diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2022-07-20 15:40:28 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2022-07-20 15:40:28 +0000 |
commit | b595cb0c1dec83de5bdee18284abe86614bed33b (patch) | |
tree | 8c3d4540f193c5ff98019352f554e921b3a41a72 /spec/models/key_spec.rb | |
parent | 2f9104a328fc8a4bddeaa4627b595166d24671d0 (diff) | |
download | gitlab-ce-b595cb0c1dec83de5bdee18284abe86614bed33b.tar.gz |
Add latest changes from gitlab-org/gitlab@15-2-stable-eev15.2.0-rc42
Diffstat (limited to 'spec/models/key_spec.rb')
-rw-r--r-- | spec/models/key_spec.rb | 105 |
1 files changed, 41 insertions, 64 deletions
diff --git a/spec/models/key_spec.rb b/spec/models/key_spec.rb index a9d1a8a5ef2..b98c0e8eae0 100644 --- a/spec/models/key_spec.rb +++ b/spec/models/key_spec.rb @@ -47,10 +47,9 @@ RSpec.describe Key, :mailer do end describe 'validation of banned keys' do - let_it_be(:user) { create(:user) } - let(:key) { build(:key) } - let(:banned_keys) do + + where(:key_content) do [ 'ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAwRIdDlHaIqZXND/l1vFT7ue3rc/DvXh2y' \ 'x5EFtuxGQRHVxGMazDhV4vj5ANGXDQwUYI0iZh6aOVrDy8I/y9/y+YDGCvsnqrDbuPDjW' \ @@ -131,68 +130,13 @@ RSpec.describe Key, :mailer do ] end - context 'when ssh_banned_key feature flag is enabled with a user' do - before do - stub_feature_flags(ssh_banned_key: user) - end - - where(:key_content) { banned_keys } - - with_them do - it 'does not allow banned keys' do - key.key = key_content - key.user = user - - expect(key).to be_invalid - expect(key.errors[:key]).to include( - _('cannot be used because it belongs to a compromised private key. Stop using this key and generate a new one.')) - end - - it 'allows when the user is a ghost user' do - key.key = key_content - key.user = User.ghost - - expect(key).to be_valid - end - - it 'allows when the user is nil' do - key.key = key_content - key.user = nil - - expect(key).to be_valid - end - end - - it 'allows other keys' do - key.user = user - - expect(key).to be_valid - end - - it 'allows other users' do - key.user = User.ghost - - expect(key).to be_valid - end - end - - context 'when ssh_banned_key feature flag is disabled' do - before do - stub_feature_flags(ssh_banned_key: false) - end - - where(:key_content) { banned_keys } + with_them do + it 'does not allow banned keys' do + key.key = key_content - with_them do - it 'allows banned keys' do - key.key = key_content - - expect(key).to be_valid - end - end - - it 'allows other keys' do - expect(key).to be_valid + expect(key).to be_invalid + expect(key.errors[:key]).to include( + _('cannot be used because it belongs to a compromised private key. Stop using this key and generate a new one.')) end end end @@ -296,6 +240,39 @@ RSpec.describe Key, :mailer do end end + describe '#ensure_sha256_fingerprint!' do + let_it_be_with_reload(:user_key) { create(:personal_key) } + + context 'with a valid SHA256 fingerprint' do + it 'does nothing' do + expect(user_key).not_to receive(:generate_fingerprint) + + user_key.ensure_sha256_fingerprint! + end + end + + context 'with a missing SHA256 fingerprint' do + before do + user_key.update_column(:fingerprint_sha256, nil) + user_key.ensure_sha256_fingerprint! + end + + it 'fingerprints are present' do + expect(user_key.reload.fingerprint_sha256).to be_present + end + end + + context 'with an invalid public key' do + before do + user_key.update_column(:key, 'a') + end + + it 'does not throw an exception' do + expect { user_key.ensure_sha256_fingerprint! }.not_to raise_error + end + end + end + context 'fingerprint generation' do it 'generates both md5 and sha256 fingerprints' do key = build(:rsa_key_4096) |