.message = 'I love VENISON' message.save(:validate => false) message.verify_creator_signature.should be false @@ -133,8 +130,7 @@ describe 'user encryption' do end it 'A message with an invalid signature should be rejected' do message = Factory.build(:status_message, :person => @person) - message.creator_signature = GPGME.sign(message.signable_string, nil, - {:mode => GPGME::SIG_MODE_DETACH, :armor => true, :signers => [@user.key]}) + message.creator_signature = message.send(:sign ) message.save xml = Post.build_xml_for([message]) message.destroy @@ -147,10 +143,9 @@ describe 'user encryption' do describe 'comments' do before do @remote_message = Factory.build(:status_message, :person => @person) - @remote_message.creator_signature = GPGME.sign(@remote_message.signable_string, nil, - {:mode => GPGME::SIG_MODE_DETACH, :armor => true, :signers => [@person.key]}) + @remote_message.creator_signature = @remote_message.send(:sign_with_key,@person.key) @remote_message.save - + @message = Factory.create(:status_message, :person => @user) end it 'should attach the creator signature if the user is commenting' do @user.comment "Yeah, it was great", :on => @remote_message @@ -160,29 +155,32 @@ describe 'user encryption' do it 'should sign the comment if the user is the post creator' do message = Factory.create(:status_message, :person => @user) @user.comment "Yeah, it was great", :on => message - StatusMessage.first.comments.first.verify_creator_signature.should be true + message.comments.first.verify_creator_signature.should be true StatusMessage.first.comments.first.verify_post_creator_signature.should be true end it 'should verify a comment made on a remote post by a different friend' do comment = Comment.new(:person => @person2, :text => "balls", :post => @remote_message) - comment.creator_signature = GPGME.sign(comment.signable_string, nil, - {:mode => GPGME::SIG_MODE_DETACH, :armor => true, :signers => [@person2.key]}) + comment.creator_signature = comment.send(:sign_with_key,@person2.key) comment.verify_creator_signature.should be true - + comment.valid?.should be false + comment.post_creator_signature = comment.send(:sign_with_key,@person.key) + comment.verify_post_creator_signature.should be true + comment.valid?.should be true end it 'should reject comments on a remote post with only a creator sig' do comment = Comment.new(:person => @person2, :text => "balls", :post => @remote_message) - comment.creator_signature = GPGME.sign(comment.signable_string, nil, - {:mode => GPGME::SIG_MODE_DETACH, :armor => true, :signers => [@person2.key]}) + comment.creator_signature = comment.send(:sign_with_key,@person2.key) comment.verify_creator_signature.should be true comment.verify_post_creator_signature.should be false comment.save.should be false end it 'should receive remote comments on a user post with a creator sig' do - + comment = Comment.new(:person => @person2, :text => "balls", :post => @message) + comment.creator_signature = comment.send(:sign_with_key,@person2.key) + comment.save.should be true end end