diff options
| author | Tim Bishop <tim@bishnet.net> | 2017-09-19 18:57:01 +0100 |
|---|---|---|
| committer | Tim Bishop <tim@bishnet.net> | 2017-09-29 20:30:58 +0100 |
| commit | a212391f0fc5e2d021ade4c0219c079e0832e18e (patch) | |
| tree | a13897d47bd69cb0e157c063d59d2c21d52e3399 | |
| parent | 171714c9231deb95136088ba1c0621379467de39 (diff) | |
| download | gitlab-ce-a212391f0fc5e2d021ade4c0219c079e0832e18e.tar.gz | |
Make GPG validation case insensitive.
In line with other changes in GitLab, make email address validation
properly case insensitive. The email address in the commit may be in
any case, so it needs downcasing to match the address stored in GitLab
for the user. Without this change the comparison fails and commits are
not marked as verified.
See #37009.
| -rw-r--r-- | app/models/gpg_key.rb | 2 | ||||
| -rw-r--r-- | changelogs/unreleased/fix-gpg-case-insensitive.yml | 5 | ||||
| -rw-r--r-- | spec/models/gpg_key_spec.rb | 8 |
3 files changed, 14 insertions, 1 deletions
diff --git a/app/models/gpg_key.rb b/app/models/gpg_key.rb index 44deae4234b..54bd5b68777 100644 --- a/app/models/gpg_key.rb +++ b/app/models/gpg_key.rb @@ -73,7 +73,7 @@ class GpgKey < ActiveRecord::Base end def verified_and_belongs_to_email?(email) - emails_with_verified_status.fetch(email, false) + emails_with_verified_status.fetch(email.downcase, false) end def update_invalid_gpg_signatures diff --git a/changelogs/unreleased/fix-gpg-case-insensitive.yml b/changelogs/unreleased/fix-gpg-case-insensitive.yml new file mode 100644 index 00000000000..744ec00a4a8 --- /dev/null +++ b/changelogs/unreleased/fix-gpg-case-insensitive.yml @@ -0,0 +1,5 @@ +--- +title: Compare email addresses case insensitively when verifying GPG signatures +merge_request: 14376 +author: Tim Bishop +type: fixed diff --git a/spec/models/gpg_key_spec.rb b/spec/models/gpg_key_spec.rb index fadc8bfeb61..4a4d079b721 100644 --- a/spec/models/gpg_key_spec.rb +++ b/spec/models/gpg_key_spec.rb @@ -138,6 +138,14 @@ describe GpgKey do expect(gpg_key.verified?).to be_truthy expect(gpg_key.verified_and_belongs_to_email?('bette.cartwright@example.com')).to be_truthy end + + it 'returns true if one of the email addresses in the key belongs to the user and case-insensitively matches the provided email' do + user = create :user, email: 'bette.cartwright@example.com' + gpg_key = create :gpg_key, key: GpgHelpers::User2.public_key, user: user + + expect(gpg_key.verified?).to be_truthy + expect(gpg_key.verified_and_belongs_to_email?('Bette.Cartwright@example.com')).to be_truthy + end end describe '#revoke' do |