diff options
-rw-r--r-- | lib/rubygems/gemcutter_utilities.rb | 31 | ||||
-rw-r--r-- | test/rubygems/test_gem_commands_signin_command.rb | 18 |
2 files changed, 33 insertions, 16 deletions
diff --git a/lib/rubygems/gemcutter_utilities.rb b/lib/rubygems/gemcutter_utilities.rb index 1eeb341bb8..c46650afb1 100644 --- a/lib/rubygems/gemcutter_utilities.rb +++ b/lib/rubygems/gemcutter_utilities.rb @@ -163,8 +163,12 @@ module Gem::GemcutterUtilities key_name = get_key_name(scope) scope_params = get_scope_params(scope) - mfa_params = get_mfa_params(email, password) + profile = get_user_profile(email, password) + mfa_params = get_mfa_params(profile) all_params = scope_params.merge(mfa_params) + warning = profile["warning"] + + say "#{warning}\n" if warning response = rubygems_api_request(:post, "api/v1/api_key", sign_in_host, scope: scope) do |request| @@ -273,29 +277,28 @@ module Gem::GemcutterUtilities self.host == Gem::DEFAULT_HOST end - def get_mfa_params(email, password) + def get_user_profile(email, password) return {} unless default_host? - mfa_level = get_user_mfa_level(email, password) - params = {} - if mfa_level == "ui_only" || mfa_level == "ui_and_gem_signin" - selected = ask_yes_no("Would you like to enable MFA for this key? (strongly recommended)") - params["mfa"] = true if selected - end - params - end - - def get_user_mfa_level(email, password) response = rubygems_api_request(:get, "api/v1/profile/me.yaml") do |request| request.basic_auth email, password end with_response response do |resp| - body = Gem::SafeYAML.load clean_text(resp.body) - body["mfa"] + Gem::SafeYAML.load clean_text(resp.body) end end + def get_mfa_params(profile) + mfa_level = profile["mfa"] + params = {} + if mfa_level == "ui_only" || mfa_level == "ui_and_gem_signin" + selected = ask_yes_no("Would you like to enable MFA for this key? (strongly recommended)") + params["mfa"] = true if selected + end + params + end + def get_key_name(scope) hostname = Socket.gethostname || "unknown-host" user = ENV["USER"] || ENV["USERNAME"] || "unknown-user" diff --git a/test/rubygems/test_gem_commands_signin_command.rb b/test/rubygems/test_gem_commands_signin_command.rb index 0f8e478840..ce745bff20 100644 --- a/test/rubygems/test_gem_commands_signin_command.rb +++ b/test/rubygems/test_gem_commands_signin_command.rb @@ -159,6 +159,20 @@ class TestGemCommandsSigninCommand < Gem::TestCase assert_equal api_key, credentials[:rubygems_api_key] end + def test_execute_with_warnings + email = "you@example.com" + password = "secret" + api_key = "1234" + fetcher = Gem::RemoteFetcher.fetcher + mfa_level = "disabled" + warning = "/[WARNING/] For protection of your account and gems" + + key_name_ui = Gem::MockGemUi.new "#{email}\n#{password}\ntest-key\n\ny\n\n\n\n\n\ny" + util_capture(key_name_ui, nil, api_key, fetcher, mfa_level, warning) { @cmd.execute } + + assert_match warning, key_name_ui.output + end + def test_execute_on_gemserver_without_profile_me_endpoint host = "http://some-gemcutter-compatible-host.org" @@ -193,10 +207,10 @@ class TestGemCommandsSigninCommand < Gem::TestCase # Utility method to capture IO/UI within the block passed - def util_capture(ui_stub = nil, host = nil, api_key = nil, fetcher = Gem::FakeFetcher.new, mfa_level = "disabled") + def util_capture(ui_stub = nil, host = nil, api_key = nil, fetcher = Gem::FakeFetcher.new, mfa_level = "disabled", warning = nil) api_key ||= "a5fdbb6ba150cbb83aad2bb2fede64cf040453903" response = [api_key, 200, "OK"] - profile_response = [ "mfa: #{mfa_level}\n" , 200, "OK"] + profile_response = [ "mfa: #{mfa_level}\nwarning: #{warning}" , 200, "OK"] email = "you@example.com" password = "secret" |