Fix (some) user PGP key lookups from meta.sr.ht

The authForUsername() function uses a closure that is almost identical
to the LookupUser() function, but is missing the handling for the PGP
key if called from meta.sr.ht. This causes at least the email
notifications for new OAuth2 tokens to be sent unencrypted. This commit
fixes that (and reduces code duplication) by calling LookupUser()
instead.

This requires the context for the tests to have a value for the calling
service, so add that to the mock.
This commit is contained in:
Conrad Hoffmann 2022-02-02 21:17:13 +01:00 committed by Drew DeVault
parent d56e2d794b
commit b2c8e81ee6
2 changed files with 6 additions and 44 deletions

View File

@ -101,49 +101,7 @@ func authError(w http.ResponseWriter, reason string, code int) {
func authForUsername(ctx context.Context, username string) (*AuthContext, error) {
var auth AuthContext
if err := database.WithTx(ctx, &sql.TxOptions{
Isolation: 0,
ReadOnly: true,
}, func(tx *sql.Tx) error {
var (
err error
rows *sql.Rows
)
query := database.
Select(ctx, []string{
`u.id`, `u.username`,
`u.created`, `u.updated`,
`u.email`,
`u.user_type`,
`u.url`, `u.location`, `u.bio`,
`u.suspension_notice`,
}).
From(`"user" u`).
Where(`u.username = ?`, username)
if rows, err = query.RunWith(tx).Query(); err != nil {
panic(err)
}
defer rows.Close()
if !rows.Next() {
if err := rows.Err(); err != nil {
panic(err)
}
return fmt.Errorf("Authenticating for unknown user %s", username)
}
if err := rows.Scan(&auth.UserID, &auth.Username, &auth.Created,
&auth.Updated, &auth.Email, &auth.UserType, &auth.URL, &auth.Location,
&auth.Bio, &auth.SuspensionNotice); err != nil {
panic(err)
}
if rows.Next() {
if err := rows.Err(); err != nil {
panic(err) // Invariant
}
panic(errors.New("Multiple matching user accounts; invariant broken"))
}
return nil
}); err != nil {
if err := LookupUser(ctx, username, &auth); err != nil {
return nil, err
}

View File

@ -12,6 +12,7 @@ import (
"github.com/stretchr/testify/assert"
"github.com/vaughan0/go-ini"
"git.sr.ht/~sircmpwn/core-go/config"
"git.sr.ht/~sircmpwn/core-go/crypto"
"git.sr.ht/~sircmpwn/core-go/database"
)
@ -185,7 +186,10 @@ func dbctx() (context.Context, sqlmock.Sqlmock) {
if err != nil {
panic(err)
}
ctx := database.Context(context.Background(), db)
ctx := config.Context(
database.Context(context.Background(), db),
nil, "git.sr.ht",
)
return ctx, mock
}