12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182 |
- # Copyright (C) 2012-2025 Zammad Foundation, https://zammad-foundation.org/
- require 'rails_helper'
- RSpec.describe SSLCertificate, :aggregate_failures, type: :model do
- let(:fixture) { 'RootCA' }
- let(:certificate) { create(:ssl_certificate, fixture: fixture) }
- describe '.create' do
- context 'when certificate is RootCA' do
- it 'imports correctly' do
- expect(certificate)
- .to have_attributes(
- fingerprint: 'de4abd259187d7b5f2713ff7a97eb54dd5fe9d86',
- subject: '/emailAddress=RootCA@example.com/C=DE/ST=Berlin/L=Berlin/O=Example Security/OU=IT Department/CN=example.com',
- not_before: Time.zone.parse('2023-08-01 09:47:39 UTC'),
- not_after: Time.zone.parse('2043-07-27 09:47:39 UTC'),
- )
- end
- end
- context 'when certificate is IntermediateCA' do
- let(:fixture) { 'IntermediateCA' }
- it 'imports correctly' do
- expect(certificate)
- .to have_attributes(
- fingerprint: 'd1badcd237d6d2c6f0c62b5ccb21c2130b24855e',
- subject: '/C=DE/ST=Berlin/O=Example Security/OU=IT Department/CN=example.com/emailAddress=IntermediateCA@example.com',
- not_before: Time.zone.parse('2023-08-01 09:47:39 UTC'),
- not_after: Time.zone.parse('2043-07-27 09:47:39 UTC'),
- )
- end
- end
- context 'when certificate is connection certificate' do
- let(:certificate_content) { File.read(Localhost::Authority.fetch('localhost').certificate_path) }
- let(:certificate) { create(:ssl_certificate, certificate: certificate_content) }
- it 'imports correctly' do
- expect(certificate)
- .to have_attributes(
- subject: 'DNS:localhost'
- )
- end
- end
- end
- describe '#certificate_parsed' do
- context 'when certificate is valid' do
- it 'returns certificate' do
- expect(certificate.certificate_parsed).to be_an_instance_of(Certificate::X509::SSL)
- end
- end
- context 'when certificate is not valid' do
- it 'raises an error' do
- certificate.update_columns certificate: 'blablabla'
- certificate.instance_variable_set('@certificate_parsed', nil) # rubocop:disable Performance/StringIdentifierArgument
- expect { certificate.reload.certificate_parsed }.to raise_error 'This is not a valid X509 certificate. Please check the certificate format.'
- end
- end
- end
- describe 'validations' do
- describe 'certificate validation' do
- context 'when certificate is not valid' do
- let(:fixture) { 'smime1@example.com' }
- let(:certificate) { build(:ssl_certificate, fixture: fixture) }
- it 'adds a base error' do
- certificate.save
- expect(certificate.errors[:base]).to be_present
- end
- end
- end
- end
- end
|