Move self destruct check to `config_for` and add constant for verifier string (#32943)

pull/32915/head
Matt Jankowski 2024-11-18 04:57:16 -05:00 committed by GitHub
parent 911d7dbbf6
commit c0c34d35e2
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
4 changed files with 19 additions and 12 deletions

View File

@ -1,9 +1,11 @@
# frozen_string_literal: true
module SelfDestructHelper
VERIFY_PURPOSE = 'self-destruct'
def self.self_destruct?
value = ENV.fetch('SELF_DESTRUCT', nil)
value.present? && Rails.application.message_verifier('self-destruct').verify(value) == ENV['LOCAL_DOMAIN']
value = Rails.configuration.x.mastodon.self_destruct_value
value.present? && Rails.application.message_verifier(VERIFY_PURPOSE).verify(value) == ENV['LOCAL_DOMAIN']
rescue ActiveSupport::MessageVerifier::InvalidSignature
false
end

View File

@ -1,3 +1,4 @@
---
shared:
self_destruct_value: <%= ENV.fetch('SELF_DESTRUCT', nil) %>
software_update_url: <%= ENV.fetch('UPDATE_CHECK_URL', 'https://api.joinmastodon.org/update-check') %>

View File

@ -76,7 +76,7 @@ module Mastodon::CLI
def self_destruct_value
Rails
.application
.message_verifier('self-destruct')
.message_verifier(SelfDestructHelper::VERIFY_PURPOSE)
.generate(Rails.configuration.x.local_domain)
end
end

View File

@ -3,19 +3,20 @@
require 'rails_helper'
RSpec.describe SelfDestructHelper do
describe 'self_destruct?' do
describe '#self_destruct?' do
before { Rails.configuration.x.mastodon.self_destruct_value = destruct_value }
after { Rails.configuration.x.mastodon.self_destruct_value = nil }
context 'when SELF_DESTRUCT is unset' do
let(:destruct_value) { nil }
it 'returns false' do
expect(helper.self_destruct?).to be false
end
end
context 'when SELF_DESTRUCT is set to an invalid value' do
around do |example|
ClimateControl.modify SELF_DESTRUCT: 'true' do
example.run
end
end
let(:destruct_value) { 'true' }
it 'returns false' do
expect(helper.self_destruct?).to be false
@ -23,9 +24,10 @@ RSpec.describe SelfDestructHelper do
end
context 'when SELF_DESTRUCT is set to value signed for the wrong purpose' do
let(:destruct_value) { Rails.configuration.x.mastodon.self_destruct_value = Rails.application.message_verifier('foo').generate('example.com') }
around do |example|
ClimateControl.modify(
SELF_DESTRUCT: Rails.application.message_verifier('foo').generate('example.com'),
LOCAL_DOMAIN: 'example.com'
) do
example.run
@ -38,9 +40,10 @@ RSpec.describe SelfDestructHelper do
end
context 'when SELF_DESTRUCT is set to value signed for the wrong domain' do
let(:destruct_value) { Rails.configuration.x.mastodon.self_destruct_value = Rails.application.message_verifier(described_class::VERIFY_PURPOSE).generate('foo.com') }
around do |example|
ClimateControl.modify(
SELF_DESTRUCT: Rails.application.message_verifier('self-destruct').generate('foo.com'),
LOCAL_DOMAIN: 'example.com'
) do
example.run
@ -53,9 +56,10 @@ RSpec.describe SelfDestructHelper do
end
context 'when SELF_DESTRUCT is set to a correctly-signed value' do
let(:destruct_value) { Rails.configuration.x.mastodon.self_destruct_value = Rails.application.message_verifier(described_class::VERIFY_PURPOSE).generate('example.com') }
around do |example|
ClimateControl.modify(
SELF_DESTRUCT: Rails.application.message_verifier('self-destruct').generate('example.com'),
LOCAL_DOMAIN: 'example.com'
) do
example.run