json_voorhees 0.0.1

data/lib/generators/json_voorhees/setup_app/templates/user/specs/request_specs.rb

@@ -0,0 +1,154 @@
+require "rails_helper"
+
+RSpec.describe ::People::User, :type => :request do
+  describe "sign up process" do
+    before(:example) do
+      @attrs = FactoryGirl.attributes_for(:people_user)
+    end
+    # post /api/1/users/register
+    it "checks response of a register request with a valid user object" do
+      post 'api/1/users/register', :user => @attrs 
+      expect(response.status).to eq(200) #ok
+      expect(::People::User.all.count).to eq(1)
+      #A valid token needs to be returned
+      expect(json["token"]["auth_token"]).to_not eq(nil)
+      token = ::People::User.find(1).tokens[0]
+      expect(json["token"]["auth_token"]).to eq(token.auth_token)
+    end
+    # post /api/1/users/login
+    it "checks response of a register request with mismatched passwords" do
+      @attrs["password"] = "password1"
+      @attrs["password_confirmation"] = "password2"
+      post 'api/1/users/register', :user => @attrs 
+      expect(response.status).to eq(422) #invalid_resource
+      expect(::People::User.all.count).to eq(0)
+      #Errors need to be returned
+      expect(json["errors"]).to_not eq(nil)
+    end
+    # post /api/1/users/login
+    it "checks response of a valid login request" do
+      @attrs["password"] = "password123"
+      @attrs["password_confirmation"] = "password123"   
+      user = FactoryGirl.create(:people_user,@attrs)
+      old_auth_token = user.tokens[0].auth_token
+      #It needs to send an email and password
+      post 'api/1/users/login', @attrs
+      expect(response.status).to eq(200) #ok
+      #A valid and new token need to be returned
+      expect(json["token"]["auth_token"]).to_not eq(old_auth_token)
+      #This token should be the newest token in the database
+      new_auth_token = ::People::User.find(1).tokens.order("created_at").last.auth_token
+      expect(json["token"]["auth_token"]).to eq(new_auth_token)
+    end
+    # post /api/1/users/login
+    it "checks response of an invalid login request with an invalid password" do
+      @attrs["password"] = "password123"
+      @attrs["password_confirmation"] = "password123"   
+      user = FactoryGirl.create(:people_user,@attrs)
+      #The password needs to be invalid
+      @attrs["password"] = "wrongPassword"
+      #It needs to send an email and password
+      post 'api/1/users/login', @attrs
+      expect(response.status).to eq(401) #unauthorized
+      #Errors need to be returned
+      expect(json["errors"]).to_not eq(nil)
+    end
+    # get /api/1/users/1/logout
+    it "checks logout response and makes sure token is deleted" do
+      user = FactoryGirl.create(:people_user,@attrs)
+      token = user.tokens[0].auth_token
+      header = {"Auth-Token" => token, "Email" => user.email}
+      get 'api/1/users/logout', nil, header
+      expect(::People::User.count).to eq(1)
+      expect(response.status).to eq(200) #ok
+      expect(::Arcadex::Token.count).to eq(0)
+    end
+  end
+end
+RSpec.describe ::People::User, :type => :request do
+  describe "Rest Routes" do
+    before(:example) do
+      @user = FactoryGirl.create(:people_user)
+      token = @user.tokens[0].auth_token
+      @header = {"Auth-Token" => token, "Email" => @user.email}
+    end
+    # get /api/1/users
+    it "checks index json response" do
+      FactoryGirl.create_list(:people_user, 10)
+      get 'api/1/users', nil, @header
+      expect(response.status).to eq(200) #ok
+      expect(json["users"]).to_not eq(nil)
+    end
+    # get /api/1/users/1
+    it "checks show json response" do
+      get 'api/1/users/1', nil, @header
+      expect(response.status).to eq(200) #ok
+      expect(json["user"]["id"]).to eq(1)
+    end
+    it "checks for 404 response" do
+      get 'api/1/users/20', nil, @header
+      expect(response.status).to eq(404) #not_found
+    end
+    # put /api/1/users/1
+    it "checks update json response" do
+      attrs = FactoryGirl.attributes_for(:people_user)
+      attrs["email"] = "Cole@LaunchU.com"
+      hash = {"user" => attrs}
+      #This uses users 1 header
+      put 'api/1/users/1', hash, @header
+      expect(response.status).to eq(200) #ok
+      expect(json["user"]["email"]).to eq("Cole@LaunchU.com")
+    end
+  end
+end
+RSpec.describe ::People::User, :type => :request do
+  describe "Authorization" do
+    before(:example) do
+      @user = FactoryGirl.create(:people_user)
+      token = @user.tokens[0].auth_token
+      @header = {"Auth-Token" => token, "Email" => @user.email}
+    end
+    # put /api/1/users/1
+    it "makes sure a user cannot alter another users information" do
+      FactoryGirl.create(:people_user)
+      attrs = FactoryGirl.attributes_for(:people_user)
+      attrs["email"] = "Cole@LaunchU.com"
+      hash = {"user" => attrs}
+      #This uses users 2 header
+      put 'api/1/users/2', hash, @header
+      expect(response.status).to eq(403) #forbidden
+    end
+    it "makes sure a user can't update to bad values" do
+      attrs = FactoryGirl.attributes_for(:people_user)
+      attrs["email"] = ""
+      hash = {"user" => attrs}
+      #This uses users 1 header
+      put 'api/1/users/1', hash, @header
+      expect(response.status).to eq(422) #ok
+    end
+  end
+end
+RSpec.describe ::People::User, :type => :request do
+  describe "Serialization" do
+    before(:example) do
+      @user = FactoryGirl.create(:people_user)
+      token = @user.tokens[0].auth_token
+      @header = {"Auth-Token" => token, "Email" => @user.email}
+    end
+    # get /api/1/users
+    it "checks only appropriate attributes are sent back for index" do
+      FactoryGirl.create_list(:people_user, 10)
+      get 'api/1/users', nil, @header
+      expect(response.status).to eq(200) #ok
+      expect(::People::User.count).to eq(11)
+      expect(::Arcadex::Token.count).to eq(11)
+      expect(json["users"][0]["password_digest"]).to eq(nil)
+      expect(json["users"][0]["created_at"]).to_not eq(nil)
+      expect(json["users"][0]["updated_at"]).to_not eq(nil)
+    end
+    it "checks the show json sent back" do
+      get 'api/1/users/1', nil, @header
+      expect(response.status).to eq(200) #ok
+    end
+  end
+end

data/lib/generators/json_voorhees/setup_app/templates/user/specs/route_specs.rb

@@ -0,0 +1,77 @@
+require "rails_helper"
+
+#The register, login, and logout routes
+RSpec.describe "Users sign up process routing", :type => :routing do
+	routes { People::Engine.routes }
+
+	it "routes to register" do
+		expect(:post => "/api/1/users/register").to route_to(
+			:controller => "people/api/v1/users",
+			:action => "register"
+		)
+	end
+	it "routes to login" do
+		expect(:post => "/api/1/users/login").to route_to(
+			:controller => "people/api/v1/users",
+			:action => "login"
+		)
+	end
+	it "routes to logout" do
+		expect(:get => "/api/1/users/logout").to route_to(
+			:controller => "people/api/v1/users",
+			:action => "logout"
+		)
+	end
+end
+#The standard rest routes for the user controller
+RSpec.describe "Users controller rest routing", :type => :routing do
+	routes { People::Engine.routes }
+
+	it "routes to index" do
+		expect(:get => "/api/1/users").to route_to(
+			:controller => "people/api/v1/users",
+			:action => "index"
+		)
+	end
+	it "routes to show" do
+		expect(:get => "/api/1/users/1").to route_to(
+			:controller => "people/api/v1/users",
+			:action => "show",
+			:id => "1"
+		)
+	end
+	it "routes to edit" do
+		expect(:get => "/api/1/users/1/edit").to route_to(
+			:controller => "people/api/v1/users",
+			:action => "edit",
+			:id => "1"
+		)
+	end
+	it "routes to create" do
+		expect(:post => "/api/1/users/").to route_to(
+			:controller => "people/api/v1/users",
+			:action => "create"
+		)
+	end
+	it "routes to update" do
+		expect(:put => "/api/1/users/1/").to route_to(
+			:controller => "people/api/v1/users",
+			:action => "update",
+			:id => "1"
+		)
+	end
+	it "routes to update" do
+		expect(:patch => "/api/1/users/1/").to route_to(
+			:controller => "people/api/v1/users",
+			:action => "update",
+			:id => "1"
+		)
+	end
+	it "routes to delete" do
+		expect(:delete => "/api/1/users/1/").to route_to(
+			:controller => "people/api/v1/users",
+			:action => "destroy",
+			:id => "1"
+		)
+	end
+end

data/lib/generators/json_voorhees/setup_app/templates/user/user_authorizations.rb

@@ -0,0 +1,82 @@
+module Authorization
+	module People
+		module User
+
+			#Used in the controller
+
+			def self.register?
+				return true
+			end
+
+			def self.login?
+				return true
+			end
+
+			def self.logout?(tokenUser)
+				return true
+			end
+
+			def self.index?(tokenUser)
+				return true
+			end
+
+			def self.show?(targetUser,tokenUser)
+				return true
+			end
+
+
+			def self.update?(targetUser,tokenUser)
+				if targetUser != tokenUser
+					#Can only update your own data
+					return false
+				else
+					return true
+				end
+			end
+
+			#Used in the serializer, current_user may be nil
+
+			def self.include_id?(current_user,user_object,options)
+	    	action = options[:url_options][:_recall][:action]
+	    	controller = options[:url_options][:_recall][:controller]
+				return true
+			end
+
+	    def self.include_email?(current_user,user_object,options)
+	    	action = options[:url_options][:_recall][:action]
+	    	controller = options[:url_options][:_recall][:controller]
+	    	return true
+	    end
+
+	    def self.include_username?(current_user,user_object,options)
+	    	action = options[:url_options][:_recall][:action]
+	    	controller = options[:url_options][:_recall][:controller]
+	    	return true
+	    end
+
+	    def self.include_created_at?(current_user,user_object,options)
+	    	action = options[:url_options][:_recall][:action]
+	    	controller = options[:url_options][:_recall][:controller]
+	    	return true
+	    end
+
+	    def self.include_updated_at?(current_user,user_object,options)
+	    	action = options[:url_options][:_recall][:action]
+	    	controller = options[:url_options][:_recall][:controller]
+	    	return true
+	    end
+
+	    def self.include_tokens?(current_user,user_object,options)
+	    	action = options[:url_options][:_recall][:action]
+	    	controller = options[:url_options][:_recall][:controller]
+	    	#if action == "index" && controller == "people/api/v1/users"
+	    		#return false
+	    	#end
+	    	return false
+	    end
+
+			private
+
+		end
+	end
+end

data/lib/generators/json_voorhees/setup_app/templates/user/user_controller.rb

@@ -0,0 +1,124 @@
+require_dependency "people/api/v1/application_controller"
+require 'authorization'
+
+module People
+  class Api::V1::UsersController < Api::V1::ApplicationController
+    skip_before_filter :authenticate_user, :only => [:register, :login]
+    before_action :set_user, only: [:show, :edit, :update]
+    before_action :register_authorize, only: [:register]
+    before_action :login_authorize, only: [:login]
+    before_action :logout_authorize, only: [:logout]
+    before_action :index_authorize, only: [:index]
+    before_action :show_authorize, only: [:show]
+    before_action :update_authorize, only: [:update]
+
+    # POST /api/1/users/register
+    def register
+      #Create a new user
+      user = ::People::User.new(user_params)
+      if user.save
+        #If the user is saved, return a token
+        token = user.tokens[0]
+        render :json => {user: user, token: token}
+      else
+        #Return an error if not saved
+        render :json => {errors: user.errors}, status: :unprocessable_entity
+      end
+    end
+
+    # POST /api/1/users/login
+    def login
+      #Should I delete the current token or ignore it?
+      #Find user from email and password. Create and return a new token
+      user = ::People::User.find_by(email: params[:email])
+      if user && user.authenticate(params[:password])
+        token = user.tokens.create
+        render :json => {user: user, token: token}
+      else
+        render :json => {errors: "Email and/or Password is incorrect"}, status: :unauthorized 
+      end
+    end
+
+    # GET /api/1/users/logout
+    def logout
+      #Destroy the current token
+      token = current_token
+      token.destroy
+      render json: {}
+    end
+
+    # GET /api/1/users
+    def index
+      @users = ::People::User.all
+      render json: @users
+    end
+
+    # GET /api/1/users/1
+    def show
+      render json: @user
+    end
+
+    # PATCH/PUT /api/1/users/1
+    def update
+      if @user.update(user_params)
+        render json: @user
+      else
+        render :json => {errors: @user.errors}, status: :unprocessable_entity
+      end
+    end
+
+    private
+      # Use callbacks to share common setup or constraints between actions.
+
+      def set_user
+        @user = ::People::User.find_by_id(params[:id])
+        if @user.nil?
+          render :json => {errors: "User was not found"}, status: :not_found
+        end
+      end
+
+      # Only allow a trusted parameter "white list" through.
+
+      def user_params
+        params.require(:user).permit(:username, :email, :password, :password_confirmation)
+      end
+
+      # Authorizations below here
+
+      def register_authorize
+        if !::Authorization::People::User.register?
+          render :json => {errors: "User is not authorized for this action"}, status: :forbidden
+        end
+      end
+
+      def login_authorize
+        if !::Authorization::People::User.login?
+          render :json => {errors: "User is not authorized for this action"}, status: :forbidden
+        end
+      end
+
+      def logout_authorize
+        if !::Authorization::People::User.logout?(current_user)
+          render :json => {errors: "User is not authorized for this action"}, status: :forbidden
+        end
+      end
+
+      def index_authorize
+        if !::Authorization::People::User.index?(current_user)
+          render :json => {errors: "User is not authorized for this action"}, status: :forbidden
+        end
+      end
+
+      def show_authorize
+        if !::Authorization::People::User.show?(@user,current_user)
+          render :json => {errors: "User is not authorized for this action"}, status: :forbidden
+        end
+      end
+
+      def update_authorize
+        if !::Authorization::People::User.update?(@user,current_user)
+          render :json => {errors: "User is not authorized for this action"}, status: :forbidden
+        end  
+      end
+  end
+end

data/lib/generators/json_voorhees/setup_app/templates/user/user_model.rb

@@ -0,0 +1,26 @@
+require 'type_cartographer'
+
+module People
+  class User < ActiveRecord::Base
+
+  	has_many :tokens, :as => :imageable, :class_name => "::Arcadex::Token"
+
+  	has_secure_password
+
+  	after_create :setup_user
+
+    validates :username, presence: true
+    #validates_format_of :username, :with => /\A[A-Za-z0-9\d]+\Z/i
+    validates :email, presence: true
+    #Might need a regex for emails, or just rather confirm them
+
+    def setup_user
+    	create_token
+    end
+
+    def create_token
+      self.tokens.create!
+    end
+
+  end
+end

data/lib/generators/json_voorhees/setup_app/templates/user/user_routes.rb

@@ -0,0 +1,24 @@
+People::Engine.routes.draw do
+
+	root to: "users#index"
+
+  scope 'admin' do
+	  resources :users
+	end
+
+	scope 'api' do
+		scope '1' do
+	  	resources :users, controller: 'api/v1/users' do
+				collection do
+					# /api/1/users/register
+					post 'register', to: "api/v1/users#register"
+					# /api/1/users/login
+					post 'login', to: "api/v1/users#login"
+					# /api/1/users/logout
+					get 'logout', to: "api/v1/users#logout"
+				end
+	  	end
+		end
+	end
+
+end

data/lib/generators/json_voorhees/setup_app/templates/user/user_serializer.rb

@@ -0,0 +1,39 @@
+require 'authorization'
+
+module People
+  class UserSerializer < ActiveModel::Serializer
+    embed :ids, include: true
+
+    attributes :id
+    attributes :username
+    attributes :email
+    attributes :created_at
+    attributes :updated_at
+    has_many :tokens
+
+    def include_id?
+      return ::Authorization::People::User.include_id?(current_user,object,@options)
+    end
+
+    def include_email?
+      return ::Authorization::People::User.include_email?(current_user,object,@options)
+    end
+
+    def include_username?
+      return ::Authorization::People::User.include_username?(current_user,object,@options)
+    end
+
+    def include_created_at?
+      return ::Authorization::People::User.include_created_at?(current_user,object,@options)
+    end
+
+    def include_updated_at?
+      return ::Authorization::People::User.include_updated_at?(current_user,object,@options)
+    end
+
+    def include_associations!
+      include! :tokens if ::Authorization::People::User.include_tokens?(current_user,object,@options)
+    end
+
+  end
+end

data/lib/generators/json_voorhees/setup_app/templates/views/admin_no_user

@@ -0,0 +1,6 @@
+<h1>ADMIN</h1>
+
+<ul>
+  <li>Engines</li>
+
+</ul>

data/lib/generators/json_voorhees/setup_app/templates/views/admin_with_user

@@ -0,0 +1,9 @@
+<h1>ADMIN</h1>
+
+<ul>
+  <li>People Engine</li>
+	<li><%= link_to 'user_index', people.users_path %></li>
+
+	<li>Arcadex Engine</li>
+	<li><%= link_to 'token_index', arcadex.tokens_path %></li>
+</ul>

data/lib/generators/json_voorhees/setup_app/templates/views/app_index

@@ -0,0 +1,9 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title></title>
+</head>
+<body>
+	<%= yield %>
+</body>
+</html>

data/lib/generators/json_voorhees/setup_app/templates/views/application

@@ -0,0 +1,19 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title></title>
+  <%= stylesheet_link_tag    "application", media: "all", "data-turbolinks-track" => true %>
+  <%= javascript_include_tag "application", "data-turbolinks-track" => true %>
+  <%= csrf_meta_tags %>
+</head>
+<body>
+
+<%= yield %>
+
+<% if !current_page?(main_app.root_url) %>
+	<br><br>
+	<%= link_to 'admin_home', main_app.admin_path %>
+<% end %>
+
+</body>
+</html>

data/lib/generators/json_voorhees/setup_engine/USAGE

@@ -0,0 +1,8 @@
+Description:
+    Sets up an engine with commonly used files and boilerplate code.
+
+Example:
+    rails g json_voorhees:setup_engine People
+
+    This will create:
+        A lot of boilerplate

data/lib/generators/json_voorhees/setup_engine/setup_engine_generator.rb

@@ -0,0 +1,81 @@
+module JsonVoorhees
+	class SetupEngineGenerator < Rails::Generators::Base
+	  source_root File.expand_path('../templates', __FILE__)
+	  argument :module_name, :type => :string
+
+	  def sprint
+	  	generate_layout
+	  	create_api_controller
+	  	add_gems
+	  	setup_routes
+	  	setup_application_controller
+	  	run_bundle
+	  end
+
+	  private
+
+	  def setup_application_controller
+	  	run "rm -f app/controllers/#{module_name.underscore}/application_controller.rb"
+	  	template "application_controller.rb.erb", "app/controllers/#{module_name.underscore}/application_controller.rb"
+	  end
+
+	  def run_bundle
+			run "bundle update"
+			run "bundle install"
+	  end
+
+	  def setup_routes
+	  	inject_into_file "config/routes.rb", after: "#{module_name.camelize}::Engine.routes.draw do\n" do <<-'RUBY'
+
+	#root to: "controller_name#index"
+	scope 'admin' do
+
+		end
+
+	scope 'api' do
+		scope '1' do
+			#/api/1/controller_name
+			#resources :controller_name, controller: 'api/v1/controller_name'
+			#resources :controller_name2, controller: 'api/v1/controller_name2' do
+				#collection do
+					#/api/1/controller_name2/action
+					#post 'action', to: "api/v1/controller_name2#action"
+				#end
+			#end
+		end
+	end
+
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-
+	  	
+	  	RUBY
+	  	end
+	  end
+
+	  def add_gems
+	  	inject_into_file "#{module_name.downcase}.gemspec", after: "s.test_files = Dir[\"test/**/*\"]\n" do <<-'RUBY'
+  
+  s.add_dependency "rails-api"
+  s.add_dependency "type_cartographer"
+  s.add_dependency "arcadex"
+  s.add_dependency "active_model_serializers", "~> 0.8.0"
+  s.add_dependency "bcrypt", "~> 3.1.7"
+  s.add_development_dependency "json_voorhees"
+  s.add_development_dependency "annotate", ">=2.6.0"
+
+			RUBY
+			end
+	  end
+
+	  def create_api_controller
+	  	template "api_controller.rb.erb", "app/controllers/#{module_name.underscore}/api/v1/application_controller.rb"
+	  end
+
+	  def generate_layout
+			run "mkdir app/views/layouts/#{module_name.downcase}/default/"
+			run "mv app/views/layouts/#{module_name.downcase}/application.html.erb app/views/layouts/#{module_name.downcase}/default/application.html.erb"
+	  	run "mkdir app/serializers"
+	  	run "mkdir app/serializers/#{module_name.downcase} && touch app/serializers/#{module_name.downcase}/.gitkeep"
+	  	run "rm -f README.rdoc && echo '# Describe your engine here' > README.md"
+	  end
+	end
+end

data/lib/generators/json_voorhees/setup_engine/templates/api_controller.rb.erb

@@ -0,0 +1,5 @@
+module <%= module_name.camelize %>
+  class Api::V1::ApplicationController < ::Api::V1::ApiController
+
+  end
+end

data/lib/generators/json_voorhees/setup_engine/templates/application_controller.rb.erb

@@ -0,0 +1,4 @@
+module <%= module_name.camelize %>
+  class ApplicationController < ::ActionController::Base
+  end
+end