fixes CNVS-15647
test plan:
* ensure that all of the following still work -
* replying to an e-mail notification
* displaying avatars
* changing your avatar
* uploading a file that's exempt from quota checks (i.e.
submitting an assignment)
* grade passback via LTI
* add an object embed to a wiki page
* rotate your encryption key -
* in security.yml, move encryption_key to previous_encryption_keys,
and put something else in encryption_key
* repeat step 1, as much as possible using the original verifier
from that step (i.e. reply to the original e-mail, refresh just
the object embedded in the wiki page)
Change-Id: Id36bbb1711f8b6c6f960cc1e898b75e335bfac81
Reviewed-on: https://gerrit.instructure.com/41368
Reviewed-by: Jacob Fugal <jacob@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
refs #CNVS-1833
This creates a signature policy that
prevents you from just being able to guess
the next id of another message and navigate
to it. Also moved twitter messaging
responsibility out of the message persistence
object.
TEST PLAN:
1) take any message and get the sig for it:
in the console run:
msg = Message.last
AssetSignature.generate(Message.last)
2) take the resulting signature and login to
the system, then use the url bar to navigate to
"/mr/[signature]"
3) you should get redirected to the message
url properly
4) now try changing the signature. Leave the ID
alone, but change a few characters in the
hmac at the end, and you should no longer get
redirected properly but should instead be
taken to the default redirect.
Change-Id: I881e047341d16ba7e422dc05eae62b9f2a460898
Reviewed-on: https://gerrit.instructure.com/15889
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Brian Palmer <brianp@instructure.com>
QA-Review: Clare Hetherington <clare@instructure.com>
Landon Wilkins