drillbit 0.0.1

data/spec/drillbit/authorizers/parameters/resource_spec.rb

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+require 'rspeckled'
+require 'drillbit/authorizers/parameters/resource'
+
+module          Drillbit
+module          Authorizers
+class           Parameters
+RSpec.describe  Resource do
+end
+end
+end
+end

data/spec/drillbit/authorizers/parameters_spec.rb

@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+require 'rspeckled'
+require 'drillbit/authorizers/parameters'
+
+module          Drillbit
+module          Authorizers
+RSpec.describe  Parameters do
+  it 'defaults to nothing' do
+    parameters = Parameters.new(token:  '123',
+                                user:   'my_user',
+                                params: { foo: 'bar' })
+
+    expect(parameters.call).to eql(foo: 'bar')
+  end
+end
+end
+end

data/spec/drillbit/authorizers/query_spec.rb

@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+require 'rspeckled'
+require 'drillbit/authorizers/query'
+
+module          Drillbit
+module          Authorizers
+RSpec.describe  Query do
+  it 'does not authorize the resource by default' do
+    authorizer = Query.new(token:    '123',
+                           user:     'my_user',
+                           resource: 'my_resource')
+
+    expect(authorizer).to     be_able_to_index
+    expect(authorizer).not_to be_able_to_show
+    expect(authorizer).not_to be_able_to_create
+    expect(authorizer).not_to be_able_to_update
+    expect(authorizer).not_to be_able_to_destroy
+  end
+end
+end
+end

data/spec/drillbit/authorizers/scope_spec.rb

@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+require 'rspeckled'
+require 'ostruct'
+require 'drillbit/authorizers/scope'
+
+module          Drillbit
+module          Authorizers
+RSpec.describe  Scope do
+  it 'defaults to nothing' do
+    scope = Scope.new(token:          '123',
+                      user:           'my_user',
+                      scoped_user_id: '456',
+                      params:         {},
+                      scope_root:     OpenStruct.new(none: []))
+
+    expect(scope.call).to be_empty
+  end
+end
+end
+end

data/spec/drillbit/errors/invalid_api_request_spec.rb

@@ -0,0 +1,31 @@
+# frozen_string_literal: true
+require 'spec_helper'
+require 'drillbit/errors/invalid_api_request'
+
+module          Drillbit
+module          Errors
+RSpec.describe  InvalidApiRequest do
+  let(:error) { InvalidApiRequest.new }
+
+  it 'has a status of 400' do
+    expect(error.http_status).to eql 400
+  end
+
+  it 'has a code' do
+    expect(error.code).to eql 'errors.invalid_api_request'
+  end
+
+  it 'can output the detail' do
+    expect(error.detail).to eql 'The accept header that you passed in the ' \
+                                'request cannot be parsed, please refer to ' \
+                                'the documentation to verify.'
+  end
+
+  it 'can output the source' do
+    error = InvalidApiRequest.new accept_header: 'foo'
+
+    expect(error.source).to eql(accept_header: 'foo')
+  end
+end
+end
+end

data/spec/drillbit/errors/invalid_subdomain_spec.rb

@@ -0,0 +1,31 @@
+# frozen_string_literal: true
+require 'spec_helper'
+require 'drillbit/errors/invalid_subdomain'
+
+module          Drillbit
+module          Errors
+RSpec.describe  InvalidSubdomain do
+  let(:error) { InvalidSubdomain.new }
+
+  it 'has a status of 404' do
+    expect(error.http_status).to eql 404
+  end
+
+  it 'has a code' do
+    expect(error.code).to eql 'errors.invalid_subdomain'
+  end
+
+  it 'can output the detail' do
+    expect(error.detail).to eql \
+      'The resource you attempted to access is either not authorized for the ' \
+      'authenticated user or does not exist.'
+  end
+
+  it 'can output the source' do
+    error = InvalidSubdomain.new http_host: 'foo'
+
+    expect(error.source).to eql(http_host: 'foo')
+  end
+end
+end
+end

data/spec/drillbit/errors/invalid_token_spec.rb

@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+require 'spec_helper'
+require 'drillbit/errors/invalid_token'
+
+module          Drillbit
+module          Errors
+RSpec.describe  InvalidToken do
+  let(:error) { InvalidToken.new }
+
+  it 'has a status of 401' do
+    expect(error.http_status).to eql 401
+  end
+
+  it 'has a code' do
+    expect(error.code).to eql 'errors.invalid_token'
+  end
+
+  it 'can output the detail' do
+    expect(error.detail).to eql \
+      'Either the token you passed is invalid or is not allowed to perform this action.'
+  end
+end
+end
+end

data/spec/drillbit/invalid_subdomain_spec.rb

@@ -0,0 +1,46 @@
+# frozen_string_literal: true
+require 'spec_helper'
+require 'drillbit/responses/invalid_subdomain'
+
+# rubocop:disable Metrics/LineLength
+module          Drillbit
+module          Responses
+RSpec.describe  InvalidSubdomain, singletons: Erratum::Configuration do
+  it 'returns the proper response' do
+    Erratum.configuration.url_mappings = {
+      'external_documentation_urls'  => {
+        'errors.responses.invalid_subdomain' => 'http://example.com/foo',
+      },
+      'developer_documentation_urls' => {
+        'errors.responses.invalid_subdomain' => 'http://example.com/foo',
+      },
+    }
+
+    request                   = { 'HTTP_HOST' => 'api.example.com' }
+    status, headers, response = InvalidSubdomain.call(request)
+
+    expect(status).to                 eql 404
+    expect(headers).to                eql({})
+    expect(JSON.load(response[0])).to include(
+      'errors' => [
+                    include(
+                      'id'     => match(/[a-f0-9\-]+/),
+                      'links'  => {
+                        'about'         => nil,
+                        'documentation' => nil,
+                      },
+                      'status' => 404,
+                      'code'   => 'errors.invalid_subdomain',
+                      'title'  => 'Invalid Subdomain',
+                      'detail' => 'The resource you attempted to access is either not authorized ' \
+                                  'for the authenticated user or does not exist.',
+                      'source' => {
+                        'http_host' => 'api.example.com',
+                      },
+                    ),
+                  ],
+    )
+  end
+end
+end
+end

data/spec/drillbit/invalid_token_spec.rb

@@ -0,0 +1,44 @@
+# frozen_string_literal: true
+require 'spec_helper'
+require 'drillbit/responses/invalid_token'
+
+# rubocop:disable Metrics/LineLength
+module          Drillbit
+module          Responses
+RSpec.describe  InvalidToken, singletons: Erratum::Configuration do
+  it 'returns the proper response' do
+    Erratum.configuration.url_mappings = {
+      'external_documentation_urls'  => {
+        'errors.responses.invalid_token' => 'http://example.com/foo',
+      },
+      'developer_documentation_urls' => {
+        'errors.responses.invalid_token' => 'http://example.com/foo',
+      },
+    }
+
+    request                   = { 'HTTP_HOST' => 'api.example.com' }
+    status, headers, response = InvalidToken.call(request, application_name: 'my_app')
+
+    expect(status).to                 eql 401
+    expect(headers).to                eql('WWW-Authenticate' => 'Token realm="my_app"')
+    expect(JSON.load(response[0])).to include(
+      'errors' => [
+                    include(
+                      'id'     => match(/[a-f0-9\-]+/),
+                      'links'  => {
+                        'about'         => nil,
+                        'documentation' => nil,
+                      },
+                      'status' => 401,
+                      'code'   => 'errors.invalid_token',
+                      'title'  => 'Invalid or Unauthorized Token',
+                      'detail' => 'Either the token you passed is invalid or is not allowed to ' \
+                                  'perform this action.',
+                      'source' => {},
+                    ),
+                  ],
+    )
+  end
+end
+end
+end

data/spec/drillbit/matchers/accept_header_spec.rb

@@ -0,0 +1,114 @@
+# frozen_string_literal: true
+require 'spec_helper'
+require 'drillbit/requests/base'
+require 'drillbit/matchers/accept_header'
+
+# rubocop:disable Metrics/LineLength
+module          Drillbit
+module          Matchers
+RSpec.describe  AcceptHeader do
+  it 'matches if the subdomain is API and the accept header is valid' do
+    env = {
+      'HTTP_ACCEPT'             => 'application/vnd.westeros+redkeep;version=1.0.0',
+      'HTTP_X_APPLICATION_NAME' => 'westeros',
+    }
+    request = Requests::Base.resolve(env)
+
+    matcher = AcceptHeader.new
+
+    expect(matcher.matches?(request)).to be_a TrueClass
+  end
+
+  it 'matches if the subdomain is API and the accept header is passed in as ' \
+     'a parameter' do
+
+    env = {
+      'QUERY_STRING'            => 'accept=application/vnd.westeros+redkeep;version=1.0.0',
+      'HTTP_X_APPLICATION_NAME' => 'westeros',
+    }
+    request = Requests::Base.resolve(env)
+
+    matcher = AcceptHeader.new
+
+    expect(matcher.matches?(request)).to be_a TrueClass
+  end
+
+  it 'matches if the subdomain is API and the accept header is passed in as a ' \
+     'secondary parameter' do
+
+    env = {
+      'QUERY_STRING'            => 'first=my_param&accept=application/vnd.westeros+redkeep;' \
+                                   'version=1.0.0',
+      'HTTP_X_APPLICATION_NAME' => 'westeros',
+    }
+    request = Requests::Base.resolve(env)
+
+    matcher = AcceptHeader.new
+
+    expect(matcher.matches?(request)).to be_a TrueClass
+  end
+
+  it 'matches the header accept header if the subdomain is API and the accept header ' \
+     'is passed both as a valid header and as a parameter' do
+
+    env = {
+      'HTTP_ACCEPT'             => 'application/vnd.westeros+redkeep;version=1.0.0',
+      'QUERY_STRING'            => 'accept=application/vnd.westeros+redkeep;version=2.0.0',
+      'HTTP_X_APPLICATION_NAME' => 'westeros',
+    }
+    request = Requests::Base.resolve(env)
+
+    matcher = AcceptHeader.new
+    matcher.matches?(request)
+
+    expect(matcher.accept_header.version).to eql '1.0.0'
+  end
+
+  it 'matches the accept header parameter if the subdomain is API and the accept ' \
+     'header is passed both as an invalid header as well as as a parameter' do
+
+    env = {
+      'HTTP_ACCEPT'             => 'application/vndwesteros+redkeep;version=1.0.0',
+      'QUERY_STRING'            => 'accept=application/vnd.westeros+redkeep;version=2.0.0',
+      'HTTP_X_APPLICATION_NAME' => 'westeros',
+    }
+    request = Requests::Base.resolve(env)
+
+    matcher = AcceptHeader.new
+    matcher.matches?(request)
+
+    expect(matcher.accept_header.version).to eql '2.0.0'
+  end
+
+  it 'matches the accept header parameter if the subdomain is API and the accept ' \
+     'header is passed both as an invalid header as well as as a parameter' do
+
+    env = {
+      'HTTP_ACCEPT'             => 'application/vndwesteros+redkeep;version=1.0.0',
+      'QUERY_STRING'            => '',
+      'HTTP_X_APPLICATION_NAME' => 'westeros',
+    }
+    request = Requests::Base.resolve(env)
+
+    matcher = AcceptHeader.new
+    matcher.matches?(request)
+
+    expect(matcher.accept_header.raw_accept_header).to eql \
+      'application/vndwesteros+redkeep;version=1.0.0'
+  end
+
+  it 'does not match if the subdomain is API but the accept header is invalid' do
+    env = {
+      'HTTP_ACCEPT'             => 'application/vndwesteros+redkeep;version=1.0.0',
+      'QUERY_STRING'            => '',
+      'HTTP_X_APPLICATION_NAME' => 'westeros',
+    }
+    request = Requests::Base.resolve(env)
+
+    matcher = AcceptHeader.new
+
+    expect(matcher.matches?(request)).to be_a FalseClass
+  end
+end
+end
+end

data/spec/drillbit/matchers/subdomain_spec.rb

@@ -0,0 +1,78 @@
+# frozen_string_literal: true
+require 'spec_helper'
+require 'drillbit/requests/base'
+require 'drillbit/matchers/subdomain'
+require 'drillbit/configuration'
+
+module          Drillbit
+module          Matchers
+RSpec.describe  Subdomain do
+  before(:each) do
+    Drillbit.configuration.allowed_subdomains     = %w{api}
+    Drillbit.configuration.allowed_api_subdomains = %w{api}
+  end
+
+  it 'matches if the subdomain is API' do
+    env     = { 'HTTP_HOST' => 'api.example.com' }
+    request = Requests::Base.resolve(env)
+    matcher = Subdomain.new
+
+    expect(matcher.matches?(request)).to be_a TrueClass
+  end
+
+  it 'matches if the first subdomain is API' do
+    env     = { 'HTTP_HOST' => 'api.westeros.example.com' }
+    request = Requests::Base.resolve(env)
+    matcher = Subdomain.new
+
+    expect(matcher.matches?(request)).to be_a TrueClass
+  end
+
+  it 'does not match if the first subdomain is not API' do
+    env     = { 'HTTP_HOST' => 'westeros.example.com' }
+    request = Requests::Base.resolve(env)
+    matcher = Subdomain.new
+
+    expect(matcher.matches?(request)).to be_a FalseClass
+  end
+
+  it 'allows the matched subdomain to be specified' do
+    env     = { 'HTTP_HOST' => 'westeros.example.com' }
+    request = Requests::Base.resolve(env)
+    matcher = Subdomain.new(allowed_subdomains: 'westeros')
+
+    expect(matcher.matches?(request)).to be_a TrueClass
+  end
+
+  it 'allows more than one subdomain to be matched' do
+    env     = { 'HTTP_HOST' => 'westeros.example.com' }
+    request = Requests::Base.resolve(env)
+    matcher = Subdomain.new(allowed_subdomains: %w{api westeros})
+
+    expect(matcher.matches?(request)).to be_a TrueClass
+
+    env     = { 'HTTP_HOST' => 'api.example.com' }
+    request = Requests::Base.resolve(env)
+    matcher = Subdomain.new(allowed_subdomains: %w{api westeros})
+
+    expect(matcher.matches?(request)).to be_a TrueClass
+  end
+
+  it 'can match only the api subdomain' do
+    env     = { 'HTTP_HOST' => 'westeros.example.com' }
+    request = Requests::Base.resolve(env)
+    matcher = Subdomain.new(allowed_api_subdomains: %w{westeros})
+
+    expect(matcher.matches_api_subdomain?(request)).to be_a TrueClass
+  end
+
+  it 'matches "api" as an api subdomain by default' do
+    env     = { 'HTTP_HOST' => 'api.example.com' }
+    request = Requests::Base.resolve(env)
+    matcher = Subdomain.new
+
+    expect(matcher.matches_api_subdomain?(request)).to be_a TrueClass
+  end
+end
+end
+end