set parent_author_signature on RelayableRetraction if author is parent author

the target_author_signature is only checked, if the parent author receives it. so the parent_author_signature is the important signature.
2016-06-05 16:11:15 +02:00 · 2016-06-05 16:11:15 +02:00 · 77c3165c51
commit 77c3165c51
parent 4bde03e2de
2 changed files with 21 additions and 4 deletions
--- a/lib/diaspora_federation/entities/relayable_retraction.rb
+++ b/lib/diaspora_federation/entities/relayable_retraction.rb
@ -95,10 +95,10 @@ module DiasporaFederation
      # @param [OpenSSL::PKey::RSA] privkey private key of sender
      # @param [Hash] hash hash given for a signing
      def fill_required_signature(privkey, hash)
-        if target.author == author && target_author_signature.nil?
-          hash[:target_author_signature] = SignedRetraction.sign_with_key(privkey, self)
-        elsif target.parent.author == author && parent_author_signature.nil?
+        if target.parent.author == author && parent_author_signature.nil?
          hash[:parent_author_signature] = SignedRetraction.sign_with_key(privkey, self)
+        elsif target.author == author && target_author_signature.nil?
+          hash[:target_author_signature] = SignedRetraction.sign_with_key(privkey, self)
        end
      end
    end
--- a/spec/lib/diaspora_federation/entities/relayable_retraction_spec.rb
+++ b/spec/lib/diaspora_federation/entities/relayable_retraction_spec.rb
@ -44,7 +44,10 @@ XML
      let(:author_pkey) { OpenSSL::PKey::RSA.generate(1024) }
      let(:hash) { FactoryGirl.attributes_for(:relayable_retraction_entity) }

-      it "updates author signature when it was nil and key was supplied" do
+      it "updates author signature when it was nil and key was supplied and author is not parent author" do
+        parent = FactoryGirl.build(:related_entity, author: bob.diaspora_id)
+        hash[:target] = FactoryGirl.build(:related_entity, author: hash[:author], parent: parent)
+
        expect_callback(:fetch_private_key, hash[:author]).and_return(author_pkey)

        signed_string = "#{hash[:target_guid]};#{hash[:target_type]}"
@ -55,6 +58,20 @@ XML
        expect(author_pkey.verify(OpenSSL::Digest::SHA256.new, signature, signed_string)).to be_truthy
      end

+      it "sets parent author signature when author is parent author" do
+        parent = FactoryGirl.build(:related_entity, author: hash[:author])
+        hash[:target] = FactoryGirl.build(:related_entity, author: hash[:author], parent: parent)
+
+        expect_callback(:fetch_private_key, hash[:author]).and_return(author_pkey)
+
+        signed_string = "#{hash[:target_guid]};#{hash[:target_type]}"
+
+        xml = Entities::RelayableRetraction.new(hash).to_xml
+
+        signature = Base64.decode64(xml.at_xpath("parent_author_signature").text)
+        expect(author_pkey.verify(OpenSSL::Digest::SHA256.new, signature, signed_string)).to be_truthy
+      end
+
      it "updates parent author signature when it was nil, key was supplied and sender is author of the parent" do
        parent = FactoryGirl.build(:related_entity, author: hash[:author])
        hash[:target] = FactoryGirl.build(:related_entity, author: bob.diaspora_id, parent: parent)