improve gpg key validation

when omitting the end part of the key ('-----END PGP PUBLIC KEY BLOCK-----') the error message was not about the key anymore, but about the missing fingerprint and primary_keyid, which was confusing for the user. the new validation checks that the end also matches the expected format.
author: Alexis Reigel <mail@koffeinfrei.org> 2017-07-26 15:47:00 +0200
committer: Alexis Reigel <mail@koffeinfrei.org> 2017-07-27 15:46:04 +0200
commit: f1ccecc9979e3091e7cf54f98508f6bc7c01a7f5 (patch)
tree: 783fc914089c4dc032e1d2b9722598197ce14e4e /app/models/gpg_key.rb
parent: 9488b7780edc57193cd1c51888478538ddc94e51 (diff)
download: gitlab-ce-f1ccecc9979e3091e7cf54f98508f6bc7c01a7f5.tar.gz
1 files changed, 3 insertions, 2 deletions
diff --git a/app/models/gpg_key.rb b/app/models/gpg_key.rb
index 535b40472b0..3df60ddc950 100644
--- a/app/models/gpg_key.rb
+++ b/app/models/gpg_key.rb
@@ -1,5 +1,6 @@
 class GpgKey < ActiveRecord::Base
   KEY_PREFIX = '-----BEGIN PGP PUBLIC KEY BLOCK-----'.freeze
+  KEY_SUFFIX = '-----END PGP PUBLIC KEY BLOCK-----'.freeze
 
   include ShaAttribute
 
@@ -15,8 +16,8 @@ class GpgKey < ActiveRecord::Base
     presence: true,
     uniqueness: true,
     format: {
-      with: /\A#{KEY_PREFIX}((?!#{KEY_PREFIX}).)+\Z/m,
-      message: "is invalid. A valid public GPG key begins with '#{KEY_PREFIX}'"
+      with: /\A#{KEY_PREFIX}((?!#{KEY_PREFIX})(?!#{KEY_SUFFIX}).)+#{KEY_SUFFIX}\Z/m,
+      message: "is invalid. A valid public GPG key begins with '#{KEY_PREFIX}' and ends with '#{KEY_SUFFIX}'"
     }
 
   validates :fingerprint,
author	Alexis Reigel <mail@koffeinfrei.org>	2017-07-26 15:47:00 +0200
committer	Alexis Reigel <mail@koffeinfrei.org>	2017-07-27 15:46:04 +0200
commit	f1ccecc9979e3091e7cf54f98508f6bc7c01a7f5 (patch)
tree	783fc914089c4dc032e1d2b9722598197ce14e4e /app/models/gpg_key.rb
parent	9488b7780edc57193cd1c51888478538ddc94e51 (diff)
download	gitlab-ce-f1ccecc9979e3091e7cf54f98508f6bc7c01a7f5.tar.gz