def test_verify_revision_signature_not_signed(self):
wt = self.make_branch_and_tree('.')
wt.commit("base", allow_pointless=True, rev_id='A')
strategy = gpg.LoopbackGPGStrategy(None)
self.assertEqual(
(gpg.SIGNATURE_NOT_SIGNED, None),
wt.branch.repository.verify_revision_signature('A', strategy))
def test_store_signature(self):
wt = self.make_branch_and_tree('.')
branch = wt.branch
branch.lock_write()
try:
branch.repository.start_write_group()
try:
branch.repository.store_revision_signature(
gpg.LoopbackGPGStrategy(None), 'FOO', 'A')
except errors.NoSuchRevision:
branch.repository.abort_write_group()
raise tests.TestNotApplicable(
"repository does not support signing non-present"
"revisions")
except:
branch.repository.abort_write_group()
raise
else:
branch.repository.commit_write_group()
finally:
branch.unlock()
# A signature without a revision should not be accessible.
self.assertRaises(errors.NoSuchRevision,
branch.repository.has_signature_for_revision_id, 'A')
wt.commit("base", allow_pointless=True, rev_id='A')
self.assertEqual(
'-----BEGIN PSEUDO-SIGNED CONTENT-----\n'
'FOO-----END PSEUDO-SIGNED CONTENT-----\n',
branch.repository.get_signature_text('A'))
def test_upgrade_preserves_signatures(self):
if not self.repository_format.supports_revision_signatures:
raise tests.TestNotApplicable(
"repository does not support signing revisions")
wt = self.make_branch_and_tree('source')
wt.commit('A', allow_pointless=True, rev_id='A')
repo = wt.branch.repository
repo.lock_write()
repo.start_write_group()
try:
repo.sign_revision('A', gpg.LoopbackGPGStrategy(None))
except errors.UnsupportedOperation:
self.assertFalse(repo._format.supports_revision_signatures)
raise tests.TestNotApplicable(
"signatures not supported by repository format")
repo.commit_write_group()
repo.unlock()
old_signature = repo.get_signature_text('A')
try:
old_format = controldir.ControlDirFormat.get_default_format()
# This gives metadir branches something they can convert to.
# it would be nice to have a 'latest' vs 'default' concept.
format = controldir.format_registry.make_bzrdir(
'development-subtree')
upgrade.upgrade(repo.bzrdir.root_transport.base, format=format)
except errors.UpToDateFormat:
# this is in the most current format already.
return
except errors.BadConversionTarget, e:
raise tests.TestSkipped(str(e))
def makeARepoWithSignatures(self):
wt = self.make_branch_and_tree('a-repo-with-sigs')
wt.commit('rev1', allow_pointless=True, rev_id='rev1')
repo = wt.branch.repository
repo.lock_write()
repo.start_write_group()
repo.sign_revision('rev1', gpg.LoopbackGPGStrategy(None))
repo.commit_write_group()
repo.unlock()
return repo
def test_sign_revision(self):
if self.repository_format.supports_revision_signatures:
raise tests.TestNotApplicable(
"repository supports signing revisions")
wt = self.make_branch_and_tree('source')
wt.commit('A', allow_pointless=True, rev_id='A')
repo = wt.branch.repository
repo.lock_write()
repo.start_write_group()
self.assertRaises(errors.UnsupportedOperation, repo.sign_revision, 'A',
gpg.LoopbackGPGStrategy(None))
repo.commit_write_group()
def test_sign_existing_revision(self):
wt = self.make_branch_and_tree('.')
wt.commit("base", allow_pointless=True, rev_id='A')
strategy = gpg.LoopbackGPGStrategy(None)
repo = wt.branch.repository
self.addCleanup(repo.lock_write().unlock)
repo.start_write_group()
repo.sign_revision('A', strategy)
repo.commit_write_group()
self.assertEqual(
'-----BEGIN PSEUDO-SIGNED CONTENT-----\n' +
Testament.from_revision(repo, 'A').as_short_text() +
'-----END PSEUDO-SIGNED CONTENT-----\n',
repo.get_signature_text('A'))
def makeARepoWithSignatures(self):
wt = self.make_branch_and_tree('a-repo-with-sigs')
wt.commit('rev1', allow_pointless=True, rev_id='rev1')
repo = wt.branch.repository
repo.lock_write()
repo.start_write_group()
try:
repo.sign_revision('rev1', gpg.LoopbackGPGStrategy(None))
except errors.UnsupportedOperation:
self.assertFalse(repo._format.supports_revision_signatures)
raise TestNotApplicable("repository format does not support signatures")
repo.commit_write_group()
repo.unlock()
return repo
def test_clone_preserves_signatures(self):
wt = self.make_branch_and_tree('source')
wt.commit('A', allow_pointless=True, rev_id='A')
repo = wt.branch.repository
repo.lock_write()
repo.start_write_group()
repo.sign_revision('A', gpg.LoopbackGPGStrategy(None))
repo.commit_write_group()
repo.unlock()
#FIXME: clone should work to urls,
# wt.clone should work to disks.
self.build_tree(['target/'])
d2 = repo.bzrdir.clone(urlutils.local_path_to_url('target'))
self.assertEqual(repo.get_signature_text('A'),
d2.open_repository().get_signature_text('A'))
def test_item_keys_introduced_by(self):
# Make a repo with one revision and one versioned file.
tree = self.make_branch_and_tree('t')
self.build_tree(['t/foo'])
tree.add('foo', 'file1')
tree.commit('message', rev_id='rev_id')
repo = tree.branch.repository
repo.lock_write()
repo.start_write_group()
try:
repo.sign_revision('rev_id', gpg.LoopbackGPGStrategy(None))
except errors.UnsupportedOperation:
signature_texts = []
else:
signature_texts = ['rev_id']
repo.commit_write_group()
repo.unlock()
repo.lock_read()
self.addCleanup(repo.unlock)
# Item keys will be in this order, for maximum convenience for
# generating data to insert into knit repository:
# * files
# * inventory
# * signatures
# * revisions
expected_item_keys = [
('file', 'file1', ['rev_id']),
('inventory', None, ['rev_id']),
('signatures', None, signature_texts),
('revisions', None, ['rev_id'])]
item_keys = list(repo.item_keys_introduced_by(['rev_id']))
item_keys = [
(kind, file_id, list(versions))
for (kind, file_id, versions) in item_keys]
if repo.supports_rich_root():
# Check for the root versioned file in the item_keys, then remove
# it from streamed_names so we can compare that with
# expected_record_names.
# Note that the file keys can be in any order, so this test is
# written to allow that.
inv = repo.get_inventory('rev_id')
root_item_key = ('file', inv.root.file_id, ['rev_id'])
self.assertTrue(root_item_key in item_keys)
item_keys.remove(root_item_key)
self.assertEqual(expected_item_keys, item_keys)
def test_sign_existing_revision(self):
wt = self.make_branch_and_tree('.')
branch = wt.branch
wt.commit("base", allow_pointless=True, rev_id='A')
from bzrlib.testament import Testament
strategy = gpg.LoopbackGPGStrategy(None)
branch.repository.lock_write()
branch.repository.start_write_group()
branch.repository.sign_revision('A', strategy)
branch.repository.commit_write_group()
branch.repository.unlock()
self.assertEqual(
'-----BEGIN PSEUDO-SIGNED CONTENT-----\n' +
Testament.from_revision(branch.repository, 'A').as_short_text() +
'-----END PSEUDO-SIGNED CONTENT-----\n',
branch.repository.get_signature_text('A'))
def test_install_revisions(self):
wt = self.make_branch_and_tree('source')
wt.commit('A', allow_pointless=True, rev_id='A')
repo = wt.branch.repository
repo.lock_write()
repo.start_write_group()
repo.sign_revision('A', gpg.LoopbackGPGStrategy(None))
repo.commit_write_group()
repo.unlock()
repo.lock_read()
self.addCleanup(repo.unlock)
repo2 = self.make_repository('repo2')
revision = repo.get_revision('A')
tree = repo.revision_tree('A')
signature = repo.get_signature_text('A')
repo2.lock_write()
self.addCleanup(repo2.unlock)
vf_repository.install_revisions(repo2, [(revision, tree, signature)])
self.assertEqual(revision, repo2.get_revision('A'))
self.assertEqual(signature, repo2.get_signature_text('A'))
def test_verify_revision_signatures(self):
wt = self.make_branch_and_tree('.')
wt.commit("base", allow_pointless=True, rev_id='A')
wt.commit("second", allow_pointless=True, rev_id='B')
strategy = gpg.LoopbackGPGStrategy(None)
repo = wt.branch.repository
self.addCleanup(repo.lock_write().unlock)
repo.start_write_group()
repo.sign_revision('A', strategy)
repo.commit_write_group()
self.assertEqual(
'-----BEGIN PSEUDO-SIGNED CONTENT-----\n' +
Testament.from_revision(repo, 'A').as_short_text() +
'-----END PSEUDO-SIGNED CONTENT-----\n',
repo.get_signature_text('A'))
self.assertEqual([('A', gpg.SIGNATURE_VALID, None),
('B', gpg.SIGNATURE_NOT_SIGNED, None)],
list(
repo.verify_revision_signatures(['A', 'B'],
strategy)))
