rubygems_integration.rb in bundler-1.3.0.pre.8

- old
+ new

@@ -1,6 +1,9 @@
 require 'rubygems'
+# rubygems master requires UI for ConfigFile but doesn't require it
+require 'rubygems/user_interaction'
+require 'rubygems/config_file'
 
 module Bundler
   class RubygemsIntegration
 
     def build_args
@@ -96,25 +99,26 @@
     def ui=(obj)
       Gem::DefaultUserInteraction.ui = obj
     end
 
     def fetch_specs(all, pre, &blk)
-      Gem::SpecFetcher.new.list(all, pre).each(&blk)
+      specs = Gem::SpecFetcher.new.list(all, pre)
+      specs.each { yield } if block_given?
+      specs
     end
 
+    def fetch_prerelease_specs
+      fetch_specs(false, true)
+    rescue Gem::RemoteFetcher::FetchError
+      [] # if we can't download them, there aren't any
+    end
+
     def fetch_all_remote_specs
-      spec_list = Hash.new { |h,k| h[k] = [] }
-      begin
-        # Fetch all specs, minus prerelease specs
-        spec_list = Gem::SpecFetcher.new.list(true, false)
-        # Then fetch the prerelease specs
-        begin
-          Gem::SpecFetcher.new.list(false, true).each {|k, v| spec_list[k] += v }
-        rescue Gem::RemoteFetcher::FetchError
-          # ignore if we can't fetch the prerelease specs
-        end
-      end
+      # Fetch all specs, minus prerelease specs
+      spec_list = fetch_specs(true, false)
+      # Then fetch the prerelease specs
+      fetch_prerelease_specs.each {|k, v| spec_list[k] += v }
 
       return spec_list
     end
 
     def with_build_args(args)
@@ -125,15 +129,30 @@
       ensure
         self.build_args = old_args
       end
     end
 
-    def spec_from_gem(path)
+    def gem_from_path(path, policy = nil)
       require 'rubygems/format'
-      Gem::Format.from_file_by_path(path).spec
+      Gem::Format.from_file_by_path(path, policy)
+    end
+
+    def spec_from_gem(path, policy = nil)
+      require 'rubygems/security'
+      gem_from_path(path, Gem::Security::Policies[policy]).spec
     rescue Gem::Package::FormatError
-      raise Bundler::GemspecError, "Could not read gem at #{path}. It may be corrupted."
+      raise GemspecError, "Could not read gem at #{path}. It may be corrupted."
+    rescue Exception, Gem::Exception, Gem::Security::Exception => e
+      if e.is_a?(Gem::Security::Exception) ||
+          e.message =~ /unknown trust policy|unsigned gem/i ||
+          e.message =~ /couldn't verify (meta)?data signature/i
+        raise SecurityError,
+          "The gem #{File.basename(path, '.gem')} can't be installed because " \
+          "the security policy didn't allow it, with the message: #{e.message}"
+      else
+        raise e
+      end
     end
 
     def build(spec)
       require 'rubygems/builder'
       Gem::Builder.new(spec).build
@@ -438,13 +457,13 @@
         end
 
         hash
       end
 
-      def spec_from_gem(path)
-        Gem::Package.new(path).spec
-      rescue Gem::Package::FormatError
-        raise Bundler::GemspecError, "Could not read gem at #{path}. It may be corrupted."
+      def gem_from_path(path, policy = nil)
+        p = Gem::Package.new(path)
+        p.security_policy = policy if policy
+        return p
       end
 
       def build(spec)
         Gem::Package.build(spec)
       end