conjur-api 4.10.1 → 4.10.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -4,8 +4,12 @@ describe Conjur::Configuration do
4
4
  before {
5
5
  Conjur.configuration = Conjur::Configuration.new
6
6
  }
7
- let(:configuration) { Conjur.configuration }
8
- subject { configuration }
7
+ after(:all) do
8
+ # reset the configuration so it doesn't clobber other tests
9
+ Conjur.configuration = Conjur::Configuration.new
10
+ end
11
+
12
+ subject(:configuration) { Conjur.configuration }
9
13
  context "thread-local behavior" do
10
14
  it "can swap the Configuration in a new thread" do
11
15
  original = Conjur.configuration
@@ -13,11 +17,11 @@ describe Conjur::Configuration do
13
17
  Thread.new do
14
18
  Thread.current[:conjur_configuration] = :foo
15
19
  Conjur.with_configuration c do
16
- Conjur.configuration.should == c
20
+ expect(Conjur.configuration).to eq(c)
17
21
  end
18
- Thread.current[:conjur_configuration].should == :foo
22
+ expect(Thread.current[:conjur_configuration]).to eq(:foo)
19
23
  end.join
20
- Conjur.configuration.should == original
24
+ expect(Conjur.configuration).to eq(original)
21
25
  end
22
26
  end
23
27
  context "with various options" do
@@ -25,40 +29,44 @@ describe Conjur::Configuration do
25
29
  configuration.account = "the-account"
26
30
  configuration.appliance_url = "https://conjur/api"
27
31
  }
28
- it "core_url is not pre-cached" do
29
- configuration.supplied[:core_url].should_not be
30
- end
31
- it "core_url is cached after use" do
32
- configuration.core_url
33
- configuration.supplied[:core_url].should == configuration.core_url
34
- end
35
32
  context "and core_url fetched" do
36
33
  before {
37
34
  configuration.core_url
38
35
  }
36
+
37
+ it "can still be changed by changing the appliance_url" do
38
+ configuration.appliance_url = "https://other/api"
39
+ expect(configuration.core_url).to eq "https://other/api"
40
+ end
41
+
39
42
  context "and duplicated" do
40
43
  subject { configuration.clone override_options }
41
44
  let(:override_options) { Hash.new }
42
- its(:account) { should == configuration.account }
43
- its(:appliance_url) { should == configuration.appliance_url }
44
- its(:core_url) { should == configuration.appliance_url }
45
- context "core_url fetched" do
46
- it "is then cached in the original" do
47
- configuration.supplied[:core_url].should be
48
- end
49
- it "is not cached in the copy" do
50
- subject.supplied[:core_url].should_not be
51
- end
45
+
46
+ describe '#account' do
47
+ subject { super().account }
48
+ it { is_expected.to eq(configuration.account) }
49
+ end
50
+
51
+ describe '#appliance_url' do
52
+ subject { super().appliance_url }
53
+ it { is_expected.to eq(configuration.appliance_url) }
54
+ end
55
+
56
+ describe '#core_url' do
57
+ subject { super().core_url }
58
+ it { is_expected.to eq(configuration.appliance_url) }
52
59
  end
60
+
53
61
  context "appliance_url overridden" do
54
62
  let(:override_options) {
55
63
  { :appliance_url => "https://example/api" }
56
64
  }
57
65
  it "is ignored by the configuration core_url" do
58
- configuration.core_url.should == "https://conjur/api"
66
+ expect(configuration.core_url).to eq("https://conjur/api")
59
67
  end
60
68
  it "is reflected in the copy core_url" do
61
- subject.core_url.should == "https://example/api"
69
+ expect(subject.core_url).to eq("https://example/api")
62
70
  end
63
71
  end
64
72
  end
@@ -70,86 +78,138 @@ describe Conjur::Configuration do
70
78
  ENV.delete('CONJUR_ENV')
71
79
  }
72
80
  context "default env" do
73
- its(:env) { should == "production" }
81
+ describe '#env' do
82
+ subject { super().env }
83
+ it { is_expected.to eq("production") }
84
+ end
74
85
  end
75
86
  context "default stack" do
76
- its(:stack) { should == "v4" }
87
+ describe '#stack' do
88
+ subject { super().stack }
89
+ it { is_expected.to eq("v4") }
90
+ end
77
91
  end
78
92
  describe 'authn_url' do
79
93
  before {
80
- Conjur::Configuration.any_instance.stub(:account).and_return "the-account"
94
+ allow_any_instance_of(Conjur::Configuration).to receive(:account).and_return "the-account"
81
95
  }
82
96
  context "with appliance_url" do
83
97
  before {
84
- Conjur::Configuration.any_instance.stub(:appliance_url).and_return "http://example.com"
98
+ allow_any_instance_of(Conjur::Configuration).to receive(:appliance_url).and_return "http://example.com"
85
99
  }
86
- its(:authn_url) { should == "http://example.com/authn" }
100
+
101
+ describe '#authn_url' do
102
+ subject { super().authn_url }
103
+ it { is_expected.to eq("http://example.com/authn") }
104
+ end
87
105
  end
88
106
  context "without appliance_url" do
89
- its(:authn_url) { should == "https://authn-the-account-conjur.herokuapp.com" }
107
+ describe '#authn_url' do
108
+ subject { super().authn_url }
109
+ it { is_expected.to eq("https://authn-the-account-conjur.herokuapp.com") }
110
+ end
90
111
  end
91
112
  end
92
113
  describe 'authz_url' do
93
114
  before {
94
- Conjur::Configuration.any_instance.stub(:account).and_return "the-account"
115
+ allow_any_instance_of(Conjur::Configuration).to receive(:account).and_return "the-account"
95
116
  }
96
117
  context "with appliance_url" do
97
118
  before {
98
- Conjur::Configuration.any_instance.stub(:appliance_url).and_return "http://example.com"
119
+ allow_any_instance_of(Conjur::Configuration).to receive(:appliance_url).and_return "http://example.com"
99
120
  }
100
- its(:authz_url) { should == "http://example.com/authz" }
121
+
122
+ describe '#authz_url' do
123
+ subject { super().authz_url }
124
+ it { is_expected.to eq("http://example.com/authz") }
125
+ end
101
126
  end
102
127
  context "without appliance_url" do
103
- its(:authz_url) { should == "https://authz-v4-conjur.herokuapp.com" }
128
+ describe '#authz_url' do
129
+ subject { super().authz_url }
130
+ it { is_expected.to eq("https://authz-v4-conjur.herokuapp.com") }
131
+ end
104
132
  context "with specific stack" do
105
- before { Conjur::Configuration.any_instance.stub(:stack).and_return "the-stack" }
106
- its(:authz_url) { should == "https://authz-the-stack-conjur.herokuapp.com" }
133
+ before { allow_any_instance_of(Conjur::Configuration).to receive(:stack).and_return "the-stack" }
134
+
135
+ describe '#authz_url' do
136
+ subject { super().authz_url }
137
+ it { is_expected.to eq("https://authz-the-stack-conjur.herokuapp.com") }
138
+ end
107
139
  end
108
140
  end
109
141
  end
110
142
  end
111
143
  context "CONJUR_ENV = 'test'" do
112
- its(:env) { should == "test" }
144
+ describe '#env' do
145
+ subject { super().env }
146
+ it { is_expected.to eq("test") }
147
+ end
113
148
  before {
114
- Conjur::Configuration.any_instance.stub(:account).and_return "the-account"
149
+ allow_any_instance_of(Conjur::Configuration).to receive(:account).and_return "the-account"
115
150
  }
116
151
  describe 'authn_url' do
117
152
  context "with appliance_url hostname" do
118
153
  before {
119
- Conjur::Configuration.any_instance.stub(:appliance_url).and_return "http://example.com"
154
+ allow_any_instance_of(Conjur::Configuration).to receive(:appliance_url).and_return "http://example.com"
120
155
  }
121
- its(:authn_url) { should == "http://example.com/authn" }
156
+
157
+ describe '#authn_url' do
158
+ subject { super().authn_url }
159
+ it { is_expected.to eq("http://example.com/authn") }
160
+ end
122
161
  end
123
162
  context "with appliance_url hostname and non-trailing-slash path" do
124
163
  before {
125
- Conjur::Configuration.any_instance.stub(:appliance_url).and_return "http://example.com/api"
164
+ allow_any_instance_of(Conjur::Configuration).to receive(:appliance_url).and_return "http://example.com/api"
126
165
  }
127
- its(:authn_url) { should == "http://example.com/api/authn" }
166
+
167
+ describe '#authn_url' do
168
+ subject { super().authn_url }
169
+ it { is_expected.to eq("http://example.com/api/authn") }
170
+ end
128
171
  end
129
172
  context "without appliance_url" do
130
- its(:authn_url) { should == "http://localhost:5000" }
173
+ describe '#authn_url' do
174
+ subject { super().authn_url }
175
+ it { is_expected.to eq("http://localhost:5000") }
176
+ end
131
177
  end
132
178
  end
133
179
  describe 'authz_url' do
134
180
  context "with appliance_url" do
135
181
  before {
136
- Conjur::Configuration.any_instance.stub(:appliance_url).and_return "http://example.com/api/"
182
+ allow_any_instance_of(Conjur::Configuration).to receive(:appliance_url).and_return "http://example.com/api/"
137
183
  }
138
- its(:authz_url) { should == "http://example.com/api/authz" }
184
+
185
+ describe '#authz_url' do
186
+ subject { super().authz_url }
187
+ it { is_expected.to eq("http://example.com/api/authz") }
188
+ end
139
189
  end
140
190
  context "without appliance_url" do
141
- its(:authz_url) { should == "http://localhost:5100" }
191
+ describe '#authz_url' do
192
+ subject { super().authz_url }
193
+ it { is_expected.to eq("http://localhost:5100") }
194
+ end
142
195
  end
143
196
  end
144
197
  describe 'core_url' do
145
198
  context "with appliance_url" do
146
199
  before {
147
- Conjur::Configuration.any_instance.stub(:appliance_url).and_return "http://example.com/api"
200
+ allow_any_instance_of(Conjur::Configuration).to receive(:appliance_url).and_return "http://example.com/api"
148
201
  }
149
- its(:core_url) { should == "http://example.com/api" }
202
+
203
+ describe '#core_url' do
204
+ subject { super().core_url }
205
+ it { is_expected.to eq("http://example.com/api") }
206
+ end
150
207
  end
151
208
  context "without appliance_url" do
152
- its(:core_url) { should == "http://localhost:5200" }
209
+ describe '#core_url' do
210
+ subject { super().core_url }
211
+ it { is_expected.to eq("http://localhost:5200") }
212
+ end
153
213
  end
154
214
  end
155
215
  end
@@ -1,12 +1,25 @@
1
1
  require 'spec_helper'
2
2
 
3
3
  describe Conjur::Deputy, api: :dummy do
4
- subject { Conjur::Deputy.new 'http://example.com/deputies/my%2Fhostname', nil }
4
+ let(:api_key) { 'theapikey' }
5
5
 
6
- its(:resource) { should be }
7
- its(:login) { should == 'deputy/my/hostname' }
6
+ subject(:deputy) { Conjur::Deputy.new 'http://example.com/deputies/my%2Fhostname', nil }
7
+ before { deputy.attributes = { 'api_key' => api_key } }
8
8
 
9
- let(:api_key) { 'theapikey' }
10
- before { subject.attributes = { 'api_key' => api_key } }
11
- its(:api_key) { should == api_key }
9
+ describe '#resource' do
10
+ subject { deputy.resource }
11
+ it { is_expected.to be }
12
+ end
13
+
14
+ describe '#login' do
15
+ it "is extracted from the uri" do
16
+ expect(deputy.login).to eq('deputy/my/hostname')
17
+ end
18
+ end
19
+
20
+ describe '#api_key' do
21
+ it "is extracted from attributes" do
22
+ expect(deputy.api_key).to eq api_key
23
+ end
24
+ end
12
25
  end
@@ -1,22 +1,24 @@
1
1
  require 'spec_helper'
2
2
 
3
3
  describe Conjur::Exists do
4
- subject { Object.new.tap {|o| o.send :extend, Conjur::Exists } }
4
+ subject(:resource) { Object.new.tap {|o| o.send :extend, Conjur::Exists } }
5
5
 
6
- context "when head returns 200" do
7
- before { subject.stub head: "" }
8
- its(:exists?) { should be_true }
9
- end
6
+ describe '#exists?' do
7
+ subject { resource.exists? }
10
8
 
11
- context "when forbidden" do
12
- before { subject.stub(:head) { raise RestClient::Forbidden }}
13
- it "returns true" do
14
- subject.exists?.should be_truthy
9
+ context "when head returns 200" do
10
+ before { allow(resource).to receive_messages head: "" }
11
+ it { is_expected.to be_truthy }
15
12
  end
16
- end
17
13
 
18
- context "when not found" do
19
- before { subject.stub(:head) { raise RestClient::ResourceNotFound }}
20
- its(:exists?) { should be_false }
14
+ context "when forbidden" do
15
+ before { allow(resource).to receive(:head) { raise RestClient::Forbidden }}
16
+ it { is_expected.to be_truthy }
17
+ end
18
+
19
+ context "when not found" do
20
+ before { allow(resource).to receive(:head) { raise RestClient::ResourceNotFound }}
21
+ it { is_expected.to be_falsey }
22
+ end
21
23
  end
22
24
  end
@@ -3,12 +3,19 @@ require 'spec_helper'
3
3
  describe Conjur::Host, api: :dummy do
4
4
  subject { Conjur::Host.new 'http://example.com/hosts/my%2Fhostname', nil }
5
5
 
6
- its(:resource) { should be }
7
- its(:login) { should == 'host/my/hostname' }
6
+ describe '#resource' do
7
+ subject { super().resource }
8
+ it { is_expected.to be }
9
+ end
10
+
11
+ describe '#login' do
12
+ subject { super().login }
13
+ it { is_expected.to eq('host/my/hostname') }
14
+ end
8
15
 
9
16
  it "fetches enrollment_url" do
10
17
  stub_request(:head, "http://example.com/hosts/my%2Fhostname/enrollment_url").
11
18
  to_return(:status => 200, :headers => {location: 'foo'})
12
- subject.enrollment_url.should == 'foo'
19
+ expect(subject.enrollment_url).to eq('foo')
13
20
  end
14
21
  end
@@ -7,7 +7,7 @@ describe Conjur::LogSource, logging: :temp, api: :dummy do
7
7
  log << 'foo'
8
8
  end
9
9
 
10
- log.should == "[#{username}] foo\n"
10
+ expect(log).to eq("[#{username}] foo\n")
11
11
  end
12
12
  end
13
13
  end
data/spec/lib/log_spec.rb CHANGED
@@ -7,9 +7,9 @@ describe Conjur do
7
7
  before { @old_log = Conjur.log }
8
8
  let(:log) { double 'log' }
9
9
  it "creates the log with given type and makes it available" do
10
- Conjur.stub(:create_log).with(:param).and_return log
10
+ allow(Conjur).to receive(:create_log).with(:param).and_return log
11
11
  Conjur::log = :param
12
- Conjur::log.should == log
12
+ expect(Conjur::log).to eq(log)
13
13
  end
14
14
  after { Conjur.class_variable_set :@@log, @old_log }
15
15
  end
@@ -19,14 +19,14 @@ describe Conjur do
19
19
  context "with 'stdout'" do
20
20
  let(:param) { 'stdout' }
21
21
  it "creates something which writes to STDOUT" do
22
- $stdout.grab { log << "foo" }.should == 'foo'
22
+ expect($stdout.grab { log << "foo" }).to eq('foo')
23
23
  end
24
24
  end
25
25
 
26
26
  context "with 'stderr'" do
27
27
  let(:param) { 'stderr' }
28
28
  it "creates something which writes to STDERR" do
29
- $stderr.grab { log << "foo" }.should == 'foo'
29
+ expect($stderr.grab { log << "foo" }).to eq('foo')
30
30
  end
31
31
  end
32
32
 
@@ -35,7 +35,7 @@ describe Conjur do
35
35
  let(:param) { tempfile.path }
36
36
  it "creates something which writes to the file" do
37
37
  log << "foo"
38
- tempfile.read.should == "foo"
38
+ expect(tempfile.read).to eq("foo")
39
39
  end
40
40
  end
41
41
  end
@@ -14,7 +14,7 @@ describe Conjur::Resource, api: :dummy, logging: :temp do
14
14
  "foobar"
15
15
  end
16
16
  it "identifier should obtained from the id" do
17
- resource.identifier.should == "foobar"
17
+ expect(resource.identifier).to eq("foobar")
18
18
  end
19
19
  end
20
20
 
@@ -24,11 +24,11 @@ describe Conjur::Resource, api: :dummy, logging: :temp do
24
24
  let(:identifier) { p[1] }
25
25
  context "resource_kind" do
26
26
  subject { resource.kind }
27
- specify { should == p[0] }
27
+ specify { is_expected.to eq(p[0]) }
28
28
  end
29
29
  context "resource_id" do
30
30
  subject { resource.identifier }
31
- specify { should == ( p[1] ) }
31
+ specify { is_expected.to eq( p[1] ) }
32
32
  end
33
33
  end
34
34
  end
@@ -39,31 +39,31 @@ describe Conjur::Resource, api: :dummy, logging: :temp do
39
39
 
40
40
  describe '#create' do
41
41
  it "simply puts" do
42
- RestClient::Request.should_receive(:execute).with(
42
+ expect(RestClient::Request).to receive(:execute).with(
43
43
  method: :put,
44
44
  url: uri,
45
45
  payload: {},
46
46
  headers: {}
47
47
  ).and_return "new resource"
48
- subject.create.should == "new resource"
48
+ expect(subject.create).to eq("new resource")
49
49
  end
50
50
  end
51
51
 
52
52
  describe '#permitted_roles' do
53
53
  it 'gets the list from /roles/allowed_to' do
54
- RestClient::Request.should_receive(:execute).with(
54
+ expect(RestClient::Request).to receive(:execute).with(
55
55
  method: :get,
56
56
  url: "http://authz.example.com/some-account/roles/allowed_to/nuke/the-kind/resource-id",
57
57
  headers: {}
58
58
  ).and_return '["foo", "bar"]'
59
59
 
60
- subject.permitted_roles("nuke").should == ['foo', 'bar']
60
+ expect(subject.permitted_roles("nuke")).to eq(['foo', 'bar'])
61
61
  end
62
62
  end
63
63
 
64
64
  describe '#give_to' do
65
65
  it "puts the owner field" do
66
- RestClient::Request.should_receive(:execute).with(
66
+ expect(RestClient::Request).to receive(:execute).with(
67
67
  method: :put,
68
68
  url: uri,
69
69
  payload: {owner: 'new-owner' },
@@ -74,39 +74,9 @@ describe Conjur::Resource, api: :dummy, logging: :temp do
74
74
  end
75
75
  end
76
76
 
77
- describe "#exists" do
78
- let(:uri) { "#{authz_host}/some-account/resources/the-kind/resource-id" }
79
- it "sends HEAD /<resource>" do
80
- RestClient::Request.should_receive(:execute).with(
81
- method: :head,
82
- url: uri,
83
- headers: {}
84
- )
85
- subject.exists?
86
- end
87
- context "with status 204" do
88
- before {
89
- subject.stub(:head)
90
- }
91
- its(:exists?) { should be_true }
92
- end
93
- context "with status 404" do
94
- before {
95
- subject.stub(:head) { raise RestClient::ResourceNotFound }
96
- }
97
- its(:exists?) { should be_false }
98
- end
99
- context "with status 403" do
100
- before {
101
- subject.stub(:head) { raise RestClient::Forbidden }
102
- }
103
- its(:exists?) { should be_true }
104
- end
105
- end
106
-
107
77
  describe '#delete' do
108
78
  it 'simply deletes' do
109
- RestClient::Request.should_receive(:execute).with(
79
+ expect(RestClient::Request).to receive(:execute).with(
110
80
  method: :delete,
111
81
  url: uri,
112
82
  headers: {}
@@ -120,7 +90,7 @@ describe Conjur::Resource, api: :dummy, logging: :temp do
120
90
  it 'posts permit for every privilege' do
121
91
  privileges = [:nuke, :fry]
122
92
  privileges.each do |p|
123
- RestClient::Request.should_receive(:execute).with(
93
+ expect(RestClient::Request).to receive(:execute).with(
124
94
  method: :post,
125
95
  url: uri + "/?permit&privilege=#{p}&role=dr-strangelove",
126
96
  headers: {},
@@ -135,7 +105,7 @@ describe Conjur::Resource, api: :dummy, logging: :temp do
135
105
  it 'posts deny for every privilege' do
136
106
  privileges = [:nuke, :fry]
137
107
  privileges.each do |p|
138
- RestClient::Request.should_receive(:execute).with(
108
+ expect(RestClient::Request).to receive(:execute).with(
139
109
  method: :post,
140
110
  url: uri + "/?deny&privilege=#{p}&role=james-bond",
141
111
  headers: {},
@@ -148,7 +118,7 @@ describe Conjur::Resource, api: :dummy, logging: :temp do
148
118
 
149
119
  describe '#permitted?' do
150
120
  it 'gets the ?permitted? action' do
151
- RestClient::Request.should_receive(:execute).with(
121
+ expect(RestClient::Request).to receive(:execute).with(
152
122
  method: :get,
153
123
  url: uri + "/?check=true&privilege=fry",
154
124
  headers: {}
@@ -157,33 +127,33 @@ describe Conjur::Resource, api: :dummy, logging: :temp do
157
127
  end
158
128
  context "with status 204" do
159
129
  before {
160
- subject.stub_chain(:[], :get)
130
+ allow(subject).to receive_message_chain(:[], :get)
161
131
  }
162
132
  specify {
163
- subject.permitted?('fry').should be_true
133
+ expect(subject.permitted?('fry')).to be_truthy
164
134
  }
165
135
  end
166
136
  context "with status 404" do
167
137
  before {
168
- subject.stub_chain(:[], :get) { raise RestClient::ResourceNotFound }
138
+ allow(subject).to receive_message_chain(:[], :get) { raise RestClient::ResourceNotFound }
169
139
  }
170
140
  specify {
171
- subject.permitted?('fry').should be_false
141
+ expect(subject.permitted?('fry')).to be_falsey
172
142
  }
173
143
  end
174
144
  context "with status 403" do
175
145
  before {
176
- subject.stub_chain(:[], :get) { raise RestClient::Forbidden }
146
+ allow(subject).to receive_message_chain(:[], :get) { raise RestClient::Forbidden }
177
147
  }
178
148
  specify {
179
- subject.permitted?('fry').should be_false
149
+ expect(subject.permitted?('fry')).to be_falsey
180
150
  }
181
151
  end
182
152
  end
183
153
 
184
154
  describe '.all' do
185
155
  it "calls /account/resources" do
186
- RestClient::Request.should_receive(:execute).with(
156
+ expect(RestClient::Request).to receive(:execute).with(
187
157
  method: :get,
188
158
  url: "http://authz.example.com/the-account/resources",
189
159
  headers: {}
@@ -193,7 +163,7 @@ describe Conjur::Resource, api: :dummy, logging: :temp do
193
163
  end
194
164
 
195
165
  it "can filter by kind" do
196
- RestClient::Request.should_receive(:execute).with(
166
+ expect(RestClient::Request).to receive(:execute).with(
197
167
  method: :get,
198
168
  url: "http://authz.example.com/the-account/resources/chunky",
199
169
  headers: {}
@@ -204,17 +174,17 @@ describe Conjur::Resource, api: :dummy, logging: :temp do
204
174
  end
205
175
 
206
176
  it "passes search, limit, and offset params" do
207
- RestClient::Request.should_receive(:execute).with(
177
+ expect(RestClient::Request).to receive(:execute).with(
208
178
  method: :get,
209
179
  # Note that to_query sorts the keys
210
180
  url: "http://authz.example.com/the-account/resources?limit=5&offset=6&search=something",
211
181
  headers: {}
212
182
  ).and_return '["foo", "bar"]'
213
- Conjur::Resource.all(host: authz_host, account: account, search: 'something', limit:5, offset:6).should == %w(foo bar)
183
+ expect(Conjur::Resource.all(host: authz_host, account: account, search: 'something', limit:5, offset:6)).to eq(%w(foo bar))
214
184
  end
215
185
 
216
186
  it "uses the given authz url" do
217
- RestClient::Request.should_receive(:execute).with(
187
+ expect(RestClient::Request).to receive(:execute).with(
218
188
  method: :get,
219
189
  url: "http://otherhost.example.com/the-account/resources",
220
190
  headers: {}