cassette 1.0.2 → 1.0.17

data/spec/cas/authentication/authorities_spec.rb

@@ -1,82 +0,0 @@
-require 'spec_helper'
-
-describe Cassette::Authentication::Authorities do
-  subject do
-    Cassette::Authentication::Authorities
-  end
-
-  describe "#has_role?" do
-    let(:input) { "[#{Cassette.config.base_authority}, SAPI, #{Cassette.config.base_authority}_CREATE-USER]" }
-    let(:authorities) { subject.parse(input) }
-
-    it "adds the application prefix to roles" do
-      expect(authorities.has_role?("CREATE-USER")).to eql(true)
-    end
-
-    it "ignores role case" do
-      expect(authorities.has_role?("create-user")).to eql(true)
-    end
-
-    it "replaces underscores with dashes" do
-      expect(authorities.has_role?("create_user")).to eql(true)
-    end
-  end
-
-  context "with a defined base authority" do
-    let(:base_authority) { "SOMEAPI" }
-
-    it "stores the base authority" do
-      input = "CUSTOMERAPI"
-      expect(subject.parse(input, base_authority).base).to eql(base_authority)
-    end
-
-    describe "#has_role?" do
-      let(:input) { "[#{Cassette.config.base_authority}_TEST2, SOMEAPI_TEST]" }
-
-      it "returns true for a role that is using the base authority" do
-        expect(subject.parse(input, base_authority)).to have_role(:test)
-      end
-
-      it "returns false for a role that is not using the base authority" do
-        expect(subject.parse(input, base_authority)).not_to have_role(:test2)
-      end
-    end
-  end
-
-  context "CAS authorities parsing" do
-    it "handles single authority" do
-      input = "CUSTOMERAPI"
-      expect(subject.parse(input).authorities).to eq(%w(CUSTOMERAPI))
-    end
-
-    it "handles multiple authorities with surrounding []" do
-      input = "[CUSTOMERAPI, SAPI]"
-      expect(subject.parse(input).authorities).to eq(%w(CUSTOMERAPI SAPI))
-    end
-
-    it "ignores whitespace in multiple authorities" do
-      input = "[CUSTOMERAPI,SAPI]"
-      expect(subject.parse(input).authorities).to eq(%w(CUSTOMERAPI SAPI))
-    end
-
-    it "returns an empty array when input is nil" do
-      expect(subject.parse(nil).authorities).to eq([])
-    end
-  end
-
-  context "with authentication disabled" do
-    before { ENV["NOAUTH"] = "true" }
-    after { ENV.delete("NOAUTH") }
-    subject { Cassette::Authentication::Authorities.new("[]") }
-
-    it "#has_role? returns true for every role" do
-      expect(subject.authorities).to be_empty
-      expect(subject.has_role?(:can_manage)).to eql(true)
-    end
-
-    it "#has_raw_role? returns true for every role" do
-      expect(subject.authorities).to be_empty
-      expect(subject.has_raw_role?("SAPI_CUSTOMER-CREATOR")).to eql(true)
-    end
-  end
-end

data/spec/cas/authentication/user_spec.rb

@@ -1,70 +0,0 @@
-require 'spec_helper'
-
-describe Cassette::Authentication::User do
-  let(:base_authority) do
-    Cassette.config.base_authority
-  end
-
-  describe "#initialize" do
-    context "without a config" do
-      it "forwards authorities parsing" do
-        expect(Cassette::Authentication::Authorities).to receive(:new).with("[CUSTOMERAPI, SAPI]", nil)
-        Cassette::Authentication::User.new(login: "john.doe", name: "John Doe", authorities: "[CUSTOMERAPI, SAPI]")
-      end
-    end
-
-    context "with a config" do
-      it "forwards authorities parsing passing along the base authority" do
-        config = object_double(Cassette.config)
-
-        expect(config).to receive(:base_authority).and_return("TESTAPI")
-        expect(Cassette::Authentication::Authorities).to receive(:new).with("[CUSTOMERAPI, SAPI]", "TESTAPI")
-
-        Cassette::Authentication::User.new(login: "john.doe", name: "John Doe", authorities: "[CUSTOMERAPI, SAPI]", config: config)
-      end
-    end
-  end
-
-  describe "#has_role?" do
-    let (:user) do
-      Cassette::Authentication::User.new(login: "john.doe", name: "John Doe",
-        authorities: "[#{base_authority}, SAPI, #{base_authority}_CREATE-USER]")
-    end
-
-    it "adds the application prefix to roles" do
-      expect(user.has_role?("CREATE-USER")).to eql(true)
-    end
-
-    it "ignores role case" do
-      expect(user.has_role?("create-user")).to eql(true)
-    end
-
-    it "replaces underscores with dashes" do
-      expect(user.has_role?("create_user")).to eql(true)
-    end
-  end
-
-  context "user types" do
-    context "#employee?" do
-      it "returns true when user is an employee" do
-        expect(Cassette::Authentication::User.new(type: "employee")).to be_employee
-        expect(Cassette::Authentication::User.new(type: "Employee")).to be_employee
-        expect(Cassette::Authentication::User.new(type: :employee)).to be_employee
-        expect(Cassette::Authentication::User.new(type: "customer")).not_to be_employee
-        expect(Cassette::Authentication::User.new(type: nil)).not_to be_employee
-        expect(Cassette::Authentication::User.new(type: "")).not_to be_employee
-      end
-    end
-
-    context "#customer?" do
-      it "returns true when the user is a customer" do
-        expect(Cassette::Authentication::User.new(type: "customer")).to be_customer
-        expect(Cassette::Authentication::User.new(type: "Customer")).to be_customer
-        expect(Cassette::Authentication::User.new(type: :customer)).to be_customer
-        expect(Cassette::Authentication::User.new(type: "employee")).not_to be_customer
-        expect(Cassette::Authentication::User.new(type: nil)).not_to be_customer
-        expect(Cassette::Authentication::User.new(type: "")).not_to be_customer
-      end
-    end
-  end
-end

data/spec/cas/authentication_spec.rb

@@ -1,84 +0,0 @@
-# encoding: utf-8
-
-require "spec_helper"
-
-describe Cassette::Authentication do
-  let(:cache) { instance_double(Cassette::Authentication::Cache) }
-  let(:http)  { class_double(Cassette) }
-
-  subject do
-    Cassette::Authentication.new(cache: cache, http_client: http)
-  end
-
-  describe "#ticket_user" do
-    context "when cached" do
-      it "returns the cached value when cached" do
-        cached = double('cached')
-
-        expect(cache).to receive(:fetch_authentication) do |ticket, &block|
-          expect(ticket).to eql("ticket")
-          expect(block).to be_present
-          cached
-        end
-
-        expect(subject.ticket_user("ticket")).to eql(cached)
-      end
-    end
-
-    context "when not cached" do
-      before do
-        expect(cache).to receive(:fetch_authentication) do |ticket, &block|
-          block.call
-        end
-      end
-
-      it "raises a Forbidden exception on any exceptions" do
-        allow(http).to receive(:post).with(anything, anything).and_raise(Cassette::Errors::BadRequest)
-        expect { subject.ticket_user("ticket") }.to raise_error(Cassette::Errors::Forbidden)
-      end
-
-      context "with a failed CAS response" do
-        before do
-          allow(http).to receive(:post).with(anything, anything)
-            .and_return(OpenStruct.new(body: fixture("cas/fail.xml")))
-        end
-
-        it "returns nil" do
-          expect(subject.ticket_user("ticket")).to be_nil
-        end
-      end
-
-      context "with a successful CAS response" do
-        before do
-          allow(http).to receive(:post).with(anything, anything)
-            .and_return(OpenStruct.new(body: fixture("cas/success.xml")))
-        end
-
-        it "returns an User" do
-          expect(subject.ticket_user("ticket")).to be_instance_of(Cassette::Authentication::User)
-        end
-      end
-    end
-  end
-
-  describe "#validate_ticket" do
-    it "raises a authorization required error when no ticket is provided" do
-      expect { subject.validate_ticket(nil) }.to raise_error(Cassette::Errors::AuthorizationRequired)
-    end
-
-    it "raises a authorization required error when ticket is blank" do
-      expect { subject.validate_ticket("") }.to raise_error(Cassette::Errors::AuthorizationRequired)
-    end
-
-    it "raises a forbidden error when the associated user is not found" do
-      expect(subject).to receive(:ticket_user).with("ticket", Cassette.config.service).and_return(nil)
-      expect { subject.validate_ticket("ticket") }.to raise_error(Cassette::Errors::Forbidden)
-    end
-
-    it "returns the associated user" do
-      user = double('User')
-      expect(subject).to receive(:ticket_user).with("ticket", Cassette.config.service).and_return(user)
-      expect(subject.validate_ticket("ticket")).to eql(user)
-    end
-  end
-end