Mercurial > hg > soundsoftware-site

annotate test/unit/lib/redmine/ciphering_test.rb @ 1628:9c5f8e24dadc live tip

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Quieten this cron script
author Chris Cannam
date Tue, 25 Aug 2020 11:38:49 +0100
parents dffacf8a6908
children
rev   line source
Chris@245 1 # Redmine - project management software
Chris@1494 2 # Copyright (C) 2006-2014 Jean-Philippe Lang
Chris@245 3 #
Chris@245 4 # This program is free software; you can redistribute it and/or
Chris@245 5 # modify it under the terms of the GNU General Public License
Chris@245 6 # as published by the Free Software Foundation; either version 2
Chris@245 7 # of the License, or (at your option) any later version.
Chris@909 8 #
Chris@245 9 # This program is distributed in the hope that it will be useful,
Chris@245 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
Chris@245 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
Chris@245 12 # GNU General Public License for more details.
Chris@909 13 #
Chris@245 14 # You should have received a copy of the GNU General Public License
Chris@245 15 # along with this program; if not, write to the Free Software
Chris@245 16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
Chris@245 17
Chris@245 18 require File.expand_path('../../../../test_helper', __FILE__)
Chris@245 19
Chris@245 20 class Redmine::CipheringTest < ActiveSupport::TestCase
Chris@909 21
Chris@245 22 def test_password_should_be_encrypted
Chris@245 23 Redmine::Configuration.with 'database_cipher_key' => 'secret' do
Chris@1115 24 r = Repository::Subversion.create!(:password => 'foo', :url => 'file:///tmp', :identifier => 'svn')
Chris@245 25 assert_equal 'foo', r.password
Chris@245 26 assert r.read_attribute(:password).match(/\Aaes-256-cbc:.+\Z/)
Chris@245 27 end
Chris@245 28 end
Chris@909 29
Chris@245 30 def test_password_should_be_clear_with_blank_key
Chris@245 31 Redmine::Configuration.with 'database_cipher_key' => '' do
Chris@1115 32 r = Repository::Subversion.create!(:password => 'foo', :url => 'file:///tmp', :identifier => 'svn')
Chris@245 33 assert_equal 'foo', r.password
Chris@245 34 assert_equal 'foo', r.read_attribute(:password)
Chris@245 35 end
Chris@245 36 end
Chris@909 37
Chris@245 38 def test_password_should_be_clear_with_nil_key
Chris@245 39 Redmine::Configuration.with 'database_cipher_key' => nil do
Chris@1115 40 r = Repository::Subversion.create!(:password => 'foo', :url => 'file:///tmp', :identifier => 'svn')
Chris@245 41 assert_equal 'foo', r.password
Chris@245 42 assert_equal 'foo', r.read_attribute(:password)
Chris@245 43 end
Chris@245 44 end
Chris@909 45
Chris@909 46 def test_blank_password_should_be_clear
Chris@909 47 Redmine::Configuration.with 'database_cipher_key' => 'secret' do
Chris@1115 48 r = Repository::Subversion.create!(:password => '', :url => 'file:///tmp', :identifier => 'svn')
Chris@909 49 assert_equal '', r.password
Chris@909 50 assert_equal '', r.read_attribute(:password)
Chris@909 51 end
Chris@909 52 end
Chris@909 53
Chris@245 54 def test_unciphered_password_should_be_readable
Chris@245 55 Redmine::Configuration.with 'database_cipher_key' => nil do
Chris@1115 56 r = Repository::Subversion.create!(:password => 'clear', :url => 'file:///tmp', :identifier => 'svn')
Chris@245 57 end
Chris@909 58
Chris@245 59 Redmine::Configuration.with 'database_cipher_key' => 'secret' do
Chris@1517 60 r = Repository.order('id DESC').first
Chris@245 61 assert_equal 'clear', r.password
Chris@245 62 end
Chris@245 63 end
Chris@245 64
Chris@909 65 def test_ciphered_password_with_no_cipher_key_configured_should_be_returned_ciphered
Chris@909 66 Redmine::Configuration.with 'database_cipher_key' => 'secret' do
Chris@1115 67 r = Repository::Subversion.create!(:password => 'clear', :url => 'file:///tmp', :identifier => 'svn')
Chris@909 68 end
Chris@909 69
Chris@909 70 Redmine::Configuration.with 'database_cipher_key' => '' do
Chris@1517 71 r = Repository.order('id DESC').first
Chris@909 72 # password can not be deciphered
Chris@909 73 assert_nothing_raised do
Chris@909 74 assert r.password.match(/\Aaes-256-cbc:.+\Z/)
Chris@909 75 end
Chris@909 76 end
Chris@909 77 end
Chris@909 78
Chris@245 79 def test_encrypt_all
Chris@245 80 Repository.delete_all
Chris@245 81 Redmine::Configuration.with 'database_cipher_key' => nil do
Chris@1115 82 Repository::Subversion.create!(:password => 'foo', :url => 'file:///tmp', :identifier => 'foo')
Chris@1115 83 Repository::Subversion.create!(:password => 'bar', :url => 'file:///tmp', :identifier => 'bar')
Chris@245 84 end
Chris@909 85
Chris@245 86 Redmine::Configuration.with 'database_cipher_key' => 'secret' do
Chris@245 87 assert Repository.encrypt_all(:password)
Chris@1517 88 r = Repository.order('id DESC').first
Chris@245 89 assert_equal 'bar', r.password
Chris@245 90 assert r.read_attribute(:password).match(/\Aaes-256-cbc:.+\Z/)
Chris@245 91 end
Chris@245 92 end
Chris@909 93
Chris@245 94 def test_decrypt_all
Chris@245 95 Repository.delete_all
Chris@245 96 Redmine::Configuration.with 'database_cipher_key' => 'secret' do
Chris@1115 97 Repository::Subversion.create!(:password => 'foo', :url => 'file:///tmp', :identifier => 'foo')
Chris@1115 98 Repository::Subversion.create!(:password => 'bar', :url => 'file:///tmp', :identifier => 'bar')
Chris@909 99
Chris@245 100 assert Repository.decrypt_all(:password)
Chris@1517 101 r = Repository.order('id DESC').first
Chris@245 102 assert_equal 'bar', r.password
Chris@245 103 assert_equal 'bar', r.read_attribute(:password)
Chris@245 104 end
Chris@245 105 end
Chris@245 106 end