diff --git a/app/models/retraction.rb b/app/models/retraction.rb
index b096be75db963b363b0417c8e2280e35c9208b5f..9a07de141871993c7a85783137918b001d25480d 100644
--- a/app/models/retraction.rb
+++ b/app/models/retraction.rb
@@ -20,15 +20,23 @@ class Retraction
attr_accessor :type
def perform
- return unless verify_signature(@creator_signature, Post.first(:id => post_id).person)
-
begin
+ return unless signature_valid?
self.type.constantize.destroy(self.post_id)
rescue NameError
Rails.logger.info("Retraction for unknown type recieved.")
end
end
+ def signature_valid?
+ target = self.type.constantize.first(:id => self.post_id)
+ if target.is_a? Person
+ verify_signature(@creator_signature, self.type.constantize.first(:id => self.post_id))
+ else
+ verify_signature(@creator_signature, self.type.constantize.first(:id => self.post_id).person)
+ end
+ end
+
def self.person_id_from(object)
if object.is_a? Person
object.id
diff --git a/app/models/user.rb b/app/models/user.rb
index 780bdd802379a9bb2d8fa5a81e6d453b40f44b69..730b2a0c87889325716f0ffa762440c694655a87 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -128,10 +128,7 @@ class User < Person
end
def generate_key
- puts "Generating key"
-
OpenSSL::PKey::RSA::generate 1024
-
end
end
diff --git a/spec/factories.rb b/spec/factories.rb
index 4c19237e4a78451874d96fd1b704c088c556b5f4..bd098ec7c5f9ec3797f8fe500f880eaa1cbe436f 100644
--- a/spec/factories.rb
+++ b/spec/factories.rb
@@ -12,16 +12,20 @@ Factory.define :person do |p|
p.email "bob-person@aol.com"
p.active true
p.sequence(:url) {|n|"http://google-#{n}.com/"}
- p.key OpenSSL::PKey::RSA.new(OpenSSL::PKey::RSA.generate(1024).public_key)
+ p.serialized_key OpenSSL::PKey::RSA.generate(1024).public_key.export
p.profile Profile.new( :first_name => "Robert", :last_name => "Grimm" )
end
+Factory.define :person_with_private_key, :parent => :person do |p|
+ p.serialized_key OpenSSL::PKey::RSA.generate(1024).export
+end
+
Factory.define :user do |u|
u.sequence(:email) {|n| "bob#{n}@aol.com"}
u.password "bluepin7"
u.password_confirmation "bluepin7"
u.url "www.example.com/"
- u.key OpenSSL::PKey::RSA::generate 1024
+ u.serialized_key OpenSSL::PKey::RSA::generate(1024).export
u.profile Profile.new( :first_name => "Bob", :last_name => "Smith" )
end
Factory.define :status_message do |m|
diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb
index 7194908bb1e09ca77c7143f8bd9a39d9c430ef49..9eba3000c0b762a42dacd51f26ca4373d115261b 100644
--- a/spec/spec_helper.rb
+++ b/spec/spec_helper.rb
@@ -52,11 +52,12 @@ end
post_models.each{ | model|
model.any_instance.stubs(:verify_creator_signature).returns(true)
+ model.any_instance.stubs(:verify_signature).returns(true)
}
+ Retraction.any_instance.stubs(:verify_signature).returns(true)
+ Request.any_instance.stubs(:verify_signature).returns(true)
Comment.any_instance.stubs(:verify_post_creator_signature).returns(true)
- Person.any_instance.stubs(:remove_key).returns(true)
- User.any_instance.stubs(:remove_key).returns(true)
end
def unstub_mocha_stubs
diff --git a/spec/user_encryption_spec.rb b/spec/user_encryption_spec.rb
index 1502565f0280725754cee8771fc0d5c330d5264d..729920af265efb745a4d35be9c33ed4eb15252a6 100644
--- a/spec/user_encryption_spec.rb
+++ b/spec/user_encryption_spec.rb
@@ -12,16 +12,13 @@ describe 'user encryption' do
before do
unstub_mocha_stubs
@user = Factory.create(:user)
- @user.send(:assign_key)
@user.save
- @person = Factory.create(:person,
- :key_fingerprint => GPGME.list_keys("Remote Friend").first.subkeys.first.fpr,
+ @person = Factory.create(:person_with_private_key,
:profile => Profile.new(:first_name => 'Remote',
:last_name => 'Friend'),
:email => 'somewhere@else.com',
:url => 'http://distant-example.com/')
- @person2 = Factory.create(:person,
- :key_fingerprint => GPGME.list_keys("Second Friend").first.subkeys.first.fpr,
+ @person2 = Factory.create(:person_with_private_key,
:profile => Profile.new(:first_name => 'Second',
:last_name => 'Friend'),
:email => 'elsewhere@else.com',
@@ -35,26 +32,9 @@ describe 'user encryption' do
#keys = ctx.keys
#keys.each{|k| ctx.delete_key(k, true)}
end
-
- it 'should remove the key from the keyring on person destroy' do
- person = Factory.create :person
- keyid = person.key_fingerprint
- original_key = person.export_key
- GPGME.list_keys(keyid).count.should be 1
- person.destroy
- GPGME.list_keys(keyid).count.should be 0
- GPGME.import(original_key)
- GPGME.list_keys(keyid).count.should be 1
+ it 'should have a key' do
+ @user.key.should_not be nil
end
-
- it 'should have a key fingerprint' do
- @user.key_fingerprint.should_not be nil
- end
-
- it 'should retrieve a user key' do
- @user.key.subkeys[0].fpr.should == @user.key_fingerprint
- end
-
describe 'key exchange on friending' do
it 'should send over a public key' do
Comment.send(:class_variable_get, :@@queue).stub!(:add_post_request)
@@ -64,9 +44,8 @@ describe 'user encryption' do
it 'should receive and marshal a public key from a request' do
person = Factory.build(:person, :url => "http://test.url/" )
- person.key_fingerprint.nil?.should== false
+ person.key.nil?.should== false
#should move this to friend request, but i found it here
- f = person.key_fingerprint
id = person.id
original_key = person.export_key
@@ -78,9 +57,7 @@ describe 'user encryption' do
store_objects_from_xml(xml)
Person.all.count.should == personcount + 1
new_person = Person.first(:url => "http://test.url/")
- new_person.key_fingerprint.nil?.should == false
new_person.id.should == id
- new_person.key_fingerprint.should == f
new_person.export_key.should == original_key
end
end
@@ -93,10 +70,10 @@ describe 'user encryption' do
end
it 'should not be able to verify a message from a person without a key' do
- person = Factory.create(:person, :key_fingerprint => "123")
+ person = Factory.create(:person, :serialized_key => "lskdfhdlfjnh;klsf")
message = Factory.build(:status_message, :person => person)
message.save(:validate => false)
- message.verify_creator_signature.should be false
+ lambda {message.verify_creator_signature.should be false}.should raise_error
end
it 'should verify a remote signature' do