To check out this repository please hg clone the following URL, or open the URL using EasyMercurial or your preferred Mercurial client.
root / .svn / pristine / 27 / 2745a50d7301c30263d5450e181481b6eeb6b406.svn-base @ 1298:4f746d8966dd
History | View | Annotate | Download (4.19 KB)
| 1 | 1295:622f24f53b42 | Chris | # Redmine - project management software |
|---|---|---|---|
| 2 | # Copyright (C) 2006-2013 Jean-Philippe Lang |
||
| 3 | # |
||
| 4 | # This program is free software; you can redistribute it and/or |
||
| 5 | # modify it under the terms of the GNU General Public License |
||
| 6 | # as published by the Free Software Foundation; either version 2 |
||
| 7 | # of the License, or (at your option) any later version. |
||
| 8 | # |
||
| 9 | # This program is distributed in the hope that it will be useful, |
||
| 10 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
||
| 11 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
||
| 12 | # GNU General Public License for more details. |
||
| 13 | # |
||
| 14 | # You should have received a copy of the GNU General Public License |
||
| 15 | # along with this program; if not, write to the Free Software |
||
| 16 | # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. |
||
| 17 | |||
| 18 | require File.expand_path('../../../../test_helper', __FILE__)
|
||
| 19 | |||
| 20 | class Redmine::CipheringTest < ActiveSupport::TestCase |
||
| 21 | |||
| 22 | def test_password_should_be_encrypted |
||
| 23 | Redmine::Configuration.with 'database_cipher_key' => 'secret' do |
||
| 24 | r = Repository::Subversion.create!(:password => 'foo', :url => 'file:///tmp', :identifier => 'svn') |
||
| 25 | assert_equal 'foo', r.password |
||
| 26 | assert r.read_attribute(:password).match(/\Aaes-256-cbc:.+\Z/) |
||
| 27 | end |
||
| 28 | end |
||
| 29 | |||
| 30 | def test_password_should_be_clear_with_blank_key |
||
| 31 | Redmine::Configuration.with 'database_cipher_key' => '' do |
||
| 32 | r = Repository::Subversion.create!(:password => 'foo', :url => 'file:///tmp', :identifier => 'svn') |
||
| 33 | assert_equal 'foo', r.password |
||
| 34 | assert_equal 'foo', r.read_attribute(:password) |
||
| 35 | end |
||
| 36 | end |
||
| 37 | |||
| 38 | def test_password_should_be_clear_with_nil_key |
||
| 39 | Redmine::Configuration.with 'database_cipher_key' => nil do |
||
| 40 | r = Repository::Subversion.create!(:password => 'foo', :url => 'file:///tmp', :identifier => 'svn') |
||
| 41 | assert_equal 'foo', r.password |
||
| 42 | assert_equal 'foo', r.read_attribute(:password) |
||
| 43 | end |
||
| 44 | end |
||
| 45 | |||
| 46 | def test_blank_password_should_be_clear |
||
| 47 | Redmine::Configuration.with 'database_cipher_key' => 'secret' do |
||
| 48 | r = Repository::Subversion.create!(:password => '', :url => 'file:///tmp', :identifier => 'svn') |
||
| 49 | assert_equal '', r.password |
||
| 50 | assert_equal '', r.read_attribute(:password) |
||
| 51 | end |
||
| 52 | end |
||
| 53 | |||
| 54 | def test_unciphered_password_should_be_readable |
||
| 55 | Redmine::Configuration.with 'database_cipher_key' => nil do |
||
| 56 | r = Repository::Subversion.create!(:password => 'clear', :url => 'file:///tmp', :identifier => 'svn') |
||
| 57 | end |
||
| 58 | |||
| 59 | Redmine::Configuration.with 'database_cipher_key' => 'secret' do |
||
| 60 | r = Repository.first(:order => 'id DESC') |
||
| 61 | assert_equal 'clear', r.password |
||
| 62 | end |
||
| 63 | end |
||
| 64 | |||
| 65 | def test_ciphered_password_with_no_cipher_key_configured_should_be_returned_ciphered |
||
| 66 | Redmine::Configuration.with 'database_cipher_key' => 'secret' do |
||
| 67 | r = Repository::Subversion.create!(:password => 'clear', :url => 'file:///tmp', :identifier => 'svn') |
||
| 68 | end |
||
| 69 | |||
| 70 | Redmine::Configuration.with 'database_cipher_key' => '' do |
||
| 71 | r = Repository.first(:order => 'id DESC') |
||
| 72 | # password can not be deciphered |
||
| 73 | assert_nothing_raised do |
||
| 74 | assert r.password.match(/\Aaes-256-cbc:.+\Z/) |
||
| 75 | end |
||
| 76 | end |
||
| 77 | end |
||
| 78 | |||
| 79 | def test_encrypt_all |
||
| 80 | Repository.delete_all |
||
| 81 | Redmine::Configuration.with 'database_cipher_key' => nil do |
||
| 82 | Repository::Subversion.create!(:password => 'foo', :url => 'file:///tmp', :identifier => 'foo') |
||
| 83 | Repository::Subversion.create!(:password => 'bar', :url => 'file:///tmp', :identifier => 'bar') |
||
| 84 | end |
||
| 85 | |||
| 86 | Redmine::Configuration.with 'database_cipher_key' => 'secret' do |
||
| 87 | assert Repository.encrypt_all(:password) |
||
| 88 | r = Repository.first(:order => 'id DESC') |
||
| 89 | assert_equal 'bar', r.password |
||
| 90 | assert r.read_attribute(:password).match(/\Aaes-256-cbc:.+\Z/) |
||
| 91 | end |
||
| 92 | end |
||
| 93 | |||
| 94 | def test_decrypt_all |
||
| 95 | Repository.delete_all |
||
| 96 | Redmine::Configuration.with 'database_cipher_key' => 'secret' do |
||
| 97 | Repository::Subversion.create!(:password => 'foo', :url => 'file:///tmp', :identifier => 'foo') |
||
| 98 | Repository::Subversion.create!(:password => 'bar', :url => 'file:///tmp', :identifier => 'bar') |
||
| 99 | |||
| 100 | assert Repository.decrypt_all(:password) |
||
| 101 | r = Repository.first(:order => 'id DESC') |
||
| 102 | assert_equal 'bar', r.password |
||
| 103 | assert_equal 'bar', r.read_attribute(:password) |
||
| 104 | end |
||
| 105 | end |
||
| 106 | end |