fixed comments, did I break request url?

93e900b9 · Raphael · 8d00063b · 93e900b9 · 93e900b9 · 93e900b9
--- a/app/models/comment.rb
+++ b/app/models/comment.rb
@@ -52,6 +52,7 @@ class Comment

  def verify_post_creator_signature
    unless person == User.owner
+      puts "verifying post creator sig from #{post.person.real_name}"
      verify_signature(post_creator_signature, post.person)
    else
      true

--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -56,7 +56,6 @@ class User < Person
  end

  def receive_friend_request(friend_request)
-    puts friend_request.inspect
    Rails.logger.info("receiving friend request #{friend_request.to_json}")
    GPGME.import(friend_request.exported_key)
    if Request.where(:callback_url => friend_request.callback_url).first

--- a/lib/encryptable.rb
+++ b/lib/encryptable.rb
@@ -9,10 +9,10 @@
    def verify_signature(signature, person)
      return false unless signature && person.key_fingerprint
      validity = nil
-      GPGME::verify(creator_signature, signable_string, 
-        {:armor => true, :always_trust => true}){ |signature|
-        validity =  signature.status == GPGME::GPG_ERR_NO_ERROR &&
-            signature.fpr == person.key_fingerprint
+      GPGME::verify(signature, signable_string, 
+        {:armor => true, :always_trust => true}){ |sig|
+        validity =  sig.status == GPGME::GPG_ERR_NO_ERROR &&
+            sig.fpr == person.key_fingerprint
      }
      return validity
    end
@@ -25,8 +25,12 @@
    end

    def sign
+      sign_with_key(User.owner.key)
+    end
+
+    def sign_with_key(key)
      GPGME::sign(signable_string,nil,
-          {:armor=> true, :mode => GPGME::SIG_MODE_DETACH, :signers => [User.owner.key]})
+          {:armor=> true, :mode => GPGME::SIG_MODE_DETACH, :signers => [key]})
    end
  end

--- a/spec/user_encryption_spec.rb
+++ b/spec/user_encryption_spec.rb
@@ -100,8 +100,7 @@ describe 'user encryption' do
    
    it 'should verify a remote signature' do 
      message = Factory.build(:status_message, :person => @person)
-      message.creator_signature = GPGME.sign(message.signable_string, nil,
-        {:mode => GPGME::SIG_MODE_DETACH, :armor => true, :signers => [@person.key]})
+      message.creator_signature = message.send(:sign_with_key,@person.key)
      message.save(:validate => false)
      message.verify_creator_signature.should be true
    end
@@ -109,16 +108,14 @@ describe 'user encryption' do
    it 'should know if the signature is from the wrong person' do
      message = Factory.build(:status_message, :person => @person)
      message.save(:validate => false)
-      message.creator_signature = GPGME.sign(message.signable_string, nil,
-        {:mode => GPGME::SIG_MODE_DETACH, :armor => true, :signers => [@person.key]})
+      message.creator_signature = message.send(:sign_with_key,@person.key)
      message.person = @user
      message.verify_creator_signature.should be false
    end
   
    it 'should know if the signature is for the wrong text' do
      message = Factory.build(:status_message, :person => @person)
-      message.creator_signature = GPGME.sign(message.signable_string, nil,
-        {:mode => GPGME::SIG_MODE_DETACH, :armor => true, :signers => [@person.key]})
+      message.creator_signature = message.send(:sign_with_key,@person.key)
      message.message = 'I love VENISON'
      message.save(:validate => false)
      message.verify_creator_signature.should be false
@@ -133,8 +130,7 @@ describe 'user encryption' do
    end
    it 'A message with an invalid signature should be rejected' do
      message = Factory.build(:status_message, :person => @person)
-      message.creator_signature = GPGME.sign(message.signable_string, nil,
-        {:mode => GPGME::SIG_MODE_DETACH, :armor => true, :signers => [@user.key]})
+      message.creator_signature = message.send(:sign )
      message.save
      xml = Post.build_xml_for([message])
      message.destroy
@@ -147,10 +143,9 @@ describe 'user encryption' do
  describe 'comments' do
    before do
      @remote_message = Factory.build(:status_message, :person => @person)
-      @remote_message.creator_signature = GPGME.sign(@remote_message.signable_string, nil,
-        {:mode => GPGME::SIG_MODE_DETACH, :armor => true, :signers => [@person.key]})
+      @remote_message.creator_signature = @remote_message.send(:sign_with_key,@person.key)
      @remote_message.save 
-
+      @message = Factory.create(:status_message, :person => @user)
    end
    it 'should attach the creator signature if the user is commenting' do
      @user.comment "Yeah, it was great", :on => @remote_message
@@ -160,29 +155,32 @@ describe 'user encryption' do
    it 'should sign the comment if the user is the post creator' do
      message = Factory.create(:status_message, :person => @user)
      @user.comment "Yeah, it was great", :on => message
-      StatusMessage.first.comments.first.verify_creator_signature.should be true
+      message.comments.first.verify_creator_signature.should be true
      StatusMessage.first.comments.first.verify_post_creator_signature.should be true
    end
    
    it 'should verify a comment made on a remote post by a different friend' do
      comment = Comment.new(:person => @person2, :text => "balls", :post => @remote_message)
-      comment.creator_signature = GPGME.sign(comment.signable_string, nil,
-        {:mode => GPGME::SIG_MODE_DETACH, :armor => true, :signers => [@person2.key]})
+      comment.creator_signature = comment.send(:sign_with_key,@person2.key)
      comment.verify_creator_signature.should be true
-
+      comment.valid?.should be false
+      comment.post_creator_signature = comment.send(:sign_with_key,@person.key)
+      comment.verify_post_creator_signature.should be true
+      comment.valid?.should be true
    end

    it 'should reject comments on a remote post with only a creator sig' do
        comment = Comment.new(:person => @person2, :text => "balls", :post => @remote_message)
-        comment.creator_signature = GPGME.sign(comment.signable_string, nil,
-          {:mode => GPGME::SIG_MODE_DETACH, :armor => true, :signers => [@person2.key]})
+        comment.creator_signature = comment.send(:sign_with_key,@person2.key)
        comment.verify_creator_signature.should be true
        comment.verify_post_creator_signature.should be false
        comment.save.should be false
    end

    it 'should receive remote comments on a user post with a creator sig' do
-      
+        comment = Comment.new(:person => @person2, :text => "balls", :post => @message)
+        comment.creator_signature = comment.send(:sign_with_key,@person2.key)
+        comment.save.should be true
    end

  end