cassette 1.0.0

data/lib/cassette/version.rb

@@ -0,0 +1,15 @@
+module Cassette
+  class Version
+      MAJOR = "1"
+      MINOR = "0"
+
+      def self.build_number
+        ENV["BUILD_NUMBER"] || 0
+      end
+
+      def self.version
+        [MAJOR, MINOR, build_number].join(".")
+      end
+  end
+end
+

data/lib/cassette.rb

@@ -0,0 +1,75 @@
+# encoding: UTF-8
+
+require "cassette/errors"
+require "cassette/cache"
+require "cassette/client/cache"
+require "cassette/client"
+require "cassette/authentication"
+require "cassette/authentication/authorities"
+require "cassette/authentication/user"
+require "cassette/authentication/cache"
+require "cassette/authentication/filter"
+
+require "faraday"
+require "logger"
+
+module Cassette
+  extend self
+
+  DEFAULT_TIMEOUT = 10
+
+  def logger
+    @@logger ||= begin
+      if defined?(Rails) && Rails.logger
+        Rails.logger
+      else
+        Logger.new("/dev/null")
+      end
+    end
+  end
+
+  def logger=(logger)
+    @@logger = logger
+  end
+
+  def config
+    @@config
+  end
+
+  def config=(config)
+    @@config = config
+  end
+
+  def new_request(uri, timeout)
+    Faraday.new(url: uri, ssl: { verify: false, version: "TLSv1" }) do |builder|
+      builder.adapter :httpclient
+      builder.options.timeout = timeout
+    end
+  end
+
+  def get(uri, payload, timeout = DEFAULT_TIMEOUT)
+    perform(:get, uri, payload, timeout) do |req|
+      req.params = payload
+      logger.debug "Request: #{req.inspect}"
+    end
+  end
+
+  def post(uri, payload, timeout = DEFAULT_TIMEOUT)
+    perform(:post, uri, payload, timeout) do |req|
+      req.body = payload
+      logger.debug "Request: #{req.inspect}"
+    end
+  end
+
+  protected
+
+  def perform(op, uri, payload, timeout = DEFAULT_TIMEOUT, &block)
+    request = new_request(uri, timeout)
+    res = request.send(op, &block)
+
+    res.tap do |response|
+      logger.debug "Got response: #{response.body.inspect} (#{response.status}), #{response.headers.inspect}"
+      Cassette::Errors.raise_by_code(response.status) unless response.success?
+    end
+  end
+end

data/spec/cas/authentication/authorities_spec.rb

@@ -0,0 +1,82 @@
+require 'spec_helper'
+
+describe Cassette::Authentication::Authorities do
+  subject do
+    Cassette::Authentication::Authorities
+  end
+
+  describe "#has_role?" do
+    let(:input) { "[#{Cassette.config.base_authority}, SAPI, #{Cassette.config.base_authority}_CREATE-USER]" }
+    let(:authorities) { subject.parse(input) }
+
+    it "adds the application prefix to roles" do
+      expect(authorities.has_role?("CREATE-USER")).to eql(true)
+    end
+
+    it "ignores role case" do
+      expect(authorities.has_role?("create-user")).to eql(true)
+    end
+
+    it "replaces underscores with dashes" do
+      expect(authorities.has_role?("create_user")).to eql(true)
+    end
+  end
+
+  context "with a defined base authority" do
+    let(:base_authority) { "SOMEAPI" }
+
+    it "stores the base authority" do
+      input = "CUSTOMERAPI"
+      expect(subject.parse(input, base_authority).base).to eql(base_authority)
+    end
+
+    describe "#has_role?" do
+      let(:input) { "[#{Cassette.config.base_authority}_TEST2, SOMEAPI_TEST]" }
+
+      it "returns true for a role that is using the base authority" do
+        expect(subject.parse(input, base_authority)).to have_role(:test)
+      end
+
+      it "returns false for a role that is not using the base authority" do
+        expect(subject.parse(input, base_authority)).not_to have_role(:test2)
+      end
+    end
+  end
+
+  context "CAS authorities parsing" do
+    it "handles single authority" do
+      input = "CUSTOMERAPI"
+      expect(subject.parse(input).authorities).to eq(%w(CUSTOMERAPI))
+    end
+
+    it "handles multiple authorities with surrounding []" do
+      input = "[CUSTOMERAPI, SAPI]"
+      expect(subject.parse(input).authorities).to eq(%w(CUSTOMERAPI SAPI))
+    end
+
+    it "ignores whitespace in multiple authorities" do
+      input = "[CUSTOMERAPI,SAPI]"
+      expect(subject.parse(input).authorities).to eq(%w(CUSTOMERAPI SAPI))
+    end
+
+    it "returns an empty array when input is nil" do
+      expect(subject.parse(nil).authorities).to eq([])
+    end
+  end
+
+  context "with authentication disabled" do
+    before { ENV["NOAUTH"] = "true" }
+    after { ENV.delete("NOAUTH") }
+    subject { Cassette::Authentication::Authorities.new("[]") }
+
+    it "#has_role? returns true for every role" do
+      expect(subject.authorities).to be_empty
+      expect(subject.has_role?(:can_manage)).to eql(true)
+    end
+
+    it "#has_raw_role? returns true for every role" do
+      expect(subject.authorities).to be_empty
+      expect(subject.has_raw_role?("SAPI_CUSTOMER-CREATOR")).to eql(true)
+    end
+  end
+end

data/spec/cas/authentication/cache_spec.rb

@@ -0,0 +1,8 @@
+
+# encoding: utf-8
+
+require 'spec_helper'
+
+describe Cassette::Authentication::Cache do
+  pending
+end

data/spec/cas/authentication/filter_spec.rb

@@ -0,0 +1,172 @@
+# encoding: utf-8
+
+require "spec_helper"
+require "active_support/core_ext/hash/indifferent_access"
+
+describe Cassette::Authentication::Filter do
+  before do
+    allow(Cassette::Authentication).to receive(:validate_ticket)
+  end
+
+  class ControllerMock
+    attr_accessor :params, :request, :current_user
+    def self.before_filter(*); end
+    include Cassette::Authentication::Filter
+
+    def initialize(params = {}, headers = {})
+      self.params = params.with_indifferent_access
+      self.request = OpenStruct.new(headers: headers.with_indifferent_access)
+    end
+  end
+
+  shared_context "with NOAUTH" do
+    before do
+      ENV["NOAUTH"] = "yes"
+    end
+
+    after do
+      ENV.delete("NOAUTH")
+    end
+  end
+
+  describe "#validate_raw_role!" do
+    let(:controller) { ControllerMock.new }
+    let(:current_user) { instance_double(Cassette::Authentication::User) }
+
+    before do
+      allow(controller).to receive(:current_user).and_return(current_user)
+    end
+
+    it_behaves_like "with NOAUTH" do
+      it "never checks the role" do
+        expect(current_user).not_to receive(:has_raw_role?)
+        controller.validate_raw_role!(:something)
+      end
+
+      it "does not raise error" do
+        expect { controller.validate_raw_role!(:something) }.not_to raise_error
+      end
+    end
+
+    it "forwards to current_user" do
+      role = instance_double(String)
+
+      expect(current_user).to receive(:has_raw_role?).with(role).and_return(true)
+      controller.validate_raw_role!(role)
+    end
+
+    it "raises a Cassette::Errors::Forbidden when current_user does not have the role" do
+      role = instance_double(String)
+
+      expect(current_user).to receive(:has_raw_role?).with(role).and_return(false)
+      expect { controller.validate_raw_role!(role) }.to raise_error(Cassette::Errors::Forbidden)
+    end
+  end
+
+  describe "#validate_role!" do
+    let(:controller) { ControllerMock.new }
+    let(:current_user) { instance_double(Cassette::Authentication::User) }
+
+    before do
+      allow(controller).to receive(:current_user).and_return(current_user)
+    end
+
+    it_behaves_like "with NOAUTH" do
+      it "never checks the role" do
+        expect(current_user).not_to receive(:has_role?)
+        controller.validate_role!(:something)
+      end
+
+      it "does not raise error" do
+        expect { controller.validate_role!(:something) }.not_to raise_error
+      end
+    end
+
+    it "forwards to current_user" do
+      role = instance_double(String)
+
+      expect(current_user).to receive(:has_role?).with(role).and_return(true)
+      controller.validate_role!(role)
+    end
+
+    it "raises a Cassette::Errors::Forbidden when current_user does not have the role" do
+      role = instance_double(String)
+
+      expect(current_user).to receive(:has_role?).with(role).and_return(false)
+      expect { controller.validate_role!(role) }.to raise_error(Cassette::Errors::Forbidden)
+    end
+  end
+
+  describe "#validate_authentication_ticket" do
+    it_behaves_like "with NOAUTH" do
+      context "and no ticket" do
+        let(:controller) { ControllerMock.new }
+
+        it "should not validate tickets" do
+          controller.validate_authentication_ticket
+          expect(Cassette::Authentication).not_to have_received(:validate_ticket)
+        end
+
+        it "should set current_user" do
+          controller.validate_authentication_ticket
+          expect(controller.current_user).to be_present
+        end
+      end
+
+      context "and a ticket header" do
+        let(:controller) do
+          ControllerMock.new({}, "Service-Ticket" => "le ticket")
+        end
+
+        it "should validate tickets" do
+          controller.validate_authentication_ticket
+          expect(Cassette::Authentication).to have_received(:validate_ticket).with("le ticket", Cassette.config.service)
+        end
+      end
+
+      context "and a ticket param" do
+        let(:controller) do
+          ControllerMock.new(ticket: "le ticket")
+        end
+
+        it "should validate tickets" do
+          controller.validate_authentication_ticket
+          expect(Cassette::Authentication).to have_received(:validate_ticket).with("le ticket", Cassette.config.service)
+        end
+      end
+    end
+
+    context "with a ticket in the query string *AND* headers" do
+      let(:controller) do
+        ControllerMock.new({"ticket" => "le other ticket"}, "Service-Ticket" => "le ticket")
+      end
+
+      it "should send only the header ticket to validation" do
+        controller.validate_authentication_ticket
+        expect(Cassette::Authentication).to have_received(:validate_ticket).with("le ticket", Cassette.config.service)
+      end
+    end
+
+    context "with a ticket in the query string" do
+      let(:controller) do
+        ControllerMock.new("ticket" => "le ticket")
+      end
+
+      it "should send the ticket to validation" do
+        controller.validate_authentication_ticket
+        expect(Cassette::Authentication).to have_received(:validate_ticket).with("le ticket", Cassette.config.service)
+      end
+    end
+
+    context "with a ticket in the Service-Ticket header" do
+      let(:controller) do
+        ControllerMock.new({}, "Service-Ticket" => "le ticket")
+      end
+
+      it "should send the ticket to validation" do
+        controller.validate_authentication_ticket
+        expect(Cassette::Authentication).to have_received(:validate_ticket).with("le ticket", Cassette.config.service)
+      end
+    end
+  end
+end

data/spec/cas/authentication/user_spec.rb

@@ -0,0 +1,70 @@
+require 'spec_helper'
+
+describe Cassette::Authentication::User do
+  let(:base_authority) do
+    Cassette.config.base_authority
+  end
+
+  describe "#initialize" do
+    context "without a config" do
+      it "forwards authorities parsing" do
+        expect(Cassette::Authentication::Authorities).to receive(:new).with("[CUSTOMERAPI, SAPI]", nil)
+        Cassette::Authentication::User.new(login: "john.doe", name: "John Doe", authorities: "[CUSTOMERAPI, SAPI]")
+      end
+    end
+
+    context "with a config" do
+      it "forwards authorities parsing passing along the base authority" do
+        config = object_double(Cassette.config)
+
+        expect(config).to receive(:base_authority).and_return("TESTAPI")
+        expect(Cassette::Authentication::Authorities).to receive(:new).with("[CUSTOMERAPI, SAPI]", "TESTAPI")
+
+        Cassette::Authentication::User.new(login: "john.doe", name: "John Doe", authorities: "[CUSTOMERAPI, SAPI]", config: config)
+      end
+    end
+  end
+
+  describe "#has_role?" do
+    let (:user) do
+      Cassette::Authentication::User.new(login: "john.doe", name: "John Doe",
+        authorities: "[#{base_authority}, SAPI, #{base_authority}_CREATE-USER]")
+    end
+
+    it "adds the application prefix to roles" do
+      expect(user.has_role?("CREATE-USER")).to eql(true)
+    end
+
+    it "ignores role case" do
+      expect(user.has_role?("create-user")).to eql(true)
+    end
+
+    it "replaces underscores with dashes" do
+      expect(user.has_role?("create_user")).to eql(true)
+    end
+  end
+
+  context "user types" do
+    context "#employee?" do
+      it "returns true when user is an employee" do
+        expect(Cassette::Authentication::User.new(type: "employee")).to be_employee
+        expect(Cassette::Authentication::User.new(type: "Employee")).to be_employee
+        expect(Cassette::Authentication::User.new(type: :employee)).to be_employee
+        expect(Cassette::Authentication::User.new(type: "customer")).not_to be_employee
+        expect(Cassette::Authentication::User.new(type: nil)).not_to be_employee
+        expect(Cassette::Authentication::User.new(type: "")).not_to be_employee
+      end
+    end
+
+    context "#customer?" do
+      it "returns true when the user is a customer" do
+        expect(Cassette::Authentication::User.new(type: "customer")).to be_customer
+        expect(Cassette::Authentication::User.new(type: "Customer")).to be_customer
+        expect(Cassette::Authentication::User.new(type: :customer)).to be_customer
+        expect(Cassette::Authentication::User.new(type: "employee")).not_to be_customer
+        expect(Cassette::Authentication::User.new(type: nil)).not_to be_customer
+        expect(Cassette::Authentication::User.new(type: "")).not_to be_customer
+      end
+    end
+  end
+end

data/spec/cas/authentication_spec.rb

@@ -0,0 +1,84 @@
+# encoding: utf-8
+
+require "spec_helper"
+
+describe Cassette::Authentication do
+  let(:cache) { instance_double(Cassette::Authentication::Cache) }
+  let(:http)  { class_double(Cassette) }
+
+  subject do
+    Cassette::Authentication.new(cache: cache, http_client: http)
+  end
+
+  describe "#ticket_user" do
+    context "when cached" do
+      it "returns the cached value when cached" do
+        cached = double('cached')
+
+        expect(cache).to receive(:fetch_authentication) do |ticket, &block|
+          expect(ticket).to eql("ticket")
+          expect(block).to be_present
+          cached
+        end
+
+        expect(subject.ticket_user("ticket")).to eql(cached)
+      end
+    end
+
+    context "when not cached" do
+      before do
+        expect(cache).to receive(:fetch_authentication) do |ticket, &block|
+          block.call
+        end
+      end
+
+      it "raises a Forbidden exception on any exceptions" do
+        allow(http).to receive(:post).with(anything, anything).and_raise(Cassette::Errors::BadRequest)
+        expect { subject.ticket_user("ticket") }.to raise_error(Cassette::Errors::Forbidden)
+      end
+
+      context "with a failed CAS response" do
+        before do
+          allow(http).to receive(:post).with(anything, anything)
+            .and_return(OpenStruct.new(body: fixture("cas/fail.xml")))
+        end
+
+        it "returns nil" do
+          expect(subject.ticket_user("ticket")).to be_nil
+        end
+      end
+
+      context "with a successful CAS response" do
+        before do
+          allow(http).to receive(:post).with(anything, anything)
+            .and_return(OpenStruct.new(body: fixture("cas/success.xml")))
+        end
+
+        it "returns an User" do
+          expect(subject.ticket_user("ticket")).to be_instance_of(Cassette::Authentication::User)
+        end
+      end
+    end
+  end
+
+  describe "#validate_ticket" do
+    it "raises a authorization required error when no ticket is provided" do
+      expect { subject.validate_ticket(nil) }.to raise_error(Cassette::Errors::AuthorizationRequired)
+    end
+
+    it "raises a authorization required error when ticket is blank" do
+      expect { subject.validate_ticket("") }.to raise_error(Cassette::Errors::AuthorizationRequired)
+    end
+
+    it "raises a forbidden error when the associated user is not found" do
+      expect(subject).to receive(:ticket_user).with("ticket", Cassette.config.service).and_return(nil)
+      expect { subject.validate_ticket("ticket") }.to raise_error(Cassette::Errors::Forbidden)
+    end
+
+    it "returns the associated user" do
+      user = double('User')
+      expect(subject).to receive(:ticket_user).with("ticket", Cassette.config.service).and_return(user)
+      expect(subject.validate_ticket("ticket")).to eql(user)
+    end
+  end
+end

data/spec/cas/cache_spec.rb

@@ -0,0 +1,40 @@
+# encoding: utf-8
+
+require 'spec_helper'
+
+describe Cassette::Cache do
+  subject do
+    c = Class.new
+    c.send(:include, Cassette::Cache)
+    c.new
+  end
+
+  describe "backend" do
+    before { subject.backend = nil }
+    after { subject.backend = nil }
+
+    it "sets the backend" do
+      backend = double('Backend')
+      subject.backend = backend
+      expect(subject.backend).to eql(backend)
+    end
+
+    it "defaults to rails backend" do
+      rails = double("Rails")
+      allow(rails).to receive(:cache).and_return(rails)
+      stub_const("Rails", rails)
+
+      expect(subject.backend).to eql(rails)
+    end
+  end
+
+  it "invalidates the cache after the configured number of uses" do
+    generator = double('Generator')
+    expect(generator).to receive(:generate).twice
+
+    6.times do
+      subject.fetch("Generator", max_uses: 5) { generator.generate }
+    end
+  end
+end
+

data/spec/cas/client/cache_spec.rb

@@ -0,0 +1,7 @@
+# encoding: utf-8
+
+require 'spec_helper'
+
+describe Cassette::Client::Cache do
+  pending
+end

data/spec/cas/errors_spec.rb

@@ -0,0 +1,29 @@
+# encoding: UTF-8
+
+require "spec_helper"
+
+describe Cassette::Errors do
+  describe Cassette::Errors::Base do
+    describe "#code" do
+      it "returns the HTTP status code accordlingly" do
+        expect(Cassette::Errors::Forbidden.new.code).to eql(403)
+        expect(Cassette::Errors::NotFound.new.code).to eql(404)
+        expect(Cassette::Errors::InternalServerError.new.code).to eql(500)
+      end
+    end
+  end
+
+  describe ".raise_by_code" do
+    it "raises the correct exception for the status code" do
+      expect { Cassette::Errors.raise_by_code(404) }.to raise_error(Cassette::Errors::NotFound)
+      expect { Cassette::Errors.raise_by_code(403) }.to raise_error(Cassette::Errors::Forbidden)
+      expect { Cassette::Errors.raise_by_code(412) }.to raise_error(Cassette::Errors::PreconditionFailed)
+      expect { Cassette::Errors.raise_by_code(500) }.to raise_error(Cassette::Errors::InternalServerError)
+    end
+
+    it "raises internal server error for unmapped errors" do
+      expect { Cassette::Errors.raise_by_code(406) }.to raise_error(Cassette::Errors::InternalServerError)
+      expect { Cassette::Errors.raise_by_code(200) }.to raise_error(Cassette::Errors::InternalServerError)
+    end
+  end
+end

data/spec/cas_spec.rb

@@ -0,0 +1,78 @@
+require "spec_helper"
+
+describe Cassette do
+  let(:uri) { "http://example.org/" }
+  let(:response) do
+    Faraday.new do |builder|
+      builder.adapter :test do |stub|
+        stub.post(uri, 'data') do |env|
+          headers = env.request_headers
+          [200, {}, "{ok: true}"]
+        end
+      end
+    end
+  end
+
+  let(:failed_response) do
+    Faraday.new do |builder|
+      builder.adapter :test do |stub|
+        stub.post(uri, 'data') do |env|
+          headers = env.request_headers
+          [500, {}, "{ok: false}"]
+        end
+      end
+    end
+  end
+
+  describe ".new_request" do
+    it "returns an instance" do
+      # damn coverage
+      expect(Cassette.new_request(uri, 5)).to be_instance_of(Faraday::Connection)
+    end
+  end
+
+  describe ".post" do
+    it "forwards requests" do
+      allow(Cassette).to receive(:new_request).with(uri, 5).and_return(response)
+      Cassette.post(uri, "data", 5)
+    end
+
+    it "raises an exception when failed" do
+      allow(Cassette).to receive(:new_request).with(uri, 5).and_return(failed_response)
+      expect { Cassette.post(uri, "data", 5) }.to raise_error(Cassette::Errors::InternalServerError)
+    end
+  end
+
+  def keeping_logger(&block)
+    original_logger = Cassette.logger
+    block.call
+    Cassette.logger = original_logger
+  end
+
+  describe ".logger" do
+    it "returns a default instance" do
+      expect(Cassette.logger).not_to be_nil
+      expect(Cassette.logger.kind_of?(Logger)).to eql(true)
+    end
+
+    it "returns rails logger when Rails is available" do
+      keeping_logger do
+        Cassette.logger = nil
+        rails = double("Rails")
+        expect(rails).to receive(:logger).and_return(rails).at_least(:once)
+        stub_const("Rails", rails)
+        expect(Cassette.logger).to eql(rails)
+      end
+    end
+  end
+
+  describe ".logger=" do
+    let(:logger) { Logger.new(STDOUT) }
+    it "defines the logger instance" do
+      keeping_logger do
+        Cassette.logger = logger
+        expect(Cassette.logger).to eq(logger)
+      end
+    end
+  end
+end

data/spec/config.yml

@@ -0,0 +1,5 @@
+username: "test"
+password: "inicial1234"
+service: "test-api.devintegration.locaweb.com.br"
+base: "https://systems-login.systemintegration.locaweb.com.br"
+base_authority: "CASTEST"

data/spec/fixtures/cas/fail.xml

@@ -0,0 +1,6 @@
+<?xml version="1.0"?>
+<cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
+  <cas:authenticationFailure code='INVALID_TICKET'>
+    ticket &#039;whatever&#039; não reconhecido
+  </cas:authenticationFailure>
+</cas:serviceResponse>