fix(MAT-258): blacklist unverified E2EE devices + add CI tests

Unverified devices (lacking cross-signing) caused OlmUnverifiedDeviceError in _send_text(), silently breaking all message delivery. Now on_sync() blacklists non-cross-signed devices instead of skipping them, and _send_text() catches E2EE errors gracefully. Adds 12 unit tests for device trust policy and send error handling. CI test job now gates deployment in deploy.yml. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-29 08:32:48 +03:00
parent c2985488c4
commit 7b5c157b12
6 changed files with 246 additions and 11 deletions
--- a/tests/test_device_trust.py
+++ b/tests/test_device_trust.py
@@ -0,0 +1,52 @@
+from unittest.mock import Mock
+
+from device_trust import CrossSignedOnlyPolicy
+
+
+class TestCrossSignedOnlyPolicy:
+    def setup_method(self):
+        self.policy = CrossSignedOnlyPolicy()
+
+    def _make_device(self, device_id, user_id, extra_sig_keys=None):
+        device = Mock()
+        device.device_id = device_id
+        sigs = {f"ed25519:{device_id}": "self_sig"}
+        if extra_sig_keys:
+            for k, v in extra_sig_keys.items():
+                sigs[k] = v
+        device.signatures = {user_id: sigs}
+        return device
+
+    def test_should_trust_cross_signed(self):
+        device = self._make_device(
+            "DEV1", "@alice:example.com",
+            extra_sig_keys={"ed25519:MASTER_KEY": "cross_sig"},
+        )
+        assert self.policy.should_trust("@alice:example.com", device) is True
+
+    def test_should_not_trust_self_signed_only(self):
+        device = self._make_device("DEV1", "@alice:example.com")
+        assert self.policy.should_trust("@alice:example.com", device) is False
+
+    def test_should_not_trust_no_signatures(self):
+        device = Mock()
+        device.device_id = "DEV1"
+        device.signatures = None
+        assert self.policy.should_trust("@alice:example.com", device) is False
+
+    def test_should_not_trust_empty_user_sigs(self):
+        device = Mock()
+        device.device_id = "DEV1"
+        device.signatures = {"@alice:example.com": {}}
+        assert self.policy.should_trust("@alice:example.com", device) is False
+
+    def test_should_not_trust_missing_user_in_sigs(self):
+        device = Mock()
+        device.device_id = "DEV1"
+        device.signatures = {"@bob:example.com": {"ed25519:OTHER": "sig"}}
+        assert self.policy.should_trust("@alice:example.com", device) is False
+
+    def test_should_not_trust_no_signatures_attr(self):
+        device = Mock(spec=[])
+        device.device_id = "DEV1"
+        assert self.policy.should_trust("@alice:example.com", device) is False