hieraviz 0.0.2 → 0.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 7943ca0a1cce06662064ff153e6574e667a9aebe
-  data.tar.gz: de8240ae22c0afff43b068cf4af11fc84a3247a9
+  metadata.gz: 49399d4e687c122f2333b3a02f475d5ec8d769bd
+  data.tar.gz: a376b1c4332bac9deddd0d60491b3ac4d4627236
 SHA512:
-  metadata.gz: 7e5839350259c94f8ed16c922570e507647bc89d0cc6dd478a37763ed5bdb2601317613a13244295e8f876fa7123e0a07e6f8c55e7164e2139cacea54dda6fc7
-  data.tar.gz: fc6cd1e5c0a66630be9b33268234e5ee234778e35c6b15aba708e6d6061b5b0e8fab71203a6a0f93fa0b5e6483b8b81e3acce86de3f2fcd40242bfefe8ea4027
+  metadata.gz: 03e9edf186cd492acd366519a017fcf998d47e1a2ee083ec3344060afec06ae90134aedf364a47eff989120dfe4f48d938e252464104ec8b91a1a8c5825b1ae5
+  data.tar.gz: 09845cede54c3d470d4482e42be46e9efd8aaba6a9b884c219fb6bcab444b227e7f71dc32e09d8d38da163b558c4c2b63dba4267dd914d61437287e500649164

data/CHANGELOG.md

@@ -1,6 +1,9 @@
 Hieraviz Changelog
 ========================
 
+### v0.1.0 - 2016-01-20
+- extend test coverage
+
 ### v0.0.2 - 2016-01-18
 - add oauth2 auth method against gitlab server
 - add session persistence on disk

data/app/apiv1.rb

@@ -31,10 +31,6 @@ module HieravizApp
       end
     end
 
-    get '/test' do
-      json data: Time.new 
-    end
-
     get '/nodes' do
       check_authorization
       json Hieracles::Registry.nodes(settings.config)
@@ -69,12 +65,12 @@ module HieravizApp
       json Hieracles::Registry.farms(settings.config)
     end
 
-    get '/farm/:n' do |farm|
-      check_authorization
-      req = Hieracles::Puppetdb::Request.new(settings.configdata['puppetdb'])
-      farm_nodes = req.facts('farm', farm)
-      json farm_nodes.data
-    end
+    # get '/farm/:n' do |farm|
+    #   check_authorization
+    #   req = Hieracles::Puppetdb::Request.new(settings.configdata['puppetdb'])
+    #   farm_nodes = req.facts('farm', farm)
+    #   json farm_nodes.data
+    # end
 
     get '/not_logged' do
       json({ error: "Not connected." })

data/app/main.rb

@@ -1,4 +1,3 @@
-require 'hieracles'
 require 'hieraviz'
 
 require File.expand_path '../web.rb', __FILE__

data/app/web.rb

@@ -41,8 +41,10 @@ module HieravizApp
       end
 
       helpers do
+        def get_username
+          settings.configdata['http_auth']['username']
+        end
         def check_authorization
-          set :username, settings.configdata['http_auth']['username']
           true
         end
       end
@@ -51,35 +53,37 @@ module HieravizApp
 
       set :oauth, Hieraviz::AuthGitlab.new(settings.configdata['gitlab_auth'])
 
-      def get_username
-        if session['access_token']
-          session_info = Hieraviz::Store.get(session['access_token'], settings.configdata['session_renew'])
-          if session_info
-            session_info['username']
-          else
-            ''
+      helpers do
+        def get_username
+          if session['access_token']
+            session_info = Hieraviz::Store.get(session['access_token'], settings.configdata['session_renew'])
+            if session_info
+              session_info['username']
+            else
+              ''
+            end
           end
         end
-      end
 
-      def check_authorization
-        if !session['access_token']
-          redirect settings.oauth.login_url(request)
-        else
-          session_info = Hieraviz::Store.get(session['access_token'], settings.configdata['session_renew'])
-          if !session_info
-            if !settings.oauth.authorized?(session['access_token'])
-              flash[:fatal] = "Sorry you are not authorized to read puppet repo on gitlab."
-              redirect '/'
-            else
-              Hieraviz::Store.set session['access_token'], settings.oauth.user_info(session['access_token'])
-              session_info = Hieraviz::Store.get(session['access_token'], settings.configdata['session_renew'])
+        def check_authorization
+          if !session['access_token']
+            redirect settings.oauth.login_url(request)
+          else
+            session_info = Hieraviz::Store.get(session['access_token'], settings.configdata['session_renew'])
+            if !session_info
+              if !settings.oauth.authorized?(session['access_token'])
+                flash[:fatal] = "Sorry you are not authorized to read puppet repo on gitlab."
+                redirect '/'
+              else
+                Hieraviz::Store.set session['access_token'], settings.oauth.user_info(session['access_token'])
+                session_info = Hieraviz::Store.get(session['access_token'], settings.configdata['session_renew'])
+              end
             end
+            session_info['username']
           end
-          session_info['username']
         end
       end
-
+      
       get '/login' do
         redirect settings.oauth.login_url(request)
       end
@@ -128,27 +132,30 @@ module HieravizApp
       erb :resources
     end
 
-    get '/store' do
-      # Hieraviz::Store.set 'woot', 'nada'
-      erb :store
-    end
-
-    get '/user' do
-      if session[:access_token]
-        @data = settings.oauth.user_info(session[:access_token])
-      else
-        @data = 'nada'
-      end
-      erb :data
-    end
+    # debug pages --------------------
+    # get '/store' do
+    #   # Hieraviz::Store.set 'woot', 'nada'
+    #   erb :store
+    # end
+
+    # get '/user' do
+    #   if session[:access_token]
+    #     @data = settings.oauth.user_info(session[:access_token])
+    #   else
+    #     @data = 'nada'
+    #   end
+    #   erb :data
+    # end
+
+    # error 401 do
+    #   'Access forbidden'
+    # end
+    # debug pages --------------------
 
     not_found do
       erb :not_found, layout: :_layout
     end
 
-    error 401 do
-      'Access forbidden'
-    end
 
   end
 end

data/lib/hieraviz/auth_gitlab.rb

@@ -13,28 +13,28 @@ module Hieraviz
     end
 
     def access_token(request, code)
-      @@client.auth_code.get_token(code, :redirect_uri => redirect_uri(request))
+      @@client.auth_code.get_token(code, :redirect_uri => redirect_uri(request.url))
     end
 
     def get_response(url, token)
-      access_token = OAuth2::AccessToken.new(@@client, token)
+      a_token = OAuth2::AccessToken.new(@@client, token)
       begin
-        JSON.parse(access_token.get(url).body)
+        JSON.parse(a_token.get(url).body)
       rescue Exception => e
         { 'error' => JSON.parse(e.message.split(/\n/)[1])['message'] }
       end
     end
 
-
-    def redirect_uri(request)
-      uri = URI.parse(request.url)
+    def redirect_uri(url)
+      uri = URI.parse(url)
       uri.path = '/logged-in'
       uri.query = nil
+      uri.fragment = nil
       uri.to_s
     end
 
     def login_url(request)
-      @@client.auth_code.authorize_url(:redirect_uri => redirect_uri(request))
+      @@client.auth_code.authorize_url(:redirect_uri => redirect_uri(request.url))
     end
 
     def authorized?(token)

data/lib/hieraviz.rb

@@ -1,3 +1,4 @@
+require 'hieracles'
 require "hieraviz/version"
 require "hieraviz/config"
 require "hieraviz/store"

data/spec/app/apiv1_spec.rb

@@ -3,12 +3,180 @@ require 'sinatra_helper'
 
 describe HieravizApp::ApiV1 do
 
-  context "without any auth" do
-    context "when GET /v1/nodes" do
-      it "replies error" do
+  context "page not found" do
+    describe "GET /v1/blahblah" do
+      let(:expected) { { 'error' => "data not found" }  }
+      before do
+        get '/blahblah'
+      end
+      it { expect(last_response).not_to be_ok }
+      it { expect(JSON.parse last_response.body).to eq expected }
+    end
+  end
+
+  context "when no creds" do
+    describe "GET /v1/nodes" do
+      let(:expected) { 'http://example.org/v1/not_logged' }
+      before do
         get '/nodes'
-        expect(last_response).not_to be_ok
       end
+      it { expect(last_response).not_to be_ok }
+      it { expect(last_response.header['Location']).to eq expected }
+    end
+    describe 'GET /v1/not_logged' do
+      let(:expected) { { 'error' => "Not connected." }  }
+      before do
+        get '/not_logged'
+      end
+      it { expect(last_response).to be_ok }
+      it { expect(JSON.parse last_response.body).to eq expected }
+    end
+  end
+
+  context "with creds but no perms" do
+    describe "GET /v1/nodes" do
+      let(:expected) { 'http://example.org/v1/unauthorized' }
+      before do
+        current_session.rack_session[:access_token] = 'sada'
+        allow(Hieraviz::Store).
+          to receive(:get).
+          with('sada', 3600).
+          and_return(false)
+        get '/nodes'
+      end
+      it { expect(last_response).not_to be_ok }
+      it { expect(last_response.header['Location']).to eq expected }
+    end
+    describe 'GET /v1/unauthorized' do
+      let(:expected) { { 'error' => "Unauthorized" }  }
+      before do
+        get '/unauthorized'
+      end
+      it { expect(last_response).to be_ok }
+      it { expect(JSON.parse last_response.body).to eq expected }
+    end
+  end
+
+  context "with proper creds" do
+    before do
+      current_session.rack_session[:access_token] = 'sada'
+      allow(Hieraviz::Store).
+        to receive(:get).
+        with('sada', 3600).
+        and_return({})
+    end
+    describe "GET /v1/nodes" do
+      let(:expected) { ['node1.example.com'] }
+      before do
+        get '/nodes'
+      end
+      it { expect(last_response).to be_ok }
+      it { expect(JSON.parse last_response.body).to eq expected }
+    end
+    describe "GET /v1/node/node1.example.com/info" do
+      let(:expected) {
+        {
+          'classes' => ['farm1'],
+          'country' => 'fr',
+          'datacenter' => 'equinix',
+          'farm' => 'dev',
+          'fqdn' => 'node1.example.com'
+        }
+      }
+      before do
+        get '/node/node1.example.com/info'
+      end
+      it { expect(last_response).to be_ok }
+      it { expect(JSON.parse last_response.body).to eq expected }
+    end
+    describe "GET /v1/node/node1.example.com/params" do
+      let(:expected) {
+        {
+          "param1.subparam1" => {
+            "value" => "value1", 
+            "file" => "params/nodes/node1.example.com.yaml", 
+            "overriden" => false, 
+            "found_in" => [
+              {
+                "value"=>"value1", 
+                "file"=>"params/nodes/node1.example.com.yaml"
+              }
+            ]
+          }
+        }
+      }
+      before do
+        get '/node/node1.example.com/params'
+      end
+      it { expect(last_response).to be_ok }
+      it { expect(JSON.parse last_response.body).to eq expected }
+    end
+    describe "GET /v1/node/node1.example.com" do
+      let(:expected) {
+        {
+          "param1.subparam1" => {
+            "value" => "value1", 
+            "file" => "params/nodes/node1.example.com.yaml", 
+            "overriden" => false, 
+            "found_in" => [
+              {
+                "value"=>"value1", 
+                "file"=>"params/nodes/node1.example.com.yaml"
+              }
+            ]
+          }
+        }
+      }
+      before do
+        get '/node/node1.example.com'
+      end
+      it { expect(last_response).to be_ok }
+      it { expect(JSON.parse last_response.body).to eq expected }
+    end
+    describe "GET /v1/node/node1.example.com/allparams" do
+      let(:expected) {
+         {
+          "param1.subparam1" => {
+            "value" => "value1", 
+            "file" => "-", 
+            "overriden" => true, 
+            "found_in" => [
+              {
+                "value" => "value1", 
+                "file" => "params/nodes/node1.example.com.yaml"
+              },
+              {
+                "value" => "value common", 
+                "file"=>"params/common/common.yaml"
+              }
+            ]
+          },
+          "param2.subparam2" => {
+            "value" => "another value", 
+            "file"=>"params/common/common.yaml", 
+            "overriden" => false, 
+            "found_in" => [
+              {
+                "value" => "another value", 
+                "file"=>"params/common/common.yaml"
+              }
+            ]
+          }
+        }
+      }
+      before do
+        get '/node/node1.example.com/allparams'
+      end
+      it { expect(last_response).to be_ok }
+      it { expect(JSON.parse last_response.body).to eq expected }
+    end
+    describe "GET /v1/farms" do
+      let(:expected) { ['farm1'] }
+      before do
+        get '/farms'
+      end
+      it { expect(last_response).to be_ok }
+      it { expect(JSON.parse last_response.body).to eq expected }
     end
   end
 

data/spec/app/web_spec.rb

@@ -3,11 +3,48 @@ require 'sinatra_helper'
 
 describe HieravizApp::Web do
 
-  context "when GET /" do
-    it "replies 401" do
-      get '/'
-      expect(last_response.status).to be 401
+  context "without creds" do
+    describe "GET /" do
+      before { get '/' }
+      it { expect(last_response.status).to eq 401 }
     end
   end
 
+  context "with proper creds" do
+    before do
+      basic_authorize 'toto', 'toto'
+    end
+    describe "GET /" do
+      before { get '/' }
+      it { expect(last_response.status).to eq 200 }
+      it { expect(last_response.body).to include 'Welcome to hieraviz' }
+    end
+    describe "GET /logout" do
+      before { get '/logout' }
+      it { expect(last_response.body).to include 'Please login again' }
+    end
+    describe "GET /nodes" do
+      before { get '/nodes' }
+      it { expect(last_response.body).to include 'node1.example.com' }
+    end
+    describe "GET /farms" do
+      before { get '/farms' }
+      it { expect(last_response.body).to include 'farm1' }
+    end
+    describe "GET /modules" do
+      before { get '/modules' }
+      it { expect(last_response.body).to include 'Work In Progress' }
+    end
+    describe "GET /resources" do
+      before { get '/resources' }
+      it { expect(last_response.body).to include 'Work In Progress' }
+    end
+    describe "GET /toto" do
+      before { get '/toto' }
+      it { expect(last_response.status).to eq 404 }
+      it { expect(last_response.body).to include 'Page not found' }
+    end
+  end
+
+
 end

data/spec/files/config.yml

@@ -1,10 +1,13 @@
 ---
+app_name: HieraViz
 basepath: "spec/files/puppet"
 classpath: "farm_modules/%s/manifests/init.pp"
 hierafile: "hiera.yml"
 session_seed: "toto"
 tmpdir: "spec/files/tmp"
+session_renew: 3600
 usedb: false
+debug: false
 puppetdb:
   usessl: false
   host: puppetdb.example.com

data/spec/files/config_gitlab.yml

@@ -0,0 +1,25 @@
+---
+app_name: HieraViz
+basepath: "spec/files/puppet"
+classpath: "farm_modules/%s/manifests/init.pp"
+hierafile: "hiera.yml"
+session_seed: "toto"
+tmpdir: "spec/files/tmp"
+session_renew: 3600
+usedb: false
+debug: false
+puppetdb:
+  usessl: false
+  host: puppetdb.example.com
+  port: 8080
+auth_method: gitlab
+http_auth:
+  username: 'toto'
+  password: 'toto'
+gitlab_auth:
+  host: https://gitlab.example.com
+  application_id: xxxid
+  secret: xxxsecret
+  resource_required: '/api/v3/projects/group%2Fpuppet'
+  required_response_key: 'id'
+  required_response_value: '42'

data/spec/files/puppet/params/common/common.yaml

@@ -0,0 +1,4 @@
+param1:
+  subparam1: value common
+param2:
+  subparam2: another value

data/spec/lib/auth_gitlab_spec.rb

@@ -1,26 +1,72 @@
 require 'spec_helper'
+require 'oauth2_helper'
 
 describe Hieraviz::AuthGitlab do
 
+  let(:oauth2) { Hieraviz::AuthGitlab.new({}) }
+  before do
+    allow(OAuth2::Client).
+      to receive(:new).
+      and_return(Oauth2Mock.new)
+  end
+
   describe '.new' do
+    it { expect(oauth2).to be_a Hieraviz::AuthGitlab }
   end
 
   describe '.access_token' do
+    it { expect(oauth2.access_token(RequestMock.new, 'code')).to eq '123456' }
   end
 
   describe '.get_response' do
+    let(:url) { 'http://example.com/something' }
+    let(:token) { '123456' }
+    let(:urlfail) { 'fail' }
+    let(:expected) {
+      {
+        "somekey" => "somevalue"
+      }
+    }
+    let(:expectedfail) {
+      {
+        "error" => "message"
+      }
+    }
+    before do
+      allow(OAuth2::AccessToken).
+        to receive(:new).
+        and_return(AccessTokenMock.new)
+    end
+    context "when there is an error" do
+      it { expect(oauth2.get_response(urlfail, token)).to eq expectedfail }
+    end
+    context "when everything is fine" do
+      it { expect(oauth2.get_response(url, token)).to eq expected }
+    end
   end
 
   describe '.redirect_uri' do
+    let(:url) { 'http://example.com/something?var=value#hash' }
+    let(:expected) { 'http://example.com/logged-in' }
+    it { expect(oauth2.redirect_uri(url)).to eq expected }
   end
 
   describe '.login_url' do
+    it { expect(oauth2.login_url(RequestMock.new)).to eq 'authorize url' }
   end
 
   describe '.authorized?' do
   end
 
   describe '.user_info' do
+    let(:token) { '123456' }
+    let(:expected) { { "somekey" => "somevalue" } }
+    before do
+      allow(OAuth2::AccessToken).
+        to receive(:new).
+        and_return(AccessTokenMock.new)
+    end
+    it { expect(oauth2.user_info(token)).to eq expected }
   end
 
 end

data/spec/lib/config_spec.rb

@@ -2,6 +2,10 @@ require 'spec_helper'
 
 describe Hieraviz::Config do
 
+  before do
+    ENV['HIERAVIZ_CONFIG_FILE'] = File.expand_path '../../files/config.yml', __FILE__
+  end
+
   describe '.load' do
     let(:expected) { "spec/files/puppet" }
     it { expect(Hieraviz::Config.load['basepath']).to eq expected }

data/spec/oauth2_helper.rb

@@ -0,0 +1,31 @@
+class AuthCodeMock
+  def authorize_url(args)
+    'authorize url'
+  end
+  def get_token(code, args)
+    '123456'
+  end
+end
+
+class RequestMock
+  def body
+    '{"somekey":"somevalue"}'
+  end
+  def url
+    'http://example.com'
+  end
+end
+
+class AccessTokenMock
+  def get(url)
+    raise "\n{\"message\":\"message\"}" if url == 'fail'
+    RequestMock.new
+  end
+end
+
+class Oauth2Mock
+  attr_reader :auth_code
+  def initialize(*args)
+    @auth_code = AuthCodeMock.new
+  end
+end

data/spec/sinatra_helper.rb

@@ -1,3 +1,5 @@
+ENV['HIERAVIZ_CONFIG_FILE'] = File.expand_path '../files/config.yml', __FILE__
+
 require File.expand_path '../../app/main.rb', __FILE__
 
 module RSpecMixin

data/spec/spec_helper.rb

@@ -23,7 +23,7 @@ require 'rack/test'
 require 'rspec'
 
 ENV['RACK_ENV'] = 'test'
-ENV['HIERAVIZ_CONFIG_FILE'] = File.expand_path '../files/config.yml', __FILE__
+# ENV['HIERAVIZ_CONFIG_FILE'] = File.expand_path '../files/config.yml', __FILE__
 
 require 'hieraviz'
 
@@ -33,3 +33,20 @@ RSpec.configure do |config|
     c.syntax = :expect
   end
 end
+
+module Rack
+  module Test
+    class Session
+      alias_method :old_env_for, :env_for
+      def rack_session
+        @rack_session ||= {}
+      end
+      def rack_session=(hash)
+        @rack_session = hash
+      end
+      def env_for(path, env)
+        old_env_for(path, env).merge({'rack.session' => rack_session})
+      end
+    end
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: hieraviz
 version: !ruby/object:Gem::Version
-  version: 0.0.2
+  version: 0.1.0
 platform: ruby
 authors:
 - mose
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-01-18 00:00:00.000000000 Z
+date: 2016-01-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dotenv
@@ -255,16 +255,18 @@ files:
 - spec/app/apiv1_spec.rb
 - spec/app/web_spec.rb
 - spec/files/config.yml
+- spec/files/config_gitlab.yml
 - spec/files/hiera.yml
 - spec/files/puppet/enc/node1.example.com.yaml
 - spec/files/puppet/farm_modules/farm1/manifests/init.pp
 - spec/files/puppet/hiera.yml
 - spec/files/puppet/modules/module1/init.pp
-- spec/files/puppet/params/common/common.yml
+- spec/files/puppet/params/common/common.yaml
 - spec/files/puppet/params/nodes/node1.example.com.yaml
 - spec/lib/auth_gitlab_spec.rb
 - spec/lib/config_spec.rb
 - spec/lib/store_spec.rb
+- spec/oauth2_helper.rb
 - spec/sinatra_helper.rb
 - spec/spec_helper.rb
 homepage: https://github.com/Gandi/hieraviz
@@ -293,12 +295,14 @@ signing_key:
 specification_version: 4
 summary: Web and API server for accessing Puppet dev and prod data.
 test_files:
+- spec/oauth2_helper.rb
 - spec/spec_helper.rb
 - spec/app/apiv1_spec.rb
 - spec/app/web_spec.rb
+- spec/files/config_gitlab.yml
 - spec/files/hiera.yml
 - spec/files/config.yml
-- spec/files/puppet/params/common/common.yml
+- spec/files/puppet/params/common/common.yaml
 - spec/files/puppet/params/nodes/node1.example.com.yaml
 - spec/files/puppet/enc/node1.example.com.yaml
 - spec/files/puppet/farm_modules/farm1/manifests/init.pp

data/spec/files/puppet/params/common/common.yml

@@ -1,2 +0,0 @@
-param1:
-  subparam1: value common