Implement integration tests for the federation messages receive feature #6539
Conversation
| @@ -0,0 +1,93 @@ | |||
| require 'spec_helper' | |||
There was a problem hiding this comment.
Prefer double-quoted strings unless you need single quotes to avoid extra backslashes for escaping.
cmrd-senya
force-pushed
the
receive-tests
branch
from
db14168
to
b175543
Compare
|
This new version of the patch utilizes the latest changes in the diaspora_federation gem and does an integration test on comments receive. More tests to come. |
cmrd-senya
force-pushed
the
receive-tests
branch
from
b175543
to
d557f95
Compare
|
@jhass, this contains fix to the security issue with signatures we discovered before. I put it here, because here I test it using the integration tests. I propose to merge it all together, what do you think? There is to major things to do, before we can merge it:
factories.rb here merged from the diaspora_federation gem and has some changes. I think it is bad idea to duplicate code, so it would be nice if we could managed to reuse it somehow. Maybe we can ship this factory definitions with the diaspora_federation gem? What do you think, @SuperTux88? |
| @@ -61,5 +35,26 @@ | |||
|
|
|||
| person_entity.save! | |||
| end | |||
|
|
|||
| on :fetch_private_key_by_id do |diaspora_id| | |||
| Person.find_by(diaspora_handle: diaspora_id).owner.encryption_key | |||
There was a problem hiding this comment.
We shouldn't need to allocate AR objects here, the right combination of pluck and joins should do it.
| Workers::ReceiveEncryptedSalmon.new.perform(@user.id, generate_xml(entity, @remote_user, @user)) | ||
|
|
||
| expect(@user.contacts.count).to eq(2) | ||
| new_contact = @user.contacts.last |
There was a problem hiding this comment.
Not guaranteed to be stable, add an order clause.
| Workers::ReceiveEncryptedSalmon.new.perform(user.id, generate_xml(entity, remote_user, user)) | ||
| received_entity = klass.find_by(guid: entity.guid) | ||
| expect(received_entity).not_to be_nil | ||
| expect(received_entity.author.diaspora_handle).to eq(remote_user.person.diaspora_handle) |
There was a problem hiding this comment.
@jhass, do I need to avoid AR object here?
There was a problem hiding this comment.
I'd say it's okay if you access multiple properties. It's more critical in non test code anyway.
cmrd-senya
force-pushed
the
receive-tests
branch
from
088a203
to
6df73df
Compare
|
I'm kinda finished, it's left to make a release of the diaspora_federation. It covers only a few cases of federation receive, but I think it's better to merge it and then add more tests in further commits, so we don't stay with the opened vulnerability. |
|
|
||
| on :post_author_is_local? do |guid| | ||
| id_array = Post.where(guid: guid).joins(:author).pluck(:owner_id) | ||
| !id_array.first.nil? unless id_array.empty? |
There was a problem hiding this comment.
Wouldn't something like Post.joins(:author).where(guid: guid).not(owner_id: nil).exists? work?
There was a problem hiding this comment.
Look at the spec. There is three different cases, and I made it to return nil if guid is not found. With what you offered it would be false in that case, which isn't true strictly.
There was a problem hiding this comment.
Then this shouldn't be a predicate (foo?), they should only return true or false, but rather post_author_type with the possible outcomes :post_not_found, :local, :remote and theoretically :author_not_found. The third possibility would be to raise in the post not found case.
I think I do prefer to consider the post not found case false.
There was a problem hiding this comment.
Ok, that would be simpler then.
cmrd-senya
force-pushed
the
receive-tests
branch
from
6df73df
to
27d9c67
Compare
|
I realized that some of situations tested here are artificial (e.g. here). In real life, it's not possible, or just doesn't make sense, that sender makes right signature for Salmon and then fails to make a signature for the payload using the same key. Thus, I'll rewrite tests in consideration that we only test situations where the both signatures (Salmon and in-payload, like in relayables) are correct or both signatures are wrong. |
|
Also consider the situation of a malicious user and pod owner ;) |
|
Sure, it is considered, it is the only reason why we need signatures at ATM we have a situation where entity in payload, for example comment The fun is that the only case when a signature in the entity is in fact I guess that there maybe was some idea behind it, like they wanted, for |
cmrd-senya
force-pushed
the
receive-tests
branch
from
27d9c67
to
e16694f
Compare
|
Please, review. |
These are some initial tests, more to come. It tests some features of Request, StatusMessage, Comment, Like, Participation, Retraction, SignedRetraction, RelayableRetraction entities receive process.
cmrd-senya
force-pushed
the
receive-tests
branch
from
e16694f
to
17f36b4
Compare
cmrd-senya
changed the title
|
diaspora_federation 0.0.9 is released, I guess this one is therefore ready. |
…ownstream receive of a federated relayable entity, allowing to forge relayables if you are an owner of the pod where a parent object is stored.
cmrd-senya
force-pushed
the
receive-tests
branch
from
17f36b4
to
b066bd1
Compare
|
Wow, cool! |
This is some initial tests, more to come.
refs #5114 #6479