package dehub import ( "dehub/sigcred" "reflect" "strings" "testing" "github.com/davecgh/go-spew/spew" "gopkg.in/src-d/go-git.v4" "gopkg.in/src-d/go-git.v4/plumbing" yaml "gopkg.in/yaml.v2" ) func TestChangeCommitVerify(t *testing.T) { type step struct { msg string msgHead string // defaults to msg tree map[string]string } testCases := []struct { descr string steps []step }{ { descr: "single commit", steps: []step{ { msg: "first commit", tree: map[string]string{"a": "0", "b": "1"}, }, }, }, { descr: "multiple commits", steps: []step{ { msg: "first commit", tree: map[string]string{"a": "0", "b": "1"}, }, { msg: "second commit, changing a", tree: map[string]string{"a": "1"}, }, { msg: "third commit, empty", }, { msg: "fourth commit, adding c, removing b", tree: map[string]string{"b": "", "c": "2"}, }, }, }, { descr: "big body commits", steps: []step{ { msg: "first commit, single line but with newline\n", }, { msg: "second commit, single line but with two newlines\n\n", msgHead: "second commit, single line but with two newlines\n\n", }, { msg: "third commit, multi-line with one newline\nanother line!", msgHead: "third commit, multi-line with one newline\n\n", }, { msg: "fourth commit, multi-line with two newlines\n\nanother line!", msgHead: "fourth commit, multi-line with two newlines\n\n", }, }, }, } for _, test := range testCases { t.Run(test.descr, func(t *testing.T) { h := newHarness(t) for _, step := range test.steps { h.stage(step.tree) account := h.cfg.Accounts[0] changeCommit, hash := h.changeCommit(step.msg, account.ID, h.sig) if err := h.repo.VerifyChangeCommit(TrunkRefName, hash); err != nil { t.Fatalf("could not verify hash %v: %v", hash, err) } commit, err := h.repo.GitRepo.CommitObject(hash) if err != nil { t.Fatalf("failed to retrieve commit %v: %v", hash, err) } else if step.msgHead == "" { step.msgHead = strings.TrimSpace(step.msg) + "\n\n" } if !strings.HasPrefix(commit.Message, step.msgHead) { t.Fatalf("commit message %q does not start with expected head %q", commit.Message, step.msgHead) } var actualChangeCommit ChangeCommit if err := actualChangeCommit.UnmarshalText([]byte(commit.Message)); err != nil { t.Fatalf("error unmarshaling commit body: %v", err) } else if !reflect.DeepEqual(actualChangeCommit, changeCommit) { t.Fatalf("returned change commit:\n%s\ndoes not match actual one:\n%s", spew.Sdump(changeCommit), spew.Sdump(actualChangeCommit)) } } }) } } func TestConfigChange(t *testing.T) { h := newHarness(t) var hashes []plumbing.Hash // commit the initial staged changes, which merely include the config and // public key _, hash := h.changeCommit("commit configuration", h.cfg.Accounts[0].ID, h.sig) hashes = append(hashes, hash) // create a new account and add it to the configuration. That commit should // not be verifiable, though newSig, newPubKeyBody := sigcred.SignifierPGPTmp(h.rand) h.cfg.Accounts = append(h.cfg.Accounts, Account{ ID: "toot", Signifiers: []sigcred.Signifier{{PGPPublicKey: &sigcred.SignifierPGP{ Body: string(newPubKeyBody), }}}, }) h.cfg.AccessControls[0].ChangeAccessControls[0].Condition.Signature.AccountIDs = []string{"root", "toot"} h.cfg.AccessControls[0].ChangeAccessControls[0].Condition.Signature.Count = "1" cfgBody, err := yaml.Marshal(h.cfg) if err != nil { t.Fatal(err) } h.stage(map[string]string{ConfigPath: string(cfgBody)}) _, badHash := h.changeCommit("add toot user", h.cfg.Accounts[1].ID, newSig) if err := h.repo.VerifyChangeCommit(TrunkRefName, badHash); err == nil { t.Fatal("toot user shouldn't be able to add itself to config") } h.reset(hash, git.HardReset) // now add with the root user, this should work. h.stage(map[string]string{ConfigPath: string(cfgBody)}) _, hash = h.changeCommit("add toot user", h.cfg.Accounts[0].ID, h.sig) hashes = append(hashes, hash) // _now_ the toot user should be able to do things. h.stage(map[string]string{"foo/bar": "what a cool file"}) _, hash = h.changeCommit("add a cool file", h.cfg.Accounts[1].ID, newSig) hashes = append(hashes, hash) for i, hash := range hashes { if err := h.repo.VerifyChangeCommit(TrunkRefName, hash); err != nil { t.Fatalf("commit %d (%v) should have been verified but wasn't: %v", i, hash, err) } } }