csp_report 0.1.2 → 0.2.0

data/spec/factories/csp_report_csp_reports.rb

@@ -1,11 +1,19 @@
-# Read about factories at https://github.com/thoughtbot/factory_girl
-
 FactoryGirl.define do
-  factory :csp_report_csp_report, :class => 'CspReport' do
-    document_uri "MyString"
-    referrer "MyString"
-    blocked_uri "MyString"
-    violated_directive "MyString"
-    original_policy "MyString"
+  factory :local_inline, :class => 'CspReport::CspReport' do
+    document_uri "http://localhost:3000"
+    referrer ""
+    blocked_uri ""
+    violated_directive "script-src 'self'"
+    original_policy "script-src 'self'; report-uri /csp/csp_reports"
+    incoming_ip "127.0.0.1"
+  end
+
+  factory :local_home_index_inline, :class => 'CspReport::CspReport' do
+    document_uri "http://localhost:3000/home/index"
+    referrer ""
+    blocked_uri ""
+    violated_directive "script-src 'self'"
+    original_policy "script-src 'self'; report-uri /csp/csp_reports"
+    incoming_ip "127.0.0.1"
   end
 end

data/spec/features/csp_report/csp_reports_index_spec.rb

@@ -0,0 +1,81 @@
+require 'spec_helper'
+
+describe 'CspReport index view' do
+  describe 'Report data headers' do
+    before(:each) do
+      visit csp_reports_path
+    end
+
+    it 'should display the report id' do
+      page.should have_content 'ID'
+    end
+    it 'should display the report document URI' do
+      page.should have_content 'Document URI'
+    end
+    it 'should display the report referrer' do
+      page.should have_content 'Referrer'
+    end
+    it 'should display the report original policy' do
+      page.should have_content 'Server Policy'
+    end
+    it 'should display the report violated directive' do
+      page.should have_content 'Violated Directive'
+    end
+    it 'should display the report blocked URI' do
+      page.should have_content 'Blocked URI'
+    end
+    it 'should display the report incoming IP' do
+      page.should have_content 'Incoming IP'
+    end
+    it 'should display the report creation timestamp' do
+      page.should have_content 'Reported At'
+    end
+    it 'should display an Actions column' do
+      page.should have_content 'Actions'
+    end
+  end
+
+  describe 'Report data content' do
+    before(:each) do
+      @local_inline = FactoryGirl.create(:local_inline)
+      visit csp_reports_path
+    end
+
+    it 'should display the report id' do
+      page.should have_content @local_inline.id
+    end
+    it 'should display the report document URI' do
+      page.should have_content @local_inline.document_uri
+    end
+    it 'should display the report referrer' do
+      page.should have_content @local_inline.referrer
+    end
+    it 'should display the report original policy' do
+      page.should have_content @local_inline.original_policy
+    end
+    it 'should display the report violated directive' do
+      page.should have_content @local_inline.violated_directive
+    end
+    it 'should display the report blocked URI' do
+      page.should have_content @local_inline.blocked_uri
+    end
+    it 'should display the report incoming IP' do
+      page.should have_content @local_inline.incoming_ip
+    end
+    it 'should display the report creation timestamp' do
+      page.should have_content @local_inline.created_at
+    end
+    it 'should display a link to delete the report' do
+      page.should have_link 'Delete violation',
+        {href: csp_report_path(@local_inline.id)}
+    end
+  end
+
+  describe 'Delete All functionnality' do
+    it 'should make a "delete all" button available' do
+      visit csp_reports_path
+      page.should have_link "Delete All",
+        {href: csp_reports_destroy_all_path}
+    end
+  end
+end

data/spec/generators/csp_report/install_generators_spec.rb

@@ -1,10 +1,40 @@
 require 'spec_helper'
-require 'rails/generators/base'
-require 'generators/csp_report/install_generator'
+require 'genspec'
+require 'fileutils'
 
+# Can work if we simulate the app repo. need to find a way to have it use
+# the dummy repo
 module CspReport
-  describe "InstallGenerator" do
-    # puts $:
-    pending "add some tests here"
+  describe :"csp_report:install" do
+    # The below does not work. Genspec creates a new uniquely named substructure
+    # anyway, and therefore needs to create folder and files
+    # GenSpec.root=File.expand_path("../../../dummy", __FILE__)
+    # within_source_root do
+    #   FileUtils.mkdir_p "config"
+    #   FileUtils.touch "config/routes.rb"
+    #   FileUtils.touch "Rakefile"
+    #   FileUtils.touch "Gemfile"
+    #   File.open('Gemfile', 'w') do |f|
+    #     f.write "gem 'csp_report', path: '~/Documents/Prog/csp_report'"
+    #   end
+    #   # Tried to run bundle install... did not work. not sure we have a rails
+    #   # app in the temp location
+    # end
+
+    # context "with no arguments or options" do
+    #   # This actually tries to run the generator in a /tmp folder.
+    #   # thus the preparations above
+    #   # Not very practical
+    #   it "should generate successfully" do
+    #     subject.should generate
+    #   end
+
+    #   it "should mount the gem in the routes" do
+    #     # This checks that you call the inject_into_file with exactly this content.
+    #     # not very practical.
+    #     subject.should inject_into_file("config/routes.rb", 
+    #                                     "\n  mount CspReport::Engine, at: 'csp'")
+    #   end
+    # end
   end
 end

data/spec/models/csp_report/csp_report_spec.rb

@@ -1,7 +1,115 @@
 require 'spec_helper'
 
-module CspReport
-  describe CspReport do
-    pending "add some examples to (or delete) #{__FILE__}"
+describe CspReport::CspReport do
+  before(:each) do
+    @unsaved_report = {
+      'document_uri' => "http://localhost:3000/home/index",
+      'referrer' => "",
+      'blocked_uri' => "",
+      'violated_directive' => "script-src 'self'",
+      'original_policy' => "script-src 'self'; report_uri /csp/csp_reports",
+      'incoming_ip' => "127.0.0.1"
+    }
+
+    @unsaved_report_wout_document_uri = {
+      'referrer' => "",
+      'blocked_uri' => "",
+      'violated_directive' => "script-src 'self'",
+      'original_policy' => "script-src 'self'; report_uri /csp/csp_reports",
+      'incoming_ip' => "127.0.0.1"
+    }
+
+    @unsaved_report_wout_violated_directive = {
+      'document_uri' => "http://localhost:3000/home/index",
+      'referrer' => "",
+      'blocked_uri' => "",
+      'original_policy' => "script-src 'self'; report_uri /csp/csp_reports",
+      'incoming_ip' => "127.0.0.1"
+    }
+
+    @unsaved_report_wout_original_policy = {
+      'document_uri' => "http://localhost:3000/home/index",
+      'referrer' => "",
+      'blocked_uri' => "",
+      'violated_directive' => "script-src 'self'",
+      'incoming_ip' => "127.0.0.1"
+    }
+
+    @unsaved_report_wout_incoming_ip = {
+      'document_uri' => "http://localhost:3000/home/index",
+      'referrer' => "",
+      'blocked_uri' => "",
+      'violated_directive' => "script-src 'self'",
+      'original_policy' => "script-src 'self'; report_uri /csp/csp_reports",
+    }
+
+  end
+
+  describe "pure model" do
+    it "should create a rew report when all the mandatory attributes are provided" do
+      report = CspReport::CspReport.new(@unsaved_report)
+      assert_not_nil report
+    end
+
+    it "should fail to create a report when the document_uri is missing" do
+      report = CspReport::CspReport.new(@unsaved_report_wout_document_uri)
+      report.should_not be_valid
+    end
+
+    it "should fail to create a report when the violated_directive is missing" do
+      report = CspReport::CspReport.new(@unsaved_report_wout_violated_directive)
+      report.should_not be_valid
+    end
+
+    it "should fail to create a report when the original_policy is missing" do
+      report = CspReport::CspReport.new(@unsaved_report_wout_original_policy)
+      report.should_not be_valid
+    end
+
+    it "shoud fail to create a report when the incoming_ip is missing" do
+      report = CspReport::CspReport.new(@unsaved_report_wout_incoming_ip)
+      report.should_not be_valid
+    end
+  end
+
+  describe "active_record" do
+    it "should save to the database when all the mandatory attributes are provided" do
+      report = CspReport::CspReport.new(@unsaved_report)
+      expect {
+        report.save!
+      }.to change(CspReport::CspReport, :count).by(1)
+    end
+
+    it "should fail to save to the db when the document_uri is missing" do
+      report = CspReport::CspReport.new(@unsaved_report_wout_document_uri)
+      expect {
+        report.save!
+      }.to raise_error
+      assert_equal 0, CspReport::CspReport.count
+    end
+
+    it "should fail to save to the db when the violated_directive is missing" do
+      report = CspReport::CspReport.new(@unsaved_report_wout_violated_directive)
+      expect {
+        report.save!
+      }.to raise_error
+      assert_equal 0, CspReport::CspReport.count
+    end
+
+    it "should fail to save to the db when the original_policy is missing" do
+      report = CspReport::CspReport.new(@unsaved_report_wout_original_policy)
+      expect {
+        report.save!
+      }.to raise_error
+      assert_equal 0, CspReport::CspReport.count
+    end
+
+    it "should fail to save to the db when the incoming_ip is missing" do
+      report = CspReport::CspReport.new(@unsaved_report_wout_incoming_ip)
+      expect {
+        report.save!
+      }.to raise_error
+      assert_equal 0, CspReport::CspReport.count
+    end
   end
 end

data/spec/spec_helper.rb

@@ -1,18 +1,49 @@
-ENV['RAILS_ENV'] ||= 'test'
-
-require File.expand_path("../dummy/config/environment.rb",  __FILE__)
+# This file is copied to spec/ when you run 'rails generate rspec:install'
+ENV["RAILS_ENV"] ||= 'test'
+require File.expand_path("../dummy/config/environment", __FILE__)
 require 'rspec/rails'
 require 'rspec/autorun'
-require 'factory_girl_rails'
+require 'factory_girl'
+require 'capybara/rspec'
+
+# Requires supporting ruby files with custom matchers and macros, etc,
+# in spec/support/ and its subdirectories.
+Dir[Rails.root.join("spec/support/**/*.rb")].each { |f| require f }
 
-Rails.backtrace_cleaner.remove_silencers!
+# Checks for pending migrations before tests are run.
+# If you are not using ActiveRecord, you can remove this line.
+ActiveRecord::Migration.check_pending! if defined?(ActiveRecord::Migration)
 
-# Load support files
-Dir["#{File.dirname(__FILE__)}/support/**/*.rb"].each { |f| require f }
+FactoryGirl.find_definitions
 
 RSpec.configure do |config|
-  config.mock_with :rspec
+  # For engine testing. Makes the Engine routes available to the test files
+  config.include CspReport::Engine.routes.url_helpers
+
+  # ## Mock Framework
+  #
+  # If you prefer to use mocha, flexmock or RR, uncomment the appropriate line:
+  #
+  # config.mock_with :mocha
+  # config.mock_with :flexmock
+  # config.mock_with :rr
+
+  # Remove this line if you're not using ActiveRecord or ActiveRecord fixtures
+  # config.fixture_path = "#{::Rails.root}/spec/fixtures"
+
+  # If you're not using ActiveRecord, or you'd prefer not to run each of your
+  # examples within a transaction, remove the following line or assign false
+  # instead of true.
   config.use_transactional_fixtures = true
+
+  # If true, the base class of anonymous controllers will be inferred
+  # automatically. This will be the default behavior in future versions of
+  # rspec-rails.
   config.infer_base_class_for_anonymous_controllers = false
+
+  # Run specs in random order to surface order dependencies. If you find an
+  # order dependency and want to debug it, you can fix the order by providing
+  # the seed, which is printed after each run.
+  #     --seed 1234
   config.order = "random"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: csp_report
 version: !ruby/object:Gem::Version
-  version: 0.1.2
+  version: 0.2.0
 platform: ruby
 authors:
 - Gregory Bataille
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2013-07-01 00:00:00.000000000 Z
+date: 2013-07-15 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -122,6 +122,20 @@ dependencies:
     - - ~>
       - !ruby/object:Gem::Version
         version: '0.4'
+- !ruby/object:Gem::Dependency
+  name: genspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.2.8
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.2.8
 description: Provide reporting and analysis of your site CSP violations
 email:
 - gbataille.dev@gmail.com
@@ -140,12 +154,12 @@ files:
 - app/views/layouts/csp_report/application.html.erb
 - config/routes.rb
 - db/migrate/20130630091108_create_csp_report_csp_reports.rb
+- db/migrate/20130712162922_add_incoming_ip_to_csp_report_csp_reports.rb
 - lib/csp_report/engine.rb
 - lib/csp_report/version.rb
 - lib/csp_report.rb
+- lib/generators/csp_report/csp_declaration_generator.rb
 - lib/generators/csp_report/install_generator.rb
-- lib/tasks/csp_report_tasks.rake
-- lib/tasks/install.thor
 - MIT-LICENSE
 - Rakefile
 - README.md
@@ -186,7 +200,18 @@ files:
 - spec/dummy/public/favicon.ico
 - spec/dummy/Rakefile
 - spec/dummy/README.rdoc
+- spec/dummy/tmp/cache/assets/test/sass/745019acb880ec9412f97713489f02ba42209a06/csp_report.css.sassc
+- spec/dummy/tmp/cache/assets/test/sprockets/13fe41fee1fe35b49d145bcc06610705
+- spec/dummy/tmp/cache/assets/test/sprockets/2f5173deea6c795b8fdde723bb4b63af
+- spec/dummy/tmp/cache/assets/test/sprockets/357970feca3ac29060c1e3861e2c0953
+- spec/dummy/tmp/cache/assets/test/sprockets/4949b199f7a3f61704ee406dfc99e38c
+- spec/dummy/tmp/cache/assets/test/sprockets/9b94cd42c6d3c0778772d609a4d7006d
+- spec/dummy/tmp/cache/assets/test/sprockets/cffd775d018f68ce5dba1ee0d951a994
+- spec/dummy/tmp/cache/assets/test/sprockets/d771ace226fc8215a3572e0aa35bb0d6
+- spec/dummy/tmp/cache/assets/test/sprockets/dc4c1ce2dc434402713320ef23981262
+- spec/dummy/tmp/cache/assets/test/sprockets/f7cbd26ba1d28d48de824f0e94586655
 - spec/factories/csp_report_csp_reports.rb
+- spec/features/csp_report/csp_reports_index_spec.rb
 - spec/generators/csp_report/install_generators_spec.rb
 - spec/models/csp_report/csp_report_spec.rb
 - spec/spec_helper.rb
@@ -194,7 +219,11 @@ homepage: http://www.github.com/gbataille/csp_report
 licenses:
 - MIT
 metadata: {}
-post_install_message: 
+post_install_message: |
+  The model changed in v0.2.0. Make sure to run both
+  rake csp_report:install:migrations
+  rake db:migrate
+  after upgrading
 rdoc_options: []
 require_paths:
 - lib
@@ -252,7 +281,18 @@ test_files:
 - spec/dummy/public/favicon.ico
 - spec/dummy/Rakefile
 - spec/dummy/README.rdoc
+- spec/dummy/tmp/cache/assets/test/sass/745019acb880ec9412f97713489f02ba42209a06/csp_report.css.sassc
+- spec/dummy/tmp/cache/assets/test/sprockets/13fe41fee1fe35b49d145bcc06610705
+- spec/dummy/tmp/cache/assets/test/sprockets/2f5173deea6c795b8fdde723bb4b63af
+- spec/dummy/tmp/cache/assets/test/sprockets/357970feca3ac29060c1e3861e2c0953
+- spec/dummy/tmp/cache/assets/test/sprockets/4949b199f7a3f61704ee406dfc99e38c
+- spec/dummy/tmp/cache/assets/test/sprockets/9b94cd42c6d3c0778772d609a4d7006d
+- spec/dummy/tmp/cache/assets/test/sprockets/cffd775d018f68ce5dba1ee0d951a994
+- spec/dummy/tmp/cache/assets/test/sprockets/d771ace226fc8215a3572e0aa35bb0d6
+- spec/dummy/tmp/cache/assets/test/sprockets/dc4c1ce2dc434402713320ef23981262
+- spec/dummy/tmp/cache/assets/test/sprockets/f7cbd26ba1d28d48de824f0e94586655
 - spec/factories/csp_report_csp_reports.rb
+- spec/features/csp_report/csp_reports_index_spec.rb
 - spec/generators/csp_report/install_generators_spec.rb
 - spec/models/csp_report/csp_report_spec.rb
 - spec/spec_helper.rb