gpg signature is only valid when key is verified

1 files changed, 16 insertions, 0 deletions

diff --git a/spec/models/gpg_key_spec.rb b/spec/models/gpg_key_spec.rb
index ac446fca819..3cb1723cc12 100644
--- a/spec/models/gpg_key_spec.rb
+++ b/spec/models/gpg_key_spec.rb
@@ -65,6 +65,22 @@ describe GpgKey do
     end
   end
 
+  describe '#verified?' do
+    it 'returns true one of the email addresses in the key belongs to the user' do
+      user = create :user, email: 'bette.cartwright@example.com'
+      gpg_key = create :gpg_key, key: GpgHelpers::User2.public_key, user: user
+
+      expect(gpg_key.verified?).to be_truthy
+    end
+
+    it 'returns false if one of the email addresses in the key does not belong to the user' do
+      user = create :user, email: 'someone.else@example.com'
+      gpg_key = create :gpg_key, key: GpgHelpers::User2.public_key, user: user
+
+      expect(gpg_key.verified?).to be_falsey
+    end
+  end
+
   describe 'notification' do
     include EmailHelpers