conjur-api 4.10.1 → 4.10.2

data/spec/lib/configuration_spec.rb

@@ -4,8 +4,12 @@ describe Conjur::Configuration do
   before {
     Conjur.configuration = Conjur::Configuration.new
   }
-  let(:configuration) { Conjur.configuration }
-  subject { configuration }
+  after(:all) do
+    # reset the configuration so it doesn't clobber other tests
+    Conjur.configuration = Conjur::Configuration.new
+  end
+
+  subject(:configuration) { Conjur.configuration }
   context "thread-local behavior" do
     it "can swap the Configuration in a new thread" do
       original = Conjur.configuration
@@ -13,11 +17,11 @@ describe Conjur::Configuration do
       Thread.new do
         Thread.current[:conjur_configuration] = :foo
         Conjur.with_configuration c do
-          Conjur.configuration.should == c
+          expect(Conjur.configuration).to eq(c)
         end
-        Thread.current[:conjur_configuration].should == :foo
+        expect(Thread.current[:conjur_configuration]).to eq(:foo)
       end.join
-      Conjur.configuration.should == original
+      expect(Conjur.configuration).to eq(original)
     end
   end
   context "with various options" do
@@ -25,40 +29,44 @@ describe Conjur::Configuration do
       configuration.account = "the-account"
       configuration.appliance_url = "https://conjur/api"
     }
-    it "core_url is not pre-cached" do
-      configuration.supplied[:core_url].should_not be
-    end
-    it "core_url is cached after use" do
-      configuration.core_url
-      configuration.supplied[:core_url].should == configuration.core_url
-    end
     context "and core_url fetched" do
       before { 
         configuration.core_url 
       }
+
+      it "can still be changed by changing the appliance_url" do
+        configuration.appliance_url = "https://other/api"
+        expect(configuration.core_url).to eq "https://other/api"
+      end
+
       context "and duplicated" do 
         subject { configuration.clone override_options }
         let(:override_options) { Hash.new }
-        its(:account) { should == configuration.account }
-        its(:appliance_url) { should == configuration.appliance_url }
-        its(:core_url) { should == configuration.appliance_url }
-        context "core_url fetched" do
-          it "is then cached in the original" do
-            configuration.supplied[:core_url].should be
-          end
-          it "is not cached in the copy" do
-            subject.supplied[:core_url].should_not be
-          end
+
+        describe '#account' do
+          subject { super().account }
+          it { is_expected.to eq(configuration.account) }
+        end
+
+        describe '#appliance_url' do
+          subject { super().appliance_url }
+          it { is_expected.to eq(configuration.appliance_url) }
+        end
+
+        describe '#core_url' do
+          subject { super().core_url }
+          it { is_expected.to eq(configuration.appliance_url) }
         end
+
         context "appliance_url overridden" do
           let(:override_options) {
             { :appliance_url => "https://example/api" }
           }
           it "is ignored by the configuration core_url" do
-            configuration.core_url.should == "https://conjur/api"
+            expect(configuration.core_url).to eq("https://conjur/api")
           end
           it "is reflected in the copy core_url" do
-            subject.core_url.should == "https://example/api"
+            expect(subject.core_url).to eq("https://example/api")
           end
         end
       end
@@ -70,86 +78,138 @@ describe Conjur::Configuration do
       ENV.delete('CONJUR_ENV')
     }
     context "default env" do
-      its(:env) { should == "production" }
+      describe '#env' do
+        subject { super().env }
+        it { is_expected.to eq("production") }
+      end
     end
     context "default stack" do
-      its(:stack) { should == "v4" }
+      describe '#stack' do
+        subject { super().stack }
+        it { is_expected.to eq("v4") }
+      end
     end
     describe 'authn_url' do
       before {
-        Conjur::Configuration.any_instance.stub(:account).and_return "the-account"
+        allow_any_instance_of(Conjur::Configuration).to receive(:account).and_return "the-account"
       }
       context "with appliance_url" do
         before {
-          Conjur::Configuration.any_instance.stub(:appliance_url).and_return "http://example.com"
+          allow_any_instance_of(Conjur::Configuration).to receive(:appliance_url).and_return "http://example.com"
         }
-        its(:authn_url) { should == "http://example.com/authn" }
+
+        describe '#authn_url' do
+          subject { super().authn_url }
+          it { is_expected.to eq("http://example.com/authn") }
+        end
       end
       context "without appliance_url" do
-        its(:authn_url) { should == "https://authn-the-account-conjur.herokuapp.com" }
+        describe '#authn_url' do
+          subject { super().authn_url }
+          it { is_expected.to eq("https://authn-the-account-conjur.herokuapp.com") }
+        end
       end
     end
     describe 'authz_url' do
       before {
-        Conjur::Configuration.any_instance.stub(:account).and_return "the-account"
+        allow_any_instance_of(Conjur::Configuration).to receive(:account).and_return "the-account"
       }
       context "with appliance_url" do
         before {
-          Conjur::Configuration.any_instance.stub(:appliance_url).and_return "http://example.com"
+          allow_any_instance_of(Conjur::Configuration).to receive(:appliance_url).and_return "http://example.com"
         }
-        its(:authz_url) { should == "http://example.com/authz" }
+
+        describe '#authz_url' do
+          subject { super().authz_url }
+          it { is_expected.to eq("http://example.com/authz") }
+        end
       end
       context "without appliance_url" do
-        its(:authz_url) { should == "https://authz-v4-conjur.herokuapp.com" }
+        describe '#authz_url' do
+          subject { super().authz_url }
+          it { is_expected.to eq("https://authz-v4-conjur.herokuapp.com") }
+        end
         context "with specific stack" do
-          before { Conjur::Configuration.any_instance.stub(:stack).and_return "the-stack" }
-          its(:authz_url) { should == "https://authz-the-stack-conjur.herokuapp.com" }
+          before { allow_any_instance_of(Conjur::Configuration).to receive(:stack).and_return "the-stack" }
+
+          describe '#authz_url' do
+            subject { super().authz_url }
+            it { is_expected.to eq("https://authz-the-stack-conjur.herokuapp.com") }
+          end
         end
       end
     end
   end
   context "CONJUR_ENV = 'test'" do
-    its(:env) { should == "test" }
+    describe '#env' do
+      subject { super().env }
+      it { is_expected.to eq("test") }
+    end
     before {
-      Conjur::Configuration.any_instance.stub(:account).and_return "the-account"
+      allow_any_instance_of(Conjur::Configuration).to receive(:account).and_return "the-account"
     }
     describe 'authn_url' do
       context "with appliance_url hostname" do
         before {
-          Conjur::Configuration.any_instance.stub(:appliance_url).and_return "http://example.com"
+          allow_any_instance_of(Conjur::Configuration).to receive(:appliance_url).and_return "http://example.com"
         }
-        its(:authn_url) { should == "http://example.com/authn" }
+
+        describe '#authn_url' do
+          subject { super().authn_url }
+          it { is_expected.to eq("http://example.com/authn") }
+        end
       end
       context "with appliance_url hostname and non-trailing-slash path" do
         before {
-          Conjur::Configuration.any_instance.stub(:appliance_url).and_return "http://example.com/api"
+          allow_any_instance_of(Conjur::Configuration).to receive(:appliance_url).and_return "http://example.com/api"
         }
-        its(:authn_url) { should == "http://example.com/api/authn" }
+
+        describe '#authn_url' do
+          subject { super().authn_url }
+          it { is_expected.to eq("http://example.com/api/authn") }
+        end
       end
       context "without appliance_url" do
-        its(:authn_url) { should == "http://localhost:5000" }
+        describe '#authn_url' do
+          subject { super().authn_url }
+          it { is_expected.to eq("http://localhost:5000") }
+        end
       end
     end
     describe 'authz_url' do
       context "with appliance_url" do
         before {
-          Conjur::Configuration.any_instance.stub(:appliance_url).and_return "http://example.com/api/"
+          allow_any_instance_of(Conjur::Configuration).to receive(:appliance_url).and_return "http://example.com/api/"
         }
-        its(:authz_url) { should == "http://example.com/api/authz" }
+
+        describe '#authz_url' do
+          subject { super().authz_url }
+          it { is_expected.to eq("http://example.com/api/authz") }
+        end
       end
       context "without appliance_url" do
-        its(:authz_url) { should == "http://localhost:5100" }
+        describe '#authz_url' do
+          subject { super().authz_url }
+          it { is_expected.to eq("http://localhost:5100") }
+        end
       end
     end
     describe 'core_url' do
       context "with appliance_url" do
         before {
-          Conjur::Configuration.any_instance.stub(:appliance_url).and_return "http://example.com/api"
+          allow_any_instance_of(Conjur::Configuration).to receive(:appliance_url).and_return "http://example.com/api"
         }
-        its(:core_url) { should == "http://example.com/api" }
+
+        describe '#core_url' do
+          subject { super().core_url }
+          it { is_expected.to eq("http://example.com/api") }
+        end
       end
       context "without appliance_url" do
-        its(:core_url) { should == "http://localhost:5200" }
+        describe '#core_url' do
+          subject { super().core_url }
+          it { is_expected.to eq("http://localhost:5200") }
+        end
       end
     end
   end

data/spec/lib/deputy_spec.rb

@@ -1,12 +1,25 @@
 require 'spec_helper'
 
 describe Conjur::Deputy, api: :dummy do
-  subject { Conjur::Deputy.new 'http://example.com/deputies/my%2Fhostname', nil }
+  let(:api_key) { 'theapikey' }
 
-  its(:resource) { should be }
-  its(:login) { should == 'deputy/my/hostname' }
+  subject(:deputy) { Conjur::Deputy.new 'http://example.com/deputies/my%2Fhostname', nil }
+  before { deputy.attributes = { 'api_key' => api_key } }
 
-  let(:api_key) { 'theapikey' }
-  before { subject.attributes = { 'api_key' => api_key } }
-  its(:api_key) { should == api_key }
+  describe '#resource' do
+    subject { deputy.resource }
+    it { is_expected.to be }
+  end
+
+  describe '#login' do
+    it "is extracted from the uri" do
+      expect(deputy.login).to eq('deputy/my/hostname')
+    end
+  end
+
+  describe '#api_key' do
+    it "is extracted from attributes" do
+      expect(deputy.api_key).to eq api_key
+    end
+  end
 end

data/spec/lib/exists_spec.rb

@@ -1,22 +1,24 @@
 require 'spec_helper'
 
 describe Conjur::Exists do
-  subject { Object.new.tap {|o| o.send :extend, Conjur::Exists } }
+  subject(:resource) { Object.new.tap {|o| o.send :extend, Conjur::Exists } }
 
-  context "when head returns 200" do
-    before { subject.stub head: "" }
-    its(:exists?) { should be_true }
-  end
+  describe '#exists?' do
+    subject { resource.exists? }
 
-  context "when forbidden" do
-    before { subject.stub(:head) { raise RestClient::Forbidden }}
-    it "returns true" do
-      subject.exists?.should be_truthy
+    context "when head returns 200" do
+      before { allow(resource).to receive_messages head: "" }
+      it { is_expected.to be_truthy }
     end
-  end
 
-  context "when not found" do
-    before { subject.stub(:head) { raise RestClient::ResourceNotFound }}
-    its(:exists?) { should be_false }
+    context "when forbidden" do
+      before { allow(resource).to receive(:head) { raise RestClient::Forbidden }}
+      it { is_expected.to be_truthy }
+    end
+
+    context "when not found" do
+      before { allow(resource).to receive(:head) { raise RestClient::ResourceNotFound }}
+      it { is_expected.to be_falsey }
+    end
   end
 end

data/spec/lib/host_spec.rb

@@ -3,12 +3,19 @@ require 'spec_helper'
 describe Conjur::Host, api: :dummy do
   subject { Conjur::Host.new 'http://example.com/hosts/my%2Fhostname', nil }
 
-  its(:resource) { should be }
-  its(:login) { should == 'host/my/hostname' }
+  describe '#resource' do
+    subject { super().resource }
+    it { is_expected.to be }
+  end
+
+  describe '#login' do
+    subject { super().login }
+    it { is_expected.to eq('host/my/hostname') }
+  end
 
   it "fetches enrollment_url" do
     stub_request(:head, "http://example.com/hosts/my%2Fhostname/enrollment_url").
          to_return(:status => 200, :headers => {location: 'foo'})
-    subject.enrollment_url.should == 'foo'
+    expect(subject.enrollment_url).to eq('foo')
   end
 end

data/spec/lib/log_source_spec.rb

@@ -7,7 +7,7 @@ describe Conjur::LogSource, logging: :temp, api: :dummy do
         log << 'foo'
       end
 
-      log.should == "[#{username}] foo\n"
+      expect(log).to eq("[#{username}] foo\n")
     end
   end
 end

data/spec/lib/log_spec.rb

@@ -7,9 +7,9 @@ describe Conjur do
     before { @old_log = Conjur.log }
     let(:log) { double 'log' }
     it "creates the log with given type and makes it available" do
-      Conjur.stub(:create_log).with(:param).and_return log
+      allow(Conjur).to receive(:create_log).with(:param).and_return log
       Conjur::log = :param
-      Conjur::log.should == log
+      expect(Conjur::log).to eq(log)
     end
     after { Conjur.class_variable_set :@@log, @old_log }
   end
@@ -19,14 +19,14 @@ describe Conjur do
     context "with 'stdout'" do
       let(:param) { 'stdout' }
       it "creates something which writes to STDOUT" do
-        $stdout.grab { log << "foo" }.should == 'foo'
+        expect($stdout.grab { log << "foo" }).to eq('foo')
       end
     end
 
     context "with 'stderr'" do
       let(:param) { 'stderr' }
       it "creates something which writes to STDERR" do
-        $stderr.grab { log << "foo" }.should == 'foo'
+        expect($stderr.grab { log << "foo" }).to eq('foo')
       end
     end
 
@@ -35,7 +35,7 @@ describe Conjur do
       let(:param) { tempfile.path }
       it "creates something which writes to the file" do
         log << "foo"
-        tempfile.read.should == "foo"
+        expect(tempfile.read).to eq("foo")
       end
     end
   end

data/spec/lib/resource_spec.rb

@@ -14,7 +14,7 @@ describe Conjur::Resource, api: :dummy, logging: :temp do
         "foobar"
       end
       it "identifier should obtained from the id" do
-        resource.identifier.should == "foobar"
+        expect(resource.identifier).to eq("foobar")
       end
     end
 
@@ -24,11 +24,11 @@ describe Conjur::Resource, api: :dummy, logging: :temp do
         let(:identifier) { p[1] }
         context "resource_kind" do
           subject { resource.kind }
-          specify { should == p[0] }
+          specify { is_expected.to eq(p[0]) }
         end
         context "resource_id" do
           subject { resource.identifier }
-          specify { should == ( p[1] ) }
+          specify { is_expected.to eq( p[1] ) }
         end
       end
     end
@@ -39,31 +39,31 @@ describe Conjur::Resource, api: :dummy, logging: :temp do
 
   describe '#create' do
     it "simply puts" do
-      RestClient::Request.should_receive(:execute).with(
+      expect(RestClient::Request).to receive(:execute).with(
         method: :put,
         url: uri,
         payload: {},
         headers: {}
       ).and_return "new resource"
-      subject.create.should == "new resource"
+      expect(subject.create).to eq("new resource")
     end
   end
 
   describe '#permitted_roles' do
     it 'gets the list from /roles/allowed_to' do
-      RestClient::Request.should_receive(:execute).with(
+      expect(RestClient::Request).to receive(:execute).with(
         method: :get,
         url: "http://authz.example.com/some-account/roles/allowed_to/nuke/the-kind/resource-id",
         headers: {}
       ).and_return '["foo", "bar"]'
 
-      subject.permitted_roles("nuke").should == ['foo', 'bar']
+      expect(subject.permitted_roles("nuke")).to eq(['foo', 'bar'])
     end
   end
 
   describe '#give_to' do
     it "puts the owner field" do
-      RestClient::Request.should_receive(:execute).with(
+      expect(RestClient::Request).to receive(:execute).with(
         method: :put,
         url: uri,
         payload: {owner: 'new-owner' },
@@ -74,39 +74,9 @@ describe Conjur::Resource, api: :dummy, logging: :temp do
     end
   end
 
-  describe "#exists" do
-    let(:uri) { "#{authz_host}/some-account/resources/the-kind/resource-id" }
-    it "sends HEAD /<resource>" do
-      RestClient::Request.should_receive(:execute).with(
-        method: :head,
-        url: uri,
-        headers: {}
-      )
-      subject.exists?
-    end
-    context "with status 204" do
-      before {
-        subject.stub(:head)
-      }
-      its(:exists?) { should be_true }
-    end
-    context "with status 404" do
-      before {
-        subject.stub(:head) { raise RestClient::ResourceNotFound }
-      }
-      its(:exists?) { should be_false }
-    end
-    context "with status 403" do
-      before {
-        subject.stub(:head) { raise RestClient::Forbidden }
-      }
-      its(:exists?) { should be_true }
-    end
-  end
-
   describe '#delete' do
     it 'simply deletes' do
-      RestClient::Request.should_receive(:execute).with(
+      expect(RestClient::Request).to receive(:execute).with(
         method: :delete,
         url: uri,
         headers: {}
@@ -120,7 +90,7 @@ describe Conjur::Resource, api: :dummy, logging: :temp do
     it 'posts permit for every privilege' do
       privileges = [:nuke, :fry]
       privileges.each do |p|
-        RestClient::Request.should_receive(:execute).with(
+        expect(RestClient::Request).to receive(:execute).with(
           method: :post,
           url: uri + "/?permit&privilege=#{p}&role=dr-strangelove",
           headers: {},
@@ -135,7 +105,7 @@ describe Conjur::Resource, api: :dummy, logging: :temp do
     it 'posts deny for every privilege' do
       privileges = [:nuke, :fry]
       privileges.each do |p|
-        RestClient::Request.should_receive(:execute).with(
+        expect(RestClient::Request).to receive(:execute).with(
           method: :post,
           url: uri + "/?deny&privilege=#{p}&role=james-bond",
           headers: {},
@@ -148,7 +118,7 @@ describe Conjur::Resource, api: :dummy, logging: :temp do
 
   describe '#permitted?' do
     it 'gets the ?permitted? action' do
-      RestClient::Request.should_receive(:execute).with(
+      expect(RestClient::Request).to receive(:execute).with(
         method: :get,
         url: uri + "/?check=true&privilege=fry",
         headers: {}
@@ -157,33 +127,33 @@ describe Conjur::Resource, api: :dummy, logging: :temp do
     end
     context "with status 204" do
       before {
-        subject.stub_chain(:[], :get)
+        allow(subject).to receive_message_chain(:[], :get)
       }
       specify {
-        subject.permitted?('fry').should be_true
+        expect(subject.permitted?('fry')).to be_truthy
       }
     end
     context "with status 404" do
       before {
-        subject.stub_chain(:[], :get) { raise RestClient::ResourceNotFound }
+        allow(subject).to receive_message_chain(:[], :get) { raise RestClient::ResourceNotFound }
       }
       specify {
-        subject.permitted?('fry').should be_false
+        expect(subject.permitted?('fry')).to be_falsey
       }
     end
     context "with status 403" do
       before {
-        subject.stub_chain(:[], :get) { raise RestClient::Forbidden }
+        allow(subject).to receive_message_chain(:[], :get) { raise RestClient::Forbidden }
       }
       specify {
-        subject.permitted?('fry').should be_false
+        expect(subject.permitted?('fry')).to be_falsey
       }
     end
   end
 
   describe '.all' do
     it "calls /account/resources" do
-      RestClient::Request.should_receive(:execute).with(
+      expect(RestClient::Request).to receive(:execute).with(
         method: :get,
         url: "http://authz.example.com/the-account/resources",
         headers: {}
@@ -193,7 +163,7 @@ describe Conjur::Resource, api: :dummy, logging: :temp do
     end
 
     it "can filter by kind" do
-      RestClient::Request.should_receive(:execute).with(
+      expect(RestClient::Request).to receive(:execute).with(
         method: :get,
         url: "http://authz.example.com/the-account/resources/chunky",
         headers: {}
@@ -204,17 +174,17 @@ describe Conjur::Resource, api: :dummy, logging: :temp do
     end
     
     it "passes search, limit, and offset params" do
-      RestClient::Request.should_receive(:execute).with(
+      expect(RestClient::Request).to receive(:execute).with(
         method: :get,
         # Note that to_query sorts the keys
         url: "http://authz.example.com/the-account/resources?limit=5&offset=6&search=something",
         headers: {}
       ).and_return '["foo", "bar"]'
-      Conjur::Resource.all(host: authz_host, account: account, search: 'something', limit:5, offset:6).should == %w(foo bar)
+      expect(Conjur::Resource.all(host: authz_host, account: account, search: 'something', limit:5, offset:6)).to eq(%w(foo bar))
     end
 
     it "uses the given authz url" do
-      RestClient::Request.should_receive(:execute).with(
+      expect(RestClient::Request).to receive(:execute).with(
         method: :get,
         url: "http://otherhost.example.com/the-account/resources",
         headers: {}