commit f15def2d8fac670b6b3d6d29588d91320716ee5d
parent 9a5c4b10c1f31833921825902e497461705f6833
Author: Natasha Kerensikova <natgh@instinctive.eu>
Date: Sat, 9 Nov 2024 15:30:56 +0000
Passage-like management of age recipients is corrected and tested
Diffstat:
4 files changed, 173 insertions(+), 18 deletions(-)
diff --git a/spec/action_spec.sh b/spec/action_spec.sh
@@ -952,19 +952,73 @@ Describe 'Action Functions'
The status should equal 1
End
- It 'uses all recipient sources simultaneously'
- PASHAGE_RECIPIENTS_FILE='/path/to/recipients/1'
- PASSAGE_RECIPIENTS_FILE='/path/to/recipients/2'
+ It 'uses PASSAGE_RECIPIENTS rather than LOCAL_RECIPIENT_FILE'
+ PASSAGE_RECIPIENTS='inline-recipient-1 inline-recipient-2'
+ set_LOCAL_RECIPIENT_FILE() {
+ LOCAL_RECIPIENT_FILE='shadowed'
+ }
+ OVERWRITE=yes
+ result() {
+ %text
+ #|$ mkdir -p /prefix/encrypted
+ #|$ age -e -r inline-recipient-1 -r inline-recipient-2 -o /prefix/encrypted/file.age
+ }
+
+ When call do_encrypt 'encrypted/file.age'
+ The status should be success
+ The error should equal "$(result)"
+ End
+
+ It 'uses PASHAGE_RECIPIENTS rather than PASSAGE_RECIPIENTS'
PASHAGE_RECIPIENTS='inline-recipient-1 inline-recipient-2'
- PASSAGE_RECIPIENTS='inline-recipient-3 inline-recipient-4'
+ PASSAGE_RECIPIENTS='shadowed'
+ set_LOCAL_RECIPIENT_FILE() {
+ LOCAL_RECIPIENT_FILE='shadowed'
+ }
+ OVERWRITE=yes
+ result() {
+ %text
+ #|$ mkdir -p /prefix/encrypted
+ #|$ age -e -r inline-recipient-1 -r inline-recipient-2 -o /prefix/encrypted/file.age
+ }
+
+ When call do_encrypt 'encrypted/file.age'
+ The status should be success
+ The error should equal "$(result)"
+ End
+
+ It 'uses PASSAGE_RECIPIENTS_FILE rather than PASHAGE_RECIPIENTS'
+ PASSAGE_RECIPIENTS_FILE='/path/to/recipients'
+ PASHAGE_RECIPIENTS='shadowed'
+ PASSAGE_RECIPIENTS='shadowed'
+ set_LOCAL_RECIPIENT_FILE() {
+ LOCAL_RECIPIENT_FILE='shadowed'
+ }
+ OVERWRITE=yes
+ result() {
+ %text
+ #|$ mkdir -p /prefix/encrypted
+ #|$ age -e -R /path/to/recipients -o /prefix/encrypted/file.age
+ }
+
+ When call do_encrypt 'encrypted/file.age'
+ The status should be success
+ The error should equal "$(result)"
+ End
+
+ It 'uses PASHAGE_RECIPIENTS_FILE rather than PASSAGE_RECIPIENTS_FILE'
+ PASHAGE_RECIPIENTS_FILE='/path/to/recipients'
+ PASSAGE_RECIPIENTS_FILE='shadowed'
+ PASHAGE_RECIPIENTS='shadowed'
+ PASSAGE_RECIPIENTS='shadowed'
set_LOCAL_RECIPIENT_FILE() {
- LOCAL_RECIPIENT_FILE='/path/to/recipients/3'
+ LOCAL_RECIPIENT_FILE='shadowed'
}
OVERWRITE=yes
result() {
%text
#|$ mkdir -p /prefix/encrypted
- #|$ age -e -R /path/to/recipients/1 -R /path/to/recipients/2 -r inline-recipient-1 -r inline-recipient-2 -r inline-recipient-3 -r inline-recipient-4 -R /path/to/recipients/3 -o /prefix/encrypted/file.age
+ #|$ age -e -R /path/to/recipients -o /prefix/encrypted/file.age
}
When call do_encrypt 'encrypted/file.age'
diff --git a/spec/pashage_extra_spec.sh b/spec/pashage_extra_spec.sh
@@ -882,6 +882,56 @@ Describe 'Integrated Command Functions'
MULTILINE=no
OVERWRITE=no
+ It 'inserts an entry encrypted using an explicit recipient file'
+ PASHAGE_RECIPIENTS_FILE="${PREFIX}/fluff/.age-recipients"
+ PASSAGE_RECIPIENTS_FILE="${PREFIX}/shared/.age-recipients"
+ PASHAGE_RECIPIENTS='shadowed'
+ PASSAGE_RECIPIENTS='shadowed'
+ Data 'pass'
+ When call cmd_insert -e shared/new-file
+ The status should be success
+ The output should include 'shared/new-file'
+ expected_file() { %text:expand
+ #|ageRecipient:master
+ #|ageRecipient:myself
+ #|age:pass
+ }
+ The contents of file "${PREFIX}/shared/new-file.age" should \
+ equal "$(expected_file)"
+ expected_log() { %text
+ #|Add given password for shared/new-file to store.
+ #|
+ #| shared/new-file.age | 3 +++
+ #| 1 file changed, 3 insertions(+)
+ setup_log
+ }
+ The result of function check_git_log should be successful
+ End
+
+ It 'inserts an entry encrypted using explicit recipients'
+ PASHAGE_RECIPIENTS='force-1 force-2'
+ PASSAGE_RECIPIENTS='shadowed'
+ Data 'pass'
+ When call cmd_insert -e shared/new-file
+ The status should be success
+ The output should include 'shared/new-file'
+ expected_file() { %text:expand
+ #|ageRecipient:force-1
+ #|ageRecipient:force-2
+ #|age:pass
+ }
+ The contents of file "${PREFIX}/shared/new-file.age" should \
+ equal "$(expected_file)"
+ expected_log() { %text
+ #|Add given password for shared/new-file to store.
+ #|
+ #| shared/new-file.age | 3 +++
+ #| 1 file changed, 3 insertions(+)
+ setup_log
+ }
+ The result of function check_git_log should be successful
+ End
+
It 'inserts several new single-line entries'
stty() { false; }
Data
diff --git a/spec/pass_spec.sh b/spec/pass_spec.sh
@@ -1064,6 +1064,59 @@ Describe 'Pass-like command'
The contents of file "${GITLOG}" should equal "$(expected_log $3)"
End
+ It 'inserts an entry encrypted using an explicit recipient file'
+ Skip if 'pass(age) needs bash' check_skip $2
+ Skip if 'this is an age recipient test' [ -n "${3#age}" ]
+ export PASSAGE_RECIPIENTS_FILE="${PREFIX}/fluff/.age-recipients"
+ export PASSAGE_RECIPIENTS='shadowed'
+ Data 'pass'
+ When run script $1 insert -e shared/new-file
+ The status should be success
+ The output should include 'shared/new-file'
+ expected_file() { %text:expand
+ #|$1Recipient:master
+ #|$1Recipient:myself
+ #|$1:pass
+ }
+ The contents of file "${PREFIX}/shared/new-file.$3" should \
+ equal "$(expected_file $3)"
+ expected_log() { %text:expand
+ #|Add given password for shared/new-file to store.
+ #|
+ #| shared/new-file.$1 | 3 +++
+ #| 1 file changed, 3 insertions(+)
+ setup_log
+ }
+ The result of function git_log should be successful
+ The contents of file "${GITLOG}" should equal "$(expected_log $3)"
+ End
+
+ It 'inserts an entry encrypted using explicit recipients'
+ Skip if 'pass(age) needs bash' check_skip $2
+ Skip if 'this is an age recipient test' [ -n "${3#age}" ]
+ export PASSAGE_RECIPIENTS='force-1 force-2'
+ Data 'pass'
+ When run script $1 insert -e shared/new-file
+ The status should be success
+ The output should include 'shared/new-file'
+ expected_file() { %text:expand
+ #|$1Recipient:force-1
+ #|$1Recipient:force-2
+ #|$1:pass
+ }
+ The contents of file "${PREFIX}/shared/new-file.$3" should \
+ equal "$(expected_file $3)"
+ expected_log() { %text:expand
+ #|Add given password for shared/new-file to store.
+ #|
+ #| shared/new-file.$1 | 3 +++
+ #| 1 file changed, 3 insertions(+)
+ setup_log
+ }
+ The result of function git_log should be successful
+ The contents of file "${GITLOG}" should equal "$(expected_log $3)"
+ End
+
It 'displays usage when called without argument'
Skip if 'pass(age) needs bash' check_skip $2
When run script $1 insert
diff --git a/src/pashage.sh b/src/pashage.sh
@@ -566,32 +566,30 @@ do_encrypt() {
if [ -n "${PASHAGE_RECIPIENTS_FILE-}" ]; then
set -- "$@" -R "${PASHAGE_RECIPIENTS_FILE}"
- fi
- if [ -n "${PASSAGE_RECIPIENTS_FILE-}" ]; then
+ elif [ -n "${PASSAGE_RECIPIENTS_FILE-}" ]; then
set -- "$@" -R "${PASSAGE_RECIPIENTS_FILE}"
- fi
- if [ -n "${PASHAGE_RECIPIENTS-}" ]; then
+ elif [ -n "${PASHAGE_RECIPIENTS-}" ]; then
for ARG in ${PASHAGE_RECIPIENTS}; do
set -- "$@" -r "${ARG}"
done
unset ARG
- fi
- if [ -n "${PASSAGE_RECIPIENTS-}" ]; then
+ elif [ -n "${PASSAGE_RECIPIENTS-}" ]; then
for ARG in ${PASSAGE_RECIPIENTS}; do
set -- "$@" -r "${ARG}"
done
unset ARG
- fi
- set_LOCAL_RECIPIENT_FILE "${TARGET}"
-
- if [ -n "${LOCAL_RECIPIENT_FILE}" ]; then
- set -- "$@" -R "${LOCAL_RECIPIENT_FILE}"
else
- set -- "$@" -i "${IDENTITIES_FILE}"
+ set_LOCAL_RECIPIENT_FILE "${TARGET}"
+
+ if [ -n "${LOCAL_RECIPIENT_FILE}" ]; then
+ set -- "$@" -R "${LOCAL_RECIPIENT_FILE}"
+ else
+ set -- "$@" -i "${IDENTITIES_FILE}"
+ fi
fi
unset LOCAL_RECIPIENT_FILE
