2 files changed, 56 insertions, 4 deletions

diff --git a/src/mailman_pgp/rules/signature.py b/src/mailman_pgp/rules/signature.py
index 7742278..998e9c3 100644
--- a/src/mailman_pgp/rules/signature.py
+++ b/src/mailman_pgp/rules/signature.py
@@ -134,7 +134,8 @@ def on_message_posting(event):
     pgp_list = PGPMailingList.for_list(event.mlist)
     if pgp_list is None:
         return
-    pgp_address = PGPAddress.for_email(get_email(event.msg))
+    address = getUtility(IUserManager).get_address(get_email(event.msg))
+    pgp_address = PGPAddress.for_address(address)
     if pgp_address is None or pgp_address.key_fingerprint is None:
         return
     for sig_hash in event.msgdata['pgp_sig_hashes']:
diff --git a/src/mailman_pgp/rules/tests/test_signature.py b/src/mailman_pgp/rules/tests/test_signature.py
index 58af694..24cb5e9 100644
--- a/src/mailman_pgp/rules/tests/test_signature.py
+++ b/src/mailman_pgp/rules/tests/test_signature.py
@@ -14,16 +14,21 @@
 #
 # You should have received a copy of the GNU General Public License along with
 # this program.  If not, see <http://www.gnu.org/licenses/>.
+
+""""""
 from unittest import TestCase
 
 from mailman.app.lifecycle import create_list
 from mailman.interfaces.action import Action
+from mailman.interfaces.chain import AcceptEvent
 from mailman.interfaces.member import MemberRole
 from mailman.interfaces.usermanager import IUserManager
 from mailman.testing.helpers import (set_preferred,
                                      specialized_message_from_string as mfs)
 from zope.component import getUtility
+from zope.event import notify
 
+from mailman_pgp.chains.default import PGPChain
 from mailman_pgp.config import mm_config
 from mailman_pgp.database import mm_transaction, transaction
 from mailman_pgp.model.address import PGPAddress
@@ -67,6 +72,10 @@ class TestPGPSignatureRule(TestCase):
         self.msg_mime_signed_invalid = load_message(
                 'mime_signed_invalid.eml')
 
+    def assertAction(self, msgdata, action, reasons):
+        self.assertEqual(msgdata['moderation_action'], action.name)
+        self.assertListEqual(msgdata['moderation_reasons'], reasons)
+
     def test_has_rule(self):
         self.assertIn(Signature.name, mm_config.rules.keys())
 
@@ -104,9 +113,14 @@ To: test@example.com
             'No key set for address {}.'.format(
                     self.pgp_sender.address.original_email)])
 
-    def assertAction(self, msgdata, action, reasons):
-        self.assertEqual(msgdata['moderation_action'], action.name)
-        self.assertListEqual(msgdata['moderation_reasons'], reasons)
+    def test_key_not_confirmed(self):
+        with transaction():
+            self.pgp_sender.key_confirmed = False
+
+        msgdata = {}
+        matches = self.rule.check(self.mlist, self.msg_mime_signed, msgdata)
+        self.assertTrue(matches)
+        self.assertAction(msgdata, Action.reject, ['Key not confirmed.'])
 
     def test_unsigned_action(self):
         with transaction():
@@ -194,3 +208,40 @@ To: test@example.com
         matches = self.rule.check(self.mlist, self.msg_inline_signed, msgdata)
         self.assertTrue(matches)
         self.assertAction(msgdata, Action.hold, ['Signature duplicate.'])
+
+
+class TestPostingEvent(TestCase):
+    layer = PGPConfigLayer
+
+    def setUp(self):
+        self.rule = Signature()
+
+        user_manager = getUtility(IUserManager)
+        with mm_transaction():
+            self.mlist = create_list('test@example.com',
+                                     style_name='pgp-default')
+            self.sender = user_manager.create_user('RSA-1024b@example.org')
+            set_preferred(self.sender)
+            self.mlist.subscribe(self.sender, MemberRole.member)
+
+        self.pgp_list = PGPMailingList.for_list(self.mlist)
+
+        self.sender_key = load_key('rsa_1024.priv.asc')
+        with transaction() as t:
+            self.pgp_sender = PGPAddress(self.sender.preferred_address)
+            self.pgp_sender.key = self.sender_key.pubkey
+            self.pgp_sender.key_confirmed = True
+            t.add(self.pgp_sender)
+
+    def test_sighashes_added(self):
+        msg = load_message('mime_signed.eml')
+        wrapped = PGPWrapper(msg)
+        sighashes = set(hashes(wrapped.verify(self.sender_key)))
+        msgdata = dict(pgp_sig_hashes=sighashes)
+        notify(AcceptEvent(self.mlist, msg, msgdata,
+                           mm_config.chains[PGPChain.name]))
+
+        for hash in sighashes:
+            sig_hash = PGPSigHash.query().filter_by(hash=hash).one()
+            self.assertIsNotNone(sig_hash)
+            self.assertEqual(sig_hash.fingerprint, self.sender_key.fingerprint)