Merge pull request #31348 from y-yagi/fix_31283

Raise an error only when `require_master_key` is specified
author: Kasper Timm Hansen <kaspth@gmail.com> 2017-12-18 19:57:35 +0100
committer: GitHub <noreply@github.com> 2017-12-18 19:57:35 +0100
commit: 053a4c699043ea5449effaba0549b2f8a5821228 (patch)
tree: 9cfd7534cd26773698584e981dd1858b13c9bc53 /railties/test
parent: 1d047235b0cefcb80d4e18fed732cbe2bd32a8ee (diff)
parent: 35373219c91ea8096ef2f8e7f3c62bcd46f436be (diff)
download: rails-053a4c699043ea5449effaba0549b2f8a5821228.tar.gz
rails-053a4c699043ea5449effaba0549b2f8a5821228.tar.bz2
rails-053a4c699043ea5449effaba0549b2f8a5821228.zip
3 files changed, 44 insertions, 8 deletions
diff --git a/railties/test/application/configuration_test.rb b/railties/test/application/configuration_test.rb
index d28f7ffc7f..ec745a397e 100644
--- a/railties/test/application/configuration_test.rb
+++ b/railties/test/application/configuration_test.rb
@@ -707,6 +707,14 @@ module ApplicationTests
       assert_match(/Missing.*RAILS_MASTER_KEY/, error)
     end
 
+    test "credentials does not raise error when require_master_key is false and master key does not exist" do
+      remove_file "config/master.key"
+      add_to_config "config.require_master_key = false"
+      app "development"
+
+      assert_not app.credentials.secret_key_base
+    end
+
     test "protect from forgery is the default in a new app" do
       make_basic_app
 
diff --git a/railties/test/commands/credentials_test.rb b/railties/test/commands/credentials_test.rb
index f1bb1ef08a..7c464b3fde 100644
--- a/railties/test/commands/credentials_test.rb
+++ b/railties/test/commands/credentials_test.rb
@@ -26,10 +26,6 @@ class Rails::Command::CredentialsCommandTest < ActiveSupport::TestCase
     end
   end
 
-  test "show credentials" do
-    assert_match(/access_key_id: 123/, run_show_command)
-  end
-
   test "edit command does not add master key to gitignore when already exist" do
     run_edit_command
 
@@ -47,6 +43,24 @@ class Rails::Command::CredentialsCommandTest < ActiveSupport::TestCase
     assert_match(/api_key: abc/, run_show_command)
   end
 
+  test "show credentials" do
+    assert_match(/access_key_id: 123/, run_show_command)
+  end
+
+  test "show command raise error when require_master_key is specified and key does not exist" do
+    remove_file "config/master.key"
+    add_to_config "config.require_master_key = true"
+
+    assert_match(/Missing encryption key to decrypt file with/, run_show_command(allow_failure: true))
+  end
+
+  test "show command does not raise error when require_master_key is false and master key does not exist" do
+    remove_file "config/master.key"
+    add_to_config "config.require_master_key = false"
+
+    assert_match(/Missing master key to decrypt credentials/, run_show_command)
+  end
+
   private
     def run_edit_command(editor: "cat")
       switch_env("EDITOR", editor) do
@@ -54,7 +68,7 @@ class Rails::Command::CredentialsCommandTest < ActiveSupport::TestCase
       end
     end
 
-    def run_show_command
-      rails "credentials:show"
+    def run_show_command(**options)
+      rails "credentials:show", **options
     end
 end
diff --git a/railties/test/commands/encrypted_test.rb b/railties/test/commands/encrypted_test.rb
index 0461493f2a..6647dcc902 100644
--- a/railties/test/commands/encrypted_test.rb
+++ b/railties/test/commands/encrypted_test.rb
@@ -52,6 +52,20 @@ class Rails::Command::EncryptedCommandTest < ActiveSupport::TestCase
     assert_match(/access_key_id: 123/, run_show_command("config/tokens.yml.enc", key: "config/tokens.key"))
   end
 
+  test "show command raise error when require_master_key is specified and key does not exist" do
+    add_to_config "config.require_master_key = true"
+
+    assert_match(/Missing encryption key to decrypt file with/,
+      run_show_command("config/tokens.yml.enc", key: "unexist.key", allow_failure: true))
+  end
+
+  test "show command does not raise error when require_master_key is false and master key does not exist" do
+    remove_file "config/master.key"
+    add_to_config "config.require_master_key = false"
+
+    assert_match(/Missing 'config\/master\.key' to decrypt data/, run_show_command("config/tokens.yml.enc"))
+  end
+
   test "won't corrupt encrypted file when passed wrong key" do
     run_edit_command("config/tokens.yml.enc", key: "config/tokens.key")
 
@@ -68,8 +82,8 @@ class Rails::Command::EncryptedCommandTest < ActiveSupport::TestCase
       end
     end
 
-    def run_show_command(file, key: nil)
-      rails "encrypted:show", prepare_args(file, key)
+    def run_show_command(file, key: nil, **options)
+      rails "encrypted:show", prepare_args(file, key), **options
     end
 
     def prepare_args(file, key)
author	Kasper Timm Hansen <kaspth@gmail.com>	2017-12-18 19:57:35 +0100
committer	GitHub <noreply@github.com>	2017-12-18 19:57:35 +0100
commit	053a4c699043ea5449effaba0549b2f8a5821228 (patch)
tree	9cfd7534cd26773698584e981dd1858b13c9bc53 /railties/test
parent	1d047235b0cefcb80d4e18fed732cbe2bd32a8ee (diff)
parent	35373219c91ea8096ef2f8e7f3c62bcd46f436be (diff)
download	rails-053a4c699043ea5449effaba0549b2f8a5821228.tar.gz rails-053a4c699043ea5449effaba0549b2f8a5821228.tar.bz2 rails-053a4c699043ea5449effaba0549b2f8a5821228.zip