5 use RT::Test tests => 68;
7 plan skip_all => 'GnuPG required.'
8 unless eval 'use GnuPG::Interface; 1';
9 plan skip_all => 'gpg executable is required.'
10 unless RT::Test->find_executable('gpg');
13 use RT::Action::SendEmail;
14 use File::Temp qw(tempdir);
16 RT::Test->set_mail_catcher;
18 use_ok('RT::Crypt::GnuPG');
20 RT->Config->Set( GnuPG =>
22 OutgoingMessagesFormat => 'RFC',
25 RT->Config->Set( GnuPGOptions =>
26 homedir => scalar tempdir( CLEANUP => 0 ),
27 passphrase => 'rt-test',
28 'no-permission-warning' => undef,
30 diag "GnuPG --homedir ". RT->Config->Get('GnuPGOptions')->{'homedir'} if $ENV{TEST_VERBOSE};
32 RT->Config->Set( 'MailPlugins' => 'Auth::MailFrom', 'Auth::GnuPG' );
34 my $queue = RT::Test->load_or_create_queue(
36 CorrespondAddress => 'rt-recipient@example.com',
37 CommentAddress => 'rt-recipient@example.com',
39 ok $queue && $queue->id, 'loaded or created queue';
42 Principal => 'Everyone',
43 Right => ['CreateTicket', 'ShowTicket', 'SeeQueue', 'ReplyToTicket', 'ModifyTicket'],
46 my ($baseurl, $m) = RT::Test->started_ok;
47 ok $m->login, 'logged in';
52 my $ticket = RT::Ticket->new( $RT::SystemUser );
53 ($tid) = $ticket->Create(
57 ok $tid, 'ticket created';
60 diag "check that signing doesn't work if there is no key" if $ENV{TEST_VERBOSE};
62 RT::Test->clean_caught_mails;
64 ok $m->goto_ticket( $tid ), "UI -> ticket #$tid";
65 $m->follow_link_ok( { text => 'Reply' }, 'ticket -> reply' );
67 $m->tick( Sign => 1 );
68 $m->field( UpdateCc => 'rt-test@example.com' );
69 $m->field( UpdateContent => 'Some content' );
70 $m->click('SubmitTicket');
72 qr/unable to sign outgoing email messages/i,
73 'problems with passphrase'
76 my @mail = RT::Test->fetch_caught_mails;
77 ok !@mail, 'there are no outgoing emails';
81 RT::Test->import_gnupg_key('rt-recipient@example.com');
82 RT::Test->trust_gnupg_key('rt-recipient@example.com');
83 my %res = RT::Crypt::GnuPG::GetKeysInfo('rt-recipient@example.com');
84 is $res{'info'}[0]{'TrustTerse'}, 'ultimate', 'ultimately trusted key';
87 diag "check that things don't work if there is no key" if $ENV{TEST_VERBOSE};
89 RT::Test->clean_caught_mails;
91 ok $m->goto_ticket( $tid ), "UI -> ticket #$tid";
92 $m->follow_link_ok( { text => 'Reply' }, 'ticket -> reply' );
94 $m->tick( Encrypt => 1 );
95 $m->field( UpdateCc => 'rt-test@example.com' );
96 $m->field( UpdateContent => 'Some content' );
97 $m->click('SubmitTicket');
99 qr/You are going to encrypt outgoing email messages/i,
103 qr/There is no key suitable for encryption/i,
107 my $form = $m->form_number(3);
108 ok !$form->find_input( 'UseKey-rt-test@example.com' ), 'no key selector';
110 my @mail = RT::Test->fetch_caught_mails;
111 ok !@mail, 'there are no outgoing emails';
115 diag "import first key of rt-test\@example.com" if $ENV{TEST_VERBOSE};
118 RT::Test->import_gnupg_key('rt-test@example.com', 'public');
119 my %res = RT::Crypt::GnuPG::GetKeysInfo('rt-test@example.com');
120 is $res{'info'}[0]{'TrustLevel'}, 0, 'is not trusted key';
121 $fpr1 = $res{'info'}[0]{'Fingerprint'};
124 diag "check that things still doesn't work if key is not trusted" if $ENV{TEST_VERBOSE};
126 RT::Test->clean_caught_mails;
128 ok $m->goto_ticket( $tid ), "UI -> ticket #$tid";
129 $m->follow_link_ok( { text => 'Reply' }, 'ticket -> reply' );
131 $m->tick( Encrypt => 1 );
132 $m->field( UpdateCc => 'rt-test@example.com' );
133 $m->field( UpdateContent => 'Some content' );
134 $m->click('SubmitTicket');
136 qr/You are going to encrypt outgoing email messages/i,
140 qr/There is one suitable key, but trust level is not set/i,
144 my $form = $m->form_number(3);
145 ok my $input = $form->find_input( 'UseKey-rt-test@example.com' ), 'found key selector';
146 is scalar $input->possible_values, 1, 'one option';
148 $m->select( 'UseKey-rt-test@example.com' => $fpr1 );
149 $m->click('SubmitTicket');
151 qr/You are going to encrypt outgoing email messages/i,
155 qr/Selected key either is not trusted/i,
159 my @mail = RT::Test->fetch_caught_mails;
160 ok !@mail, 'there are no outgoing emails';
163 diag "import a second key of rt-test\@example.com" if $ENV{TEST_VERBOSE};
166 RT::Test->import_gnupg_key('rt-test@example.com.2', 'public');
167 my %res = RT::Crypt::GnuPG::GetKeysInfo('rt-test@example.com');
168 is $res{'info'}[1]{'TrustLevel'}, 0, 'is not trusted key';
169 $fpr2 = $res{'info'}[2]{'Fingerprint'};
172 diag "check that things still doesn't work if two keys are not trusted" if $ENV{TEST_VERBOSE};
174 RT::Test->clean_caught_mails;
176 ok $m->goto_ticket( $tid ), "UI -> ticket #$tid";
177 $m->follow_link_ok( { text => 'Reply' }, 'ticket -> reply' );
179 $m->tick( Encrypt => 1 );
180 $m->field( UpdateCc => 'rt-test@example.com' );
181 $m->field( UpdateContent => 'Some content' );
182 $m->click('SubmitTicket');
184 qr/You are going to encrypt outgoing email messages/i,
188 qr/There are several keys suitable for encryption/i,
192 my $form = $m->form_number(3);
193 ok my $input = $form->find_input( 'UseKey-rt-test@example.com' ), 'found key selector';
194 is scalar $input->possible_values, 2, 'two options';
196 $m->select( 'UseKey-rt-test@example.com' => $fpr1 );
197 $m->click('SubmitTicket');
199 qr/You are going to encrypt outgoing email messages/i,
203 qr/Selected key either is not trusted/i,
207 my @mail = RT::Test->fetch_caught_mails;
208 ok !@mail, 'there are no outgoing emails';
212 RT::Test->lsign_gnupg_key( $fpr1 );
213 my %res = RT::Crypt::GnuPG::GetKeysInfo('rt-test@example.com');
214 ok $res{'info'}[0]{'TrustLevel'} > 0, 'trusted key';
215 is $res{'info'}[1]{'TrustLevel'}, 0, 'is not trusted key';
218 diag "check that we see key selector even if only one key is trusted but there are more keys" if $ENV{TEST_VERBOSE};
220 RT::Test->clean_caught_mails;
222 ok $m->goto_ticket( $tid ), "UI -> ticket #$tid";
223 $m->follow_link_ok( { text => 'Reply' }, 'ticket -> reply' );
225 $m->tick( Encrypt => 1 );
226 $m->field( UpdateCc => 'rt-test@example.com' );
227 $m->field( UpdateContent => 'Some content' );
228 $m->click('SubmitTicket');
230 qr/You are going to encrypt outgoing email messages/i,
234 qr/There are several keys suitable for encryption/i,
238 my $form = $m->form_number(3);
239 ok my $input = $form->find_input( 'UseKey-rt-test@example.com' ), 'found key selector';
240 is scalar $input->possible_values, 2, 'two options';
242 my @mail = RT::Test->fetch_caught_mails;
243 ok !@mail, 'there are no outgoing emails';
246 diag "check that key selector works and we can select trusted key" if $ENV{TEST_VERBOSE};
248 RT::Test->clean_caught_mails;
250 ok $m->goto_ticket( $tid ), "UI -> ticket #$tid";
251 $m->follow_link_ok( { text => 'Reply' }, 'ticket -> reply' );
253 $m->tick( Encrypt => 1 );
254 $m->field( UpdateCc => 'rt-test@example.com' );
255 $m->field( UpdateContent => 'Some content' );
256 $m->click('SubmitTicket');
258 qr/You are going to encrypt outgoing email messages/i,
262 qr/There are several keys suitable for encryption/i,
266 my $form = $m->form_number(3);
267 ok my $input = $form->find_input( 'UseKey-rt-test@example.com' ), 'found key selector';
268 is scalar $input->possible_values, 2, 'two options';
270 $m->select( 'UseKey-rt-test@example.com' => $fpr1 );
271 $m->click('SubmitTicket');
272 $m->content_like( qr/Message recorded/i, 'Message recorded' );
274 my @mail = RT::Test->fetch_caught_mails;
275 ok @mail, 'there are some emails';
276 check_text_emails( { Encrypt => 1 }, @mail );
279 diag "check encrypting of attachments" if $ENV{TEST_VERBOSE};
281 RT::Test->clean_caught_mails;
283 ok $m->goto_ticket( $tid ), "UI -> ticket #$tid";
284 $m->follow_link_ok( { text => 'Reply' }, 'ticket -> reply' );
286 $m->tick( Encrypt => 1 );
287 $m->field( UpdateCc => 'rt-test@example.com' );
288 $m->field( UpdateContent => 'Some content' );
289 $m->field( Attach => $0 );
290 $m->click('SubmitTicket');
292 qr/You are going to encrypt outgoing email messages/i,
296 qr/There are several keys suitable for encryption/i,
300 my $form = $m->form_number(3);
301 ok my $input = $form->find_input( 'UseKey-rt-test@example.com' ), 'found key selector';
302 is scalar $input->possible_values, 2, 'two options';
304 $m->select( 'UseKey-rt-test@example.com' => $fpr1 );
305 $m->click('SubmitTicket');
306 $m->content_like( qr/Message recorded/i, 'Message recorded' );
308 my @mail = RT::Test->fetch_caught_mails;
309 ok @mail, 'there are some emails';
310 check_text_emails( { Encrypt => 1, Attachment => 1 }, @mail );
313 sub check_text_emails {
314 my %args = %{ shift @_ };
317 ok scalar @mail, "got some mail";
318 for my $mail (@mail) {
319 for my $type ('email', 'attachment') {
320 next if $type eq 'attachment' && !$args{'Attachment'};
322 my $content = $type eq 'email'
324 : "Attachment content";
326 if ( $args{'Encrypt'} ) {
327 unlike $mail, qr/$content/, "outgoing $type was encrypted";
329 like $mail, qr/$content/, "outgoing $type was not encrypted";
332 next unless $type eq 'email';
334 if ( $args{'Sign'} && $args{'Encrypt'} ) {
335 like $mail, qr/BEGIN PGP MESSAGE/, 'outgoing email was signed';
336 } elsif ( $args{'Sign'} ) {
337 like $mail, qr/SIGNATURE/, 'outgoing email was signed';
339 unlike $mail, qr/SIGNATURE/, 'outgoing email was not signed';