Mercurial > hg > soundsoftware-site

annotate test/unit/lib/redmine/ciphering_test.rb @ 1472:f0b798dad2d6 feature_526

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Close obsolete branch feature_526
author Chris Cannam
date Tue, 20 Nov 2012 19:45:51 +0000
parents cbb26bc654de
children 433d4f72a19b
rev   line source
Chris@245 1 # Redmine - project management software
Chris@245 2 # Copyright (C) 2006-2011 Jean-Philippe Lang
Chris@245 3 #
Chris@245 4 # This program is free software; you can redistribute it and/or
Chris@245 5 # modify it under the terms of the GNU General Public License
Chris@245 6 # as published by the Free Software Foundation; either version 2
Chris@245 7 # of the License, or (at your option) any later version.
Chris@909 8 #
Chris@245 9 # This program is distributed in the hope that it will be useful,
Chris@245 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
Chris@245 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
Chris@245 12 # GNU General Public License for more details.
Chris@909 13 #
Chris@245 14 # You should have received a copy of the GNU General Public License
Chris@245 15 # along with this program; if not, write to the Free Software
Chris@245 16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
Chris@245 17
Chris@245 18 require File.expand_path('../../../../test_helper', __FILE__)
Chris@245 19
Chris@245 20 class Redmine::CipheringTest < ActiveSupport::TestCase
Chris@909 21
Chris@245 22 def test_password_should_be_encrypted
Chris@245 23 Redmine::Configuration.with 'database_cipher_key' => 'secret' do
Chris@245 24 r = Repository::Subversion.generate!(:password => 'foo')
Chris@245 25 assert_equal 'foo', r.password
Chris@245 26 assert r.read_attribute(:password).match(/\Aaes-256-cbc:.+\Z/)
Chris@245 27 end
Chris@245 28 end
Chris@909 29
Chris@245 30 def test_password_should_be_clear_with_blank_key
Chris@245 31 Redmine::Configuration.with 'database_cipher_key' => '' do
Chris@245 32 r = Repository::Subversion.generate!(:password => 'foo')
Chris@245 33 assert_equal 'foo', r.password
Chris@245 34 assert_equal 'foo', r.read_attribute(:password)
Chris@245 35 end
Chris@245 36 end
Chris@909 37
Chris@245 38 def test_password_should_be_clear_with_nil_key
Chris@245 39 Redmine::Configuration.with 'database_cipher_key' => nil do
Chris@245 40 r = Repository::Subversion.generate!(:password => 'foo')
Chris@245 41 assert_equal 'foo', r.password
Chris@245 42 assert_equal 'foo', r.read_attribute(:password)
Chris@245 43 end
Chris@245 44 end
Chris@909 45
Chris@909 46 def test_blank_password_should_be_clear
Chris@909 47 Redmine::Configuration.with 'database_cipher_key' => 'secret' do
Chris@909 48 r = Repository::Subversion.generate!(:password => '')
Chris@909 49 assert_equal '', r.password
Chris@909 50 assert_equal '', r.read_attribute(:password)
Chris@909 51 end
Chris@909 52 end
Chris@909 53
Chris@245 54 def test_unciphered_password_should_be_readable
Chris@245 55 Redmine::Configuration.with 'database_cipher_key' => nil do
Chris@245 56 r = Repository::Subversion.generate!(:password => 'clear')
Chris@245 57 end
Chris@909 58
Chris@245 59 Redmine::Configuration.with 'database_cipher_key' => 'secret' do
Chris@245 60 r = Repository.first(:order => 'id DESC')
Chris@245 61 assert_equal 'clear', r.password
Chris@245 62 end
Chris@245 63 end
Chris@245 64
Chris@909 65 def test_ciphered_password_with_no_cipher_key_configured_should_be_returned_ciphered
Chris@909 66 Redmine::Configuration.with 'database_cipher_key' => 'secret' do
Chris@909 67 r = Repository::Subversion.generate!(:password => 'clear')
Chris@909 68 end
Chris@909 69
Chris@909 70 Redmine::Configuration.with 'database_cipher_key' => '' do
Chris@909 71 r = Repository.first(:order => 'id DESC')
Chris@909 72 # password can not be deciphered
Chris@909 73 assert_nothing_raised do
Chris@909 74 assert r.password.match(/\Aaes-256-cbc:.+\Z/)
Chris@909 75 end
Chris@909 76 end
Chris@909 77 end
Chris@909 78
Chris@245 79 def test_encrypt_all
Chris@245 80 Repository.delete_all
Chris@245 81 Redmine::Configuration.with 'database_cipher_key' => nil do
Chris@245 82 Repository::Subversion.generate!(:password => 'foo')
Chris@245 83 Repository::Subversion.generate!(:password => 'bar')
Chris@245 84 end
Chris@909 85
Chris@245 86 Redmine::Configuration.with 'database_cipher_key' => 'secret' do
Chris@245 87 assert Repository.encrypt_all(:password)
Chris@245 88 r = Repository.first(:order => 'id DESC')
Chris@245 89 assert_equal 'bar', r.password
Chris@245 90 assert r.read_attribute(:password).match(/\Aaes-256-cbc:.+\Z/)
Chris@245 91 end
Chris@245 92 end
Chris@909 93
Chris@245 94 def test_decrypt_all
Chris@245 95 Repository.delete_all
Chris@245 96 Redmine::Configuration.with 'database_cipher_key' => 'secret' do
Chris@245 97 Repository::Subversion.generate!(:password => 'foo')
Chris@245 98 Repository::Subversion.generate!(:password => 'bar')
Chris@909 99
Chris@245 100 assert Repository.decrypt_all(:password)
Chris@245 101 r = Repository.first(:order => 'id DESC')
Chris@245 102 assert_equal 'bar', r.password
Chris@245 103 assert_equal 'bar', r.read_attribute(:password)
Chris@245 104 end
Chris@245 105 end
Chris@245 106 end