require 'rails_helper' RSpec.describe UserManager::UpdatePgpKey, type: :model do include ActiveJob::TestHelper let(:alice) { create :user, cn: "alice" } let(:dn) { "cn=alice,ou=kosmos.org,cn=users,dc=kosmos,dc=org" } let(:pubkey_asc) { File.read("#{Rails.root}/spec/fixtures/files/pgp_key_valid_alice.asc") } let(:fingerprint) { "EB85BB5FA33A75E15E944E63F231550C4F47E38E" } before do allow(alice).to receive(:dn).and_return(dn) allow(alice).to receive(:ldap_entry).and_return({ uid: alice.cn, ou: alice.ou, pgp_key: nil }) end describe "#call" do context "with valid key" do before do alice.pgp_pubkey = pubkey_asc allow(LdapManager::UpdatePgpKey).to receive(:call) .with(dn: alice.dn, pubkey: pubkey_asc) end after do alice.gnupg_key.delete! end it "imports the key into the GnuPG keychain" do described_class.call(user: alice) expect(alice.gnupg_key).to be_present end it "stores the key's fingerprint on the user record" do described_class.call(user: alice) expect(alice.pgp_fpr).to eq(fingerprint) end it "updates the user's LDAP entry with the new key" do expect(LdapManager::UpdatePgpKey).to receive(:call) .with(dn: alice.dn, pubkey: pubkey_asc) described_class.call(user: alice) end end context "with empty key" do before do alice.update pgp_fpr: fingerprint alice.pgp_pubkey = "" allow(LdapManager::UpdatePgpKey).to receive(:call) .with(dn: alice.dn, pubkey: "") end it "does not attempt to import the key" do expect(GPGME::Key).not_to receive(:import) described_class.call(user: alice) end it "removes the key's fingerprint from the user record" do described_class.call(user: alice) expect(alice.pgp_fpr).to be_nil end it "removes the key from the user's LDAP entry" do expect(LdapManager::UpdatePgpKey).to receive(:call) .with(dn: alice.dn, pubkey: "") described_class.call(user: alice) end end end end