RubyGems - castle-rb - Versions diffs - 5.0.0 → 7.1.1 - Mend

castle-rb 5.0.0 → 7.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (144) hide show

checksums.yaml +4 -4
data/README.md +113 -39
data/lib/castle.rb +49 -29
data/lib/castle/api.rb +20 -16
data/lib/castle/api/approve_device.rb +20 -0
data/lib/castle/api/authenticate.rb +37 -0
data/lib/castle/api/end_impersonation.rb +24 -0
data/lib/castle/api/filter.rb +37 -0
data/lib/castle/api/get_device.rb +20 -0
data/lib/castle/api/get_devices_for_user.rb +20 -0
data/lib/castle/api/log.rb +37 -0
data/lib/castle/api/report_device.rb +20 -0
data/lib/castle/api/risk.rb +37 -0
data/lib/castle/api/start_impersonation.rb +24 -0
data/lib/castle/api/track.rb +21 -0
data/lib/castle/client.rb +74 -68
data/lib/castle/{extractors/client_id.rb → client_id/extract.rb} +2 -2
data/lib/castle/commands/approve_device.rb +17 -0
data/lib/castle/commands/authenticate.rb +13 -13
data/lib/castle/commands/end_impersonation.rb +25 -0
data/lib/castle/commands/filter.rb +22 -0
data/lib/castle/commands/get_device.rb +17 -0
data/lib/castle/commands/get_devices_for_user.rb +17 -0
data/lib/castle/commands/log.rb +22 -0
data/lib/castle/commands/report_device.rb +17 -0
data/lib/castle/commands/risk.rb +22 -0
data/lib/castle/commands/start_impersonation.rb +25 -0
data/lib/castle/commands/track.rb +12 -13
data/lib/castle/configuration.rb +31 -23
data/lib/castle/context/{default.rb → get_default.rb} +5 -6
data/lib/castle/context/{merger.rb → merge.rb} +3 -3
data/lib/castle/context/prepare.rb +18 -0
data/lib/castle/context/{sanitizer.rb → sanitize.rb} +1 -1
data/lib/castle/core/get_connection.rb +27 -0
data/lib/castle/{api/response.rb → core/process_response.rb} +8 -3
data/lib/castle/core/process_webhook.rb +25 -0
data/lib/castle/core/send_request.rb +42 -0
data/lib/castle/errors.rb +38 -12
data/lib/castle/failover/prepare_response.rb +28 -0
data/lib/castle/failover/strategy.rb +23 -0
data/lib/castle/{extractors/headers.rb → headers/extract.rb} +8 -6
data/lib/castle/headers/filter.rb +40 -0
data/lib/castle/headers/format.rb +24 -0
data/lib/castle/{extractors/ip.rb → ips/extract.rb} +11 -7
data/lib/castle/logger.rb +19 -0
data/lib/castle/payload/prepare.rb +26 -0
data/lib/castle/secure_mode.rb +7 -2
data/lib/castle/session.rb +18 -0
data/lib/castle/singleton_configuration.rb +9 -0
data/lib/castle/support/hanami.rb +2 -6
data/lib/castle/support/rails.rb +1 -3
data/lib/castle/utils/clean_invalid_chars.rb +22 -0
data/lib/castle/utils/clone.rb +15 -0
data/lib/castle/utils/deep_symbolize_keys.rb +45 -0
data/lib/castle/utils/get_timestamp.rb +15 -0
data/lib/castle/utils/{merger.rb → merge.rb} +3 -3
data/lib/castle/utils/secure_compare.rb +22 -0
data/lib/castle/validators/not_supported.rb +1 -0
data/lib/castle/validators/present.rb +1 -0
data/lib/castle/verdict.rb +15 -0
data/lib/castle/version.rb +1 -1
data/lib/castle/webhooks/verify.rb +45 -0
data/spec/integration/rails/rails_spec.rb +42 -14
data/spec/integration/rails/support/application.rb +3 -1
data/spec/integration/rails/support/home_controller.rb +50 -6
data/spec/lib/castle/api/approve_device_spec.rb +21 -0
data/spec/lib/castle/api/authenticate_spec.rb +136 -0
data/spec/lib/castle/api/end_impersonation_spec.rb +65 -0
data/spec/lib/castle/api/filter_spec.rb +5 -0
data/spec/lib/castle/api/get_device_spec.rb +19 -0
data/spec/lib/castle/api/get_devices_for_user_spec.rb +19 -0
data/spec/lib/castle/api/log_spec.rb +5 -0
data/spec/lib/castle/api/report_device_spec.rb +21 -0
data/spec/lib/castle/api/risk_spec.rb +5 -0
data/spec/lib/castle/api/start_impersonation_spec.rb +65 -0
data/spec/lib/castle/api/track_spec.rb +72 -0
data/spec/lib/castle/api_spec.rb +14 -15
data/spec/lib/castle/{extractors/client_id_spec.rb → client_id/extract_spec.rb} +6 -15
data/spec/lib/castle/client_spec.rb +110 -92
data/spec/lib/castle/commands/approve_device_spec.rb +24 -0
data/spec/lib/castle/commands/authenticate_spec.rb +15 -31
data/spec/lib/castle/commands/end_impersonation_spec.rb +79 -0
data/spec/lib/castle/commands/filter_spec.rb +72 -0
data/spec/lib/castle/commands/get_device_spec.rb +24 -0
data/spec/lib/castle/commands/{review_spec.rb → get_devices_for_user_spec.rb} +7 -7
data/spec/lib/castle/commands/log_spec.rb +73 -0
data/spec/lib/castle/commands/report_device_spec.rb +24 -0
data/spec/lib/castle/commands/risk_spec.rb +73 -0
data/spec/lib/castle/commands/{impersonate_spec.rb → start_impersonation_spec.rb} +13 -41
data/spec/lib/castle/commands/track_spec.rb +14 -34
data/spec/lib/castle/configuration_spec.rb +8 -141
data/spec/lib/castle/context/{default_spec.rb → get_default_spec.rb} +9 -10
data/spec/lib/castle/context/{merger_spec.rb → merge_spec.rb} +1 -1
data/spec/lib/castle/context/prepare_spec.rb +43 -0
data/spec/lib/castle/context/{sanitizer_spec.rb → sanitize_spec.rb} +1 -1
data/spec/lib/castle/core/get_connection_spec.rb +43 -0
data/spec/lib/castle/{api/response_spec.rb → core/process_response_spec.rb} +49 -1
data/spec/lib/castle/core/process_webhook_spec.rb +46 -0
data/spec/lib/castle/{api/request_spec.rb → core/send_request_spec.rb} +16 -37
data/spec/lib/castle/failover/strategy_spec.rb +12 -0
data/spec/lib/castle/{extractors/headers_spec.rb → headers/extract_spec.rb} +7 -9
data/spec/lib/castle/headers/filter_spec.rb +39 -0
data/spec/lib/castle/headers/format_spec.rb +25 -0
data/spec/lib/castle/{extractors/ip_spec.rb → ips/extract_spec.rb} +5 -14
data/spec/lib/castle/logger_spec.rb +38 -0
data/spec/lib/castle/payload/prepare_spec.rb +55 -0
data/spec/lib/castle/session_spec.rb +65 -0
data/spec/lib/castle/singleton_configuration_spec.rb +14 -0
data/spec/lib/castle/utils/clean_invalid_chars_spec.rb +69 -0
data/spec/lib/castle/utils/{cloner_spec.rb → clone_spec.rb} +3 -3
data/spec/lib/castle/utils/deep_symbolize_keys_spec.rb +50 -0
data/spec/lib/castle/utils/{timestamp_spec.rb → get_timestamp_spec.rb} +1 -1
data/spec/lib/castle/utils/merge_spec.rb +15 -0
data/spec/lib/castle/validators/present_spec.rb +5 -6
data/spec/lib/castle/verdict_spec.rb +9 -0
data/spec/lib/castle/webhooks/verify_spec.rb +53 -0
data/spec/lib/castle_spec.rb +4 -10
data/spec/spec_helper.rb +3 -3
data/spec/support/shared_examples/action_request.rb +155 -0
data/spec/support/shared_examples/configuration.rb +101 -0
metadata +144 -67
data/lib/castle/api/connection.rb +0 -24
data/lib/castle/api/request.rb +0 -42
data/lib/castle/api/session.rb +0 -20
data/lib/castle/commands/identify.rb +0 -23
data/lib/castle/commands/impersonate.rb +0 -26
data/lib/castle/commands/review.rb +0 -14
data/lib/castle/events.rb +0 -49
data/lib/castle/failover_auth_response.rb +0 -21
data/lib/castle/headers_filter.rb +0 -35
data/lib/castle/headers_formatter.rb +0 -22
data/lib/castle/review.rb +0 -11
data/lib/castle/utils.rb +0 -55
data/lib/castle/utils/cloner.rb +0 -11
data/lib/castle/utils/timestamp.rb +0 -12
data/spec/lib/castle/api/connection_spec.rb +0 -59
data/spec/lib/castle/api/session_spec.rb +0 -86
data/spec/lib/castle/commands/identify_spec.rb +0 -88
data/spec/lib/castle/events_spec.rb +0 -5
data/spec/lib/castle/headers_filter_spec.rb +0 -38
data/spec/lib/castle/headers_formatter_spec.rb +0 -25
data/spec/lib/castle/review_spec.rb +0 -19
data/spec/lib/castle/utils/merger_spec.rb +0 -13
data/spec/lib/castle/utils_spec.rb +0 -156

data/spec/lib/castle/api_spec.rb CHANGED Viewed

@@ -3,35 +3,34 @@
 describe Castle::API do
   subject(:call) { described_class.call(command) }
-  let(:command) { Castle::Commands::Track.new({}).build(event: '$login.succeeded') }
+  let(:command) { Castle::Commands::Track.build(event: '$login.succeeded') }
   context 'when request timeouts' do
     before { stub_request(:any, /api.castle.io/).to_timeout }
-    it do
-      expect do
-        call
-      end.to raise_error(Castle::RequestError)
-    end
+    it { expect { call }.to raise_error(Castle::RequestError) }
   end
   context 'when non-OK response code' do
     before { stub_request(:any, /api.castle.io/).to_return(status: 400) }
-    it do
-      expect do
-        call
-      end.to raise_error(Castle::BadRequestError)
-    end
+    it { expect { call }.to raise_error(Castle::BadRequestError) }
   end
   context 'when no api_secret' do
     before { allow(Castle.config).to receive(:api_secret).and_return('') }
-    it do
-      expect do
-        call
-      end.to raise_error(Castle::ConfigurationError)
+    it { expect { call }.to raise_error(Castle::ConfigurationError) }
+  end
+  context 'when custom config' do
+    let(:config) { Castle::Configuration.new }
+    before do
+      config.api_secret = 'test'
+      stub_request(:any, /api.castle.io/)
     end
+    it { expect { call }.not_to raise_error }
   end
 end

data/spec/lib/castle/{extractors/client_id_spec.rb → client_id/extract_spec.rb} RENAMED Viewed

@@ -1,16 +1,14 @@
 # frozen_string_literal: true
-describe Castle::Extractors::ClientId do
+describe Castle::ClientId::Extract do
   subject(:extractor) { described_class.new(formatted_headers, cookies) }
-  let(:formatted_headers) { Castle::HeadersFilter.new(request).call }
+  let(:formatted_headers) { Castle::Headers::Filter.new(request).call }
   let(:client_id_cookie) { 'abcd' }
   let(:client_id_header) { 'abcde' }
   let(:cookies) { request.cookies }
   let(:request) { Rack::Request.new(env) }
-  let(:env) do
-    Rack::MockRequest.env_for('/', headers)
-  end
+  let(:env) { Rack::MockRequest.env_for('/', headers) }
   context 'with client_id' do
     let(:headers) do
@@ -20,17 +18,12 @@ describe Castle::Extractors::ClientId do
       }
     end
-    it do
-      expect(extractor.call).to eql(client_id_cookie)
-    end
+    it { expect(extractor.call).to eql(client_id_cookie) }
   end
   context 'with X-Castle-Client-Id header' do
     let(:headers) do
-      {
-        'HTTP_X_FORWARDED_FOR' => '1.2.3.4',
-        'HTTP_X_CASTLE_CLIENT_ID' => client_id_header
-      }
+      { 'HTTP_X_FORWARDED_FOR' => '1.2.3.4', 'HTTP_X_CASTLE_CLIENT_ID' => client_id_header }
     end
     it 'appends the client_id' do
@@ -42,9 +35,7 @@ describe Castle::Extractors::ClientId do
     let(:cookies) { nil }
     let(:headers) { {} }
-    it do
-      expect(extractor.call).to eql('')
-    end
+    it { expect(extractor.call).to eql('') }
   end
   context 'with X-Castle-Client-Id header and cookies client' do

data/spec/lib/castle/client_spec.rb CHANGED Viewed

@@ -14,26 +14,26 @@ describe Castle::Client do
   end
   let(:request) { Rack::Request.new(env) }
   let(:client) { described_class.from_request(request) }
-  let(:request_to_context) { described_class.to_context(request) }
+  let(:request_to_context) { Castle::Context::Prepare.call(request) }
   let(:client_with_user_timestamp) do
-    described_class.new(request_to_context, timestamp: time_user)
+    described_class.new(context: request_to_context, timestamp: time_user)
   end
-  let(:client_with_no_timestamp) { described_class.new(request_to_context) }
+  let(:client_with_no_timestamp) { described_class.new(context: request_to_context) }
   let(:headers) do
-    {
-      'Content-Length': '0', 'User-Agent': ua, 'X-Forwarded-For': ip.to_s, 'Cookie': true
-    }
+    { 'Content-Length': '0', 'User-Agent': ua, 'X-Forwarded-For': ip.to_s, 'Cookie': true }
   end
   let(:context) do
     {
       client_id: 'abcd',
       active: true,
-      origin: 'web',
       user_agent: ua,
       headers: headers,
       ip: ip,
-      library: { name: 'castle-rb', version: '2.2.0' }
+      library: {
+        name: 'castle-rb',
+        version: '2.2.0'
+      }
     }
   end
@@ -45,53 +45,43 @@ describe Castle::Client do
   before do
     Timecop.freeze(time_now)
     stub_const('Castle::VERSION', '2.2.0')
-    stub_request(:any, /api.castle.io/).with(
-      basic_auth: ['', 'secret']
-    ).to_return(status: 200, body: response_body, headers: {})
+    stub_request(:any, /api.castle.io/)
+      .with(basic_auth: ['', 'secret'])
+      .to_return(status: 200, body: response_body, headers: {})
   end
   after { Timecop.return }
   describe 'parses the request' do
-    before do
-      allow(Castle::API).to receive(:request).and_call_original
-    end
+    before { allow(Castle::API).to receive(:send_request).and_call_original }
     it do
       client.authenticate(event: '$login.succeeded', user_id: '1234')
-      expect(Castle::API).to have_received(:request)
-    end
-  end
-  describe 'to_context' do
-    it do
-      expect(described_class.to_context(request)).to eql(context)
+      expect(Castle::API).to have_received(:send_request)
     end
   end
-  describe 'to_options' do
-    let(:options) { { user_id: '1234', user_traits: { name: 'Jo' } } }
-    let(:result) { { user_id: '1234', user_traits: { name: 'Jo' }, timestamp: time_auto } }
-    it do
-      expect(described_class.to_options(options)).to eql(result)
-    end
-  end
-  describe 'impersonate' do
+  describe 'end impersonation' do
     let(:impersonator) { 'test@castle.io' }
     let(:request_body) do
-      { user_id: '1234', timestamp: time_auto, sent_at: time_auto,
-        properties: { impersonator: impersonator }, context: context }
+      {
+        user_id: '1234',
+        timestamp: time_auto,
+        sent_at: time_auto,
+        properties: {
+          impersonator: impersonator
+        },
+        context: context
+      }
     end
     let(:response_body) { { success: true }.to_json }
     let(:options) { { user_id: '1234', properties: { impersonator: impersonator } } }
     context 'when used with symbol keys' do
-      before { client.impersonate(options) }
+      before { client.end_impersonation(options) }
       it do
-        assert_requested :post, 'https://api.castle.io/v1/impersonate', times: 1 do |req|
+        assert_requested :delete, 'https://api.castle.io/v1/impersonate', times: 1 do |req|
           JSON.parse(req.body) == JSON.parse(request_body.to_json)
         end
       end
@@ -100,64 +90,43 @@ describe Castle::Client do
     context 'when request is not successful' do
       let(:response_body) { {}.to_json }
-      it { expect { client.impersonate(options) }.to raise_error(Castle::ImpersonationFailed) }
+      it do
+        expect { client.end_impersonation(options) }.to raise_error(Castle::ImpersonationFailed)
+      end
     end
   end
-  describe 'identify' do
+  describe 'start impersonation' do
+    let(:impersonator) { 'test@castle.io' }
     let(:request_body) do
-      { user_id: '1234', timestamp: time_auto,
-        sent_at: time_auto, context: context, user_traits: { name: 'Jo' } }
+      {
+        user_id: '1234',
+        timestamp: time_auto,
+        sent_at: time_auto,
+        properties: {
+          impersonator: impersonator
+        },
+        context: context
+      }
     end
-    before { client.identify(options) }
+    let(:response_body) { { success: true }.to_json }
+    let(:options) { { user_id: '1234', properties: { impersonator: impersonator } } }
     context 'when used with symbol keys' do
-      let(:options) { { user_id: '1234', user_traits: { name: 'Jo' } } }
+      before { client.start_impersonation(options) }
       it do
-        assert_requested :post, 'https://api.castle.io/v1/identify', times: 1 do |req|
+        assert_requested :post, 'https://api.castle.io/v1/impersonate', times: 1 do |req|
           JSON.parse(req.body) == JSON.parse(request_body.to_json)
         end
       end
-      context 'when passed timestamp in options and no defined timestamp' do
-        let(:client) { client_with_no_timestamp }
-        let(:options) { { user_id: '1234', user_traits: { name: 'Jo' }, timestamp: time_user } }
-        let(:request_body) do
-          { user_id: '1234', user_traits: { name: 'Jo' }, context: context,
-            timestamp: time_user, sent_at: time_auto }
-        end
-        it do
-          assert_requested :post, 'https://api.castle.io/v1/identify', times: 1 do |req|
-            JSON.parse(req.body) == JSON.parse(request_body.to_json)
-          end
-        end
-      end
-      context 'with client initialized with timestamp' do
-        let(:client) { client_with_user_timestamp }
-        let(:request_body) do
-          { user_id: '1234', timestamp: time_user, sent_at: time_auto,
-            context: context, user_traits: { name: 'Jo' } }
-        end
-        it do
-          assert_requested :post, 'https://api.castle.io/v1/identify', times: 1 do |req|
-            JSON.parse(req.body) == JSON.parse(request_body.to_json)
-          end
-        end
-      end
     end
-    context 'when used with string keys' do
-      let(:options) { { 'user_id' => '1234', 'user_traits' => { 'name' => 'Jo' } } }
+    context 'when request is not successful' do
+      let(:response_body) { {}.to_json }
       it do
-        assert_requested :post, 'https://api.castle.io/v1/identify', times: 1 do |req|
-          JSON.parse(req.body) == JSON.parse(request_body.to_json)
-        end
+        expect { client.start_impersonation(options) }.to raise_error(Castle::ImpersonationFailed)
       end
     end
   end
@@ -166,8 +135,13 @@ describe Castle::Client do
     let(:options) { { event: '$login.succeeded', user_id: '1234' } }
     let(:request_response) { client.authenticate(options) }
     let(:request_body) do
-      { event: '$login.succeeded', user_id: '1234', context: context,
-        timestamp: time_auto, sent_at: time_auto }
+      {
+        event: '$login.succeeded',
+        user_id: '1234',
+        context: context,
+        timestamp: time_auto,
+        sent_at: time_auto
+      }
     end
     context 'when used with symbol keys' do
@@ -183,8 +157,13 @@ describe Castle::Client do
         let(:client) { client_with_no_timestamp }
         let(:options) { { event: '$login.succeeded', user_id: '1234', timestamp: time_user } }
         let(:request_body) do
-          { event: '$login.succeeded', user_id: '1234', context: context,
-            timestamp: time_user, sent_at: time_auto }
+          {
+            event: '$login.succeeded',
+            user_id: '1234',
+            context: context,
+            timestamp: time_user,
+            sent_at: time_auto
+          }
         end
         it do
@@ -197,8 +176,13 @@ describe Castle::Client do
       context 'with client initialized with timestamp' do
         let(:client) { client_with_user_timestamp }
         let(:request_body) do
-          { event: '$login.succeeded', user_id: '1234', context: context,
-            timestamp: time_user, sent_at: time_auto }
+          {
+            event: '$login.succeeded',
+            user_id: '1234',
+            context: context,
+            timestamp: time_user,
+            sent_at: time_auto
+          }
         end
         it do
@@ -241,7 +225,8 @@ describe Castle::Client do
       end
       it { assert_not_requested :post, 'https://api.castle.io/v1/authenticate' }
-      it { expect(request_response[:action]).to be_eql('allow') }
+      it { expect(request_response[:policy][:action]).to be_eql(Castle::Verdict::ALLOW) }
+      it { expect(request_response[:action]).to be_eql(Castle::Verdict::ALLOW) }
       it { expect(request_response[:user_id]).to be_eql('1234') }
       it { expect(request_response[:failover]).to be true }
       it { expect(request_response[:failover_reason]).to be_eql('Castle is set to do not track.') }
@@ -249,7 +234,9 @@ describe Castle::Client do
     context 'when request with fail' do
       before do
-        allow(Castle::API).to receive(:request).and_raise(Castle::RequestError.new(Timeout::Error))
+        allow(Castle::API).to receive(:send_request).and_raise(
+          Castle::RequestError.new(Timeout::Error)
+        )
       end
       context 'with request error and throw strategy' do
@@ -260,6 +247,7 @@ describe Castle::Client do
       context 'with request error and not throw on eg deny strategy' do
         it { assert_not_requested :post, 'https://:secret@api.castle.io/v1/authenticate' }
+        it { expect(request_response[:policy][:action]).to be_eql('allow') }
         it { expect(request_response[:action]).to be_eql('allow') }
         it { expect(request_response[:user_id]).to be_eql('1234') }
         it { expect(request_response[:failover]).to be true }
@@ -268,7 +256,9 @@ describe Castle::Client do
     end
     context 'when request is internal server error' do
-      before { allow(Castle::API).to receive(:request).and_raise(Castle::InternalServerError) }
+      before do
+        allow(Castle::API).to receive(:send_request).and_raise(Castle::InternalServerError)
+      end
       describe 'throw strategy' do
         before { allow(Castle.config).to receive(:failover_strategy).and_return(:throw) }
@@ -278,6 +268,7 @@ describe Castle::Client do
       describe 'not throw on eg deny strategy' do
         it { assert_not_requested :post, 'https://:secret@api.castle.io/v1/authenticate' }
+        it { expect(request_response[:policy][:action]).to be_eql('allow') }
         it { expect(request_response[:action]).to be_eql('allow') }
         it { expect(request_response[:user_id]).to be_eql('1234') }
         it { expect(request_response[:failover]).to be true }
@@ -288,8 +279,13 @@ describe Castle::Client do
   describe 'track' do
     let(:request_body) do
-      { event: '$login.succeeded', context: context, user_id: '1234',
-        timestamp: time_auto, sent_at: time_auto }
+      {
+        event: '$login.succeeded',
+        context: context,
+        user_id: '1234',
+        timestamp: time_auto,
+        sent_at: time_auto
+      }
     end
     before { client.track(options) }
@@ -307,8 +303,13 @@ describe Castle::Client do
         let(:client) { client_with_no_timestamp }
         let(:options) { { event: '$login.succeeded', user_id: '1234', timestamp: time_user } }
         let(:request_body) do
-          { event: '$login.succeeded', user_id: '1234', context: context,
-            timestamp: time_user, sent_at: time_auto }
+          {
+            event: '$login.succeeded',
+            user_id: '1234',
+            context: context,
+            timestamp: time_user,
+            sent_at: time_auto
+          }
         end
         it do
@@ -321,8 +322,13 @@ describe Castle::Client do
       context 'with client initialized with timestamp' do
         let(:client) { client_with_user_timestamp }
         let(:request_body) do
-          { event: '$login.succeeded', context: context, user_id: '1234',
-            timestamp: time_user, sent_at: time_auto }
+          {
+            event: '$login.succeeded',
+            context: context,
+            user_id: '1234',
+            timestamp: time_user,
+            sent_at: time_auto
+          }
         end
         it do
@@ -357,4 +363,16 @@ describe Castle::Client do
       it { expect(client).to be_tracked }
     end
   end
+  describe 'filter' do
+    it_behaves_like 'action request', :filter
+  end
+  describe 'risk' do
+    it_behaves_like 'action request', :risk
+  end
+  describe 'log' do
+    it_behaves_like 'action request', :log
+  end
 end

data/spec/lib/castle/commands/approve_device_spec.rb ADDED Viewed

@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+describe Castle::Commands::ApproveDevice do
+  subject(:instance) { described_class }
+  let(:context) { {} }
+  let(:device_token) { '1234' }
+  describe '.build' do
+    subject(:command) { instance.build(device_token: device_token) }
+    context 'without device_token' do
+      let(:device_token) { '' }
+      it { expect { command }.to raise_error(Castle::InvalidParametersError) }
+    end
+    context 'with device_token' do
+      it { expect(command.method).to be_eql(:put) }
+      it { expect(command.path).to be_eql("devices/#{device_token}/approve") }
+      it { expect(command.data).to be_nil }
+    end
+  end
+end