From c0c34d35e22e5ac9c87a5bffff5b02b06f772f3a Mon Sep 17 00:00:00 2001
From: Matt Jankowski <matt@jankowski.online>
Date: Mon, 18 Nov 2024 04:57:16 -0500
Subject: [PATCH] Move self destruct check to `config_for` and add constant for
 verifier string (#32943)

---
 app/helpers/self_destruct_helper.rb       |  6 ++++--
 config/mastodon.yml                       |  1 +
 lib/mastodon/cli/federation.rb            |  2 +-
 spec/helpers/self_destruct_helper_spec.rb | 22 +++++++++++++---------
 4 files changed, 19 insertions(+), 12 deletions(-)

diff --git a/app/helpers/self_destruct_helper.rb b/app/helpers/self_destruct_helper.rb
index 78557c25e5..f1927b1e04 100644
--- a/app/helpers/self_destruct_helper.rb
+++ b/app/helpers/self_destruct_helper.rb
@@ -1,9 +1,11 @@
 # frozen_string_literal: true
 
 module SelfDestructHelper
+  VERIFY_PURPOSE = 'self-destruct'
+
   def self.self_destruct?
-    value = ENV.fetch('SELF_DESTRUCT', nil)
-    value.present? && Rails.application.message_verifier('self-destruct').verify(value) == ENV['LOCAL_DOMAIN']
+    value = Rails.configuration.x.mastodon.self_destruct_value
+    value.present? && Rails.application.message_verifier(VERIFY_PURPOSE).verify(value) == ENV['LOCAL_DOMAIN']
   rescue ActiveSupport::MessageVerifier::InvalidSignature
     false
   end
diff --git a/config/mastodon.yml b/config/mastodon.yml
index 255213b4b7..2c09c59e0a 100644
--- a/config/mastodon.yml
+++ b/config/mastodon.yml
@@ -1,3 +1,4 @@
 ---
 shared:
+  self_destruct_value: <%= ENV.fetch('SELF_DESTRUCT', nil) %>
   software_update_url: <%= ENV.fetch('UPDATE_CHECK_URL', 'https://api.joinmastodon.org/update-check') %>
diff --git a/lib/mastodon/cli/federation.rb b/lib/mastodon/cli/federation.rb
index c738796557..f512bca358 100644
--- a/lib/mastodon/cli/federation.rb
+++ b/lib/mastodon/cli/federation.rb
@@ -76,7 +76,7 @@ module Mastodon::CLI
       def self_destruct_value
         Rails
           .application
-          .message_verifier('self-destruct')
+          .message_verifier(SelfDestructHelper::VERIFY_PURPOSE)
           .generate(Rails.configuration.x.local_domain)
       end
     end
diff --git a/spec/helpers/self_destruct_helper_spec.rb b/spec/helpers/self_destruct_helper_spec.rb
index 09d7347eee..dca1590764 100644
--- a/spec/helpers/self_destruct_helper_spec.rb
+++ b/spec/helpers/self_destruct_helper_spec.rb
@@ -3,19 +3,20 @@
 require 'rails_helper'
 
 RSpec.describe SelfDestructHelper do
-  describe 'self_destruct?' do
+  describe '#self_destruct?' do
+    before { Rails.configuration.x.mastodon.self_destruct_value = destruct_value }
+    after { Rails.configuration.x.mastodon.self_destruct_value = nil }
+
     context 'when SELF_DESTRUCT is unset' do
+      let(:destruct_value) { nil }
+
       it 'returns false' do
         expect(helper.self_destruct?).to be false
       end
     end
 
     context 'when SELF_DESTRUCT is set to an invalid value' do
-      around do |example|
-        ClimateControl.modify SELF_DESTRUCT: 'true' do
-          example.run
-        end
-      end
+      let(:destruct_value) { 'true' }
 
       it 'returns false' do
         expect(helper.self_destruct?).to be false
@@ -23,9 +24,10 @@ RSpec.describe SelfDestructHelper do
     end
 
     context 'when SELF_DESTRUCT is set to value signed for the wrong purpose' do
+      let(:destruct_value) { Rails.configuration.x.mastodon.self_destruct_value = Rails.application.message_verifier('foo').generate('example.com') }
+
       around do |example|
         ClimateControl.modify(
-          SELF_DESTRUCT: Rails.application.message_verifier('foo').generate('example.com'),
           LOCAL_DOMAIN: 'example.com'
         ) do
           example.run
@@ -38,9 +40,10 @@ RSpec.describe SelfDestructHelper do
     end
 
     context 'when SELF_DESTRUCT is set to value signed for the wrong domain' do
+      let(:destruct_value) { Rails.configuration.x.mastodon.self_destruct_value = Rails.application.message_verifier(described_class::VERIFY_PURPOSE).generate('foo.com') }
+
       around do |example|
         ClimateControl.modify(
-          SELF_DESTRUCT: Rails.application.message_verifier('self-destruct').generate('foo.com'),
           LOCAL_DOMAIN: 'example.com'
         ) do
           example.run
@@ -53,9 +56,10 @@ RSpec.describe SelfDestructHelper do
     end
 
     context 'when SELF_DESTRUCT is set to a correctly-signed value' do
+      let(:destruct_value) { Rails.configuration.x.mastodon.self_destruct_value = Rails.application.message_verifier(described_class::VERIFY_PURPOSE).generate('example.com') }
+
       around do |example|
         ClimateControl.modify(
-          SELF_DESTRUCT: Rails.application.message_verifier('self-destruct').generate('example.com'),
           LOCAL_DOMAIN: 'example.com'
         ) do
           example.run