cassette 1.0.2 → 1.0.17

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (35) hide show
  1. checksums.yaml +5 -13
  2. data/README.md +125 -106
  3. data/lib/cassette/authentication/authorities.rb +5 -5
  4. data/lib/cassette/authentication/cache.rb +5 -6
  5. data/lib/cassette/authentication/filter.rb +9 -9
  6. data/lib/cassette/authentication/user.rb +4 -4
  7. data/lib/cassette/authentication.rb +9 -9
  8. data/lib/cassette/cache.rb +2 -4
  9. data/lib/cassette/client/cache.rb +12 -12
  10. data/lib/cassette/client.rb +11 -16
  11. data/lib/cassette/errors/not_a_customer.rb +1 -2
  12. data/lib/cassette/errors/not_an_employee.rb +1 -2
  13. data/lib/cassette/errors.rb +8 -8
  14. data/lib/cassette/rubycas/helper.rb +21 -25
  15. data/lib/cassette/rubycas/not_single_sign_out_constraint.rb +1 -2
  16. data/lib/cassette/rubycas/single_sign_out_constraint.rb +6 -7
  17. data/lib/cassette/rubycas.rb +3 -4
  18. data/lib/cassette/version.rb +6 -10
  19. data/lib/cassette.rb +21 -21
  20. data/spec/cas_spec.rb +21 -21
  21. data/spec/cassette/authentication/authorities_spec.rb +82 -0
  22. data/spec/{cas → cassette}/authentication/cache_spec.rb +0 -0
  23. data/spec/{cas → cassette}/authentication/filter_spec.rb +52 -53
  24. data/spec/cassette/authentication/user_spec.rb +70 -0
  25. data/spec/cassette/authentication_spec.rb +84 -0
  26. data/spec/{cas → cassette}/cache_spec.rb +7 -8
  27. data/spec/{cas → cassette}/client/cache_spec.rb +0 -0
  28. data/spec/{cas → cassette}/errors_spec.rb +6 -6
  29. data/spec/config.yml +4 -4
  30. data/spec/integration/cas/client_spec.rb +32 -31
  31. data/spec/spec_helper.rb +7 -7
  32. metadata +57 -57
  33. data/spec/cas/authentication/authorities_spec.rb +0 -82
  34. data/spec/cas/authentication/user_spec.rb +0 -70
  35. data/spec/cas/authentication_spec.rb +0 -84
@@ -1,82 +0,0 @@
1
- require 'spec_helper'
2
-
3
- describe Cassette::Authentication::Authorities do
4
- subject do
5
- Cassette::Authentication::Authorities
6
- end
7
-
8
- describe "#has_role?" do
9
- let(:input) { "[#{Cassette.config.base_authority}, SAPI, #{Cassette.config.base_authority}_CREATE-USER]" }
10
- let(:authorities) { subject.parse(input) }
11
-
12
- it "adds the application prefix to roles" do
13
- expect(authorities.has_role?("CREATE-USER")).to eql(true)
14
- end
15
-
16
- it "ignores role case" do
17
- expect(authorities.has_role?("create-user")).to eql(true)
18
- end
19
-
20
- it "replaces underscores with dashes" do
21
- expect(authorities.has_role?("create_user")).to eql(true)
22
- end
23
- end
24
-
25
- context "with a defined base authority" do
26
- let(:base_authority) { "SOMEAPI" }
27
-
28
- it "stores the base authority" do
29
- input = "CUSTOMERAPI"
30
- expect(subject.parse(input, base_authority).base).to eql(base_authority)
31
- end
32
-
33
- describe "#has_role?" do
34
- let(:input) { "[#{Cassette.config.base_authority}_TEST2, SOMEAPI_TEST]" }
35
-
36
- it "returns true for a role that is using the base authority" do
37
- expect(subject.parse(input, base_authority)).to have_role(:test)
38
- end
39
-
40
- it "returns false for a role that is not using the base authority" do
41
- expect(subject.parse(input, base_authority)).not_to have_role(:test2)
42
- end
43
- end
44
- end
45
-
46
- context "CAS authorities parsing" do
47
- it "handles single authority" do
48
- input = "CUSTOMERAPI"
49
- expect(subject.parse(input).authorities).to eq(%w(CUSTOMERAPI))
50
- end
51
-
52
- it "handles multiple authorities with surrounding []" do
53
- input = "[CUSTOMERAPI, SAPI]"
54
- expect(subject.parse(input).authorities).to eq(%w(CUSTOMERAPI SAPI))
55
- end
56
-
57
- it "ignores whitespace in multiple authorities" do
58
- input = "[CUSTOMERAPI,SAPI]"
59
- expect(subject.parse(input).authorities).to eq(%w(CUSTOMERAPI SAPI))
60
- end
61
-
62
- it "returns an empty array when input is nil" do
63
- expect(subject.parse(nil).authorities).to eq([])
64
- end
65
- end
66
-
67
- context "with authentication disabled" do
68
- before { ENV["NOAUTH"] = "true" }
69
- after { ENV.delete("NOAUTH") }
70
- subject { Cassette::Authentication::Authorities.new("[]") }
71
-
72
- it "#has_role? returns true for every role" do
73
- expect(subject.authorities).to be_empty
74
- expect(subject.has_role?(:can_manage)).to eql(true)
75
- end
76
-
77
- it "#has_raw_role? returns true for every role" do
78
- expect(subject.authorities).to be_empty
79
- expect(subject.has_raw_role?("SAPI_CUSTOMER-CREATOR")).to eql(true)
80
- end
81
- end
82
- end
@@ -1,70 +0,0 @@
1
- require 'spec_helper'
2
-
3
- describe Cassette::Authentication::User do
4
- let(:base_authority) do
5
- Cassette.config.base_authority
6
- end
7
-
8
- describe "#initialize" do
9
- context "without a config" do
10
- it "forwards authorities parsing" do
11
- expect(Cassette::Authentication::Authorities).to receive(:new).with("[CUSTOMERAPI, SAPI]", nil)
12
- Cassette::Authentication::User.new(login: "john.doe", name: "John Doe", authorities: "[CUSTOMERAPI, SAPI]")
13
- end
14
- end
15
-
16
- context "with a config" do
17
- it "forwards authorities parsing passing along the base authority" do
18
- config = object_double(Cassette.config)
19
-
20
- expect(config).to receive(:base_authority).and_return("TESTAPI")
21
- expect(Cassette::Authentication::Authorities).to receive(:new).with("[CUSTOMERAPI, SAPI]", "TESTAPI")
22
-
23
- Cassette::Authentication::User.new(login: "john.doe", name: "John Doe", authorities: "[CUSTOMERAPI, SAPI]", config: config)
24
- end
25
- end
26
- end
27
-
28
- describe "#has_role?" do
29
- let (:user) do
30
- Cassette::Authentication::User.new(login: "john.doe", name: "John Doe",
31
- authorities: "[#{base_authority}, SAPI, #{base_authority}_CREATE-USER]")
32
- end
33
-
34
- it "adds the application prefix to roles" do
35
- expect(user.has_role?("CREATE-USER")).to eql(true)
36
- end
37
-
38
- it "ignores role case" do
39
- expect(user.has_role?("create-user")).to eql(true)
40
- end
41
-
42
- it "replaces underscores with dashes" do
43
- expect(user.has_role?("create_user")).to eql(true)
44
- end
45
- end
46
-
47
- context "user types" do
48
- context "#employee?" do
49
- it "returns true when user is an employee" do
50
- expect(Cassette::Authentication::User.new(type: "employee")).to be_employee
51
- expect(Cassette::Authentication::User.new(type: "Employee")).to be_employee
52
- expect(Cassette::Authentication::User.new(type: :employee)).to be_employee
53
- expect(Cassette::Authentication::User.new(type: "customer")).not_to be_employee
54
- expect(Cassette::Authentication::User.new(type: nil)).not_to be_employee
55
- expect(Cassette::Authentication::User.new(type: "")).not_to be_employee
56
- end
57
- end
58
-
59
- context "#customer?" do
60
- it "returns true when the user is a customer" do
61
- expect(Cassette::Authentication::User.new(type: "customer")).to be_customer
62
- expect(Cassette::Authentication::User.new(type: "Customer")).to be_customer
63
- expect(Cassette::Authentication::User.new(type: :customer)).to be_customer
64
- expect(Cassette::Authentication::User.new(type: "employee")).not_to be_customer
65
- expect(Cassette::Authentication::User.new(type: nil)).not_to be_customer
66
- expect(Cassette::Authentication::User.new(type: "")).not_to be_customer
67
- end
68
- end
69
- end
70
- end
@@ -1,84 +0,0 @@
1
- # encoding: utf-8
2
-
3
- require "spec_helper"
4
-
5
- describe Cassette::Authentication do
6
- let(:cache) { instance_double(Cassette::Authentication::Cache) }
7
- let(:http) { class_double(Cassette) }
8
-
9
- subject do
10
- Cassette::Authentication.new(cache: cache, http_client: http)
11
- end
12
-
13
- describe "#ticket_user" do
14
- context "when cached" do
15
- it "returns the cached value when cached" do
16
- cached = double('cached')
17
-
18
- expect(cache).to receive(:fetch_authentication) do |ticket, &block|
19
- expect(ticket).to eql("ticket")
20
- expect(block).to be_present
21
- cached
22
- end
23
-
24
- expect(subject.ticket_user("ticket")).to eql(cached)
25
- end
26
- end
27
-
28
- context "when not cached" do
29
- before do
30
- expect(cache).to receive(:fetch_authentication) do |ticket, &block|
31
- block.call
32
- end
33
- end
34
-
35
- it "raises a Forbidden exception on any exceptions" do
36
- allow(http).to receive(:post).with(anything, anything).and_raise(Cassette::Errors::BadRequest)
37
- expect { subject.ticket_user("ticket") }.to raise_error(Cassette::Errors::Forbidden)
38
- end
39
-
40
- context "with a failed CAS response" do
41
- before do
42
- allow(http).to receive(:post).with(anything, anything)
43
- .and_return(OpenStruct.new(body: fixture("cas/fail.xml")))
44
- end
45
-
46
- it "returns nil" do
47
- expect(subject.ticket_user("ticket")).to be_nil
48
- end
49
- end
50
-
51
- context "with a successful CAS response" do
52
- before do
53
- allow(http).to receive(:post).with(anything, anything)
54
- .and_return(OpenStruct.new(body: fixture("cas/success.xml")))
55
- end
56
-
57
- it "returns an User" do
58
- expect(subject.ticket_user("ticket")).to be_instance_of(Cassette::Authentication::User)
59
- end
60
- end
61
- end
62
- end
63
-
64
- describe "#validate_ticket" do
65
- it "raises a authorization required error when no ticket is provided" do
66
- expect { subject.validate_ticket(nil) }.to raise_error(Cassette::Errors::AuthorizationRequired)
67
- end
68
-
69
- it "raises a authorization required error when ticket is blank" do
70
- expect { subject.validate_ticket("") }.to raise_error(Cassette::Errors::AuthorizationRequired)
71
- end
72
-
73
- it "raises a forbidden error when the associated user is not found" do
74
- expect(subject).to receive(:ticket_user).with("ticket", Cassette.config.service).and_return(nil)
75
- expect { subject.validate_ticket("ticket") }.to raise_error(Cassette::Errors::Forbidden)
76
- end
77
-
78
- it "returns the associated user" do
79
- user = double('User')
80
- expect(subject).to receive(:ticket_user).with("ticket", Cassette.config.service).and_return(user)
81
- expect(subject.validate_ticket("ticket")).to eql(user)
82
- end
83
- end
84
- end