castle-rb 3.6.2

data/spec/lib/castle/context/default_spec.rb

@@ -0,0 +1,41 @@
+# frozen_string_literal: true
+
+describe Castle::Context::Default do
+  subject { described_class.new(request, nil) }
+
+  let(:ip) { '1.2.3.4' }
+  let(:cookie_id) { 'abcd' }
+
+  let(:env) do
+    Rack::MockRequest.env_for('/',
+                              'HTTP_X_FORWARDED_FOR' => ip,
+                              'HTTP_ACCEPT_LANGUAGE' => 'en',
+                              'HTTP_USER_AGENT' => 'test',
+                              'HTTP_COOKIE' => "__cid=#{cookie_id};other=efgh")
+  end
+  let(:request) { Rack::Request.new(env) }
+  let(:default_context) { subject.call }
+  let(:version) { '2.2.0' }
+
+  before do
+    stub_const('Castle::VERSION', version)
+  end
+
+  it { expect(default_context[:active]).to be_eql(true) }
+  it { expect(default_context[:origin]).to be_eql('web') }
+
+  it do
+    expect(default_context[:headers]).to be_eql(
+      'X-Forwarded-For' => '1.2.3.4',
+      'Accept-Language' => 'en',
+      'User-Agent' => 'test',
+      'Content-Length' => '0',
+      'Cookie' => true
+    )
+  end
+
+  it { expect(default_context[:ip]).to be_eql(ip) }
+  it { expect(default_context[:library][:name]).to be_eql('castle-rb') }
+  it { expect(default_context[:library][:version]).to be_eql(version) }
+  it { expect(default_context[:user_agent]).to be_eql('test') }
+end

data/spec/lib/castle/context/merger_spec.rb

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+describe Castle::Context::Merger do
+  let(:first) { { test: { test1: { c: '4' } } } }
+
+  describe '#call' do
+    subject { described_class.call(first, second) }
+
+    let(:result) { { test: { test1: { c: '4', d: '5' } } } }
+
+    context 'with symbol keys' do
+      let(:second) { { test: { test1: { d: '5' } } } }
+
+      it { is_expected.to eq(result) }
+    end
+
+    context 'with string keys' do
+      let(:second) { { 'test' => { 'test1' => { 'd' => '5' } } } }
+
+      it { is_expected.to eq(result) }
+    end
+  end
+end

data/spec/lib/castle/context/sanitizer_spec.rb

@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+describe Castle::Context::Sanitizer do
+  let(:paylod) { { test: 'test' } }
+
+  describe '#call' do
+    subject { described_class.call(context) }
+
+    context 'when active true' do
+      let(:context) { paylod.merge(active: true) }
+
+      it { is_expected.to eql(context) }
+    end
+
+    context 'when active false' do
+      let(:context) { paylod.merge(active: false) }
+
+      it { is_expected.to eql(context) }
+    end
+
+    context 'when active string' do
+      let(:context) { paylod.merge(active: 'uknown') }
+
+      it { is_expected.to eql(paylod) }
+    end
+  end
+end

data/spec/lib/castle/extractors/client_id_spec.rb

@@ -0,0 +1,62 @@
+# frozen_string_literal: true
+
+describe Castle::Extractors::ClientId do
+  subject(:extractor) { described_class.new(request, cookies) }
+
+  let(:client_id_cookie) { 'abcd' }
+  let(:client_id_header) { 'abcde' }
+  let(:cookies) { request.cookies }
+  let(:request) { Rack::Request.new(env) }
+  let(:env) do
+    Rack::MockRequest.env_for('/', headers)
+  end
+
+  context 'with client_id' do
+    let(:headers) do
+      {
+        'HTTP_X_FORWARDED_FOR' => '1.2.3.4',
+        'HTTP_COOKIE' => "__cid=#{client_id_cookie};other=efgh"
+      }
+    end
+
+    it do
+      expect(extractor.call).to eql(client_id_cookie)
+    end
+  end
+
+  context 'with X-Castle-Client-Id header' do
+    let(:headers) do
+      {
+        'HTTP_X_FORWARDED_FOR' => '1.2.3.4',
+        'HTTP_X_CASTLE_CLIENT_ID' => client_id_header
+      }
+    end
+
+    it 'appends the client_id' do
+      expect(extractor.call).to eql(client_id_header)
+    end
+  end
+
+  context 'when cookies undefined' do
+    let(:cookies) { nil }
+    let(:headers) { {} }
+
+    it do
+      expect(extractor.call).to eql('')
+    end
+  end
+
+  context 'with X-Castle-Client-Id header and cookies client' do
+    let(:headers) do
+      {
+        'HTTP_X_FORWARDED_FOR' => '1.2.3.4',
+        'HTTP_X_CASTLE_CLIENT_ID' => client_id_header,
+        'HTTP_COOKIE' => "__cid=#{client_id_cookie};other=efgh"
+      }
+    end
+
+    it 'appends the client_id' do
+      expect(extractor.call).to eql(client_id_header)
+    end
+  end
+end

data/spec/lib/castle/extractors/headers_spec.rb

@@ -0,0 +1,89 @@
+# frozen_string_literal: true
+
+describe Castle::Extractors::Headers do
+  subject(:headers) { described_class.new(request).call }
+
+  let(:client_id) { 'abcd' }
+  let(:env) do
+    result = Rack::MockRequest.env_for(
+      '/',
+      'Action-Dispatch.request.content-Type' => 'application/json',
+      'HTTP_AUTHORIZATION' => 'Basic 123456',
+      'HTTP_COOKIE' => "__cid=#{client_id};other=efgh",
+      'HTTP_ACCEPT' => 'application/json',
+      'HTTP_X_FORWARDED_FOR' => '1.2.3.4',
+      'HTTP_USER_AGENT' => 'Mozilla 1234',
+      'TEST' => '1'
+    )
+    result[:HTTP_OK] = 'OK'
+    result
+  end
+  let(:request) { Rack::Request.new(env) }
+
+  context 'when whitelist is not set in the configuration' do
+    it do
+      is_expected.to eq('Accept' => 'application/json',
+                        'Authorization' => true,
+                        'Cookie' => true,
+                        'Content-Length' => '0',
+                        'Ok' => 'OK',
+                        'User-Agent' => 'Mozilla 1234',
+                        'X-Forwarded-For' => '1.2.3.4')
+    end
+  end
+
+  context 'when whitelist is set in the configuration' do
+    before { Castle.config.whitelisted = %w[Accept OK] }
+
+    it do
+      is_expected.to eq('Accept' => 'application/json',
+                        'Authorization' => true,
+                        'Cookie' => true,
+                        'Content-Length' => true,
+                        'Ok' => 'OK',
+                        'User-Agent' => 'Mozilla 1234',
+                        'X-Forwarded-For' => true)
+    end
+  end
+
+  context 'when blacklist is set in the configuration' do
+    context 'with a User-Agent' do
+      before { Castle.config.blacklisted = %w[User-Agent] }
+
+      it do
+        is_expected.to eq('Accept' => 'application/json',
+                          'Authorization' => true,
+                          'Cookie' => true,
+                          'Content-Length' => '0',
+                          'Ok' => 'OK',
+                          'User-Agent' => 'Mozilla 1234',
+                          'X-Forwarded-For' => '1.2.3.4')
+      end
+    end
+
+    context 'with a different header' do
+      before { Castle.config.blacklisted = %w[Accept] }
+
+      it do
+        is_expected.to eq('Accept' => true,
+                          'Authorization' => true,
+                          'Cookie' => true,
+                          'Content-Length' => '0',
+                          'Ok' => 'OK',
+                          'User-Agent' => 'Mozilla 1234',
+                          'X-Forwarded-For' => '1.2.3.4')
+      end
+    end
+  end
+
+  context 'when a header is both whitelisted and blacklisted' do
+    before do
+      Castle.config.whitelisted = %w[Accept]
+      Castle.config.blacklisted = %w[Accept]
+    end
+
+    it do
+      expect(headers['Accept']).to eq(true)
+    end
+  end
+end

data/spec/lib/castle/extractors/ip_spec.rb

@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+describe Castle::Extractors::IP do
+  subject(:extractor) { described_class.new(request) }
+
+  let(:request) { Rack::Request.new(env) }
+
+  describe 'ip' do
+    context 'when regular ip' do
+      let(:env) { Rack::MockRequest.env_for('/', 'HTTP_X_FORWARDED_FOR' => '1.2.3.5') }
+
+      it { expect(extractor.call).to eql('1.2.3.5') }
+    end
+
+    context 'when cf remote_ip' do
+      let(:env) do
+        Rack::MockRequest.env_for(
+          '/',
+          'HTTP_CF_CONNECTING_IP' => '1.2.3.4',
+          'HTTP_X_FORWARDED_FOR' => '1.2.3.5'
+        )
+      end
+
+      it { expect(extractor.call).to eql('1.2.3.4') }
+    end
+  end
+end

data/spec/lib/castle/header_formatter_spec.rb

@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+describe Castle::HeaderFormatter do
+  subject(:formatter) { described_class.new }
+
+  it 'removes HTTP_' do
+    expect(formatter.call('HTTP_X_TEST')).to be_eql('X-Test')
+  end
+
+  it 'capitalizes header' do
+    expect(formatter.call('X_TEST')).to be_eql('X-Test')
+  end
+
+  it 'ignores letter case and -_ divider' do
+    expect(formatter.call('http-X_teST')).to be_eql('X-Test')
+  end
+
+  it 'does not remove http if there is no _- char' do
+    expect(formatter.call('httpX_teST')).to be_eql('Httpx-Test')
+  end
+
+  it 'removes HTTP_' do
+    expect(formatter.call(:clearance)).to be_eql('Clearance')
+  end
+end

data/spec/lib/castle/review_spec.rb

@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+describe Castle::Review do
+  before do
+    stub_request(:any, /api.castle.io/).with(
+      basic_auth: ['', 'secret']
+    ).to_return(status: 200, body: '{}', headers: {})
+  end
+
+  describe '#retrieve' do
+    subject(:retrieve) { described_class.retrieve(review_id) }
+
+    let(:review_id) { '1234' }
+
+    before { retrieve }
+
+    it { assert_requested :get, "https://api.castle.io/v1/reviews/#{review_id}", times: 1 }
+  end
+end

data/spec/lib/castle/secure_mode_spec.rb

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+describe Castle::SecureMode do
+  it 'has signature' do
+    expect(described_class.signature('test')).to eql(
+      '0329a06b62cd16b33eb6792be8c60b158d89a2ee3a876fce9a881ebb488c0914'
+    )
+  end
+end

data/spec/lib/castle/utils/cloner_spec.rb

@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+
+describe Castle::Utils::Cloner do
+  subject(:cloner) { described_class }
+
+  describe 'call' do
+    let(:nested) { { c: '3' } }
+    let(:first) { { test: { test1: { c: '4' }, test2: nested, a: '1', b: '2' } } }
+    let(:result) { { test: { test1: { c: '4' }, test2: { c: '3' }, a: '1', b: '2' } } }
+    let(:cloned) { cloner.call(first) }
+
+    before { cloned }
+    it do
+      nested[:test] = 'sample'
+      expect(cloned).to be_eql(result)
+    end
+  end
+end

data/spec/lib/castle/utils/merger_spec.rb

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+describe Castle::Utils::Merger do
+  subject(:merger) { described_class }
+
+  describe 'call' do
+    let(:first) { { test: { test1: { c: '4' }, test2: { c: '3' }, a: '1', b: '2' } } }
+    let(:second) { { test2: '2', test: { 'test1' => { d: '5' }, test2: '6', a: nil, b: '3' } } }
+    let(:result) { { test2: '2', test: { test1: { c: '4', d: '5' }, test2: '6', b: '3' } } }
+
+    it { expect(merger.call(first, second)).to be_eql(result) }
+  end
+end

data/spec/lib/castle/utils/timestamp_spec.rb

@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+describe Castle::Utils::Timestamp do
+  subject { described_class.call }
+
+  let(:time_string) { '2018-01-10T14:14:24.407Z' }
+  let(:time) { Time.parse(time_string) }
+
+  before { Timecop.freeze(time) }
+  after { Timecop.return }
+
+  describe '#call' do
+    it do
+      is_expected.to eql(time_string)
+    end
+  end
+end

data/spec/lib/castle/utils_spec.rb

@@ -0,0 +1,156 @@
+# frozen_string_literal: true
+
+describe Castle::Utils do
+  let(:nested_strings) { { 'a' => { 'b' => { 'c' => 3 } } } }
+  let(:nested_symbols) { { a: { b: { c: 3 } } } }
+  let(:nested_mixed) { { 'a' => { b: { 'c' => 3 } } } }
+  let(:string_array_of_hashes) { { 'a' => [{ 'b' => 2 }, { 'c' => 3 }, 4] } }
+  let(:symbol_array_of_hashes) { { a: [{ b: 2 }, { c: 3 }, 4] } }
+  let(:mixed_array_of_hashes) { { a: [{ b: 2 }, { 'c' => 3 }, 4] } }
+
+  describe '#deep_symbolize_keys' do
+    subject { described_class.deep_symbolize_keys(hash) }
+
+    context 'when nested_symbols' do
+      let(:hash) { nested_symbols }
+
+      it { is_expected.to eq(nested_symbols) }
+    end
+
+    context 'when nested_strings' do
+      let(:hash) { nested_strings }
+
+      it { is_expected.to eq(nested_symbols) }
+    end
+
+    context 'when nested_mixed' do
+      let(:hash) { nested_mixed }
+
+      it { is_expected.to eq(nested_symbols) }
+    end
+
+    context 'when string_array_of_hashes' do
+      let(:hash) { string_array_of_hashes }
+
+      it { is_expected.to eq(symbol_array_of_hashes) }
+    end
+
+    context 'when symbol_array_of_hashes' do
+      let(:hash) { symbol_array_of_hashes }
+
+      it { is_expected.to eq(symbol_array_of_hashes) }
+    end
+
+    context 'when mixed_array_of_hashes' do
+      let(:hash) { mixed_array_of_hashes }
+
+      it { is_expected.to eq(symbol_array_of_hashes) }
+    end
+  end
+
+  describe '#deep_symbolize_keys' do
+    subject { described_class.deep_symbolize_keys!(Castle::Utils::Cloner.call(hash)) }
+
+    context 'when nested_symbols' do
+      let(:hash) { nested_symbols }
+
+      it { is_expected.to eq(nested_symbols) }
+    end
+
+    context 'when nested_strings' do
+      let(:hash) { nested_strings }
+
+      it { is_expected.to eq(nested_symbols) }
+    end
+
+    context 'when nested_mixed' do
+      let(:hash) { nested_mixed }
+
+      it { is_expected.to eq(nested_symbols) }
+    end
+
+    context 'when string_array_of_hashes' do
+      let(:hash) { string_array_of_hashes }
+
+      it { is_expected.to eq(symbol_array_of_hashes) }
+    end
+
+    context 'when symbol_array_of_hashes' do
+      let(:hash) { symbol_array_of_hashes }
+
+      it { is_expected.to eq(symbol_array_of_hashes) }
+    end
+
+    context 'when mixed_array_of_hashes' do
+      let(:hash) { mixed_array_of_hashes }
+
+      it { is_expected.to eq(symbol_array_of_hashes) }
+    end
+  end
+
+  describe '::replace_invalid_characters' do
+    subject { described_class.replace_invalid_characters(input) }
+
+    context 'when input is a string' do
+      let(:input) { '1234' }
+
+      it { is_expected.to eq input }
+    end
+
+    context 'when input is an array' do
+      let(:input) { [1, 2, 3, '4'] }
+
+      it { is_expected.to eq input }
+    end
+
+    context 'when input is a hash' do
+      let(:input) { { user_id: 1 } }
+
+      it { is_expected.to eq input }
+    end
+
+    context 'when input is nil' do
+      let(:input) { nil }
+
+      it { is_expected.to eq input }
+    end
+
+    context 'when input is a nested hash' do
+      let(:input) { { user: { id: 1 } } }
+
+      it { is_expected.to eq input }
+    end
+
+    context 'with invalid UTF-8 characters' do
+      context 'when input is a hash' do
+        let(:input) { { user_id: "inv\xC4lid" } }
+
+        it { is_expected.to eq(user_id: 'inv�lid') }
+      end
+
+      context 'when input is a nested hash' do
+        let(:input) { { user: { id: "inv\xC4lid" } } }
+
+        it { is_expected.to eq(user: { id: 'inv�lid' }) }
+      end
+
+      context 'when input is an array of hashes' do
+        let(:input) { [{ user: "inv\xC4lid" }] * 2 }
+
+        it { is_expected.to eq([{ user: 'inv�lid' }, { user: 'inv�lid' }]) }
+      end
+
+      context 'when input is an array' do
+        let(:input) { ["inv\xC4lid"] * 2 }
+
+        it { is_expected.to eq(['inv�lid', 'inv�lid']) }
+      end
+
+      context 'when input is a hash with array in key' do
+        let(:input) { { items: ["inv\xC4lid"] * 2 } }
+
+        it { is_expected.to eq(items: ['inv�lid', 'inv�lid']) }
+      end
+    end
+  end
+end