fog-brightbox 1.4.2 → 1.6.0

data/lib/fog/brightbox/requests/compute/list_volumes.rb

@@ -0,0 +1,18 @@
+module Fog
+  module Brightbox
+    class Compute
+      class Real
+        # Lists summary details of volumes available for use by the Account
+        #
+        # @param [Hash] options
+        # @option options [Boolean] :nested passed through with the API request. When true nested resources are expanded.
+        #
+        # @return [Hash] if successful Hash version of JSON object
+        #
+        def list_volumes(options = {})
+          wrapped_request("get", "/1.0/volumes", [200], options)
+        end
+      end
+    end
+  end
+end

data/lib/fog/brightbox/requests/compute/lock_resource_volume.rb

@@ -0,0 +1,18 @@
+module Fog
+  module Brightbox
+    class Compute
+      class Real
+        # @param [String] identifier Unique reference to identify the resource
+        # @param [Hash] options
+        # @option options [Boolean] :nested passed through with the API request. When true nested resources are expanded.
+        #
+        # @return [Hash] if successful Hash version of JSON object
+        #
+        def lock_resource_volume(identifier, options = {})
+          return nil if identifier.nil? || identifier == ""
+          wrapped_request("put", "/1.0/volumes/#{identifier}/lock_resource", [200], options)
+        end
+      end
+    end
+  end
+end

data/lib/fog/brightbox/requests/compute/resize_volume.rb

@@ -0,0 +1,26 @@
+module Fog
+  module Brightbox
+    class Compute
+      class Real
+        # Resize a volume, currently limited to expanding volumes.
+        #
+        # Partitions will need to be expanded within the OS.
+        #
+        # @param [String] identifier Unique reference to identify the resource
+        # @param [Hash] options
+        # @option options [Boolean] :nested passed through with the API request. When true nested resources are expanded.
+        # @option options [Integer] :from The original size (in MiB) to act as a preflight check to prevent duplicate requests
+        # @option options [Integer] :to The new size in MiB to change the volume to
+        #
+        # @return [Hash] if successful Hash version of JSON object
+        # @return [NilClass] if no options were passed
+        #
+        def resize_volume(identifier, options)
+          return nil if identifier.nil? || identifier == ""
+          return nil if options.empty? || options.nil?
+          wrapped_request("post", "/1.0/volumes/#{identifier}/resize", [202], options)
+        end
+      end
+    end
+  end
+end

data/lib/fog/brightbox/requests/compute/unlock_resource_volume.rb

@@ -0,0 +1,18 @@
+module Fog
+  module Brightbox
+    class Compute
+      class Real
+        # @param [String] identifier Unique reference to identify the resource
+        # @param [Hash] options
+        # @option options [Boolean] :nested passed through with the API request. When true nested resources are expanded.
+        #
+        # @return [Hash] if successful Hash version of JSON object
+        #
+        def unlock_resource_volume(identifier, options = {})
+          return nil if identifier.nil? || identifier == ""
+          wrapped_request("put", "/1.0/volumes/#{identifier}/unlock_resource", [200], options)
+        end
+      end
+    end
+  end
+end

data/lib/fog/brightbox/requests/compute/update_volume.rb

@@ -0,0 +1,26 @@
+module Fog
+  module Brightbox
+    class Compute
+      class Real
+        # Update some volume attributes.
+        #
+        # @param [String] identifier Unique reference to identify the resource
+        # @param [Hash] options
+        # @option options [Boolean] :nested passed through with the API request. When true nested resources are expanded.
+        # @option options [Boolean] :delete_with_server Set +true+ the volume will be removed if attached to a server that is deleted
+        # @option options [String] :description
+        # @option options [String] :name
+        # @option options [String] :serial
+        #
+        # @return [Hash] if successful Hash version of JSON object
+        # @return [NilClass] if no options were passed
+        #
+        def update_volume(identifier, options)
+          return nil if identifier.nil? || identifier == ""
+          return nil if options.empty? || options.nil?
+          wrapped_request("put", "/1.0/volumes/#{identifier}", [202], options)
+        end
+      end
+    end
+  end
+end

data/lib/fog/brightbox/version.rb

@@ -1,5 +1,5 @@
 module Fog
   module Brightbox
-    VERSION = "1.4.2"
+    VERSION = "1.6.0"
   end
 end

data/spec/fog/brightbox/compute/credentials_spec.rb

@@ -0,0 +1,41 @@
+require "spec_helper"
+
+describe Fog::Brightbox::Compute, "#credentials" do
+  describe "when 2FA support is disabled" do
+    before do
+      @options = {
+        brightbox_client_id: "app-12345",
+        brightbox_secret: "1234567890",
+        brightbox_username: "jason.null@brightbox.com",
+        brightbox_password: "HR4life",
+        brightbox_one_time_password: "123456"
+      }
+      @service = Fog::Brightbox::Compute.new(@options)
+    end
+
+    it "does not add passed OTP to credentials" do
+      assert_kind_of Fog::Brightbox::OAuth2::CredentialSet, @service.credentials
+      assert_nil @service.credentials.one_time_password
+    end
+  end
+
+  describe "with 2FA support is enabled" do
+    before do
+      @expected_otp = "123456"
+      @options = {
+        brightbox_client_id: "app-12345",
+        brightbox_secret: "1234567890",
+        brightbox_username: "jason.null@brightbox.com",
+        brightbox_password: "HR4life",
+        brightbox_support_two_factor: true,
+        brightbox_one_time_password: @expected_otp
+      }
+      @service = Fog::Brightbox::Compute.new(@options)
+    end
+
+    it "adds passed OTP to credentials" do
+      assert_kind_of Fog::Brightbox::OAuth2::CredentialSet, @service.credentials
+      assert @expected_otp, @service.credentials.one_time_password
+    end
+  end
+end

data/spec/fog/brightbox/compute/get_access_token_spec.rb

@@ -0,0 +1,305 @@
+require "spec_helper"
+
+describe Fog::Brightbox::Compute, "#get_access_token" do
+  before do
+    @new_access_token = "0987654321"
+    @new_refresh_token = "5432167890"
+
+    @options = {
+      brightbox_client_id: "app-12345",
+      brightbox_secret: "1234567890",
+      brightbox_username: "jason.null@brightbox.com",
+      brightbox_password: "HR4life",
+      brightbox_support_two_factor: true,
+      brightbox_one_time_password: "123456"
+    }
+    @service = Fog::Brightbox::Compute.new(@options)
+  end
+
+  describe "when user does not have 2FA enabled" do
+    describe "and authenticates correctly" do
+      before do
+        stub_authentication_request(auth_correct: true)
+
+        assert @service.two_factor?
+      end
+
+      describe "without !" do
+        it "updates credentials" do
+          token = @service.get_access_token
+          assert_equal "0987654321", token
+
+          assert_equal token, @service.access_token
+        end
+      end
+
+      describe "with !" do
+        it "updates credentials" do
+          token = @service.get_access_token!
+          assert_equal "0987654321", token
+
+          assert_equal token, @service.access_token
+        end
+      end
+    end
+
+    describe "and authenticates incorrectly" do
+      before do
+        stub_authentication_request(auth_correct: false)
+
+        assert @service.two_factor?
+      end
+
+      describe "without !" do
+        it "returns nil" do
+          assert_nil @service.get_access_token
+
+          assert_nil @service.access_token
+          assert_nil @service.refresh_token
+        end
+      end
+
+      describe "with !" do
+        it "raises an error" do
+          begin
+            @service.get_access_token!
+          rescue Excon::Error::Unauthorized
+            assert_nil @service.access_token
+            assert_nil @service.refresh_token
+          end
+        end
+      end
+    end
+  end
+
+  describe "when user does have 2FA enabled" do
+    describe "and authenticates correctly" do
+      describe "without OTP" do
+        before do
+          stub_authentication_request(auth_correct: true,
+                                      two_factor_user: true)
+
+          assert @service.two_factor?
+        end
+
+        describe "without !" do
+          it "returns nil" do
+            assert_nil @service.get_access_token
+
+            assert_nil @service.access_token
+            assert_nil @service.refresh_token
+          end
+        end
+
+        describe "with !" do
+          it "raises an error" do
+            begin
+              @service.get_access_token!
+            rescue Fog::Brightbox::OAuth2::TwoFactorMissingError
+              assert_nil @service.access_token
+              assert_nil @service.refresh_token
+            end
+          end
+        end
+      end
+
+      describe "with OTP" do
+        before do
+          stub_authentication_request(auth_correct: true,
+                                      two_factor_user: true,
+                                      otp_sent: true)
+
+          assert @service.two_factor?
+        end
+
+        describe "without !" do
+          it "updates credentials" do
+            token = @service.get_access_token
+            assert_equal "0987654321", token
+
+            assert_equal token, @service.access_token
+          end
+        end
+
+        describe "with !" do
+          it "updates credentials" do
+            token = @service.get_access_token!
+            assert_equal "0987654321", token
+
+            assert_equal token, @service.access_token
+          end
+        end
+      end
+    end
+
+    describe "and authenticates incorrectly" do
+      before do
+        stub_authentication_request(auth_correct: false,
+                                    two_factor_user: true)
+
+        assert @service.two_factor?
+      end
+
+      describe "without !" do
+        it "returns nil" do
+          assert_nil @service.get_access_token
+
+          assert_nil @service.access_token
+          assert_nil @service.refresh_token
+        end
+      end
+
+      describe "with !" do
+        it "raises an error" do
+          begin
+            @service.get_access_token!
+          rescue Fog::Brightbox::OAuth2::TwoFactorMissingError
+            assert_nil @service.access_token
+            assert_nil @service.refresh_token
+          end
+        end
+      end
+    end
+
+    describe "without 2FA support enabled" do
+      before do
+        @options = {
+          brightbox_client_id: "app-12345",
+          brightbox_secret: "1234567890",
+          brightbox_username: "jason.null@brightbox.com",
+          brightbox_password: "HR4life",
+          brightbox_support_two_factor: false,
+          brightbox_one_time_password: "123456"
+        }
+        @service = Fog::Brightbox::Compute.new(@options)
+
+        refute @service.two_factor?
+      end
+
+      describe "without !" do
+        it "returns nil" do
+          stub_authentication_request(auth_correct: false,
+                                      two_factor_user: true)
+
+          assert_nil @service.get_access_token
+
+          assert_nil @service.access_token
+          assert_nil @service.refresh_token
+        end
+      end
+
+      describe "with !" do
+        describe "when authentication incorrect" do
+          it "raises an error" do
+            stub_authentication_request(auth_correct: false,
+                                        two_factor_user: true,
+                                        otp_sent: true)
+
+            begin
+              @service.get_access_token!
+            rescue Excon::Error::Unauthorized
+              assert_nil @service.access_token
+              assert_nil @service.refresh_token
+            end
+          end
+        end
+
+        describe "with missing OTP" do
+          before do
+            @options = {
+              brightbox_client_id: "app-12345",
+              brightbox_secret: "1234567890",
+              brightbox_username: "jason.null@brightbox.com",
+              brightbox_password: "HR4life",
+              brightbox_support_two_factor: false
+            }
+            @service = Fog::Brightbox::Compute.new(@options)
+
+            refute @service.two_factor?
+          end
+
+          it "raises an error" do
+            stub_authentication_request(auth_correct: true,
+                                        two_factor_user: true,
+                                        otp_sent: false)
+
+            begin
+              @service.get_access_token!
+            rescue Excon::Error::Unauthorized
+              assert_nil @service.access_token
+              assert_nil @service.refresh_token
+            end
+          end
+        end
+      end
+    end
+  end
+
+  # @param auth_correct [Boolean] Treat username/password as correct
+  # @param two_factor_user [Boolean] Is user protected by 2FA on server
+  # @param otp_sent [Boolean] Is an OTP sent in the request?
+  def stub_authentication_request(auth_correct:,
+                                  two_factor_user: false,
+                                  otp_sent: nil)
+
+    two_factor_supported = @service.two_factor?
+
+    request = {
+      headers: {
+        "Authorization" => "Basic YXBwLTEyMzQ1OjEyMzQ1Njc4OTA=",
+        "Content-Type" => "application/json",
+      },
+      body: {
+        grant_type: "password",
+        username: "jason.null@brightbox.com",
+        password: "HR4life"
+      }.to_json
+    }.tap do |req|
+      # Only expect the header if the service should send it
+      # Without this, we stub a request that demands an OTP but it is not sent
+      if two_factor_supported && otp_sent
+        req[:headers]["X-Brightbox-OTP"] = "123456"
+      end
+    end
+
+    # The cases we are testing are:
+    #
+    # * User does not use 2FA and authenticate
+    # * User does not use 2FA and FAILS to authenticate
+    # * User does use 2FA and authenticate
+    # * User does use 2FA and FAILS to authenticate
+    # * User does use 2FA and FAILS to send OTP
+    #
+    response = if two_factor_user && !otp_sent
+      # OTP required header
+      {
+        status: 401,
+        headers: {
+          "X-Brightbox-OTP" => "required"
+        },
+        body: { error: "invalid_client" }.to_json
+      }
+    elsif !auth_correct
+      # No OTP header
+      {
+        status: 401,
+        headers: {},
+        body: { error: "invalid_client" }.to_json
+      }
+    else
+      {
+        status: 200,
+        headers: {},
+        body: {
+          access_token: @new_access_token,
+          refresh_token: @new_refresh_token,
+          expires_in: 7200
+        }.to_json
+      }
+    end
+
+    stub_request(:post, "https://api.gb1.brightbox.com/token")
+      .with(request)
+      .to_return(response)
+  end
+end

data/spec/fog/brightbox/compute/two_factor_spec.rb

@@ -0,0 +1,53 @@
+require "spec_helper"
+
+describe Fog::Brightbox::Compute, "#two_factor?" do
+  describe "when omitted" do
+    before do
+      @options = {
+        brightbox_client_id: "app-12345",
+        brightbox_secret: "1234567890",
+        brightbox_username: "jason.null@brightbox.com",
+        brightbox_password: "HR4life"
+      }
+      @service = Fog::Brightbox::Compute.new(@options)
+    end
+
+    it do
+      refute @service.two_factor?
+    end
+  end
+
+  describe "when disabled" do
+    before do
+      @options = {
+        brightbox_client_id: "app-12345",
+        brightbox_secret: "1234567890",
+        brightbox_username: "jason.null@brightbox.com",
+        brightbox_password: "HR4life",
+        brightbox_support_two_factor: false
+      }
+      @service = Fog::Brightbox::Compute.new(@options)
+    end
+
+    it do
+      refute @service.two_factor?
+    end
+  end
+
+  describe "when enabled" do
+    before do
+      @options = {
+        brightbox_client_id: "app-12345",
+        brightbox_secret: "1234567890",
+        brightbox_username: "jason.null@brightbox.com",
+        brightbox_password: "HR4life",
+        brightbox_support_two_factor: true
+      }
+      @service = Fog::Brightbox::Compute.new(@options)
+    end
+
+    it do
+      assert @service.two_factor?
+    end
+  end
+end

data/spec/fog/brightbox/oauth2/user_credentials_strategy_spec.rb

@@ -37,4 +37,24 @@ describe Fog::Brightbox::OAuth2::UserCredentialsStrategy do
     assert_equal "Basic YXBwLTEyMzQ1Ol9fbWFzaGVkX2tleXNfMTIzX18=", headers["Authorization"]
     assert_equal "application/json", headers["Content-Type"]
   end
+
+  describe "when 2FA OTP is included" do
+    before do
+      options = {
+        username: @username,
+        password: @password,
+        one_time_password: "123456"
+      }
+
+      @credentials = Fog::Brightbox::OAuth2::CredentialSet.new(@client_id, @client_secret, options)
+      @strategy = Fog::Brightbox::OAuth2::UserCredentialsStrategy.new(@credentials)
+    end
+
+    it "tests #headers" do
+      headers = @strategy.headers
+      assert_equal "Basic YXBwLTEyMzQ1Ol9fbWFzaGVkX2tleXNfMTIzX18=", headers["Authorization"]
+      assert_equal "application/json", headers["Content-Type"]
+      assert_equal "123456", headers["X-Brightbox-OTP"]
+    end
+  end
 end