goofy 1.0.2

data/lib/goofy/capybara.rb

@@ -0,0 +1,13 @@
+require "goofy"
+require "cutest"
+require "capybara/dsl"
+
+class Cutest::Scope
+  if defined? Capybara::DSL
+    include Capybara::DSL
+  else
+    include Capybara
+  end
+end
+
+Capybara.app = Goofy

data/lib/goofy/controller.rb

@@ -0,0 +1,14 @@
+require_relative "controller/callbacks"
+require_relative "controller/base"
+require_relative "router"
+
+# include router functionality into Goofy
+Goofy.include Goofy::Router
+
+class Goofy
+
+  # Define Controller Class
+  class Controller
+  end
+
+end

data/lib/goofy/controller/base.rb

@@ -0,0 +1,21 @@
+class Goofy
+  class Controller
+
+    def self.construct(arg)
+      self.new(arg).entry
+    end
+
+    def initialize(app)
+      @app = app
+    end
+
+    def response
+      res.write "<h3>You should define `response` instance method on your controller class!</h3>"
+    end
+
+    def method_missing(name, *args, &block)
+      @app.send(name, *args, &block)
+    end
+
+  end
+end

data/lib/goofy/controller/callbacks.rb

@@ -0,0 +1,19 @@
+require 'prong'
+
+class Goofy
+  class Controller
+
+    include Prong
+
+    # Define before, around, after callbacks for #response
+    define_hook :response
+
+    def entry
+      run_hooks :response do
+        # Call response method with running callbacks
+        response
+      end
+    end
+
+  end
+end

data/lib/goofy/render.rb

@@ -0,0 +1,63 @@
+require "tilt"
+
+class Goofy
+  module Render
+    def self.setup(app)
+      app.settings[:render] ||= {}
+      app.settings[:render][:template_engine] ||= "erb"
+      app.settings[:render][:layout] ||= "layout"
+      app.settings[:render][:views] ||= File.expand_path("views", Dir.pwd)
+      app.settings[:render][:options] ||= {
+        default_encoding: Encoding.default_external
+      }
+    end
+
+    def render(template, locals = {}, layout = settings[:render][:layout])
+      res.headers["Content-Type"] ||= "text/html; charset=utf-8"
+      res.write(view(template, locals, layout))
+    end
+
+    def view(template, locals = {}, layout = settings[:render][:layout])
+      partial(layout, locals.merge(content: partial(template, locals)))
+    end
+
+    def partial(template, locals = {})
+      _render(template_path(template), locals, settings[:render][:options])
+    end
+
+    def template_path(template)
+      dir = settings[:render][:views]
+      ext = settings[:render][:template_engine]
+
+      return File.join(dir, "#{ template }.#{ ext }")
+    end
+
+    # @private Renders any type of template file supported by Tilt.
+    #
+    # @example
+    #
+    #   # Renders home, and is assumed to be HAML.
+    #   _render("home.haml")
+    #
+    #   # Renders with some local variables
+    #   _render("home.haml", site_name: "My Site")
+    #
+    #   # Renders with HAML options
+    #   _render("home.haml", {}, ugly: true, format: :html5)
+    #
+    #   # Renders in layout
+    #   _render("layout.haml") { _render("home.haml") }
+    #
+    def _render(template, locals = {}, options = {}, &block)
+      _cache.fetch(template) {
+        Tilt.new(template, 1, options.merge(outvar: '@_output'))
+      }.render(self, locals, &block)
+    end
+
+    # @private Used internally by #_render to cache the
+    #          Tilt templates.
+    def _cache
+      Thread.current[:_cache] ||= Tilt::Cache.new
+    end
+  end
+end

data/lib/goofy/router.rb

@@ -0,0 +1,9 @@
+class Goofy
+  module Router
+
+    def controller(ctrl_class)
+      ctrl_class.construct self
+    end
+
+  end
+end

data/lib/goofy/safe.rb

@@ -0,0 +1,23 @@
+require_relative "safe/csrf"
+require_relative "safe/secure_headers"
+
+class Goofy
+  # == Goofy::Safe
+  #
+  # This plugin contains security related features for Goofy
+  # applications. It takes ideas from secureheaders[1].
+  #
+  # == Usage
+  #
+  #     require "goofy"
+  #     require "goofy/safe"
+  #
+  #     Goofy.plugin(Goofy::Safe)
+  #
+  module Safe
+    def self.setup(app)
+      app.plugin(Safe::SecureHeaders)
+      app.plugin(Safe::CSRF)
+    end
+  end
+end

data/lib/goofy/safe/csrf.rb

@@ -0,0 +1,47 @@
+class Goofy
+  module Safe
+    module CSRF
+      def csrf
+        @csrf ||= Goofy::Safe::CSRF::Helper.new(req)
+      end
+
+      class Helper
+        attr :req
+
+        def initialize(req)
+          @req = req
+        end
+
+        def token
+          session[:csrf_token] ||= SecureRandom.base64(32)
+        end
+
+        def reset!
+          session.delete(:csrf_token)
+        end
+
+        def safe?
+          return req.get? || req.head? ||
+            req[:csrf_token] == token ||
+            req.env["HTTP_X_CSRF_TOKEN"] == token
+        end
+
+        def unsafe?
+          return !safe?
+        end
+
+        def form_tag
+          return %Q(<input type="hidden" name="csrf_token" value="#{ token }">)
+        end
+
+        def meta_tag
+          return %Q(<meta name="csrf_token" content="#{ token }">)
+        end
+
+        def session
+          return req.env["rack.session"]
+        end
+      end
+    end
+  end
+end

data/lib/goofy/safe/secure_headers.rb

@@ -0,0 +1,40 @@
+# == Secure HTTP Headers
+#
+# This plugin will automatically apply several headers that are
+# related to security. This includes:
+#
+#   - HTTP Strict Transport Security (HSTS) [2].
+#   - X-Frame-Options [3].
+#   - X-XSS-Protection [4].
+#   - X-Content-Type-Options [5].
+#   - X-Download-Options [6].
+#   - X-Permitted-Cross-Domain-Policies [7].
+#
+# == References
+#
+# [1]: https://github.com/twitter/secureheaders
+# [2]: https://tools.ietf.org/html/rfc6797
+# [3]: https://tools.ietf.org/html/draft-ietf-websec-x-frame-options-02
+# [4]: http://msdn.microsoft.com/en-us/library/dd565647(v=vs.85).aspx
+# [5]: http://msdn.microsoft.com/en-us/library/ie/gg622941(v=vs.85).aspx
+# [6]: http://msdn.microsoft.com/en-us/library/ie/jj542450(v=vs.85).aspx
+# [7]: https://www.adobe.com/devnet/adobe-media-server/articles/cross-domain-xml-for-streaming.html
+#
+class Goofy
+  module Safe
+    module SecureHeaders
+      HEADERS = {
+        "X-Content-Type-Options" => "nosniff",
+        "X-Download-Options" => "noopen",
+        "X-Frame-Options" => "SAMEORIGIN",
+        "X-Permitted-Cross-Domain-Policies" => "none",
+        "X-XSS-Protection" => "1; mode=block",
+        "Strict-Transport-Security" => "max-age=2628000"
+      }
+
+      def self.setup(app)
+        app.settings[:default_headers].merge!(HEADERS)
+      end
+    end
+  end
+end

data/lib/goofy/test.rb

@@ -0,0 +1,11 @@
+require "goofy"
+require "cutest"
+require "rack/test"
+
+class Cutest::Scope
+  include Rack::Test::Methods
+
+  def app
+    Goofy
+  end
+end

data/makefile

@@ -0,0 +1,4 @@
+.PHONY: test
+
+test:
+	cutest ./test/*.rb

data/test/accept.rb

@@ -0,0 +1,32 @@
+require File.expand_path("helper", File.dirname(__FILE__))
+
+test "accept mimetypes" do
+  Goofy.define do
+    on accept("application/xml") do
+      res.write res["Content-Type"]
+    end
+  end
+
+  env = { "HTTP_ACCEPT" => "application/xml",
+          "SCRIPT_NAME" => "/", "PATH_INFO" => "/post" }
+
+   _, _, body = Goofy.call(env)
+
+  assert_response body, ["application/xml"]
+end
+
+test "tests don't fail when you don't specify an accept type" do
+  Goofy.define do
+    on accept("application/xml") do
+      res.write res["Content-Type"]
+    end
+
+    on default do
+      res.write "Default action"
+    end
+  end
+
+  _, _, body = Goofy.call({})
+
+  assert_response body, ["Default action"]
+end

data/test/captures.rb

@@ -0,0 +1,162 @@
+require File.expand_path("helper", File.dirname(__FILE__))
+
+test "doesn't yield HOST" do
+  Goofy.define do
+    on host("example.com") do |*args|
+      res.write args.size
+    end
+  end
+
+  env = { "HTTP_HOST" => "example.com" }
+
+  _, _, resp = Goofy.call(env)
+
+  assert_response resp, ["0"]
+end
+
+test "doesn't yield the verb" do
+  Goofy.define do
+    on get do |*args|
+      res.write args.size
+    end
+  end
+
+  env = { "REQUEST_METHOD" => "GET" }
+
+  _, _, resp = Goofy.call(env)
+
+  assert_response resp, ["0"]
+end
+
+test "doesn't yield the path" do
+  Goofy.define do
+    on get, "home" do |*args|
+      res.write args.size
+    end
+  end
+
+  env = { "REQUEST_METHOD" => "GET", "PATH_INFO" => "/home",
+          "SCRIPT_NAME" => "/" }
+
+  _, _, resp = Goofy.call(env)
+
+  assert_response resp, ["0"]
+end
+
+test "yields the segment" do
+  Goofy.define do
+    on get, "user", :id do |id|
+      res.write id
+    end
+  end
+
+  env = { "REQUEST_METHOD" => "GET", "PATH_INFO" => "/user/johndoe",
+          "SCRIPT_NAME" => "/" }
+
+  _, _, resp = Goofy.call(env)
+
+  assert_response resp, ["johndoe"]
+end
+
+test "yields a number" do
+  Goofy.define do
+    on get, "user", :id do |id|
+      res.write id
+    end
+  end
+
+  env = { "REQUEST_METHOD" => "GET", "PATH_INFO" => "/user/101",
+          "SCRIPT_NAME" => "/" }
+
+  _, _, resp = Goofy.call(env)
+
+  assert_response resp, ["101"]
+end
+
+test "yield a file name with a matching extension" do
+  Goofy.define do
+    on get, "css", extension("css") do |file|
+      res.write file
+    end
+  end
+
+  env = { "REQUEST_METHOD" => "GET", "PATH_INFO" => "/css/app.css",
+          "SCRIPT_NAME" => "/" }
+
+  _, _, resp = Goofy.call(env)
+
+  assert_response resp, ["app"]
+end
+
+test "yields a segment per nested block" do
+  Goofy.define do
+    on :one do |one|
+      on :two do |two|
+        on :three do |three|
+          res.write one
+          res.write two
+          res.write three
+        end
+      end
+    end
+  end
+
+  env = { "REQUEST_METHOD" => "GET", "PATH_INFO" => "/one/two/three",
+          "SCRIPT_NAME" => "/" }
+
+  _, _, resp = Goofy.call(env)
+
+  assert_response resp, ["one", "two", "three"]
+end
+
+test "consumes a slash if needed" do
+  Goofy.define do
+    on get, "(.+\\.css)" do |file|
+      res.write file
+    end
+  end
+
+  env = { "REQUEST_METHOD" => "GET", "PATH_INFO" => "/foo/bar.css",
+          "SCRIPT_NAME" => "/" }
+
+  _, _, resp = Goofy.call(env)
+
+  assert_response resp, ["foo/bar.css"]
+end
+
+test "regex captures in string format" do
+  Goofy.define do
+    on get, "posts/(\\d+)-(.*)" do |id, slug|
+      res.write id
+      res.write slug
+    end
+  end
+
+
+  env = { "REQUEST_METHOD" => "GET",
+          "PATH_INFO" => "/posts/123-postal-service",
+          "SCRIPT_NAME" => "/" }
+
+  _, _, resp = Goofy.call(env)
+
+
+  assert_response resp, ["123", "postal-service"]
+end
+
+test "regex captures in regex format" do
+  Goofy.define do
+    on get, %r{posts/(\d+)-(.*)} do |id, slug|
+      res.write id
+      res.write slug
+    end
+  end
+
+  env = { "REQUEST_METHOD" => "GET",
+          "PATH_INFO" => "/posts/123-postal-service",
+          "SCRIPT_NAME" => "/" }
+
+  _, _, resp = Goofy.call(env)
+
+
+  assert_response resp, ["123", "postal-service"]
+end