# fixme test --sig-policy-url string
# fixme cannot test reject "signature is not of type 00!";
+prep unstable sid
+mktag
+mustfail 'push is missing tag ref update' $push_spec1
+mustfail 'push is missing head ref update' $push_spec2
+mustfail 'pushing unexpected ref' $push_spec HEAD:refs/wombat
+mustfail 'pushing multiple heads' $push_spec HEAD:refs/dgit/wombat
+mustfail 'pushing multiple tags' $push_spec HEAD:refs/tags/debian/wombat
+
+prep unstable sid
+mktag
+cp $tmp/dm.gpg $tmp/dd.gpg
+mustfail 'key not found in keyrings'
+
prep unstable sid
git push origin $push_spec # succeeds
mktag
mustfail 'not replacing previously-pushed version' $push_spec
+prep_dm_mangle () {
+ prep unstable sid
+ perl -i.bak -pe '
+ next unless m/^fingerprint: 3A82860837A0CD32/i../^$/;
+ ' -e "$1" $tmp/dm.txt
+ tag_signer='-u Populus'
+ mktag
+}
+
git checkout v2
version=3-2_dummy2
-prep unstable sid
-tag_signer='-u Populus'
-mktag
+
+prep_dm_mangle 's/allow:/asponge:/i'
+mustfail 'missing Allow section in permission' $push_spec
+
+prep_dm_mangle 's/\bpari-extra\b/sponge/i'
+mustfail "package $p not allowed for key" $push_spec
+
+prep_dm_mangle 'y/0-9/5-90-4/ if m/^fingerprint:/i'
+mustfail "not in permissions list although in keyring" $push_spec
+
+prep_dm_mangle ''
git push origin $push_spec # succeeds
echo ok.