security_options_spec.rb 4.2 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283
  1. # Copyright (C) 2012-2025 Zammad Foundation, https://zammad-foundation.org/
  2. require 'rails_helper'
  3. RSpec.describe SecureMailing::PGP::SecurityOptions, :aggregate_failures do
  4. before do
  5. Setting.set('pgp_integration', true)
  6. end
  7. let(:instance) { described_class.new(ticket:, article:) }
  8. let(:pgp_key) { create(:pgp_key, :with_private, fixture: 'zammad@localhost') }
  9. let(:expired_key) { create(:pgp_key, :with_private, fixture: 'expiredpgp1@example.com') }
  10. describe '.process' do
  11. let(:email_address) { create(:email_address, email: 'zammad@localhost') }
  12. let(:group) { create(:group, email_address: email_address) }
  13. let(:ticket) { { 'group_id' => group.id } }
  14. let(:article) { { 'to' => 'zammad@localhost', 'from' => 'zammad@localhost' } }
  15. context 'without keys present on the system' do
  16. it 'has no possible security options' do
  17. expect(instance.process.signing).to have_attributes(possible?: false, active_by_default?: false, message: 'The PGP key for %s was not found.', message_placeholders: ['zammad@localhost'])
  18. expect(instance.process.encryption).to have_attributes(possible?: false, active_by_default?: false, message: 'The PGP key for %s was not found.', message_placeholders: ['zammad@localhost'])
  19. end
  20. end
  21. context 'without sender email address' do
  22. let(:group) { create(:group, email_address: nil) }
  23. it 'has no possible security options' do
  24. expect(instance.process.signing).to have_attributes(possible?: false, active_by_default?: false, message: 'There was no PGP key found.', message_placeholders: [])
  25. expect(instance.process.encryption).to have_attributes(possible?: false, active_by_default?: false, message: 'The PGP key for %s was not found.', message_placeholders: ['zammad@localhost'])
  26. end
  27. end
  28. context 'with valid key for sender and receiver' do
  29. before { pgp_key }
  30. it 'allows signing and encryption' do
  31. expect(instance.process.signing).to have_attributes(possible?: true, active_by_default?: true, message: 'The PGP key for %s was found.', message_placeholders: ['zammad@localhost'])
  32. expect(instance.process.encryption).to have_attributes(possible?: true, active_by_default?: true, message: 'The PGP keys for %s were found.', message_placeholders: ['zammad@localhost'])
  33. end
  34. end
  35. context 'with expired key for sender and receiver' do
  36. before do
  37. expired_key
  38. end
  39. let(:email_address) { create(:email_address, email: 'expiredpgp1@example.com') }
  40. let(:article) { { 'to' => 'expiredpgp1@example.com', 'from' => 'expiredpgp1@example.com' } }
  41. it 'allows signing and encryption' do
  42. expect(instance.process.signing).to have_attributes(possible?: false, active_by_default?: false, message: 'The PGP key for %s was found, but has expired.', message_placeholders: ['expiredpgp1@example.com'])
  43. expect(instance.process.encryption).to have_attributes(possible?: false, active_by_default?: false, message: 'There were PGP keys found for %s, but at least one of them has expired.', message_placeholders: ['expiredpgp1@example.com'])
  44. end
  45. end
  46. context 'with used domain alias keys' do
  47. before do
  48. Setting.set('pgp_recipient_alias_configuration', true)
  49. end
  50. context 'with valid key for sender and receiver' do
  51. let(:pgp_key) { create(:pgp_key, :with_private, fixture: 'zammad@localhost', domain_alias: 'domain3.com') }
  52. let(:email_address) { create(:email_address, email: 'support@domain3.com') }
  53. let(:group) { create(:group, email_address: email_address) }
  54. let(:ticket) { { 'group_id' => group.id } }
  55. let(:article) { { 'to' => 'support@domain3.com', 'from' => 'support@domain3.com' } }
  56. before { pgp_key }
  57. it 'allows signing and encryption' do
  58. expect(instance.process.signing).to have_attributes(possible?: true, active_by_default?: true, message: 'The PGP key for %s was found.', message_placeholders: ['support@domain3.com'])
  59. expect(instance.process.encryption).to have_attributes(possible?: true, active_by_default?: true, message: 'The PGP keys for %s were found.', message_placeholders: ['support@domain3.com'])
  60. end
  61. end
  62. end
  63. end
  64. end