WIP Process payments for expired invoices

Reviewed-on: #205
Reviewed-by: galfert <garret.alfert@gmail.com>

app/controllers/contributions/donations_controller.rb

@@ -84,21 +84,26 @@ class Contributions::DonationsController < ApplicationController
       @donation.paid_at = DateTime.now
       @donation.payment_status = "settled"
       @donation.save!
-      flash_message = { success: "Thank you!" }
+      msg = { success: "Thank you!" }
     when "Processing"
       unless @donation.processing?
         @donation.payment_status = "processing"
         @donation.save!
-        flash_message = { success: "Thank you! We will send you an email when the payment is confirmed." }
+        msg = { success: "Thank you! We will send you an email when the payment is confirmed." }
         BtcpayCheckDonationJob.set(wait: 20.seconds).perform_later(@donation)
       end
     when "Expired"
-      flash_message = { warning: "The payment request for this donation has expired" }
+      if invoice["additionalStatus"] &&
+         invoice["additionalStatus"] == "PaidLate"
+        # TODO introduce state machine
+        mark_as_paid(donation)
+      end
+      msg = { warning: "The payment request for this donation has expired" }
     else
-      flash_message = { warning: "Could not determine status of payment" }
+      msg = { warning: "Could not determine status of payment" }
     end
 
-    redirect_to contributions_donations_url, flash: flash_message
+    redirect_to contributions_donations_url, flash: msg
   end
 
   private

app/controllers/settings_controller.rb

@@ -21,10 +21,12 @@ class SettingsController < ApplicationController
     end
   end
 
+  # PUT /settings/:section
   def update
     @user.preferences.merge!(user_params[:preferences] || {})
     @user.display_name = user_params[:display_name]
-    @user.avatar_new = user_params[:avatar]
+    @user.avatar_new   = user_params[:avatar]
+    @user.pgp_pubkey   = user_params[:pgp_pubkey]
 
     if @user.save
       if @user.display_name && (@user.display_name != @user.ldap_entry[:display_name])
@@ -35,6 +37,10 @@ class SettingsController < ApplicationController
         LdapManager::UpdateAvatar.call(dn: @user.dn, file: @user.avatar_new)
       end
 
+      if @user.pgp_pubkey && (@user.pgp_pubkey != @user.ldap_entry[:pgp_key])
+        UserManager::UpdatePgpKey.call(user: @user)
+      end
+
       redirect_to setting_path(@settings_section), flash: {
         success: 'Settings saved.'
       }
@@ -44,6 +50,7 @@ class SettingsController < ApplicationController
     end
   end
 
+  # POST /settings/update_email
   def update_email
     if @user.valid_ldap_authentication?(security_params[:current_password])
       if @user.update email: email_params[:email]
@@ -61,6 +68,7 @@ class SettingsController < ApplicationController
     end
   end
 
+  # POST /settings/reset_email_password
   def reset_email_password
     @user.current_password = security_params[:current_password]
 
@@ -83,6 +91,7 @@ class SettingsController < ApplicationController
     end
   end
 
+  # POST /settings/reset_password
   def reset_password
     current_user.send_reset_password_instructions
     sign_out current_user
@@ -90,6 +99,7 @@ class SettingsController < ApplicationController
     redirect_to check_your_email_path, notice: msg
   end
 
+  # POST /settings/set_nostr_pubkey
   def set_nostr_pubkey
     signed_event = Nostr::Event.new(**nostr_event_from_params)
 
@@ -152,7 +162,8 @@ class SettingsController < ApplicationController
 
     def user_params
       params.require(:user).permit(
-        :display_name, :avatar, preferences: UserPreferences.pref_keys
+        :display_name, :avatar, :pgp_pubkey,
+        preferences: UserPreferences.pref_keys
       )
     end
 

app/controllers/web_key_directory_controller.rb

@@ -0,0 +1,35 @@
+class WebKeyDirectoryController < WellKnownController
+  before_action :allow_cross_origin_requests
+
+  # /.well-known/openpgpkey/hu/:hashed_username(.txt)
+  def show
+    @user = User.find_by(cn: params[:l].downcase)
+
+    if @user.nil? ||
+       @user.pgp_pubkey.blank? ||
+       !@user.pgp_pubkey_contains_user_address?
+      http_status :not_found and return
+    end
+
+    if params[:hashed_username] != @user.wkd_hash
+      http_status :unprocessable_entity and return
+    end
+
+    respond_to do |format|
+      format.text do
+        response.headers['Content-Type'] = 'text/plain'
+        render plain: @user.pgp_pubkey
+      end
+
+      format.any do
+        key = @user.gnupg_key.export
+        send_data key, filename: "#{@user.wkd_hash}.pem",
+                       type: "application/octet-stream"
+      end
+    end
+  end
+
+  def policy
+    head :ok
+  end
+end

app/jobs/btcpay_check_donation_job.rb

@@ -9,20 +9,29 @@ class BtcpayCheckDonationJob < ApplicationJob
     )
 
     case invoice["status"]
-    when "Settled"
-      donation.paid_at = DateTime.now
-      donation.payment_status = "settled"
-      donation.save!
-
-      NotificationMailer.with(user: donation.user)
-                        .bitcoin_donation_confirmed
-                        .deliver_later
     when "Processing"
       re_enqueue_job(donation)
+    when "Settled"
+      mark_as_paid(donation)
+    when "Expired"
+      if invoice["additionalStatus"] &&
+         invoice["additionalStatus"] == "PaidLate"
+        mark_as_paid(donation)
+      end
     end
   end
 
   def re_enqueue_job(donation)
     self.class.set(wait: 20.seconds).perform_later(donation)
   end
+
+  def mark_as_paid(donation)
+    donation.paid_at = DateTime.now
+    donation.payment_status = "settled"
+    donation.save!
+
+    NotificationMailer.with(user: donation.user)
+                      .bitcoin_donation_confirmed
+                      .deliver_later
+  end
 end

app/mailers/application_mailer.rb

@@ -1,3 +1,90 @@
 class ApplicationMailer < ActionMailer::Base
+  default Rails.application.config.action_mailer.default_options
   layout 'mailer'
+
+  private
+
+    def send_mail
+      @template ||= "#{self.class.name.underscore}/#{caller[0][/`([^']*)'/, 1]}"
+      headers['Message-ID'] = message_id
+
+      if @user.pgp_pubkey.present?
+        mail(to: @user.email, subject: "...", content_type: pgp_content_type) do |format|
+          format.text { render plain: pgp_content }
+        end
+      else
+        mail(to: @user.email, subject: @subject) do |format|
+          format.text { render @template }
+        end
+      end
+    end
+
+    def from_address
+      self.class.default[:from]
+    end
+
+    def from_domain
+      Mail::Address.new(from_address).domain
+    end
+
+    def message_id
+      @message_id ||= "#{SecureRandom.uuid}@#{from_domain}"
+    end
+
+    def boundary
+      @boundary ||= SecureRandom.hex(8)
+    end
+
+    def pgp_content_type
+      "multipart/encrypted; protocol=\"application/pgp-encrypted\"; boundary=\"------------#{boundary}\""
+    end
+
+    def pgp_nested_content
+      message_content = render_to_string(template: @template)
+      message_content_base64 = Base64.encode64(message_content)
+      nested_boundary = SecureRandom.hex(8)
+
+      <<~NESTED_CONTENT
+        Content-Type: multipart/mixed; boundary="------------#{nested_boundary}"; protected-headers="v1"
+        Subject: #{@subject}
+        From: <#{from_address}>
+        To: #{@user.display_name || @user.cn} <#{@user.email}>
+        Message-ID: <#{message_id}>
+
+        --------------#{nested_boundary}
+        Content-Type: text/plain; charset=UTF-8; format=flowed
+        Content-Transfer-Encoding: base64
+
+        #{message_content_base64}
+
+        --------------#{nested_boundary}--
+      NESTED_CONTENT
+    end
+
+    def pgp_content
+      encrypted_content = UserManager::PgpEncrypt.call(user: @user, text: pgp_nested_content)
+      encrypted_base64 = Base64.encode64(encrypted_content.to_s)
+
+      <<~EMAIL_CONTENT
+        This is an OpenPGP/MIME encrypted message (RFC 4880 and 3156)
+        --------------#{boundary}
+        Content-Type: application/pgp-encrypted
+        Content-Description: PGP/MIME version identification
+
+        Version: 1
+
+        --------------#{boundary}
+        Content-Type: application/octet-stream; name="encrypted.asc"
+        Content-Description: OpenPGP encrypted message
+        Content-Disposition: inline; filename="encrypted.asc"
+
+        -----BEGIN PGP MESSAGE-----
+
+        #{encrypted_base64}
+
+        -----END PGP MESSAGE-----
+
+        --------------#{boundary}--
+      EMAIL_CONTENT
+    end
 end

app/mailers/custom_mailer.rb

@@ -18,6 +18,6 @@ class CustomMailer < ApplicationMailer
     @user = params[:user]
     @subject = params[:subject]
     @body = params[:body]
-    mail(to: @user.email, subject: @subject)
+    send_mail
   end
 end

app/mailers/notification_mailer.rb

@@ -3,7 +3,7 @@ class NotificationMailer < ApplicationMailer
     @user = params[:user]
     @amount_sats = params[:amount_sats]
     @subject = "Sats received"
-    mail to: @user.email, subject: @subject
+    send_mail
   end
 
   def remotestorage_auth_created
@@ -15,19 +15,19 @@ class NotificationMailer < ApplicationMailer
       "#{access} #{directory}"
     end
     @subject = "New app connected to your storage"
-    mail to: @user.email, subject: @subject
+    send_mail
   end
 
   def new_invitations_available
     @user = params[:user]
     @subject = "New invitations added to your account"
-    mail to: @user.email, subject: @subject
+    send_mail
   end
 
   def bitcoin_donation_confirmed
     @user = params[:user]
     @donation = params[:donation]
     @subject = "Donation confirmed"
-    mail to: @user.email, subject: @subject
+    send_mail
   end
 end

app/models/user.rb

@@ -52,7 +52,7 @@ class User < ApplicationRecord
 
   validate :acceptable_avatar
 
-  validate :acceptable_pgp_key_format, if: -> { defined?(@pgp_pubkey) && @pgp_pubkey != "" }
+  validate :acceptable_pgp_key_format, if: -> { defined?(@pgp_pubkey) && @pgp_pubkey.present? }
 
   #
   # Scopes
@@ -174,7 +174,8 @@ class User < ApplicationRecord
 
   def gnupg_key
     return nil unless pgp_pubkey.present?
-    @gnupg_key ||= GPGME::Key.get(pgp_fpr)
+    GPGME::Key.import(pgp_pubkey)
+    GPGME::Key.get(pgp_fpr)
   end
 
   def pgp_pubkey_contains_user_address?

app/services/ldap_manager/update_pgp_key.rb

@@ -0,0 +1,16 @@
+module LdapManager
+  class UpdatePgpKey < LdapManagerService
+    def initialize(dn:, pubkey:)
+      @dn = dn
+      @pubkey = pubkey
+    end
+
+    def call
+      if @pubkey.present?
+        replace_attribute @dn, :pgpKey, @pubkey
+      else
+        delete_attribute @dn, :pgpKey
+      end
+    end
+  end
+end

app/services/user_manager/pgp_encrypt.rb

@@ -0,0 +1,19 @@
+require 'gpgme'
+
+module UserManager
+  class PgpEncrypt < UserManagerService
+    def initialize(user:, text:)
+      @user = user
+      @text = text
+    end
+
+    def call
+      crypto = GPGME::Crypto.new
+      crypto.encrypt(
+        @text,
+        recipients: @user.gnupg_key,
+        always_trust: true
+      )
+    end
+  end
+end

app/services/user_manager/update_pgp_key.rb

@@ -0,0 +1,24 @@
+module UserManager
+  class UpdatePgpKey < UserManagerService
+    def initialize(user:)
+      @user = user
+    end
+
+    def call
+      if @user.pgp_pubkey.blank?
+        @user.update! pgp_fpr: nil
+      else
+        result = GPGME::Key.import(@user.pgp_pubkey)
+
+        if result.imports.present?
+          @user.update! pgp_fpr: result.imports.first.fpr
+        else
+          # TODO notify Sentry, user
+          raise "Failed to import OpenPGP pubkey"
+        end
+      end
+
+      LdapManager::UpdatePgpKey.call(dn: @user.dn, pubkey: @user.pgp_pubkey)
+    end
+  end
+end

app/views/admin/users/show.html.erb

@@ -89,13 +89,47 @@
     </section>
 
     <section class="sm:flex-1 sm:pt-0">
-      <% if @avatar.present? %>
-      <h3>LDAP<h3>
-      <p>
-        <img src="data:image/jpeg;base64,<%= @avatar %>" class="h-48 w-48" />
-      </p>
-      <% end %>
-      <!-- <h3>Actions</h3> -->
+      <h3>LDAP</h3>
+      <table class="divided">
+        <tbody>
+          <tr>
+            <th>Avatar</th>
+            <td>
+              <% if @avatar.present? %>
+                <img src="data:image/jpeg;base64,<%= @avatar %>" class="h-48 w-48" />
+              <% else %>
+                &mdash;
+              <% end %>
+            </td>
+          </tr>
+          <tr>
+            <th>Display name</th>
+            <td><%= @user.display_name || "—" %></td>
+          </tr>
+          <tr>
+            <th class="align-top">PGP key</th>
+            <td class="align-top leading-5">
+              <% if @user.pgp_pubkey.present? %>
+                <span class="font-mono" title="<%= @user.pgp_fpr %>">
+                  <% if @user.pgp_pubkey_contains_user_address? %>
+                    <%= link_to wkd_key_url(hashed_username: @user.wkd_hash, l: @user.cn, format: :txt),
+                      class: "ks-text-link", target: "_blank" do %>
+                      <%= "#{@user.pgp_fpr[0, 8]}…#{@user.pgp_fpr[-8..-1]}" %>
+                    <% end %>
+                  <% else %>
+                    <%= "#{@user.pgp_fpr[0, 8]}…#{@user.pgp_fpr[-8..-1]}" %>
+                  <% end %>
+                </span><br />
+                <% @user.gnupg_key.uids.each do |uid| %>
+                  <%= uid.uid %><br />
+                <% end %>
+              <% else %>
+                &mdash;
+              <% end %>
+            </td>
+          </tr>
+        </tbody>
+      </table>
     </section>
   </div>
 
@@ -184,7 +218,7 @@
           <td>XMPP (ejabberd)</td>
           <td>
             <%= render FormElements::ToggleComponent.new(
-              enabled: @services_enabled.include?("xmpp"),
+              enabled: @services_enabled.include?("ejabberd"),
               input_enabled: false
             ) %>
           </td>

app/views/settings/_account.html.erb

@@ -1,6 +1,6 @@
 <%= tag.section data: {
       controller: "settings--account--email",
-      "settings--account--email-validation-failed-value": @validation_errors.present?
+      "settings--account--email-validation-failed-value": @validation_errors&.[](:email)&.present?
     } do %>
   <h3>E-Mail</h3>
   <%= form_for(@user, url: update_email_settings_path, method: "post") do |f| %>
@@ -23,7 +23,7 @@
         </span>
       </button>
     </p>
-    <% if @validation_errors.present? && @validation_errors[:email].present? %>
+    <% if @validation_errors&.[](:email)&.present? %>
       <p class="error-msg"><%= @validation_errors[:email].first %></p>
     <% end %>
     <div class="initial-hidden">
@@ -41,10 +41,33 @@
 <% end %>
 <section>
   <h3>Password</h3>
-  <p class="mb-8">Use the following button to request an email with a password reset link:</p>
+  <p class="mb-6">Use the following button to request an email with a password reset link:</p>
   <%= form_with(url: reset_password_settings_path, method: :post) do %>
     <p>
       <%= submit_tag("Send me a password reset link", class: 'btn-md btn-gray w-full sm:w-auto') %>
     </p>
   <% end %>
 </section>
+<%= form_for(@user, url: setting_path(:account), html: { :method => :put }) do |f| %>
+  <section class="!pt-8 sm:!pt-12">
+    <h3>OpenPGP</h3>
+    <ul role="list">
+      <%= render FormElements::FieldsetComponent.new(
+            title: "Public key",
+            description: "Your OpenPGP public key in ASCII Armor format"
+          ) do %>
+        <%= f.text_area :pgp_pubkey,
+          value: @user.pgp_pubkey,
+          class: "h-24 w-full" %>
+        <% if @validation_errors&.[](:pgp_pubkey)&.present? %>
+          <p class="error-msg">This <%= @validation_errors[:pgp_pubkey].first %></p>
+        <% end %>
+      <% end %>
+    </ul>
+  </section>
+  <section>
+    <p class="pt-6 border-t border-gray-200 text-right">
+      <%= f.submit 'Save', class: "btn-md btn-blue w-full md:w-auto" %>
+    </p>
+  </section>
+<% end %>

app/views/settings/_email.html.erb

@@ -5,7 +5,7 @@
   <h3>E-Mail Password</h3>
   <%= form_for(@user, url: reset_email_password_settings_path, method: "post") do |f| %>
     <%= hidden_field_tag :section, "email" %>
-    <p class="mb-8">
+    <p class="mb-6">
       Use the following button to generate a new email password:
     </p>
     <p class="hidden initial-visible">

config/environments/development.rb

@@ -57,16 +57,22 @@ Rails.application.configure do
   # routes, locales, etc. This feature depends on the listen gem.
   config.file_watcher = ActiveSupport::EventedFileUpdateChecker
 
-  config.action_mailer.default_options = {
-    from: "accounts@localhost"
-  }
-
   # Don't actually send emails, cache them for viewing via letter opener
   config.action_mailer.delivery_method = :letter_opener
+
   # Don't care if the mailer can't send
   config.action_mailer.raise_delivery_errors = true
+
   # Base URL to be used by email template link helpers
-  config.action_mailer.default_url_options = { host: "localhost:3000", protocol: "http" }
+  config.action_mailer.default_url_options = {
+    host: "localhost:3000",
+    protocol: "http"
+  }
+
+  config.action_mailer.default_options = {
+    from: "accounts@localhost",
+    message_id: -> { "<#{Mail.random_tag}@localhost>" },
+  }
 
   # Allow requests from any IP
   config.web_console.permissions = '0.0.0.0/0'

config/environments/production.rb

@@ -63,7 +63,7 @@ Rails.application.configure do
   outgoing_email_domain  = Mail::Address.new(outgoing_email_address).domain
 
   config.action_mailer.default_url_options = {
-    host: ENV['AKKOUNTS_DOMAIN'],
+    host: ENV.fetch('AKKOUNTS_DOMAIN'),
     protocol: "https",
   }
 

config/environments/test.rb

@@ -46,8 +46,12 @@ Rails.application.configure do
 
   config.action_mailer.default_url_options = {
     host: "accounts.kosmos.org",
-    protocol: "https",
-    from: "accounts@kosmos.org"
+    protocol: "https"
+  }
+
+  config.action_mailer.default_options = {
+    from: "accounts@kosmos.org",
+    message_id: -> { "<#{Mail.random_tag}@kosmos.org>" },
   }
 
   config.active_job.queue_adapter = :test

config/routes.rb

@@ -70,10 +70,12 @@ Rails.application.routes.draw do
 
   get '.well-known/webfinger', to: 'webfinger#show'
   get '.well-known/nostr', to: 'well_known#nostr'
-  get '.well-known/lnurlp/:username', to: 'lnurlpay#index', as: 'lightning_address'
-  get '.well-known/keysend/:username', to: 'lnurlpay#keysend', as: 'lightning_address_keysend'
+  get '.well-known/lnurlp/:username', to: 'lnurlpay#index', as: :lightning_address
+  get '.well-known/keysend/:username', to: 'lnurlpay#keysend', as: :lightning_address_keysend
+  get '.well-known/openpgpkey/hu/:hashed_username(.:format)', to: 'web_key_directory#show', as: :wkd_key
+  get '.well-known/openpgpkey/policy', to: 'web_key_directory#policy'
 
-  get 'lnurlpay/:username/invoice', to: 'lnurlpay#invoice', as: 'lnurlpay_invoice'
+  get 'lnurlpay/:username/invoice', to: 'lnurlpay#invoice', as: :lnurlpay_invoice
 
   post 'webhooks/lndhub', to: 'webhooks#lndhub'
 

db/seeds/admin.asc

@@ -0,0 +1,13 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mDMEZvGiUxYJKwYBBAHaRw8BAQdARPZXLqyB3nylJuzuARlOJxqc9mchMKHI4Cy+
+hPWlzja0GEFkbWluIDxhZG1pbkBrb3Ntb3Mub3JnPoiZBBMWCgBBFiEE0pie1+fG
+ImdZwzGnwgEYSg8AulYFAmbxolMCGwMFCQWjmoAFCwkIBwICIgIGFQoJCAsCBBYC
+AwECHgcCF4AACgkQwgEYSg8AulaldAEA7yzh7XRCdIJDHgLUvKHsy2NnyLaDD1Tl
+hyZWbl5og0IBAJAQ2Dm82YXMdUK3X1OGlK8KH5O4E5lSFY4+8/xx0UEJuDgEZvGi
+UxIKKwYBBAGXVQEFAQEHQJc8pzzeIF7Hm5z1eseRAqGvFa+V1BIDf+1XQzuJhhxi
+AwEIB4h+BBgWCgAmFiEE0pie1+fGImdZwzGnwgEYSg8AulYFAmbxolMCGwwFCQWj
+moAACgkQwgEYSg8AulbLtgEApZvuDqSP77lrl1jmtCAJEEZk/ofsRFkf1g3U3Zhm
+9PcA/1+AbcyqjLTcqIPjHmZyGEPiaAvEsBzbPKEPiL3JYhkG
+=45sx
+-----END PGP PUBLIC KEY BLOCK-----

schemas/ldap/nostr_key.ldif

@@ -5,5 +5,5 @@ attributeTypes: ( 1.3.6.1.4.1.61554.1.1.2.1.21
   NAME 'nostrKey'
   DESC 'Nostr public key'
   EQUALITY caseIgnoreMatch
-  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
   SINGLE-VALUE )

spec/features/settings/account_spec.rb

@@ -14,6 +14,7 @@ RSpec.describe 'Account settings', type: :feature do
         .with("invalid password").and_return(false)
       allow_any_instance_of(User).to receive(:valid_ldap_authentication?)
         .with("valid password").and_return(true)
+      allow_any_instance_of(User).to receive(:pgp_pubkey).and_return(nil)
     end
 
     scenario 'fails with invalid password' do
@@ -55,4 +56,44 @@ RSpec.describe 'Account settings', type: :feature do
       end
     end
   end
+
+  feature "Update OpenPGP key" do
+    let(:invalid_key) { File.read("#{Rails.root}/spec/fixtures/files/pgp_key_invalid.asc") }
+    let(:valid_key_alice) { File.read("#{Rails.root}/spec/fixtures/files/pgp_key_valid_alice.asc") }
+    let(:fingerprint_alice) { "EB85BB5FA33A75E15E944E63F231550C4F47E38E" }
+
+    before do
+      login_as user, :scope => :user
+      allow_any_instance_of(User).to receive(:ldap_entry).and_return({
+        uid: user.cn, ou: user.ou, display_name: nil, pgp_key: nil
+      })
+    end
+
+    scenario 'rejects an invalid key' do
+      expect(UserManager::UpdatePgpKey).not_to receive(:call)
+
+      visit setting_path(:account)
+      fill_in 'Public key', with: invalid_key
+      click_button "Save"
+
+      expect(current_url).to eq(setting_url(:account))
+      within ".error-msg" do
+        expect(page).to have_content("This is not a valid armored PGP public key block")
+      end
+    end
+
+    scenario 'stores a valid key' do
+      expect(UserManager::UpdatePgpKey).to receive(:call)
+        .with(user: user).and_return(true)
+
+      visit setting_path(:account)
+      fill_in 'Public key', with: valid_key_alice
+      click_button "Save"
+
+      expect(current_url).to eq(setting_url(:account))
+      within ".flash-msg" do
+        expect(page).to have_content("Settings saved")
+      end
+    end
+  end
 end

spec/features/settings/profile_spec.rb

@@ -9,7 +9,7 @@ RSpec.describe 'Profile settings', type: :feature do
     allow(user).to receive(:display_name).and_return("Mark")
     allow_any_instance_of(User).to receive(:dn).and_return("cn=mwahlberg,ou=kosmos.org,cn=users,dc=kosmos,dc=org")
     allow_any_instance_of(User).to receive(:ldap_entry).and_return({
-      uid: user.cn, ou: user.ou, display_name: "Mark"
+      uid: user.cn, ou: user.ou, display_name: "Mark", pgp_key: nil
     })
     allow_any_instance_of(User).to receive(:avatar).and_return(avatar_base64)
 

spec/mailers/notification_mailer_spec.rb

@@ -0,0 +1,87 @@
+# spec/mailers/welcome_mailer_spec.rb
+require 'rails_helper'
+
+RSpec.describe NotificationMailer, type: :mailer do
+  describe '#lightning_sats_received' do
+
+    context "without PGP key" do
+      let(:user) { create(:user, cn: "phil", email: 'phil@example.com') }
+
+      before do
+        allow_any_instance_of(User).to receive(:ldap_entry).and_return({
+          uid: user.cn, ou: user.ou, display_name: nil, pgp_key: nil
+        })
+      end
+
+      describe "unencrypted email" do
+        let(:mail) { described_class.with(user: user, amount_sats: 21000).lightning_sats_received }
+
+        it 'renders the correct to/from headers' do
+          expect(mail.to).to eq([user.email])
+          expect(mail.from).to eq(['accounts@kosmos.org'])
+        end
+
+        it 'renders the correct subject' do
+          expect(mail.subject).to eq('Sats received')
+        end
+
+        it 'uses the correct content type' do
+          expect(mail.header['content-type'].to_s).to include('text/plain')
+        end
+
+        it 'renders the body with correct content' do
+          expect(mail.body.encoded).to match(/You just received 21,000 sats/)
+          expect(mail.body.encoded).to include(user.address)
+        end
+
+        it 'includes a link to the lightning service page' do
+          expect(mail.body.encoded).to include("https://accounts.kosmos.org/services/lightning")
+        end
+      end
+    end
+
+    context "with PGP key" do
+      let(:pgp_pubkey) { File.read("#{Rails.root}/spec/fixtures/files/pgp_key_valid_alice.asc") }
+      let(:pgp_fingerprint) { "EB85BB5FA33A75E15E944E63F231550C4F47E38E" }
+      let(:user) { create(:user, id: 2, cn: "alice", email: 'alice@example.com', pgp_fpr: pgp_fingerprint) }
+
+      before do
+        allow_any_instance_of(User).to receive(:ldap_entry).and_return({
+          uid: user.cn, ou: user.ou, display_name: nil, pgp_key: pgp_pubkey
+        })
+      end
+
+      describe "encrypted email" do
+        let(:mail) { described_class.with(user: user, amount_sats: 21000).lightning_sats_received }
+
+        it 'renders the correct to/from headers' do
+          expect(mail.to).to eq([user.email])
+          expect(mail.from).to eq(['accounts@kosmos.org'])
+        end
+
+        it 'encrypts the subject line' do
+          expect(mail.subject).to eq('...')
+        end
+
+        it 'uses the correct content type' do
+          expect(mail.header['content-type'].to_s).to include('multipart/encrypted')
+          expect(mail.header['content-type'].to_s).to include('protocol="application/pgp-encrypted"')
+        end
+
+        it 'renders the PGP version part' do
+          expect(mail.body.encoded).to include("Content-Type: application/pgp-encrypted")
+          expect(mail.body.encoded).to include("Content-Description: PGP/MIME version identification")
+          expect(mail.body.encoded).to include("Version: 1")
+        end
+
+        it 'renders the encrypted PGP part' do
+          expect(mail.body.encoded).to include('Content-Type: application/octet-stream; name="encrypted.asc"')
+          expect(mail.body.encoded).to include('Content-Description: OpenPGP encrypted message')
+          expect(mail.body.encoded).to include('Content-Disposition: inline; filename="encrypted.asc"')
+          expect(mail.body.encoded).to include('-----BEGIN PGP MESSAGE-----')
+          expect(mail.body.encoded).to include('hF4DR')
+        end
+      end
+    end
+  end
+end

spec/models/user_spec.rb

@@ -262,7 +262,6 @@ RSpec.describe User, type: :model do
     let(:valid_key_jimmy) { File.read("#{Rails.root}/spec/fixtures/files/pgp_key_valid_jimmy.asc") }
     let(:fingerprint_alice) { "EB85BB5FA33A75E15E944E63F231550C4F47E38E" }
     let(:fingerprint_jimmy) { "316BF516236DAF77236B15F6057D93972FB862C3" }
-    let(:gnupg_key_alice) {  }
     let(:invalid_key) { File.read("#{Rails.root}/spec/fixtures/files/pgp_key_invalid.asc") }
 
     before do
@@ -275,8 +274,8 @@ RSpec.describe User, type: :model do
     end
 
     after do
-      GPGME::Key.get(fingerprint_alice).delete!
-      GPGME::Key.get(fingerprint_jimmy).delete!
+      alice.gnupg_key.delete!
+      jimmy.gnupg_key.delete!
     end
 
     describe "#acceptable_pgp_key_format" do

spec/requests/web_key_directory_spec.rb

@@ -0,0 +1,101 @@
+require 'rails_helper'
+
+RSpec.describe "OpenPGP Web Key Directory", type: :request do
+  describe "policy" do
+    it "returns an empty 200 response" do
+      get "/.well-known/openpgpkey/policy"
+      expect(response).to have_http_status(:ok)
+      expect(response.body).to be_empty
+    end
+  end
+
+  describe "non-existent user" do
+    it "returns a 404 status" do
+      get "/.well-known/openpgpkey/hu/fmb8gw3n4zdj4xpwaziki4mwcxr1368i?l=aristotle"
+      expect(response).to have_http_status(:not_found)
+    end
+  end
+
+  describe "user without pubkey" do
+    let(:user) { create :user, cn: 'bernd', ou: 'kosmos.org' }
+
+    it "returns a 404 status" do
+      get "/.well-known/openpgpkey/hu/kp95h369c89sx8ia1hn447i868nqyz4t?l=bernd"
+      expect(response).to have_http_status(:not_found)
+    end
+  end
+
+  describe "user with pubkey" do
+    let(:alice) { create :user, id: 2, cn: "alice", email: "alice@example.com" }
+    let(:jimmy) { create :user, id: 3, cn: "jimmy", email: "jimmy@example.com" }
+    let(:valid_key_alice) { File.read("#{Rails.root}/spec/fixtures/files/pgp_key_valid_alice.asc") }
+    let(:valid_key_jimmy) { File.read("#{Rails.root}/spec/fixtures/files/pgp_key_valid_jimmy.asc") }
+    let(:fingerprint_alice) { "EB85BB5FA33A75E15E944E63F231550C4F47E38E" }
+    let(:fingerprint_jimmy) { "316BF516236DAF77236B15F6057D93972FB862C3" }
+    let(:invalid_key) { File.read("#{Rails.root}/spec/fixtures/files/pgp_key_invalid.asc") }
+
+    before do
+      GPGME::Key.import(valid_key_alice)
+      GPGME::Key.import(valid_key_jimmy)
+      alice.update pgp_fpr: fingerprint_alice
+      jimmy.update pgp_fpr: fingerprint_jimmy
+    end
+
+    after do
+      alice.gnupg_key.delete!
+      jimmy.gnupg_key.delete!
+    end
+
+    describe "pubkey does not contain user address" do
+      before do
+        allow_any_instance_of(User).to receive(:ldap_entry)
+          .and_return({ pgp_key: valid_key_alice })
+      end
+
+      it "returns a 404 status" do
+        get "/.well-known/openpgpkey/hu/kei1q4tipxxu1yj79k9kfukdhfy631xe?l=alice"
+        expect(response).to have_http_status(:not_found)
+      end
+    end
+
+    describe "pubkey contains user address" do
+      before do
+        allow_any_instance_of(User).to receive(:ldap_entry)
+          .and_return({ pgp_key: valid_key_jimmy })
+      end
+
+      it "returns the pubkey in binary format" do
+        get "/.well-known/openpgpkey/hu/yuca4ky39mhwkjo78qb8zjgbfj1hg3yf?l=jimmy"
+        expect(response).to have_http_status(:ok)
+        expect(response.headers['Content-Type']).to eq("application/octet-stream")
+        expected_binary_data = File.binread("#{Rails.root}/spec/fixtures/files/pgp_key_valid_jimmy.pem")
+        expect(response.body).to eq(expected_binary_data)
+      end
+
+      context "with wrong capitalization of username" do
+        it "returns the pubkey as ASCII Armor plain text" do
+          get "/.well-known/openpgpkey/hu/yuca4ky39mhwkjo78qb8zjgbfj1hg3yf?l=JimmY"
+          expect(response).to have_http_status(:ok)
+          expected_binary_data = File.binread("#{Rails.root}/spec/fixtures/files/pgp_key_valid_jimmy.pem")
+          expect(response.body).to eq(expected_binary_data)
+        end
+      end
+
+      context "with .txt extension" do
+        it "returns the pubkey as ASCII Armor plain text" do
+          get "/.well-known/openpgpkey/hu/yuca4ky39mhwkjo78qb8zjgbfj1hg3yf.txt?l=jimmy"
+          expect(response).to have_http_status(:ok)
+          expect(response.body).to eq(valid_key_jimmy)
+          expect(response.headers['Content-Type']).to eq("text/plain")
+        end
+      end
+
+      context "invalid URL" do
+        it "returns a 422 status" do
+          get "/.well-known/openpgpkey/hu/123456abcdef?l=alice"
+          expect(response).to have_http_status(:not_found)
+        end
+      end
+    end
+  end
+end

spec/services/user_manager/update_pgp_key_spec.rb

@@ -0,0 +1,74 @@
+require 'rails_helper'
+
+RSpec.describe UserManager::UpdatePgpKey, type: :model do
+  include ActiveJob::TestHelper
+
+  let(:alice) { create :user, cn: "alice" }
+  let(:dn)    { "cn=alice,ou=kosmos.org,cn=users,dc=kosmos,dc=org" }
+  let(:pubkey_asc) { File.read("#{Rails.root}/spec/fixtures/files/pgp_key_valid_alice.asc") }
+  let(:fingerprint) { "EB85BB5FA33A75E15E944E63F231550C4F47E38E" }
+
+  before do
+    allow(alice).to receive(:dn).and_return(dn)
+    allow(alice).to receive(:ldap_entry).and_return({
+      uid: alice.cn, ou: alice.ou, pgp_key: nil
+    })
+  end
+
+  describe "#call" do
+    context "with valid key" do
+      before do
+        alice.pgp_pubkey = pubkey_asc
+
+        allow(LdapManager::UpdatePgpKey).to receive(:call)
+          .with(dn: alice.dn, pubkey: pubkey_asc)
+      end
+
+      after do
+        alice.gnupg_key.delete!
+      end
+
+      it "imports the key into the GnuPG keychain" do
+        described_class.call(user: alice)
+        expect(alice.gnupg_key).to be_present
+      end
+
+      it "stores the key's fingerprint on the user record" do
+        described_class.call(user: alice)
+        expect(alice.pgp_fpr).to eq(fingerprint)
+      end
+
+      it "updates the user's LDAP entry with the new key" do
+        expect(LdapManager::UpdatePgpKey).to receive(:call)
+          .with(dn: alice.dn, pubkey: pubkey_asc)
+        described_class.call(user: alice)
+      end
+    end
+
+    context "with empty key" do
+      before do
+        alice.update pgp_fpr: fingerprint
+        alice.pgp_pubkey = ""
+
+        allow(LdapManager::UpdatePgpKey).to receive(:call)
+          .with(dn: alice.dn, pubkey: "")
+      end
+
+      it "does not attempt to import the key" do
+        expect(GPGME::Key).not_to receive(:import)
+        described_class.call(user: alice)
+      end
+
+      it "removes the key's fingerprint from the user record" do
+        described_class.call(user: alice)
+        expect(alice.pgp_fpr).to be_nil
+      end
+
+      it "removes the key from the user's LDAP entry" do
+        expect(LdapManager::UpdatePgpKey).to receive(:call)
+          .with(dn: alice.dn, pubkey: "")
+        described_class.call(user: alice)
+      end
+    end
+  end
+end