1
0
mirror of https://github.com/mastodon/mastodon synced 2024-11-27 14:28:24 +09:00

Move self destruct check to config_for and add constant for verifier string (#32943)

This commit is contained in:
Matt Jankowski 2024-11-18 04:57:16 -05:00 committed by GitHub
parent 911d7dbbf6
commit c0c34d35e2
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
4 changed files with 19 additions and 12 deletions

View File

@ -1,9 +1,11 @@
# frozen_string_literal: true # frozen_string_literal: true
module SelfDestructHelper module SelfDestructHelper
VERIFY_PURPOSE = 'self-destruct'
def self.self_destruct? def self.self_destruct?
value = ENV.fetch('SELF_DESTRUCT', nil) value = Rails.configuration.x.mastodon.self_destruct_value
value.present? && Rails.application.message_verifier('self-destruct').verify(value) == ENV['LOCAL_DOMAIN'] value.present? && Rails.application.message_verifier(VERIFY_PURPOSE).verify(value) == ENV['LOCAL_DOMAIN']
rescue ActiveSupport::MessageVerifier::InvalidSignature rescue ActiveSupport::MessageVerifier::InvalidSignature
false false
end end

View File

@ -1,3 +1,4 @@
--- ---
shared: shared:
self_destruct_value: <%= ENV.fetch('SELF_DESTRUCT', nil) %>
software_update_url: <%= ENV.fetch('UPDATE_CHECK_URL', 'https://api.joinmastodon.org/update-check') %> software_update_url: <%= ENV.fetch('UPDATE_CHECK_URL', 'https://api.joinmastodon.org/update-check') %>

View File

@ -76,7 +76,7 @@ module Mastodon::CLI
def self_destruct_value def self_destruct_value
Rails Rails
.application .application
.message_verifier('self-destruct') .message_verifier(SelfDestructHelper::VERIFY_PURPOSE)
.generate(Rails.configuration.x.local_domain) .generate(Rails.configuration.x.local_domain)
end end
end end

View File

@ -3,19 +3,20 @@
require 'rails_helper' require 'rails_helper'
RSpec.describe SelfDestructHelper do RSpec.describe SelfDestructHelper do
describe 'self_destruct?' do describe '#self_destruct?' do
before { Rails.configuration.x.mastodon.self_destruct_value = destruct_value }
after { Rails.configuration.x.mastodon.self_destruct_value = nil }
context 'when SELF_DESTRUCT is unset' do context 'when SELF_DESTRUCT is unset' do
let(:destruct_value) { nil }
it 'returns false' do it 'returns false' do
expect(helper.self_destruct?).to be false expect(helper.self_destruct?).to be false
end end
end end
context 'when SELF_DESTRUCT is set to an invalid value' do context 'when SELF_DESTRUCT is set to an invalid value' do
around do |example| let(:destruct_value) { 'true' }
ClimateControl.modify SELF_DESTRUCT: 'true' do
example.run
end
end
it 'returns false' do it 'returns false' do
expect(helper.self_destruct?).to be false expect(helper.self_destruct?).to be false
@ -23,9 +24,10 @@ RSpec.describe SelfDestructHelper do
end end
context 'when SELF_DESTRUCT is set to value signed for the wrong purpose' do context 'when SELF_DESTRUCT is set to value signed for the wrong purpose' do
let(:destruct_value) { Rails.configuration.x.mastodon.self_destruct_value = Rails.application.message_verifier('foo').generate('example.com') }
around do |example| around do |example|
ClimateControl.modify( ClimateControl.modify(
SELF_DESTRUCT: Rails.application.message_verifier('foo').generate('example.com'),
LOCAL_DOMAIN: 'example.com' LOCAL_DOMAIN: 'example.com'
) do ) do
example.run example.run
@ -38,9 +40,10 @@ RSpec.describe SelfDestructHelper do
end end
context 'when SELF_DESTRUCT is set to value signed for the wrong domain' do context 'when SELF_DESTRUCT is set to value signed for the wrong domain' do
let(:destruct_value) { Rails.configuration.x.mastodon.self_destruct_value = Rails.application.message_verifier(described_class::VERIFY_PURPOSE).generate('foo.com') }
around do |example| around do |example|
ClimateControl.modify( ClimateControl.modify(
SELF_DESTRUCT: Rails.application.message_verifier('self-destruct').generate('foo.com'),
LOCAL_DOMAIN: 'example.com' LOCAL_DOMAIN: 'example.com'
) do ) do
example.run example.run
@ -53,9 +56,10 @@ RSpec.describe SelfDestructHelper do
end end
context 'when SELF_DESTRUCT is set to a correctly-signed value' do context 'when SELF_DESTRUCT is set to a correctly-signed value' do
let(:destruct_value) { Rails.configuration.x.mastodon.self_destruct_value = Rails.application.message_verifier(described_class::VERIFY_PURPOSE).generate('example.com') }
around do |example| around do |example|
ClimateControl.modify( ClimateControl.modify(
SELF_DESTRUCT: Rails.application.message_verifier('self-destruct').generate('example.com'),
LOCAL_DOMAIN: 'example.com' LOCAL_DOMAIN: 'example.com'
) do ) do
example.run example.run