Merge branch 'master' of github.com:diaspora/diaspora

spec/lib/encryptor_spec.rb

@@ -0,0 +1,54 @@
+#   Copyright (c) 2010, Diaspora Inc.  This file is
+#   licensed under the Affero General Public License version 3 or later.  See
+#   the COPYRIGHT file.
+
+require 'spec_helper'
+
+describe 'user encryption' do
+  before do
+    @user = Factory.create(:user)
+    @aspect = @user.aspect(:name => 'dudes')
+  end
+
+  describe 'key exchange on friending' do
+
+    it 'should receive and marshal a public key from a request' do
+      remote_user = Factory.build(:user)
+      remote_user.encryption_key.nil?.should== false
+
+      deliverable = Object.new
+      deliverable.stub!(:deliver)
+      Notifier.stub!(:new_request).and_return(deliverable)
+      Person.should_receive(:by_webfinger).and_return(remote_user.person)
+      #should move this to friend request, but i found it here
+      id = remote_user.person.id
+      original_key = remote_user.exported_key
+
+      request = remote_user.send_friend_request_to(
+        @user.person, remote_user.aspect(:name => "temp"))
+
+      xml = remote_user.salmon(request).xml_for(@user)
+
+      remote_user.person.delete
+      remote_user.delete
+
+      person_count = Person.all.count
+      @user.receive_salmon xml
+        
+      Person.all.count.should == person_count + 1
+      new_person = Person.first(:id => id)
+      new_person.exported_key.should == original_key
+    end
+  end
+
+  describe 'encryption' do
+    before do
+      @string = File.open(File.dirname(__FILE__) + '/../fixtures/fb_status').read
+    end
+    it 'should encrypt a string' do
+      ciphertext = @user.encrypt @string
+      ciphertext.include?(@string).should be false
+      @user.decrypt(ciphertext).should == @string
+    end
+  end
+end

spec/models/comment_spec.rb

@@ -97,6 +97,10 @@ describe Comment do
       user.receive comment.to_diaspora_xml, user2.person
     end
 
+    context 'posts from a remote person' do
+      before(:all) do
+        stub_comment_signature_verification
+      end
     it 'should not send a comment a person made on his own post to anyone' do
       User::QUEUE.should_not_receive(:add_post_request)
       comment = Comment.new(:person_id => @person.id, :text => "balls", :post => @person_status)
@@ -108,6 +112,10 @@ describe Comment do
       comment = Comment.new(:person_id => @person2.id, :text => "balls", :post => @person_status)
       user.receive comment.to_diaspora_xml, @person
     end
+    after(:all) do
+      unstub_mocha_stubs
+    end
+  end
 
     it 'should not clear the aspect post array on receiving a comment' do
       aspect.post_ids.include?(@user_status.id).should be true
@@ -130,4 +138,50 @@ describe Comment do
       comment.to_diaspora_xml.include?(commenter.person.id.to_s).should be true
     end
   end
+
+  describe 'comments' do
+    before do
+      friend_users(user, aspect, user2, aspect2)
+      @remote_message = user2.post :status_message, :message => "hello", :to => aspect2.id
+
+
+      @message = user.post :status_message, :message => "hi", :to => aspect.id
+    end
+    it 'should attach the creator signature if the user is commenting' do
+      user.comment "Yeah, it was great", :on => @remote_message
+      @remote_message.comments.first.signature_valid?.should be true
+    end
+
+    it 'should sign the comment if the user is the post creator' do
+      message = user.post :status_message, :message => "hi", :to => aspect.id
+      user.comment "Yeah, it was great", :on => message
+      message.comments.first.signature_valid?.should be true
+      message.comments.first.verify_post_creator_signature.should be true
+    end
+
+    it 'should verify a comment made on a remote post by a different friend' do
+      comment = Comment.new(:person => user2.person, :text => "cats", :post => @remote_message)
+      comment.creator_signature = comment.send(:sign_with_key,user2.encryption_key)
+      comment.signature_valid?.should be true
+      comment.verify_post_creator_signature.should be false
+      comment.post_creator_signature = comment.send(:sign_with_key,user.encryption_key)
+      comment.verify_post_creator_signature.should be true
+    end
+
+    it 'should reject comments on a remote post with only a creator sig' do
+      comment = Comment.new(:person => user2.person, :text => "cats", :post => @remote_message)
+      comment.creator_signature = comment.send(:sign_with_key,user2.encryption_key)
+      comment.signature_valid?.should be true
+      comment.verify_post_creator_signature.should be false
+    end
+
+    it 'should receive remote comments on a user post with a creator sig' do
+      comment = Comment.new(:person => user2.person, :text => "cats", :post => @message)
+      comment.creator_signature = comment.send(:sign_with_key,user2.encryption_key)
+      comment.signature_valid?.should be true
+      comment.verify_post_creator_signature.should be false
+    end
+
+  end
+
 end

spec/models/request_spec.rb

@@ -28,6 +28,7 @@ describe Request do
     xml.should include user.person.url
     xml.should include user.profile.first_name
     xml.should include user.profile.last_name
+    xml.should include user.exported_key
   end
 
   it 'should allow me to see only friend requests sent to me' do

spec/models/user/receive_spec.rb

@@ -115,6 +115,7 @@ describe User do
       comment_id = comment.id
 
       comment.delete
+      comment.post_creator_signature = comment.sign_with_key(user.encryption_key)
       user3.receive comment.to_diaspora_xml, user.person
       user3.reload
 

spec/models/user_spec.rb

@@ -10,6 +10,10 @@ describe User do
   let(:user2) { Factory(:user) }
   let(:aspect2) { user2.aspect(:name => 'stuff') }
 
+  it 'should have a key' do
+    user.encryption_key.should_not be nil
+  end
+
   describe "validation" do
     describe "of associated person" do
       it "fails if person is not valid" do

spec/spec_helper.rb

@@ -25,10 +25,6 @@ RSpec.configure do |config|
   DatabaseCleaner.strategy = :truncation
   DatabaseCleaner.orm = "mongo_mapper"
 
-  config.before(:suite) do
-    stub_signature_verification
-  end
-
   config.before(:each) do
     stub_sockets
     DatabaseCleaner.clean
@@ -49,10 +45,8 @@ ImageUploader.enable_processing = false
     Diaspora::WebSocket.unstub!(:unsubscribe)
   end
 
-  def stub_signature_verification
-    (get_models.map{|model| model.camelize.constantize} - [User]).each do |model|
-      model.any_instance.stubs(:verify_signature).returns(true)
-    end
+  def stub_comment_signature_verification
+    Comment.any_instance.stubs(:verify_signature).returns(true)
   end
 
   def unstub_mocha_stubs
@@ -82,11 +76,12 @@ ImageUploader.enable_processing = false
     aspect2.reload
   end
 
-  def stub_success(address = 'abc@example.com')
+  def stub_success(address = 'abc@example.com', opts = {})
     host = address.split('@')[1]
     stub_request(:get, "https://#{host}/.well-known/host-meta").to_return(:status => 200, :body => host_xrd)
     stub_request(:get, "http://#{host}/.well-known/host-meta").to_return(:status => 200, :body => host_xrd)
-    if host.include?("joindiaspora.com")
+    if opts[:diaspora] || host.include?("diaspora")
+      puts address
       stub_request(:get, /webfinger\/\?q=#{address}/).to_return(:status => 200, :body => finger_xrd)
       stub_request(:get, "http://#{host}/hcard/users/4c8eccce34b7da59ff000002").to_return(:status => 200, :body => hcard_response)
     else

spec/user_encryption_spec.rb

@@ -1,113 +0,0 @@
-#   Copyright (c) 2010, Diaspora Inc.  This file is
-#   licensed under the Affero General Public License version 3 or later.  See
-#   the COPYRIGHT file.
-
-require 'spec_helper'
-
-describe 'user encryption' do
-  before do
-    unstub_mocha_stubs
-    @user = Factory.create(:user)
-    @aspect = @user.aspect(:name => 'dudes')
-
-    @user2 = Factory.create(:user)
-    @aspect2 = @user2.aspect(:name => 'dudes')
-  end
-
-  after  do
-    stub_signature_verification
-    #gpgdir = File.expand_path("../../db/gpg-#{Rails.env}", __FILE__)
-    #ctx = GPGME::Ctx.new
-    #keys = ctx.keys
-    #keys.each{|k| ctx.delete_key(k, true)}
-  end
-  it 'should have a key' do
-    @user.encryption_key.should_not be nil
-  end
-  describe 'key exchange on friending' do
-    it 'should send over a public key' do
-      message_queue.stub!(:add_post_request)
-      request = @user.send_friend_request_to(Factory.create(:person), @aspect)
-      request.to_diaspora_xml.include?( @user.exported_key).should be true
-    end
-
-    it 'should receive and marshal a public key from a request' do
-      remote_user = Factory.build(:user)
-      remote_user.encryption_key.nil?.should== false
-      #should move this to friend request, but i found it here
-      id = remote_user.person.id
-      original_key = remote_user.exported_key
-
-      request = remote_user.send_friend_request_to(
-        @user.person, remote_user.aspect(:name => "temp"))
-
-      xml = request.to_diaspora_xml
-
-      remote_user.person.delete
-      remote_user.delete
-
-      person_count = Person.all.count
-      @user.receive xml, remote_user.person
-        
-      Person.all.count.should == person_count + 1
-      new_person = Person.first(:id => id)
-      new_person.exported_key.should == original_key
-    end
-  end
-
-  describe 'encryption' do
-    before do
-      @message = @user.post :status_message, :message => "hi", :to => @aspect.id
-    end
-    it 'should encrypt large messages' do
-      ciphertext = @user.encrypt @message.to_diaspora_xml
-      ciphertext.include?(@message.to_diaspora_xml).should be false
-      @user.decrypt(ciphertext).include?(@message.to_diaspora_xml).should be true
-    end
-  end
-
-  describe 'comments' do
-    before do
-      friend_users(@user, @aspect, @user2, @aspect2)
-      @remote_message = @user2.post :status_message, :message => "hello", :to => @aspect2.id
-
-
-      @message = @user.post :status_message, :message => "hi", :to => @aspect.id
-    end
-    it 'should attach the creator signature if the user is commenting' do
-      @user.comment "Yeah, it was great", :on => @remote_message
-      @remote_message.comments.first.signature_valid?.should be true
-    end
-
-    it 'should sign the comment if the user is the post creator' do
-      message = @user.post :status_message, :message => "hi", :to => @aspect.id
-      @user.comment "Yeah, it was great", :on => message
-      message.comments.first.signature_valid?.should be true
-      message.comments.first.verify_post_creator_signature.should be true
-    end
-
-    it 'should verify a comment made on a remote post by a different friend' do
-      comment = Comment.new(:person => @user2.person, :text => "cats", :post => @remote_message)
-      comment.creator_signature = comment.send(:sign_with_key,@user2.encryption_key)
-      comment.signature_valid?.should be true
-      comment.verify_post_creator_signature.should be false
-      comment.post_creator_signature = comment.send(:sign_with_key,@user.encryption_key)
-      comment.verify_post_creator_signature.should be true
-    end
-
-    it 'should reject comments on a remote post with only a creator sig' do
-      comment = Comment.new(:person => @user2.person, :text => "cats", :post => @remote_message)
-      comment.creator_signature = comment.send(:sign_with_key,@user2.encryption_key)
-      comment.signature_valid?.should be true
-      comment.verify_post_creator_signature.should be false
-    end
-
-    it 'should receive remote comments on a user post with a creator sig' do
-      comment = Comment.new(:person => @user2.person, :text => "cats", :post => @message)
-      comment.creator_signature = comment.send(:sign_with_key,@user2.encryption_key)
-      comment.signature_valid?.should be true
-      comment.verify_post_creator_signature.should be false
-    end
-
-  end
-end