edgar-rack 1.2.1

data/test/spec_server.rb

@@ -0,0 +1,8 @@
+require 'rack/server'
+
+describe Rack::Server do
+  it "overrides :config if :app is passed in" do
+    server = Rack::Server.new(:app => "FOO")
+    server.app.should == "FOO"
+  end
+end

data/test/spec_session_abstract_id.rb

@@ -0,0 +1,43 @@
+### WARNING: there be hax in this file.
+
+require 'rack/session/abstract/id'
+
+describe Rack::Session::Abstract::ID do
+  id = Rack::Session::Abstract::ID
+
+  def silence_warning
+    o, $VERBOSE = $VERBOSE, nil
+    yield
+  ensure
+    $VERBOSE = o
+  end
+
+  def reload_id
+    $".delete $".find { |part| part =~ %r{session/abstract/id.rb} }
+    silence_warning { require 'rack/session/abstract/id' }
+  end
+
+  should "use securerandom when available" do
+    begin
+      fake = false
+      silence_warning do
+        ::SecureRandom = fake = true unless defined?(SecureRandom)
+      end
+      reload_id
+      id::DEFAULT_OPTIONS[:secure_random].should.eql(fake || SecureRandom)
+    ensure
+      Object.send(:remove_const, :SecureRandom) if fake
+    end
+  end
+
+  should "not use securerandom when unavailable" do
+    begin
+      sr = Object.send(:remove_const, :SecureRandom) if defined?(SecureRandom)
+      reload_id
+      id::DEFAULT_OPTIONS[:secure_random].should.eql false
+    ensure
+      ::SecureRandom = sr if defined?(sr)
+    end
+  end
+
+end

data/test/spec_session_cookie.rb

@@ -0,0 +1,171 @@
+require 'rack/session/cookie'
+require 'rack/mock'
+
+describe Rack::Session::Cookie do
+  incrementor = lambda do |env|
+    env["rack.session"]["counter"] ||= 0
+    env["rack.session"]["counter"] += 1
+    hash = env["rack.session"].dup
+    hash.delete("session_id")
+    Rack::Response.new(hash.inspect).to_a
+  end
+
+  session_id = lambda do |env|
+    Rack::Response.new(env["rack.session"].inspect).to_a
+  end
+
+  nothing = lambda do |env|
+    Rack::Response.new("Nothing").to_a
+  end
+
+  describe 'Base64' do
+    it 'uses base64 to encode' do
+      coder = Rack::Session::Cookie::Base64.new
+      str   = 'fuuuuu'
+      coder.encode(str).should.equal [str].pack('m')
+    end
+
+    it 'uses base64 to decode' do
+      coder = Rack::Session::Cookie::Base64.new
+      str   = ['fuuuuu'].pack('m')
+      coder.decode(str).should.equal str.unpack('m').first
+    end
+
+    describe 'Marshal' do
+      it 'marshals and base64 encodes' do
+        coder = Rack::Session::Cookie::Base64::Marshal.new
+        str   = 'fuuuuu'
+        coder.encode(str).should.equal [::Marshal.dump(str)].pack('m')
+      end
+
+      it 'marshals and base64 decodes' do
+        coder = Rack::Session::Cookie::Base64::Marshal.new
+        str   = [::Marshal.dump('fuuuuu')].pack('m')
+        coder.decode(str).should.equal ::Marshal.load(str.unpack('m').first)
+      end
+
+      it 'rescues failures on decode' do
+        coder = Rack::Session::Cookie::Base64::Marshal.new
+        coder.decode('lulz').should.equal nil
+      end
+    end
+  end
+
+  it 'uses a coder' do
+    identity = Class.new {
+      attr_reader :calls
+
+      def initialize
+        @calls = []
+      end
+
+      def encode(str); @calls << :encode; str; end
+      def decode(str); @calls << :decode; str; end
+    }.new
+    cookie = Rack::Session::Cookie.new(incrementor, :coder => identity)
+    res = Rack::MockRequest.new(cookie).get("/")
+    res["Set-Cookie"].should.include("rack.session=")
+    res.body.should.equal '{"counter"=>1}'
+    identity.calls.should.equal [:decode, :encode]
+  end
+
+  it "creates a new cookie" do
+    res = Rack::MockRequest.new(Rack::Session::Cookie.new(incrementor)).get("/")
+    res["Set-Cookie"].should.include("rack.session=")
+    res.body.should.equal '{"counter"=>1}'
+  end
+
+  it "loads from a cookie" do
+    res = Rack::MockRequest.new(Rack::Session::Cookie.new(incrementor)).get("/")
+    cookie = res["Set-Cookie"]
+    res = Rack::MockRequest.new(Rack::Session::Cookie.new(incrementor)).
+      get("/", "HTTP_COOKIE" => cookie)
+    res.body.should.equal '{"counter"=>2}'
+    cookie = res["Set-Cookie"]
+    res = Rack::MockRequest.new(Rack::Session::Cookie.new(incrementor)).
+      get("/", "HTTP_COOKIE" => cookie)
+    res.body.should.equal '{"counter"=>3}'
+  end
+
+  it "survives broken cookies" do
+    res = Rack::MockRequest.new(Rack::Session::Cookie.new(incrementor)).
+      get("/", "HTTP_COOKIE" => "rack.session=blarghfasel")
+    res.body.should.equal '{"counter"=>1}'
+  end
+
+  bigcookie = lambda do |env|
+    env["rack.session"]["cookie"] = "big" * 3000
+    Rack::Response.new(env["rack.session"].inspect).to_a
+  end
+
+  it "barks on too big cookies" do
+    lambda{
+      Rack::MockRequest.new(Rack::Session::Cookie.new(bigcookie)).
+        get("/", :fatal => true)
+    }.should.raise(Rack::MockRequest::FatalWarning)
+  end
+
+  it "loads from a cookie wih integrity hash" do
+    res = Rack::MockRequest.new(Rack::Session::Cookie.new(incrementor, :secret => 'test')).get("/")
+    cookie = res["Set-Cookie"]
+    res = Rack::MockRequest.new(Rack::Session::Cookie.new(incrementor, :secret => 'test')).
+      get("/", "HTTP_COOKIE" => cookie)
+    res.body.should.equal '{"counter"=>2}'
+    cookie = res["Set-Cookie"]
+    res = Rack::MockRequest.new(Rack::Session::Cookie.new(incrementor, :secret => 'test')).
+      get("/", "HTTP_COOKIE" => cookie)
+    res.body.should.equal '{"counter"=>3}'
+  end
+
+  it "ignores tampered with session cookies" do
+    app = Rack::Session::Cookie.new(incrementor, :secret => 'test')
+    response1 = Rack::MockRequest.new(app).get("/")
+    response1.body.should.equal '{"counter"=>1}'
+
+    _, digest = response1["Set-Cookie"].split("--")
+    tampered_with_cookie = "hackerman-was-here" + "--" + digest
+    response2 = Rack::MockRequest.new(app).get("/", "HTTP_COOKIE" =>
+                                               tampered_with_cookie)
+
+    # Tampared cookie was ignored. Counter is back to 1.
+    response2.body.should.equal '{"counter"=>1}'
+  end
+
+  it "returns the session id in the session hash" do
+    app = Rack::Session::Cookie.new(incrementor)
+    res = Rack::MockRequest.new(app).get("/")
+    res.body.should.equal '{"counter"=>1}'
+
+    app = Rack::Session::Cookie.new(session_id)
+    res = Rack::MockRequest.new(app).get("/", "HTTP_COOKIE" => res["Set-Cookie"])
+    res.body.should.match(/"session_id"=>/)
+    res.body.should.match(/"counter"=>1/)
+  end
+
+  it "does not return a cookie if set to secure but not using ssl" do
+    app = Rack::Session::Cookie.new(incrementor, :secure => true)
+    res = Rack::MockRequest.new(app).get("/")
+    res["Set-Cookie"].should.be.nil
+
+    res = Rack::MockRequest.new(app).get("/", "HTTPS" => "on")
+    res["Set-Cookie"].should.not.be.nil
+  end
+
+  it "does not return a cookie if cookie was not read/written" do
+    app = Rack::Session::Cookie.new(nothing)
+    res = Rack::MockRequest.new(app).get("/")
+    res["Set-Cookie"].should.be.nil
+  end
+
+  it "does not return a cookie if cookie was not written (only read)" do
+    app = Rack::Session::Cookie.new(session_id)
+    res = Rack::MockRequest.new(app).get("/")
+    res["Set-Cookie"].should.be.nil
+  end
+
+  it "returns even if not read/written if :expire_after is set" do
+    app = Rack::Session::Cookie.new(nothing, :expire_after => 3600)
+    res = Rack::MockRequest.new(app).get("/")
+    res["Set-Cookie"].should.not.be.nil
+  end
+end

data/test/spec_session_memcache.rb

@@ -0,0 +1,289 @@
+begin
+  require 'rack/session/memcache'
+  require 'rack/mock'
+  require 'thread'
+
+  describe Rack::Session::Memcache do
+    session_key = Rack::Session::Memcache::DEFAULT_OPTIONS[:key]
+    session_match = /#{session_key}=([0-9a-fA-F]+);/
+    incrementor = lambda do |env|
+      env["rack.session"]["counter"] ||= 0
+      env["rack.session"]["counter"] += 1
+      Rack::Response.new(env["rack.session"].inspect).to_a
+    end
+    drop_session = proc do |env|
+      env['rack.session.options'][:drop] = true
+      incrementor.call(env)
+    end
+    renew_session = proc do |env|
+      env['rack.session.options'][:renew] = true
+      incrementor.call(env)
+    end
+    defer_session = proc do |env|
+      env['rack.session.options'][:defer] = true
+      incrementor.call(env)
+    end
+
+    # test memcache connection
+    Rack::Session::Memcache.new(incrementor)
+
+    it "faults on no connection" do
+      lambda{
+        Rack::Session::Memcache.new(incrementor, :memcache_server => 'nosuchserver')
+      }.should.raise
+    end
+
+    it "connects to existing server" do
+      test_pool = MemCache.new(incrementor, :namespace => 'test:rack:session')
+      test_pool.namespace.should.equal 'test:rack:session'
+    end
+
+    it "passes options to MemCache" do
+      pool = Rack::Session::Memcache.new(incrementor, :namespace => 'test:rack:session')
+      pool.pool.namespace.should.equal 'test:rack:session'
+    end
+
+    it "creates a new cookie" do
+      pool = Rack::Session::Memcache.new(incrementor)
+      res = Rack::MockRequest.new(pool).get("/")
+      res["Set-Cookie"].should.include("#{session_key}=")
+      res.body.should.equal '{"counter"=>1}'
+    end
+
+    it "determines session from a cookie" do
+      pool = Rack::Session::Memcache.new(incrementor)
+      req = Rack::MockRequest.new(pool)
+      res = req.get("/")
+      cookie = res["Set-Cookie"]
+      req.get("/", "HTTP_COOKIE" => cookie).
+        body.should.equal '{"counter"=>2}'
+      req.get("/", "HTTP_COOKIE" => cookie).
+        body.should.equal '{"counter"=>3}'
+    end
+
+    it "determines session only from a cookie by default" do
+      pool = Rack::Session::Memcache.new(incrementor)
+      req = Rack::MockRequest.new(pool)
+      res = req.get("/")
+      sid = res["Set-Cookie"][session_match, 1]
+      req.get("/?rack.session=#{sid}").
+        body.should.equal '{"counter"=>1}'
+      req.get("/?rack.session=#{sid}").
+        body.should.equal '{"counter"=>1}'
+    end
+
+    it "determines session from params" do
+      pool = Rack::Session::Memcache.new(incrementor, :cookie_only => false)
+      req = Rack::MockRequest.new(pool)
+      res = req.get("/")
+      sid = res["Set-Cookie"][session_match, 1]
+      req.get("/?rack.session=#{sid}").
+        body.should.equal '{"counter"=>2}'
+      req.get("/?rack.session=#{sid}").
+        body.should.equal '{"counter"=>3}'
+    end
+
+    it "survives nonexistant cookies" do
+      bad_cookie = "rack.session=blarghfasel"
+      pool = Rack::Session::Memcache.new(incrementor)
+      res = Rack::MockRequest.new(pool).
+        get("/", "HTTP_COOKIE" => bad_cookie)
+      res.body.should.equal '{"counter"=>1}'
+      cookie = res["Set-Cookie"][session_match]
+      cookie.should.not.match(/#{bad_cookie}/)
+    end
+
+    it "maintains freshness" do
+      pool = Rack::Session::Memcache.new(incrementor, :expire_after => 3)
+      res = Rack::MockRequest.new(pool).get('/')
+      res.body.should.include '"counter"=>1'
+      cookie = res["Set-Cookie"]
+      res = Rack::MockRequest.new(pool).get('/', "HTTP_COOKIE" => cookie)
+      res["Set-Cookie"].should.equal cookie
+      res.body.should.include '"counter"=>2'
+      puts 'Sleeping to expire session' if $DEBUG
+      sleep 4
+      res = Rack::MockRequest.new(pool).get('/', "HTTP_COOKIE" => cookie)
+      res["Set-Cookie"].should.not.equal cookie
+      res.body.should.include '"counter"=>1'
+    end
+
+    it "does not send the same session id if it did not change" do
+      pool = Rack::Session::Memcache.new(incrementor)
+      req = Rack::MockRequest.new(pool)
+
+      res0 = req.get("/")
+      cookie = res0["Set-Cookie"][session_match]
+      res0.body.should.equal '{"counter"=>1}'
+
+      res1 = req.get("/", "HTTP_COOKIE" => cookie)
+      res1["Set-Cookie"].should.be.nil
+      res1.body.should.equal '{"counter"=>2}'
+
+      res2 = req.get("/", "HTTP_COOKIE" => cookie)
+      res2["Set-Cookie"].should.be.nil
+      res2.body.should.equal '{"counter"=>3}'
+    end
+
+    it "deletes cookies with :drop option" do
+      pool = Rack::Session::Memcache.new(incrementor)
+      req = Rack::MockRequest.new(pool)
+      drop = Rack::Utils::Context.new(pool, drop_session)
+      dreq = Rack::MockRequest.new(drop)
+
+      res1 = req.get("/")
+      session = (cookie = res1["Set-Cookie"])[session_match]
+      res1.body.should.equal '{"counter"=>1}'
+
+      res2 = dreq.get("/", "HTTP_COOKIE" => cookie)
+      res2["Set-Cookie"].should.equal nil
+      res2.body.should.equal '{"counter"=>2}'
+
+      res3 = req.get("/", "HTTP_COOKIE" => cookie)
+      res3["Set-Cookie"][session_match].should.not.equal session
+      res3.body.should.equal '{"counter"=>1}'
+    end
+
+    it "provides new session id with :renew option" do
+      pool = Rack::Session::Memcache.new(incrementor)
+      req = Rack::MockRequest.new(pool)
+      renew = Rack::Utils::Context.new(pool, renew_session)
+      rreq = Rack::MockRequest.new(renew)
+
+      res1 = req.get("/")
+      session = (cookie = res1["Set-Cookie"])[session_match]
+      res1.body.should.equal '{"counter"=>1}'
+
+      res2 = rreq.get("/", "HTTP_COOKIE" => cookie)
+      new_cookie = res2["Set-Cookie"]
+      new_session = new_cookie[session_match]
+      new_session.should.not.equal session
+      res2.body.should.equal '{"counter"=>2}'
+
+      res3 = req.get("/", "HTTP_COOKIE" => new_cookie)
+      res3.body.should.equal '{"counter"=>3}'
+
+      # Old cookie was deleted
+      res4 = req.get("/", "HTTP_COOKIE" => cookie)
+      res4.body.should.equal '{"counter"=>1}'
+    end
+
+    it "omits cookie with :defer option" do
+      pool = Rack::Session::Memcache.new(incrementor)
+      defer = Rack::Utils::Context.new(pool, defer_session)
+      dreq = Rack::MockRequest.new(defer)
+
+      res0 = dreq.get("/")
+      res0["Set-Cookie"].should.equal nil
+      res0.body.should.equal '{"counter"=>1}'
+    end
+
+    it "updates deep hashes correctly" do
+      hash_check = proc do |env|
+        session = env['rack.session']
+        unless session.include? 'test'
+          session.update :a => :b, :c => { :d => :e },
+            :f => { :g => { :h => :i} }, 'test' => true
+        else
+          session[:f][:g][:h] = :j
+        end
+        [200, {}, [session.inspect]]
+      end
+      pool = Rack::Session::Memcache.new(hash_check)
+      req = Rack::MockRequest.new(pool)
+
+      res0 = req.get("/")
+      session_id = (cookie = res0["Set-Cookie"])[session_match, 1]
+      ses0 = pool.pool.get(session_id, true)
+
+      req.get("/", "HTTP_COOKIE" => cookie)
+      ses1 = pool.pool.get(session_id, true)
+
+      ses1.should.not.equal ses0
+    end
+
+    # anyone know how to do this better?
+    it "cleanly merges sessions when multithreaded" do
+      unless $DEBUG
+        1.should.equal 1 # fake assertion to appease the mighty bacon
+        next
+      end
+      warn 'Running multithread test for Session::Memcache'
+      pool = Rack::Session::Memcache.new(incrementor)
+      req = Rack::MockRequest.new(pool)
+
+      res = req.get('/')
+      res.body.should.equal '{"counter"=>1}'
+      cookie = res["Set-Cookie"]
+      session_id = cookie[session_match, 1]
+
+      delta_incrementor = lambda do |env|
+        # emulate disconjoinment of threading
+        env['rack.session'] = env['rack.session'].dup
+        Thread.stop
+        env['rack.session'][(Time.now.usec*rand).to_i] = true
+        incrementor.call(env)
+      end
+      tses = Rack::Utils::Context.new pool, delta_incrementor
+      treq = Rack::MockRequest.new(tses)
+      tnum = rand(7).to_i+5
+      r = Array.new(tnum) do
+        Thread.new(treq) do |run|
+          run.get('/', "HTTP_COOKIE" => cookie, 'rack.multithread' => true)
+        end
+      end.reverse.map{|t| t.run.join.value }
+      r.each do |request|
+        request['Set-Cookie'].should.equal cookie
+        request.body.should.include '"counter"=>2'
+      end
+
+      session = pool.pool.get(session_id)
+      session.size.should.equal tnum+1 # counter
+      session['counter'].should.equal 2 # meeeh
+
+      tnum = rand(7).to_i+5
+      r = Array.new(tnum) do |i|
+        app = Rack::Utils::Context.new pool, time_delta
+        req = Rack::MockRequest.new app
+        Thread.new(req) do |run|
+          run.get('/', "HTTP_COOKIE" => cookie, 'rack.multithread' => true)
+        end
+      end.reverse.map{|t| t.run.join.value }
+      r.each do |request|
+        request['Set-Cookie'].should.equal cookie
+        request.body.should.include '"counter"=>3'
+      end
+
+      session = pool.pool.get(session_id)
+      session.size.should.be tnum+1
+      session['counter'].should.be 3
+
+      drop_counter = proc do |env|
+        env['rack.session'].delete 'counter'
+        env['rack.session']['foo'] = 'bar'
+        [200, {'Content-Type'=>'text/plain'}, env['rack.session'].inspect]
+      end
+      tses = Rack::Utils::Context.new pool, drop_counter
+      treq = Rack::MockRequest.new(tses)
+      tnum = rand(7).to_i+5
+      r = Array.new(tnum) do
+        Thread.new(treq) do |run|
+          run.get('/', "HTTP_COOKIE" => cookie, 'rack.multithread' => true)
+        end
+      end.reverse.map{|t| t.run.join.value }
+      r.each do |request|
+        request['Set-Cookie'].should.equal cookie
+        request.body.should.include '"foo"=>"bar"'
+      end
+
+      session = pool.pool.get(session_id)
+      session.size.should.be r.size+1
+      session['counter'].should.be.nil?
+      session['foo'].should.equal 'bar'
+    end
+  end
+rescue RuntimeError
+  $stderr.puts "Skipping Rack::Session::Memcache tests. Start memcached and try again."
+rescue LoadError
+  $stderr.puts "Skipping Rack::Session::Memcache tests (Memcache is required). `gem install memcache-client` and try again."
+end