diff options
-rw-r--r-- | app/designs/identity/cert_expiry_by_fingerprint.js | 12 | ||||
-rw-r--r-- | test/unit/identity_test.rb | 183 |
2 files changed, 112 insertions, 83 deletions
diff --git a/app/designs/identity/cert_expiry_by_fingerprint.js b/app/designs/identity/cert_expiry_by_fingerprint.js new file mode 100644 index 0000000..0636da5 --- /dev/null +++ b/app/designs/identity/cert_expiry_by_fingerprint.js @@ -0,0 +1,12 @@ +function(doc) { + if (doc.type != 'Identity') { + return; + } + if (typeof doc.cert_fingerprints === "object") { + for (fp in doc.cert_fingerprints) { + if (doc.cert_fingerprints.hasOwnProperty(fp)) { + emit(fp, doc.cert_fingerprints[fp]); + } + } + } +} diff --git a/test/unit/identity_test.rb b/test/unit/identity_test.rb index 933b0ff..cb0f6bd 100644 --- a/test/unit/identity_test.rb +++ b/test/unit/identity_test.rb @@ -7,149 +7,161 @@ class IdentityTest < ActiveSupport::TestCase @user = find_record :user end - test "blank identity does not crash on valid?" do - id = Identity.new - assert !id.valid? + teardown do + if @id && @id.persisted? + id = Identity.find(@id.id) + id.destroy if id.present? + end + end + + test "blank @identity does not crash on valid?" do + @id = Identity.new + assert !@id.valid? end - test "enabled identity requires destination" do - id = Identity.new user: @user, address: @user.email_address - assert !id.valid? - assert_equal ["can't be blank"], id.errors[:destination] + test "enabled @identity requires destination" do + @id = Identity.new user: @user, address: @user.email_address + assert !@id.valid? + assert_equal ["can't be blank"], @id.errors[:destination] end - test "disabled identity requires no destination" do - id = Identity.new address: @user.email_address - assert id.valid? + test "disabled @identity requires no destination" do + @id = Identity.new address: @user.email_address + assert @id.valid? end - test "initial identity for a user" do - id = Identity.for(@user) - assert_equal @user.email_address, id.address - assert_equal @user.email_address, id.destination - assert_equal @user, id.user + test "initial @identity for a user" do + @id = Identity.for(@user) + assert_equal @user.email_address, @id.address + assert_equal @user.email_address, @id.destination + assert_equal @user, @id.user end test "add alias" do - id = Identity.for @user, address: alias_name - assert_equal LocalEmail.new(alias_name), id.address - assert_equal @user.email_address, id.destination - assert_equal @user, id.user + @id = Identity.for @user, address: alias_name + assert_equal LocalEmail.new(alias_name), @id.address + assert_equal @user.email_address, @id.destination + assert_equal @user, @id.user end test "add forward" do - id = Identity.for @user, destination: forward_address - assert_equal @user.email_address, id.address - assert_equal Email.new(forward_address), id.destination - assert_equal @user, id.user + @id = Identity.for @user, destination: forward_address + assert_equal @user.email_address, @id.address + assert_equal Email.new(forward_address), @id.destination + assert_equal @user, @id.user end test "forward alias" do - id = Identity.for @user, address: alias_name, destination: forward_address - assert_equal LocalEmail.new(alias_name), id.address - assert_equal Email.new(forward_address), id.destination - assert_equal @user, id.user + @id = Identity.for @user, address: alias_name, destination: forward_address + assert_equal LocalEmail.new(alias_name), @id.address + assert_equal Email.new(forward_address), @id.destination + assert_equal @user, @id.user end test "prevents duplicates" do - id = Identity.create_for @user, address: alias_name, destination: forward_address + @id = Identity.create_for @user, address: alias_name, destination: forward_address dup = Identity.build_for @user, address: alias_name, destination: forward_address assert !dup.valid? assert_equal ["has already been taken"], dup.errors[:destination] - id.destroy end test "validates availability" do other_user = find_record :user - id = Identity.create_for @user, address: alias_name, destination: forward_address + @id = Identity.create_for @user, address: alias_name, destination: forward_address taken = Identity.build_for other_user, address: alias_name assert !taken.valid? assert_equal ["has already been taken"], taken.errors[:address] - id.destroy end test "setting and getting pgp key" do - id = Identity.for(@user) - id.set_key(:pgp, pgp_key_string) - assert_equal pgp_key_string, id.keys[:pgp] + @id = Identity.for(@user) + @id.set_key(:pgp, pgp_key_string) + assert_equal pgp_key_string, @id.keys[:pgp] end test "querying pgp key via couch" do - id = Identity.for(@user) - id.set_key(:pgp, pgp_key_string) - id.save - view = Identity.pgp_key_by_email.key(id.address) + @id = Identity.for(@user) + @id.set_key(:pgp, pgp_key_string) + @id.save + view = Identity.pgp_key_by_email.key(@id.address) assert_equal 1, view.rows.count assert result = view.rows.first - assert_equal id.address, result["key"] - assert_equal id.keys[:pgp], result["value"] - id.destroy + assert_equal @id.address, result["key"] + assert_equal @id.keys[:pgp], result["value"] end - test "fail to add non-local email address as identity address" do - id = Identity.for @user, address: forward_address - assert !id.valid? - assert_match /needs to end in/, id.errors[:address].first + test "fail to add non-local email address as @identity address" do + @id = Identity.for @user, address: forward_address + assert !@id.valid? + assert_match /needs to end in/, @id.errors[:address].first end test "alias must meet same conditions as login" do - id = Identity.create_for @user, address: alias_name.capitalize - assert !id.valid? + @id = Identity.create_for @user, address: alias_name.capitalize + assert !@id.valid? #hacky way to do this, but okay for now: - assert id.errors.messages.flatten(2).include? "Must begin with a lowercase letter" - assert id.errors.messages.flatten(2).include? "Only lowercase letters, digits, . - and _ allowed." + assert @id.errors.messages.flatten(2).include? "Must begin with a lowercase letter" + assert @id.errors.messages.flatten(2).include? "Only lowercase letters, digits, . - and _ allowed." end test "destination must be valid email address" do - id = Identity.create_for @user, address: @user.email_address, destination: 'ASKJDLFJD' - assert !id.valid? - assert id.errors.messages[:destination].include? "needs to be a valid email address" + @id = Identity.create_for @user, address: @user.email_address, destination: 'ASKJDLFJD' + assert !@id.valid? + assert @id.errors.messages[:destination].include? "needs to be a valid email address" end - test "disabled identity" do - id = Identity.for(@user) - id.disable - assert_equal @user.email_address, id.address - assert_equal nil, id.destination - assert_equal nil, id.user - assert !id.enabled? - assert id.valid? + test "disabled @identity" do + @id = Identity.for(@user) + @id.disable + assert_equal @user.email_address, @id.address + assert_equal nil, @id.destination + assert_equal nil, @id.user + assert !@id.enabled? + assert @id.valid? end - test "disabled identity blocks handle" do - id = Identity.for(@user) - id.disable - id.save + test "disabled @identity blocks handle" do + @id = Identity.for(@user) + @id.disable + @id.save other_user = find_record :user - taken = Identity.build_for other_user, address: id.address + taken = Identity.build_for other_user, address: @id.address assert !taken.valid? assert_equal ["has already been taken"], taken.errors[:address] - Identity.destroy_all_disabled end test "destroy all disabled identities" do - id = Identity.for(@user) - id.disable - id.save - assert Identity.count > 0 + @id = Identity.for(@user) + @id.disable + @id.save + assert Identity.disabled.count > 0 Identity.destroy_all_disabled assert_equal 0, Identity.disabled.count end test "store cert fingerprint" do - begin - id = Identity.for(@user) - cert = stub expiry: Time.now, fingerprint: "fp" - id.register_cert cert - id.save - entry = {cert.fingerprint => cert.expiry.to_date.to_s} - assert_equal entry, id.cert_fingerprints - row = Identity.cert_fingerprints_by_expiry.descending.rows.first - assert_equal row['key'], cert.expiry.to_date.to_s - assert_equal row['value'], cert.fingerprint - ensure - id.reload.destroy if id && id.persisted? - end + @id = Identity.for(@user) + @id.register_cert cert_stub + entry = {cert_stub.fingerprint => cert_stub.expiry.to_date.to_s} + assert_equal entry, @id.cert_fingerprints + end + + test "query cert fingerprints by expiry" do + @id = Identity.for(@user) + @id.register_cert cert_stub + @id.save + row = Identity.cert_fingerprints_by_expiry.descending.rows.first + assert_equal row['key'], cert_stub.expiry.to_date.to_s + assert_equal row['value'], cert_stub.fingerprint + end + + test "query cert expiry for a cert fingerprint" do + @id = Identity.for(@user) + @id.register_cert cert_stub + @id.save + row = Identity.cert_expiry_by_fingerprint.key(cert_stub.fingerprint).rows.first + assert_equal row['key'], cert_stub.fingerprint + assert_equal row['value'], cert_stub.expiry.to_date.to_s end def alias_name @@ -163,4 +175,9 @@ class IdentityTest < ActiveSupport::TestCase def pgp_key_string @pgp_key ||= "DUMMY PGP KEY ... "+SecureRandom.base64(4096) end + + def cert_stub + @cert_stub ||= stub expiry: 1.month.from_now, + fingerprint: SecureRandom.hex + end end |