RubyGems - aker - Versions diffs - 3.0.0.pre - Mend

aker 3.0.0.pre

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (118) hide show

data/CHANGELOG.md +210 -0
data/README.md +282 -0
data/assets/aker/form/login.css +73 -0
data/assets/aker/form/login.html.erb +44 -0
data/lib/aker/authorities/automatic_access.rb +36 -0
data/lib/aker/authorities/composite.rb +301 -0
data/lib/aker/authorities/static.rb +283 -0
data/lib/aker/authorities/support/find_sole_user.rb +24 -0
data/lib/aker/authorities/support.rb +9 -0
data/lib/aker/authorities.rb +46 -0
data/lib/aker/cas/authority.rb +79 -0
data/lib/aker/cas/configuration_helper.rb +85 -0
data/lib/aker/cas/middleware/logout_responder.rb +49 -0
data/lib/aker/cas/middleware/ticket_remover.rb +35 -0
data/lib/aker/cas/middleware.rb +6 -0
data/lib/aker/cas/proxy_mode.rb +108 -0
data/lib/aker/cas/rack_proxy_callback.rb +188 -0
data/lib/aker/cas/service_mode.rb +88 -0
data/lib/aker/cas/service_url.rb +62 -0
data/lib/aker/cas/user_ext.rb +64 -0
data/lib/aker/cas.rb +31 -0
data/lib/aker/central_parameters.rb +101 -0
data/lib/aker/configuration.rb +534 -0
data/lib/aker/deprecation.rb +105 -0
data/lib/aker/form/custom_views_mode.rb +80 -0
data/lib/aker/form/login_form_asset_provider.rb +56 -0
data/lib/aker/form/middleware/custom_view_login_responder.rb +19 -0
data/lib/aker/form/middleware/login_renderer.rb +72 -0
data/lib/aker/form/middleware/login_responder.rb +71 -0
data/lib/aker/form/middleware/logout_responder.rb +26 -0
data/lib/aker/form/middleware.rb +10 -0
data/lib/aker/form/mode.rb +118 -0
data/lib/aker/form.rb +26 -0
data/lib/aker/group.rb +67 -0
data/lib/aker/group_membership.rb +162 -0
data/lib/aker/ldap/authority.rb +392 -0
data/lib/aker/ldap/user_ext.rb +19 -0
data/lib/aker/ldap.rb +22 -0
data/lib/aker/modes/base.rb +85 -0
data/lib/aker/modes/http_basic.rb +100 -0
data/lib/aker/modes/support/attempted_path.rb +22 -0
data/lib/aker/modes/support/rfc_2617.rb +32 -0
data/lib/aker/modes/support.rb +12 -0
data/lib/aker/modes.rb +48 -0
data/lib/aker/rack/authenticate.rb +37 -0
data/lib/aker/rack/configuration_helper.rb +18 -0
data/lib/aker/rack/default_logout_responder.rb +36 -0
data/lib/aker/rack/environment_helper.rb +34 -0
data/lib/aker/rack/facade.rb +102 -0
data/lib/aker/rack/failure.rb +69 -0
data/lib/aker/rack/logout.rb +63 -0
data/lib/aker/rack/request_ext.rb +19 -0
data/lib/aker/rack/session_timer.rb +95 -0
data/lib/aker/rack/setup.rb +77 -0
data/lib/aker/rack.rb +107 -0
data/lib/aker/test/helpers.rb +22 -0
data/lib/aker/test.rb +8 -0
data/lib/aker/user.rb +231 -0
data/lib/aker/version.rb +3 -0
data/lib/aker.rb +51 -0
data/spec/aker/aker-sample.yml +11 -0
data/spec/aker/authorities/automatic_access_spec.rb +52 -0
data/spec/aker/authorities/composite_spec.rb +488 -0
data/spec/aker/authorities/nu-schema.jar +0 -0
data/spec/aker/authorities/static_spec.rb +455 -0
data/spec/aker/authorities/support/find_sole_user_spec.rb +33 -0
data/spec/aker/authorities_spec.rb +16 -0
data/spec/aker/cas/authority_spec.rb +106 -0
data/spec/aker/cas/configuration_helper_spec.rb +92 -0
data/spec/aker/cas/middleware/logout_responder_spec.rb +47 -0
data/spec/aker/cas/middleware/ticket_remover_spec.rb +49 -0
data/spec/aker/cas/proxy_mode_spec.rb +185 -0
data/spec/aker/cas/rack_proxy_callback_spec.rb +190 -0
data/spec/aker/cas/service_mode_spec.rb +122 -0
data/spec/aker/cas/service_url_spec.rb +114 -0
data/spec/aker/cas/user_ext_spec.rb +27 -0
data/spec/aker/cas_spec.rb +19 -0
data/spec/aker/central_parameters_spec.rb +44 -0
data/spec/aker/configuration_spec.rb +465 -0
data/spec/aker/deprecation_spec.rb +115 -0
data/spec/aker/form/a_form_mode.rb +129 -0
data/spec/aker/form/custom_views_mode_spec.rb +34 -0
data/spec/aker/form/login_form_asset_provider_spec.rb +80 -0
data/spec/aker/form/middleware/a_form_login_responder.rb +89 -0
data/spec/aker/form/middleware/custom_view_login_responder_spec.rb +47 -0
data/spec/aker/form/middleware/login_renderer_spec.rb +56 -0
data/spec/aker/form/middleware/login_responder_spec.rb +34 -0
data/spec/aker/form/middleware/logout_responder_spec.rb +55 -0
data/spec/aker/form/mode_spec.rb +15 -0
data/spec/aker/form_spec.rb +11 -0
data/spec/aker/group_membership_spec.rb +208 -0
data/spec/aker/group_spec.rb +66 -0
data/spec/aker/ldap/authority_spec.rb +414 -0
data/spec/aker/ldap/ldap-users.ldif +197 -0
data/spec/aker/ldap_spec.rb +11 -0
data/spec/aker/modes/a_aker_mode.rb +41 -0
data/spec/aker/modes/http_basic_spec.rb +127 -0
data/spec/aker/modes/support/attempted_path_spec.rb +32 -0
data/spec/aker/modes_spec.rb +11 -0
data/spec/aker/rack/authenticate_spec.rb +78 -0
data/spec/aker/rack/default_logout_responder_spec.rb +67 -0
data/spec/aker/rack/facade_spec.rb +154 -0
data/spec/aker/rack/failure_spec.rb +151 -0
data/spec/aker/rack/logout_spec.rb +63 -0
data/spec/aker/rack/request_ext_spec.rb +29 -0
data/spec/aker/rack/session_timer_spec.rb +134 -0
data/spec/aker/rack/setup_spec.rb +87 -0
data/spec/aker/rack_spec.rb +216 -0
data/spec/aker/test/helpers_spec.rb +44 -0
data/spec/aker/user_spec.rb +362 -0
data/spec/aker_spec.rb +80 -0
data/spec/deprecation_helper.rb +58 -0
data/spec/java_helper.rb +5 -0
data/spec/logger_helper.rb +17 -0
data/spec/matchers.rb +31 -0
data/spec/mock_builder.rb +25 -0
data/spec/spec_helper.rb +52 -0
metadata +265 -0

data/spec/aker/rack_spec.rb ADDED Viewed

@@ -0,0 +1,216 @@
+require File.expand_path('../../spec_helper', __FILE__)
+module Aker
+  describe Rack do
+    after do
+      ::Warden::Strategies.clear!
+    end
+    describe ".use_in" do
+      let(:builder) { Aker::Spec::MockBuilder.new }
+      let(:configuration) { Aker::Configuration.new(:slices => []) }
+      before do
+        Aker.configuration = configuration
+        Aker::Rack.use_in(builder)
+      end
+      it "fails with a useful message if there's no configuration" do
+        builder.reset!
+        Aker.configuration = nil
+        lambda { Aker::Rack.use_in(builder) }.
+          should raise_error(/Please set one or the other before calling use_in./)
+      end
+      describe "setting up modes" do
+        before do
+          configuration.register_mode Aker::Modes::HttpBasic
+          builder.reset!
+          Aker::Rack.use_in(builder)
+        end
+        it 'installs the modes registered in the configuration' do
+          ::Warden::Strategies[:http_basic].should == Aker::Modes::HttpBasic
+        end
+        it 'does not install other modes just because they exist' do
+          ::Warden::Strategies[:cas].should be_nil
+        end
+      end
+      describe "configuring warden" do
+        it "uses a manager" do
+          builder.should be_using(Warden::Manager)
+        end
+        it "gives the manager the failure app" do
+          mock_manager = Class.new do
+            attr_accessor :failure_app
+          end.new
+          _, _, actual_block = builder.find_use_of(Warden::Manager)
+          actual_block.call(mock_manager)
+          mock_manager.failure_app.class.should == Aker::Rack::Failure
+        end
+      end
+      describe "modifying the Rack stack" do
+        let(:ui_mode) do
+          Class.new(Warden::Strategies::Base) do
+            def authenticate!; end
+            def self.prepend_middleware(builder); builder.use :ui_ware_before; end
+            def self.append_middleware(builder); builder.use :ui_ware_after; end
+          end
+        end
+        let(:api_mode_a) do
+          Class.new(Warden::Strategies::Base) do
+            def authenticate!; end
+            def self.prepend_middleware(builder); builder.use :api_ware_before; end
+            def self.append_middleware(builder); builder.use :api_ware_after; end
+          end
+        end
+        let(:api_mode_b) do
+          Class.new(Warden::Strategies::Base) do
+            def authenticate!; end
+          end
+        end
+        before do
+          rebuild!
+        end
+        let(:config) do
+          Aker::Configuration.new(:slices => [Rack::Slice.new]) do
+            ui_mode :ui_mode
+            api_modes :api_mode_a, :api_mode_b
+            before_authentication_middleware do |builder|
+              builder.use :global_before
+            end
+            after_authentication_middleware do |builder|
+              builder.use :global_after
+            end
+          end
+        end
+        def rebuild!
+          builder.reset!
+          Warden::Strategies.add(:ui_mode, ui_mode)
+          Warden::Strategies.add(:api_mode_a, api_mode_a)
+          Warden::Strategies.add(:api_mode_b, api_mode_b)
+          Aker::Rack.use_in(builder, config)
+          @indexes = builder.uses.each_with_index.map { |u, i| [u.first, i] }.
+            inject({}) { |h, (mw, i)| h[mw] = i; h }
+          @logout_index = @indexes[Aker::Rack::Logout]
+          @session_timer_index = @indexes[Aker::Rack::SessionTimer]
+        end
+        it "uses the Setup middleware first" do
+          builder.uses[0].first.should == Aker::Rack::Setup
+        end
+        it "prepends middleware for UI modes after the setup middleware" do
+          @indexes[:ui_ware_before].should == @indexes[Aker::Rack::Setup] + 1
+        end
+        it "prepends middleware for API modes after UI modes" do
+          @indexes[:api_ware_before].should == @indexes[:ui_ware_before] + 1
+        end
+        it 'attaches the global before middleware immediately before warden' do
+          @indexes[:global_before].should == @indexes[Warden::Manager] - 1
+        end
+        it "attaches the session timer middleware after the warden middleware" do
+          @indexes[Aker::Rack::SessionTimer].should > @indexes[Warden::Manager]
+        end
+        it "attaches the session timer middleware before the authentication middleware" do
+          @indexes[Aker::Rack::SessionTimer].should < @indexes[Aker::Rack::Authenticate]
+        end
+        it 'attaches the global after middleware immediately after Aker::Rack::Authenticate' do
+          @indexes[:global_after].should == @indexes[Aker::Rack::Authenticate] + 1
+        end
+        it "attaches the logout middleware after the global after middleware" do
+          @indexes[Aker::Rack::Logout].should == @indexes[:global_after] + 1
+        end
+        it "attaches the default logout responder at the end of the chain" do
+          builder.uses.map { |u| u.first }.last.should == Aker::Rack::DefaultLogoutResponder
+        end
+        it "appends middleware for UI modes directly after the logout middleware" do
+          @indexes[:ui_ware_after].should == @indexes[Aker::Rack::Logout] + 1
+        end
+        it "appends middleware for API modes after appended UI middleware" do
+          @indexes[:api_ware_after].should == @indexes[:ui_ware_after] + 1
+        end
+        it "uses middleware for the global configuration if no specific configuration is provided" do
+          Aker.configure {
+            ui_mode :ui_mode
+          }
+          builder = Aker::Spec::MockBuilder.new
+          Aker::Rack.use_in(builder)
+          builder.uses[0].first.should == Aker::Rack::Setup
+          builder.uses[1].first.should == :ui_ware_before
+          builder.uses[2].first.should_not == :api_ware_before
+        end
+      end
+      it "attaches the aker middleware" do
+        builder.should be_using(Aker::Rack::Setup, configuration)
+      end
+      it "passes on the configuration to the setup middleware if provided" do
+        b = Aker::Spec::MockBuilder.new
+        config = Aker::Configuration.new { portal :hello }
+        Aker::Rack.use_in(b, config)
+        b.should be_using(Aker::Rack::Setup, config)
+      end
+    end
+  end
+  describe Rack::Slice do
+    let(:configuration) { Configuration.new(:slices => [Rack::Slice.new]) }
+    describe 'parameter defaults' do
+      describe 'for :policy' do
+        subject { configuration.parameters_for(:policy) }
+        it 'has [:session-timeout-seconds]' do
+          subject[:'session-timeout-seconds'].should == 1800
+        end
+      end
+      describe 'for :rack' do
+        subject { configuration.parameters_for(:rack) }
+        it 'has [:login_path]' do
+          subject[:login_path].should == '/login'
+        end
+        it 'has [:logout_path]' do
+          subject[:logout_path].should == '/logout'
+        end
+      end
+    end
+  end
+end

data/spec/aker/test/helpers_spec.rb ADDED Viewed

@@ -0,0 +1,44 @@
+require File.expand_path("../../../spec_helper", __FILE__)
+require "rack/test"
+module Aker::Test
+  describe Helpers do
+    describe "#login_env" do
+      before do
+        Aker.configure do
+          s = Aker::Authorities::Static.new
+          s.valid_credentials!(:user, "jo", "50-50")
+          authorities s
+        end
+        @test_case = Class.new do
+          include Aker::Test::Helpers
+        end.new
+      end
+      shared_examples_for "a login helper" do
+        it "generates a Rack environment containing an authenticated user" do
+          @env['aker.check'].user.should_not be_nil
+          @env['aker.check'].user.username.should == 'jo'
+        end
+      end
+      describe 'given a username' do
+        before do
+          @env = @test_case.login_env("jo")
+        end
+        it_should_behave_like "a login helper"
+      end
+      describe 'given a Aker::User object' do
+        before do
+          @env = @test_case.login_env(Aker::User.new("jo"))
+        end
+        it_should_behave_like "a login helper"
+      end
+    end
+  end
+end

data/spec/aker/user_spec.rb ADDED Viewed

@@ -0,0 +1,362 @@
+require File.expand_path('../../spec_helper', __FILE__)
+module Aker
+  describe User do
+    before do
+      @u = User.new("jo", :airport)
+      @u.first_name = "Jocelyn"
+      @u.last_name = "Jordan"
+    end
+    describe "#full_name" do
+      it "works with both names" do
+        @u.full_name.should == "Jocelyn Jordan"
+      end
+      it "uses the user name with no names" do
+        @u.first_name = nil
+        @u.last_name = nil
+        @u.full_name.should == "jo"
+      end
+      it "works with just the last name" do
+        @u.first_name = nil
+        @u.full_name.should == "Jordan"
+      end
+      it "works with just the first name" do
+        @u.last_name = nil
+        @u.full_name.should == "Jocelyn"
+      end
+    end
+    describe "#default_portal" do
+      it "is always a symbol" do
+        u = User.new('jo')
+        u.default_portal = 'foo'
+        u.default_portal.should == :foo
+      end
+    end
+    describe "#portals" do
+      it "is always an array" do
+        User.new('J').portals.should == []
+      end
+    end
+    describe "#may_access?" do
+      it "permits access to a known portal" do
+        @u.may_access?(:airport).should be_true
+      end
+      it "supports string-named portals" do
+        @u.may_access?("airport").should be_true
+      end
+      it "refuses access to an unknown portal" do
+        @u.may_access?(:seaport).should be_false
+      end
+      it "uses the default portal if available" do
+        @u.default_portal = :airport
+        @u.may_access?.should be_true
+      end
+      it "fails without a portal if there's no default" do
+        lambda { @u.may_access? }.should raise_error(/No default portal/)
+      end
+    end
+    describe "#group_memberships" do
+      it "is a Aker::GroupMemberships instance" do
+        User.new('jo').group_memberships(:ENU).class.should == GroupMemberships
+      end
+      it "defaults to the groups for the default portal" do
+        jo = User.new('jo')
+        jo.default_portal = :ENU
+        jo.group_memberships(:ENU) << GroupMembership.new(Group.new('Developer'))
+        jo.group_memberships(:NOTIS) << GroupMembership.new(Group.new('Admin'))
+        jo.group_memberships.include?('Developer').should be_true
+        jo.group_memberships.include?('Admin').should be_false
+      end
+      it "locates a portal given as a string" do
+        jo = User.new('jo')
+        jo.group_memberships(:ENU) << GroupMembership.new(Group.new('Developer'))
+        jo.group_memberships("ENU").size.should == 1
+      end
+      it "fails without the portal parameter if there's no default portal" do
+        lambda { User.new('jo').group_memberships }.should raise_error(/No default portal/)
+      end
+    end
+    describe "#permit?" do
+      before do
+        @user = User.new('jo')
+        @user.portals = [:ENU, :NOTIS]
+        @user.default_portal = :ENU
+        @user.group_memberships(:ENU) << GroupMembership.new(Group.new('Developer'))
+        @user.group_memberships(:NOTIS) << GroupMembership.new(Group.new('Admin'))
+      end
+      it "returns true if the user matches any of the groups in the default portal" do
+        @user.permit?(:Developer, :Admin).should be_true
+      end
+      it "returns false if the user does not match any of the groups in the default portal" do
+        @user.permit?(:Admin).should be_false
+      end
+      describe "with an explicit portal" do
+        it "returns true if the user is in any of the groups" do
+          @user.permit?(:Developer, :Admin, :portal => :NOTIS).should be_true
+        end
+        it "returns false if the user is not in any of the groups" do
+          @user.permit?(:Developer, :portal => :NOTIS).should be_false
+        end
+      end
+      describe "without any groups" do
+        describe "with the default portal" do
+          it "returns true if the user is in the portal" do
+            @user.permit?.should be_true
+          end
+          it "returns false if the user is not in the portal" do
+            @user.default_portal = :BSPORE
+            @user.permit?.should be_false
+          end
+        end
+        describe "with an explicit portal" do
+          it "returns true if the user is in the portal" do
+            @user.permit?(:portal => :NOTIS).should be_true
+          end
+          it "returns false if the user is not in the portal" do
+            @user.permit?(:portal => :BSPORE).should be_false
+          end
+        end
+      end
+      describe "with a block" do
+        it "yields to a passed block if the user matches the group" do
+          executed = nil
+          @user.permit? :Developer do
+            executed = true
+          end
+          executed.should be_true
+        end
+        it "does not yield if the user doesn't match the group" do
+          executed = nil
+          @user.permit? :Admin do
+            executed = true
+          end
+          executed.should be_nil
+        end
+        it "returns the block's return value if the user matches the group" do
+          @user.permit?(:Developer) { "block value" }.should == "block value"
+        end
+        it "returns nil if the user does not match the group" do
+          @user.permit?(:Admin) { "block value" }.should == nil
+        end
+      end
+    end
+    describe "#merge!" do
+      before do
+        @a = User.new("jo")
+        @b = User.new("jo")
+      end
+      it "modifies the target group in place" do
+        @b.last_name = "Miller"
+        @a.merge!(@b)
+        @a.last_name.should == "Miller"
+      end
+      it "returns self" do
+        @a.merge!(@b).object_id.should == @a.object_id
+      end
+      it "does not copy attributes which are already set" do
+        @a.first_name = "Josephine"
+        @b.first_name = "Jocelyn"
+        @a.merge!(@b).first_name.should == "Josephine"
+      end
+      it "does not fail if reading an attribute throws an exception" do
+        @b.should_receive(:first_name).and_throw("I don't know.  Leave me alone.")
+        lambda { @a.merge!(@b) }.should_not raise_error
+      end
+      describe "of the default portal" do
+        it "sets the target default portal if there isn't one already" do
+          @b.default_portal = :ENU
+          @a.merge!(@b)
+          @a.default_portal.should == :ENU
+        end
+        it "leaves the default portal alone if it is already set" do
+          @a.default_portal = :NOTIS
+          @b.default_portal = :ENU
+          @a.merge!(@b)
+          @a.default_portal.should == :NOTIS
+        end
+      end
+      describe "of portals" do
+        before do
+          @a.portals = [:ENU, :NOTIS]
+          @b.portals = [:SQLSubmit, :ENU]
+          @a.merge!(@b)
+        end
+        it "removes duplicates" do
+          @a.portals.size.should == 3
+        end
+        it "includes portals that are in the source and target lists" do
+          @a.may_access?(:ENU).should be_true
+        end
+        it "preserves portals that are only in the original list" do
+          @a.may_access?(:NOTIS).should be_true
+        end
+        it "adds portals that are only in the new list" do
+          @a.may_access?(:SQLSubmit).should be_true
+        end
+        it "works when the source portals are not set" do
+          @b.portals = nil
+          lambda { @a.merge!(@b) }.should_not raise_error
+        end
+        it "works when the target portals are not set" do
+          @a.portals = nil
+          lambda { @a.merge!(@b) }.should_not raise_error
+          @a.portals.size.should == 2
+        end
+      end
+      describe "of group memberships" do
+        before do
+          @a.group_memberships(:ENU) << GroupMembership.new(Group.new("User"))
+        end
+        it "adds memberships for a new portal" do
+          @b.group_memberships(:NOTIS) << GroupMembership.new(Group.new("Admin"))
+          @a.merge!(@b)
+          @a.group_memberships(:NOTIS).include?("Admin").should be_true
+        end
+        it "does not merge group memberships when some are already known" do
+          @b.group_memberships(:ENU) << GroupMembership.new(Group.new("Developer"))
+          @a.merge!(@b)
+          @a.group_memberships(:ENU).size.should == 1
+        end
+      end
+      describe 'of identifiers' do
+        before do
+          @a.identifiers[:ssn] = "123-45-6789"
+        end
+        it 'preserves an identifier that is already set' do
+          @b.identifiers[:ssn] = "321-54-9876"
+          @a.merge!(@b)
+          @a.identifiers[:ssn].should == "123-45-6789"
+        end
+        it 'copies an identifier that is new' do
+          @b.identifiers[:netid] = 'bob789'
+          @a.merge!(@b)
+          @a.identifiers[:netid].should == 'bob789'
+        end
+        it 'leaves alone an identifier that is not present in the argument' do
+          @b.identifiers[:netid] = 'bob789'
+          @a.merge!(@b)
+          @a.identifiers[:ssn].should == "123-45-6789"
+        end
+      end
+    end
+    describe 'nu_employee_id' do
+      describe 'setter' do
+        before do
+          @u.nu_employee_id = "1234"
+        end
+        it "is deprecated" do
+          deprecation_message.should =~ /nu_employee_id is deprecated\. Use identifiers\[:nu_employee_id\] instead..*3.0/
+        end
+        it 'sets the value in #identifers' do
+          @u.identifiers[:nu_employee_id].should == "1234"
+        end
+      end
+      describe 'getter' do
+        before do
+          @u.identifiers[:nu_employee_id] = "funfzehn"
+        end
+        let!(:subject) { @u.nu_employee_id }
+        it 'is deprecated' do
+          deprecation_message.should =~ /nu_employee_id is deprecated\. Use identifiers\[:nu_employee_id\] instead..*3.0/
+        end
+        it 'reads the value from #identifiers' do
+          subject.should == "funfzehn"
+        end
+      end
+    end
+    describe 'personnel_id' do
+      describe 'setter' do
+        before do
+          @u.personnel_id = "1234"
+        end
+        it "is deprecated" do
+          deprecation_message.should =~ /personnel_id is deprecated\. Use identifiers\[:personnel_id\] instead..*3.0/
+        end
+        it 'sets the value in #identifers' do
+          @u.identifiers[:personnel_id].should == "1234"
+        end
+      end
+      describe 'getter' do
+        before do
+          @u.identifiers[:personnel_id] = "funfzehn"
+        end
+        let!(:subject) { @u.personnel_id }
+        it 'is deprecated' do
+          deprecation_message.should =~ /personnel_id is deprecated\. Use identifiers\[:personnel_id\] instead..*3.0/
+        end
+        it 'reads the value from #identifiers' do
+          subject.should == "funfzehn"
+        end
+      end
+    end
+  end
+end

data/spec/aker_spec.rb ADDED Viewed

@@ -0,0 +1,80 @@
+require File.expand_path('../spec_helper', __FILE__)
+require 'aker'
+describe Aker do
+  before do
+    Aker.authority = nil
+    Aker.configuration = nil
+  end
+  after do
+    Aker.authority = nil
+    Aker.configuration = nil
+  end
+  describe "::VERSION" do
+    it "exists" do
+      lambda { Aker::VERSION }.should_not raise_error
+    end
+    it "has three or four dot-separated parts" do
+      Aker::VERSION.split('.').size.should be_between(3, 4)
+    end
+  end
+  describe "configuration" do
+    it "can be set directly" do
+      Aker.configuration = Aker::Configuration.new { portal :ENU }
+      Aker.configuration.portal.should == :ENU
+    end
+    it "does not accumulate direct set configurations" do
+      Aker.configuration = Aker::Configuration.new { api_mode :basic }
+      Aker.configuration = Aker::Configuration.new { portal :ENU }
+      Aker.configuration.api_modes.should == [] # the default
+    end
+    it "can be configured using #configure" do
+      Aker.configure { portal :ENU }
+      Aker.configuration.portal.should == :ENU
+    end
+    it "accumulates #configure configurations" do
+      Aker.configure { api_modes :basic, :cas_proxy }
+      Aker.configure { portal :LIMS }
+      Aker.configuration.api_modes.should == [:basic, :cas_proxy]
+      Aker.configuration.portal.should == :LIMS
+    end
+  end
+  describe "authority" do
+    before do
+      @auth = Aker::Authorities::Static.new
+      @auth.valid_credentials!(:cas, "jo", "ST-12345")
+    end
+    it "can be set directly" do
+      Aker.authority = @auth
+      Aker.authority.valid_credentials?(:cas, "ST-12345").should_not be_nil
+    end
+    it "uses the composite authority from the configuration by default" do
+      Aker.configuration = Aker::Configuration.new {
+        a = Aker::Authorities::Static.new
+        a.valid_credentials!(:magic, "jo", "man")
+        authority a
+      }
+      Aker.configuration.logger = spec_logger
+      Aker.authority.valid_credentials?(:magic, "man").username.should == "jo"
+    end
+    it "prefers a directly-set authority" do
+      Aker.configuration = Aker::Configuration.new { authority :static }
+      Aker.configuration.logger = spec_logger
+      Aker.authority.valid_credentials?(:cas,  "ST-12345").should be_nil
+      Aker.authority = @auth
+      Aker.authority.valid_credentials?(:cas,  "ST-12345").should_not be_nil
+    end
+  end
+end