diff options
Diffstat (limited to 'test')
-rw-r--r-- | test/functional/v1/smtp_certs_controller_test.rb | 3 | ||||
-rw-r--r-- | test/integration/api/smtp_cert_test.rb | 6 | ||||
-rw-r--r-- | test/unit/identity_test.rb | 173 |
3 files changed, 109 insertions, 73 deletions
diff --git a/test/functional/v1/smtp_certs_controller_test.rb b/test/functional/v1/smtp_certs_controller_test.rb index 9281ae6..3427e2d 100644 --- a/test/functional/v1/smtp_certs_controller_test.rb +++ b/test/functional/v1/smtp_certs_controller_test.rb @@ -27,7 +27,8 @@ class V1::SmtpCertsControllerTest < ActionController::TestCase protected def expect_cert(prefix) - cert = stub :to_s => "#{prefix.downcase} cert" + cert = stub to_s: "#{prefix.downcase} cert", + expiry: 1.month.from_now.utc.at_midnight ClientCertificate.expects(:new). with(:prefix => prefix). returns(cert) diff --git a/test/integration/api/smtp_cert_test.rb b/test/integration/api/smtp_cert_test.rb index f72362d..7697e44 100644 --- a/test/integration/api/smtp_cert_test.rb +++ b/test/integration/api/smtp_cert_test.rb @@ -33,8 +33,10 @@ class SmtpCertTest < ApiIntegrationTest assert_text_response cert = OpenSSL::X509::Certificate.new(get_response.body) fingerprint = OpenSSL::Digest::SHA1.hexdigest(cert.to_der).scan(/../).join(':') - today = DateTime.now.to_date.to_s - assert_equal({fingerprint => today}, @user.reload.identity.cert_fingerprints) + expiry = APP_CONFIG[:client_cert_lifespan].months.from_now.utc.midnight + expiry_string = expiry.to_date.to_s + fingerprints = {fingerprint => expiry_string} + assert_equal fingerprints, @user.reload.identity.cert_fingerprints end test "fetching smtp certs requires email account" do diff --git a/test/unit/identity_test.rb b/test/unit/identity_test.rb index 49b2075..cb0f6bd 100644 --- a/test/unit/identity_test.rb +++ b/test/unit/identity_test.rb @@ -7,135 +7,163 @@ class IdentityTest < ActiveSupport::TestCase @user = find_record :user end - test "blank identity does not crash on valid?" do - id = Identity.new - assert !id.valid? + teardown do + if @id && @id.persisted? + id = Identity.find(@id.id) + id.destroy if id.present? + end end - test "enabled identity requires destination" do - id = Identity.new user: @user, address: @user.email_address - assert !id.valid? - assert_equal ["can't be blank"], id.errors[:destination] + test "blank @identity does not crash on valid?" do + @id = Identity.new + assert !@id.valid? end - test "disabled identity requires no destination" do - id = Identity.new address: @user.email_address - assert id.valid? + test "enabled @identity requires destination" do + @id = Identity.new user: @user, address: @user.email_address + assert !@id.valid? + assert_equal ["can't be blank"], @id.errors[:destination] end - test "initial identity for a user" do - id = Identity.for(@user) - assert_equal @user.email_address, id.address - assert_equal @user.email_address, id.destination - assert_equal @user, id.user + test "disabled @identity requires no destination" do + @id = Identity.new address: @user.email_address + assert @id.valid? + end + + test "initial @identity for a user" do + @id = Identity.for(@user) + assert_equal @user.email_address, @id.address + assert_equal @user.email_address, @id.destination + assert_equal @user, @id.user end test "add alias" do - id = Identity.for @user, address: alias_name - assert_equal LocalEmail.new(alias_name), id.address - assert_equal @user.email_address, id.destination - assert_equal @user, id.user + @id = Identity.for @user, address: alias_name + assert_equal LocalEmail.new(alias_name), @id.address + assert_equal @user.email_address, @id.destination + assert_equal @user, @id.user end test "add forward" do - id = Identity.for @user, destination: forward_address - assert_equal @user.email_address, id.address - assert_equal Email.new(forward_address), id.destination - assert_equal @user, id.user + @id = Identity.for @user, destination: forward_address + assert_equal @user.email_address, @id.address + assert_equal Email.new(forward_address), @id.destination + assert_equal @user, @id.user end test "forward alias" do - id = Identity.for @user, address: alias_name, destination: forward_address - assert_equal LocalEmail.new(alias_name), id.address - assert_equal Email.new(forward_address), id.destination - assert_equal @user, id.user + @id = Identity.for @user, address: alias_name, destination: forward_address + assert_equal LocalEmail.new(alias_name), @id.address + assert_equal Email.new(forward_address), @id.destination + assert_equal @user, @id.user end test "prevents duplicates" do - id = Identity.create_for @user, address: alias_name, destination: forward_address + @id = Identity.create_for @user, address: alias_name, destination: forward_address dup = Identity.build_for @user, address: alias_name, destination: forward_address assert !dup.valid? assert_equal ["has already been taken"], dup.errors[:destination] - id.destroy end test "validates availability" do other_user = find_record :user - id = Identity.create_for @user, address: alias_name, destination: forward_address + @id = Identity.create_for @user, address: alias_name, destination: forward_address taken = Identity.build_for other_user, address: alias_name assert !taken.valid? assert_equal ["has already been taken"], taken.errors[:address] - id.destroy end test "setting and getting pgp key" do - id = Identity.for(@user) - id.set_key(:pgp, pgp_key_string) - assert_equal pgp_key_string, id.keys[:pgp] + @id = Identity.for(@user) + @id.set_key(:pgp, pgp_key_string) + assert_equal pgp_key_string, @id.keys[:pgp] end test "querying pgp key via couch" do - id = Identity.for(@user) - id.set_key(:pgp, pgp_key_string) - id.save - view = Identity.pgp_key_by_email.key(id.address) + @id = Identity.for(@user) + @id.set_key(:pgp, pgp_key_string) + @id.save + view = Identity.pgp_key_by_email.key(@id.address) assert_equal 1, view.rows.count assert result = view.rows.first - assert_equal id.address, result["key"] - assert_equal id.keys[:pgp], result["value"] - id.destroy + assert_equal @id.address, result["key"] + assert_equal @id.keys[:pgp], result["value"] end - test "fail to add non-local email address as identity address" do - id = Identity.for @user, address: forward_address - assert !id.valid? - assert_match /needs to end in/, id.errors[:address].first + test "fail to add non-local email address as @identity address" do + @id = Identity.for @user, address: forward_address + assert !@id.valid? + assert_match /needs to end in/, @id.errors[:address].first end test "alias must meet same conditions as login" do - id = Identity.create_for @user, address: alias_name.capitalize - assert !id.valid? + @id = Identity.create_for @user, address: alias_name.capitalize + assert !@id.valid? #hacky way to do this, but okay for now: - assert id.errors.messages.flatten(2).include? "Must begin with a lowercase letter" - assert id.errors.messages.flatten(2).include? "Only lowercase letters, digits, . - and _ allowed." + assert @id.errors.messages.flatten(2).include? "Must begin with a lowercase letter" + assert @id.errors.messages.flatten(2).include? "Only lowercase letters, digits, . - and _ allowed." end test "destination must be valid email address" do - id = Identity.create_for @user, address: @user.email_address, destination: 'ASKJDLFJD' - assert !id.valid? - assert id.errors.messages[:destination].include? "needs to be a valid email address" + @id = Identity.create_for @user, address: @user.email_address, destination: 'ASKJDLFJD' + assert !@id.valid? + assert @id.errors.messages[:destination].include? "needs to be a valid email address" end - test "disabled identity" do - id = Identity.for(@user) - id.disable - assert_equal @user.email_address, id.address - assert_equal nil, id.destination - assert_equal nil, id.user - assert !id.enabled? - assert id.valid? + test "disabled @identity" do + @id = Identity.for(@user) + @id.disable + assert_equal @user.email_address, @id.address + assert_equal nil, @id.destination + assert_equal nil, @id.user + assert !@id.enabled? + assert @id.valid? end - test "disabled identity blocks handle" do - id = Identity.for(@user) - id.disable - id.save + test "disabled @identity blocks handle" do + @id = Identity.for(@user) + @id.disable + @id.save other_user = find_record :user - taken = Identity.build_for other_user, address: id.address + taken = Identity.build_for other_user, address: @id.address assert !taken.valid? assert_equal ["has already been taken"], taken.errors[:address] - Identity.destroy_all_disabled end test "destroy all disabled identities" do - id = Identity.for(@user) - id.disable - id.save - assert Identity.count > 0 + @id = Identity.for(@user) + @id.disable + @id.save + assert Identity.disabled.count > 0 Identity.destroy_all_disabled assert_equal 0, Identity.disabled.count end + test "store cert fingerprint" do + @id = Identity.for(@user) + @id.register_cert cert_stub + entry = {cert_stub.fingerprint => cert_stub.expiry.to_date.to_s} + assert_equal entry, @id.cert_fingerprints + end + + test "query cert fingerprints by expiry" do + @id = Identity.for(@user) + @id.register_cert cert_stub + @id.save + row = Identity.cert_fingerprints_by_expiry.descending.rows.first + assert_equal row['key'], cert_stub.expiry.to_date.to_s + assert_equal row['value'], cert_stub.fingerprint + end + + test "query cert expiry for a cert fingerprint" do + @id = Identity.for(@user) + @id.register_cert cert_stub + @id.save + row = Identity.cert_expiry_by_fingerprint.key(cert_stub.fingerprint).rows.first + assert_equal row['key'], cert_stub.fingerprint + assert_equal row['value'], cert_stub.expiry.to_date.to_s + end + def alias_name @alias_name ||= Faker::Internet.user_name end @@ -147,4 +175,9 @@ class IdentityTest < ActiveSupport::TestCase def pgp_key_string @pgp_key ||= "DUMMY PGP KEY ... "+SecureRandom.base64(4096) end + + def cert_stub + @cert_stub ||= stub expiry: 1.month.from_now, + fingerprint: SecureRandom.hex + end end |