Skip to content
Extraits de code Groupes Projets
Vue normale Lien permanent
attack_vectors_spec.rb 5,13 ko
Newer Older
  • Learn to ignore specific revisions
    • Benjamin Neff's avatar
    rewrite attack vector specs using new federation
    Benjamin Neff a validé
    1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 
    #   Copyright (c) 2010-2011, Diaspora Inc.  This file is
#   licensed under the Affero General Public License version 3 or later.  See
#   the COPYRIGHT file.

require "spec_helper"
require "integration/federation/federation_helper"

describe "attack vectors", type: :request do
  before do
    allow_callbacks(%i(queue_public_receive queue_private_receive receive_entity fetch_related_entity fetch_public_key))
  end

  let(:eves_aspect) { eve.aspects.find_by_name("generic") }
  let(:alices_aspect) { alice.aspects.find_by_name("generic") }

  it "other users can not grant visiblity to another users posts by sending their friends post to themselves" do
    # setup: eve has a message. then, alice is connected to eve.
    # (meaning alice can not see the old post, but it exists in the DB)
    # bob takes eves message, changes the post author to himself
    # bob trys to send a message to alice

    original_message = eve.post(:status_message, text: "store this!", to: eves_aspect.id)
    original_message.diaspora_handle = bob.diaspora_handle

    alice.share_with(eve.person, alices_aspect)

    post_message(generate_xml(Diaspora::Federation::Entities.post(original_message), bob, alice), alice)

    # alice still should not see eves original post, even though bob sent it to her
    expect(alice.reload.visible_shareables(Post).where(guid: original_message.guid)).to be_blank
  end

  context "author does not match xml author" do
    it "should not overwrite another persons profile" do
      profile = eve.profile.clone
      profile.first_name = "Not BOB"

      post_message(generate_xml(Diaspora::Federation::Entities.profile(profile), alice, bob), bob)

      expect(eve.profile(true).first_name).not_to eq("Not BOB")
    end

    it "public post should not be spoofed from another author" do
      post = FactoryGirl.build(:status_message, public: true, author: eve.person)

      post_message(generate_xml(Diaspora::Federation::Entities.post(post), alice))

      expect(StatusMessage.exists?(guid: post.guid)).to be_falsey
    end

    it "should not receive retractions where the retractor and the salmon author do not match" do
      original_message = eve.post(:status_message, text: "store this!", to: eves_aspect.id)

      expect {
        post_message(generate_xml(Diaspora::Federation::Entities.retraction(original_message), alice, bob), bob)
      }.to_not change { bob.visible_shareables(Post).count(:all) }
    end

    it "should not receive contact retractions from another person" do
      # we are banking on bob being friends with alice and eve
      # here, alice is trying to disconnect bob and eve
      expect(bob.contacts(true).find_by(person_id: eve.person.id)).to be_sharing

      post_message(generate_xml(Diaspora::Federation::Entities.retraction(eve.person), alice, bob), bob)

      expect(bob.contacts(true).find_by(person_id: eve.person.id)).to be_sharing
    end
  end

  it "does not save a message over an old message with a different author" do
    # setup:  A user has a message with a given guid and author
    original_message = eve.post(:status_message, text: "store this!", to: eves_aspect.id)

    # someone else tries to make a message with the same guid
    malicious_message = FactoryGirl.build(
      :status_message,
      id:     original_message.id,
      guid:   original_message.guid,
      author: alice.person
    )

    post_message(generate_xml(Diaspora::Federation::Entities.post(malicious_message), alice, bob), bob)

    expect(original_message.reload.author_id).to eq(eve.person.id)
  end

  it "does not save a message over an old message with the same author" do
    # setup:
    # I have a legit message from eve
    original_message = eve.post(:status_message, text: "store this!", to: eves_aspect.id)

    # eve tries to send me another message with the same ID
    malicious_message = FactoryGirl.build(:status_message, id: original_message.id, text: "BAD!!!", author: eve.person)

    post_message(generate_xml(Diaspora::Federation::Entities.post(malicious_message), eve, bob), bob)

    expect(original_message.reload.text).to eq("store this!")
  end

  it "ignores retractions on a post not owned by the retraction's sender" do
    original_message = eve.post(:status_message, text: "store this!", to: eves_aspect.id)

    retraction = DiasporaFederation::Entities::Retraction.new(
      target_guid: original_message.guid,
      target_type: original_message.class.to_s,
      target:      Diaspora::Federation::Entities.related_entity(original_message),
      author:      alice.person.diaspora_handle
    )

    expect {
      post_message(generate_xml(retraction, alice, bob), bob)
    }.to_not change(StatusMessage, :count)
  end

  it "does not let another user update other persons post" do
    original_message = eve.post(:photo, user_file: uploaded_photo, text: "store this!", to: eves_aspect.id)

    new_message = original_message.dup
    new_message.diaspora_handle = alice.diaspora_handle
    new_message.text = "bad bad bad"
    new_message.height = 23
    new_message.width = 42

    post_message(generate_xml(Diaspora::Federation::Entities.photo(new_message), alice, bob), bob)

    expect(original_message.reload.text).to eq("store this!")
  end
end