kissifer-rack-ticket-office 0.0.1

data/.document

@@ -0,0 +1,5 @@
+README.rdoc
+lib/**/*.rb
+bin/*
+features/**/*.feature
+LICENSE

data/.gitignore

@@ -0,0 +1,5 @@
+*.sw?
+.DS_Store
+coverage
+rdoc
+pkg

data/LICENSE

@@ -0,0 +1,20 @@
+Copyright (c) 2009 kissifer
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.rdoc

@@ -0,0 +1,7 @@
+= rack-ticket-office
+
+Description goes here.
+
+== Copyright
+
+Copyright (c) 2009 kissifer. See LICENSE for details.

data/Rakefile

@@ -0,0 +1,52 @@
+require 'rubygems'
+require 'rake'
+
+begin
+  require 'jeweler'
+  Jeweler::Tasks.new do |gem|
+    gem.name = "rack-ticket-office"
+    gem.summary = %Q{Rack middleware to allow/deny access to remote user by http method, path and query params.}
+    gem.email = "tierneydrchris@gmail.com"
+    gem.homepage = "http://github.com/kissifer/rack-ticket-office"
+    gem.authors = ["kissifer"]
+    gem.add_dependency('hash-persistent', '>= 0.3.2')
+    gem.add_dependency('sinatra-options-route')
+    gem.add_dependency('sinatra-response-header-helpers')
+    # gem is a Gem::Specification... see http://www.rubygems.org/read/chapter/20 for additional settings
+  end
+
+rescue LoadError
+  puts "Jeweler (or a dependency) not available. Install it with: sudo gem install jeweler"
+end
+
+require 'spec/rake/spectask'
+Spec::Rake::SpecTask.new(:spec) do |spec|
+  spec.libs << 'lib' << 'spec'
+  spec.spec_files = FileList['spec/**/*_spec.rb']
+  spec.spec_opts = ['--options spec/spec.opts']
+end
+
+Spec::Rake::SpecTask.new(:rcov) do |spec|
+  spec.libs << 'lib' << 'spec'
+  spec.pattern = 'spec/**/*_spec.rb'
+  spec.rcov = true
+end
+
+
+task :default => :spec
+
+require 'rake/rdoctask'
+Rake::RDocTask.new do |rdoc|
+  if File.exist?('VERSION.yml')
+    config = YAML.load(File.read('VERSION.yml'))
+    version = "#{config[:major]}.#{config[:minor]}.#{config[:patch]}"
+  else
+    version = ""
+  end
+
+  rdoc.rdoc_dir = 'rdoc'
+  rdoc.title = "rack-ticket-office #{version}"
+  rdoc.rdoc_files.include('README*')
+  rdoc.rdoc_files.include('lib/**/*.rb')
+end
+

data/VERSION

@@ -0,0 +1 @@
+0.0.1

data/lib/rack/ticket-office/barrier.rb

@@ -0,0 +1,3 @@
+require 'rubygems'
+require File.join(File.dirname(__FILE__), 'ticket_collection')
+

data/lib/rack/ticket-office/booth.rb

@@ -0,0 +1,45 @@
+require 'rubygems'
+require File.join(File.dirname(__FILE__), 'ticket')
+
+require 'sinatra/base'
+require 'sinatra/options-route'
+require 'sinatra/response-header-helpers'
+
+module Rack
+  module TicketOffice
+    class Booth < Sinatra::Base
+      register Sinatra::OptionsRoute
+      helpers Sinatra::ResponseHeaderHelpers
+      
+      attr_writer :store, :counter
+      
+      def template(&block)
+        @template = block
+      end
+
+      options_route "/?" do
+        allow :post, :options
+        halt
+      end
+      
+      [:get, :put, :delete].each do |method|
+        send(method, "/") do
+          allow :post, :options
+          halt 405
+        end
+      end
+      
+      post "/" do
+        halt 500 unless request.env['REMOTE_USER']
+        new_id = @counter.next
+        ticket_initialiser = @template.call(new_id)
+        ticket = @store.create(ticket_initialiser)
+        ticket.key = new_id.to_s
+        ticket.user = request.env['REMOTE_USER']
+        ticket.save
+        ""
+      end
+      
+    end
+  end
+end

data/lib/rack/ticket-office/monkey_patches.rb

@@ -0,0 +1,32 @@
+class Hash
+  def assert_valid_keys(*valid_keys)
+    # Lifted from activesupport
+    unknown_keys = keys - [valid_keys].flatten
+    raise(ArgumentError, "Unknown key(s): #{unknown_keys.join(", ")}") unless unknown_keys.empty?
+  end
+  
+  def symbolize_keys!
+    # Lifted from merb
+    each do |key, value|
+      sym = key.respond_to?(:to_sym) ? key.to_sym : key
+      self[sym] = value
+      delete(key) unless key == sym
+    end
+    self
+  end
+end
+
+class Array
+  def assert_valid_elements(*valid_elements)
+    # Lifted from activesupport
+    unknown_elements = self - [valid_elements].flatten
+    raise(ArgumentError, "Unknown elements(s): #{unknown_elements.join(", ")}") unless unknown_elements.empty?
+  end
+
+  def symbolize_elements!
+    collect! do |element|
+      element.respond_to?(:to_sym) ? element.to_sym : element 
+    end
+    self
+  end
+end

data/lib/rack/ticket-office/ticket.rb

@@ -0,0 +1,38 @@
+require 'rubygems'
+require 'hash-persistent/resource'
+require 'hash-persistent/counter'
+require File.expand_path(File.dirname(__FILE__) + '/url_filter')
+
+module Rack
+  module TicketOffice
+    class Ticket
+      include HashPersistent::Resource
+
+      attr_reader   :filters
+      attr_accessor :user
+    
+      def initialize(filter_initializers)
+        begin
+          @filters = filter_initializers.collect do |filter_initializer|
+            UrlFilter.new(filter_initializer)
+          end
+        rescue
+          raise ArgumentError
+        end
+
+        raise ArgumentError if @filters.empty?      
+      end
+    
+      def match_any?(env)
+        @filters.any? do |filter|
+          filter.match(env)
+        end
+      end
+    
+      def ==(other)
+        return (self.class == other.class) &&
+        (self.filters == other.filters)
+      end    
+    end
+  end
+end

data/lib/rack/ticket-office/ticket_collection.rb

@@ -0,0 +1,10 @@
+require 'rubygems'
+require 'hash-persistent/collection'
+
+module Rack
+  module TicketOffice
+    class TicketCollection
+      include HashPersistent::Collection
+    end
+  end
+end

data/lib/rack/ticket-office/url_filter.rb

@@ -0,0 +1,64 @@
+require File.expand_path(File.dirname(__FILE__) + '/monkey_patches')
+require 'uri'
+
+module Rack
+  module TicketOffice
+    class UrlFilter
+      attr_reader :request_methods, :path_info, :required_queries, :allowed_queries
+    
+      def initialize(request_spec)
+        begin
+          request_spec.assert_valid_keys(:request_methods, :path, :required_queries, :allowed_queries)
+          request_spec[:request_methods].assert_valid_elements(:get, :post, :put, :delete, :head, :options, :all)
+          "Fred".match(request_spec[:path])
+        rescue
+          raise ArgumentError
+        end
+      
+        @request_methods = request_spec[:request_methods]
+        @request_methods = [:get, :post, :put, :delete, :head, :options] if request_spec[:request_methods].include?(:all)
+        @path_info = request_spec[:path]
+        @required_queries = request_spec[:required_queries] || {}
+        @allowed_queries = request_spec[:allowed_queries] || []
+      end
+    
+      def match(env)
+        req = Rack::Request.new(env)
+        return false unless @request_methods.include?(req.request_method.downcase.to_sym)
+      
+        path_match = req.path_info.match(@path_info)
+        return false unless path_match and path_match[0].eql?(req.path_info)
+
+        @required_queries.each do |key, value|
+          return false unless req.GET[key] == value
+        end
+
+        req.GET.each_key do |key|
+          return false unless @required_queries.has_key?(key) or @allowed_queries.include?(key)
+        end
+
+        true
+      end
+    
+      def marshal_dump 
+        [ @request_methods, @path_info, @required_queries, @allowed_queries ] 
+      end 
+    
+      def marshal_load(variables) 
+        @request_methods = variables[0] 
+        @path_info = variables[1] 
+        @required_queries = variables[2]
+        @allowed_queries = variables[3]
+      end
+        
+      def ==(other)
+        return (self.class == other.class) &&
+        (self.request_methods == other.request_methods) &&
+        (self.path_info == other.path_info) &&
+        (self.required_queries == other.required_queries) &&
+        (self.allowed_queries == other.allowed_queries)
+      true
+      end
+    end
+  end
+end

data/rack-ticket-office.gemspec

@@ -0,0 +1,69 @@
+# -*- encoding: utf-8 -*-
+
+Gem::Specification.new do |s|
+  s.name = %q{rack-ticket-office}
+  s.version = "0.0.1"
+
+  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
+  s.authors = ["kissifer"]
+  s.date = %q{2009-06-09}
+  s.email = %q{tierneydrchris@gmail.com}
+  s.extra_rdoc_files = [
+    "LICENSE",
+     "README.rdoc"
+  ]
+  s.files = [
+    ".document",
+     ".gitignore",
+     "LICENSE",
+     "README.rdoc",
+     "Rakefile",
+     "VERSION",
+     "lib/rack/ticket-office/barrier.rb",
+     "lib/rack/ticket-office/booth.rb",
+     "lib/rack/ticket-office/monkey_patches.rb",
+     "lib/rack/ticket-office/ticket.rb",
+     "lib/rack/ticket-office/ticket_collection.rb",
+     "lib/rack/ticket-office/url_filter.rb",
+     "rack-ticket-office.gemspec",
+     "spec/barrier_spec.rb",
+     "spec/booth_spec.rb",
+     "spec/spec.opts",
+     "spec/spec_helper.rb",
+     "spec/ticket_collection_spec.rb",
+     "spec/ticket_spec.rb",
+     "spec/url_filter_spec.rb"
+  ]
+  s.homepage = %q{http://github.com/kissifer/rack-ticket-office}
+  s.rdoc_options = ["--charset=UTF-8"]
+  s.require_paths = ["lib"]
+  s.rubygems_version = %q{1.3.4}
+  s.summary = %q{Rack middleware to allow/deny access to remote user by http method, path and query params.}
+  s.test_files = [
+    "spec/barrier_spec.rb",
+     "spec/booth_spec.rb",
+     "spec/spec_helper.rb",
+     "spec/ticket_collection_spec.rb",
+     "spec/ticket_spec.rb",
+     "spec/url_filter_spec.rb"
+  ]
+
+  if s.respond_to? :specification_version then
+    current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
+    s.specification_version = 3
+
+    if Gem::Version.new(Gem::RubyGemsVersion) >= Gem::Version.new('1.2.0') then
+      s.add_runtime_dependency(%q<hash-persistent>, [">= 0.3.2"])
+      s.add_runtime_dependency(%q<sinatra-options-route>, [">= 0"])
+      s.add_runtime_dependency(%q<sinatra-response-header-helpers>, [">= 0"])
+    else
+      s.add_dependency(%q<hash-persistent>, [">= 0.3.2"])
+      s.add_dependency(%q<sinatra-options-route>, [">= 0"])
+      s.add_dependency(%q<sinatra-response-header-helpers>, [">= 0"])
+    end
+  else
+    s.add_dependency(%q<hash-persistent>, [">= 0.3.2"])
+    s.add_dependency(%q<sinatra-options-route>, [">= 0"])
+    s.add_dependency(%q<sinatra-response-header-helpers>, [">= 0"])
+  end
+end

data/spec/barrier_spec.rb

@@ -0,0 +1,4 @@
+require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
+
+describe "Rack::TicketOffice::Barrier" do
+end

data/spec/booth_spec.rb

@@ -0,0 +1,111 @@
+require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
+require 'spec/interop/test'
+require 'rack/test'
+require 'hash-persistent/resource'
+require 'hash-persistent/counter'
+
+describe "Rack::TicketOffice::Booth" do
+  include Rack::Test::Methods
+  
+   before(:each) do
+     def app
+       Rack::TicketOffice::Booth.new
+     end
+   end
+  
+  context "at root URL /" do
+    it "it should return valid methods in reponse to an OPTIONS method request" do
+      options_request_env = Rack::MockRequest.env_for("/", {:method => "OPTIONS"})
+      request("/", options_request_env)
+      
+      last_response.should be_ok
+      methods = last_response['Allow'].split(", ")
+
+      methods.should     include('OPTIONS')
+      methods.should     include('POST')
+      methods.should_not include('GET')
+      methods.should_not include('PUT')
+      methods.should_not include('DELETE')
+      methods.should_not include('HEAD')
+    end
+    
+    it "it should (only) return valid methods in reponse to an invalid request method" do
+      statuses = []
+      all_methods = []
+
+      get "/"
+      statuses << last_response.status
+      all_methods << last_response['Allow'].split(", ")
+
+      put "/"
+      statuses << last_response.status
+      all_methods << last_response['Allow'].split(", ")
+
+      delete "/"
+      statuses << last_response.status
+      all_methods << last_response['Allow'].split(", ")
+
+      head "/"
+      statuses << last_response.status
+      all_methods << last_response['Allow'].split(", ")
+      
+      statuses.uniq!.should == [405]
+
+      all_methods.each do |methods|
+        methods.should     include('OPTIONS')
+        methods.should     include('POST')
+        methods.should_not include('GET')
+        methods.should_not include('PUT')
+        methods.should_not include('DELETE')
+        methods.should_not include('HEAD')
+      end
+    end
+    
+    context "in response to POST" do
+      before(:each) do
+        @store = HashPersistent::Store.new({}, "") do |the_store|
+          the_store.managed_class = Rack::TicketOffice::Ticket
+        end
+        @counter = HashPersistent::Counter.new(HashPersistent::Store.new({}, ""), "counter")
+        @template = lambda{ |new_id| [{:request_methods => [:all], :path => "/some/path/#{new_id}"}]}
+
+        def app
+          Rack::TicketOffice::Booth.new do |booth|
+            booth.store = @store
+            booth.counter = @counter
+            booth.template &@template
+          end
+        end
+      end
+
+      
+      it "should signal server error if REMOTE_USER is not defined in the env" do
+        post "/"
+        last_response.status.should == 500
+      end
+      
+      context "(configuration)" do
+        it "should do the right thing when poorly configured"        
+      end
+      
+      context "when supplied REMOTE_USER in the env" do        
+        it "should return ok" do
+          post "/", {}, {'REMOTE_USER' => "fred"}
+          last_response.should be_ok
+        end
+        
+        it "should ask for a new ticket id, create a ticket using the supplied template, and save the ticket" do
+          key = 5
+          expected_ticket_initialiser = @template.call(key)
+          expected_ticket = Rack::TicketOffice::Ticket.new(expected_ticket_initialiser)
+          expected_ticket.user = "fred"
+          expected_ticket.key = key
+
+          @counter.should_receive(:next).and_return(key)
+          post "/", {}, {'REMOTE_USER' => "fred"}
+          @store.find(key.to_s).should == expected_ticket
+        end
+      end
+    end
+  end
+end

data/spec/spec.opts

@@ -0,0 +1,2 @@
+--colour
+--format nested

data/spec/spec_helper.rb

@@ -0,0 +1,26 @@
+require 'rubygems'
+require 'spec'
+require 'rack/mock'
+require "json/ext"
+require 'hash-persistent'
+
+$LOAD_PATH.unshift(File.dirname(__FILE__))
+$LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
+require 'rack/ticket-office/url_filter'
+require 'rack/ticket-office/ticket'
+require 'rack/ticket-office/ticket_collection'
+require 'rack/ticket-office/booth'
+require 'rack/ticket-office/barrier'
+
+class Dummy_NoStringRep
+  undef to_s
+end
+
+class Dummy_RestrictedHash < Hash
+  undef each, each_key, each_pair, each_value
+  #TODO: expand this list, or just add dependency to one of the moneta implementations?
+end
+
+Spec::Runner.configure do |config|
+  
+end

data/spec/ticket_collection_spec.rb

@@ -0,0 +1,12 @@
+require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
+
+describe "Rack::TicketOffice::TicketCollection" do
+  context "(persistence)" do
+    it "should include the HashPersistent::Collection module" do
+      Rack::TicketOffice::TicketCollection.included_modules.should include(HashPersistent::Collection)
+    end
+    
+    # TODO: we ought to be able to specify more behaviour here. For instance, this class is designed to attach to
+    # the Ticket resource, using :user as a basis.
+  end
+end

data/spec/ticket_spec.rb

@@ -0,0 +1,97 @@
+require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
+
+describe "Rack::TicketOffice::Ticket" do
+  context "(on creation)" do
+    it "should expect an argument" do
+      lambda{Rack::TicketOffice::Ticket.new}.should raise_error(ArgumentError)
+    end
+
+    it "should accept an initialiser that is an array with at least one filter initialiser" do
+      initialiser = [{:request_methods => [:all], :path => "/some/path/or.other/"}]
+      lambda{Rack::TicketOffice::Ticket.new(initialiser)}.should_not raise_error
+    end
+    
+    # TODO: all this stuff seems over the top when we've already got a filter class checking its
+    # initialiser. Um...
+    it "should reject an initialiser that is not an array with at least one filter initialiser" do
+      initialiser_1 = {:request_methods => [:all], :path => "/some/path/or.other/"}
+      initialiser_2 = 1
+      initialiser_3 = []
+      initialiser_4 = {}
+      initialiser_5 = nil
+
+      lambda{Rack::TicketOffice::Ticket.new(initialiser_1)}.should raise_error(ArgumentError)
+      lambda{Rack::TicketOffice::Ticket.new(initialiser_2)}.should raise_error(ArgumentError)
+      lambda{Rack::TicketOffice::Ticket.new(initialiser_3)}.should raise_error(ArgumentError)
+      lambda{Rack::TicketOffice::Ticket.new(initialiser_4)}.should raise_error(ArgumentError)
+      lambda{Rack::TicketOffice::Ticket.new(initialiser_5)}.should raise_error(ArgumentError)
+    end
+
+    it "should reject an initialiser with an invalid filter initialiser" do
+      initialiser = [{:request_methods => [:put], :path => "/some/path/or.other/"},
+                     {:request_methods => [:get], :pathx => "/some/other/path/or.other/"}]
+
+      lambda{Rack::TicketOffice::Ticket.new(initialiser)}.should raise_error(ArgumentError)
+    end
+  end
+
+  context "(after creation)" do
+    it "should return its array of filters when asked" do
+      initialiser_1 = {:request_methods => [:all], :path => "/some/path/or.other/"}
+      initialiser_2 = {:request_methods => [:get, :post], :path => "/another/path/"}
+      initialiser_3 = {:request_methods => [:put, :delete], :path => "/", :required_queries => {"query_a" => "value_a", "query_b" => "value_b"}}
+      
+      filters = []
+      filters << Rack::TicketOffice::UrlFilter.new(initialiser_1)
+      filters << Rack::TicketOffice::UrlFilter.new(initialiser_2)
+      filters << Rack::TicketOffice::UrlFilter.new(initialiser_3)
+      
+      Rack::TicketOffice::Ticket.new([initialiser_1, initialiser_2, initialiser_3]).filters.should == filters
+    end
+  end
+  
+  context "(when matching against a rake env)" do
+    it "should report a match against any one of its set of filters" do
+      initialiser = [{:request_methods => [:all], :path => "/some/path/or.other/"},
+                     {:request_methods => [:get, :post], :path => "/another/path/"},
+                     {:request_methods => [:put, :delete], :path => "/", :required_queries => {"query_a" => "value_a"}}]
+      
+      set = Rack::TicketOffice::Ticket.new(initialiser)
+      
+      env_a = Rack::MockRequest.env_for("/some/path/or.other/", {:method => "POST"})
+      env_b = Rack::MockRequest.env_for("/another/path/", {:method => "GET"})
+      env_c = Rack::MockRequest.env_for("/?query_a=value_a", {:method => "DELETE"})
+      
+      set.match_any?(env_a).should be_true
+      set.match_any?(env_b).should be_true
+      set.match_any?(env_c).should be_true
+    end
+
+    it "should report a non-match when none of its filters match" do
+      initialiser = [{:request_methods => [:all], :path => "/some/path/or.other/", :allowed_queries => ["query_c"]},
+                     {:request_methods => [:get, :post], :path => "/another/path/"},
+                     {:request_methods => [:put, :delete], :path => "/", :required_queries => {"query_a" => "value_a"}}]
+                     
+       set = Rack::TicketOffice::Ticket.new(initialiser)
+
+       env = Rack::MockRequest.env_for("/?query_a=value_a&query_c=value_c", {:method => "POST"})
+
+       set.match_any?(env).should be_false
+    end
+  end
+  
+  context "(persistence)" do
+    it "should include the HashPersistent::Resource and HashPersistent::Counter modules" do
+      Rack::TicketOffice::Ticket.included_modules.should include(HashPersistent::Resource)
+    end
+  end
+
+  context "(other attributes)" do
+    it "should allow instances to be tagged with a user" do
+      initialiser = [{:request_methods => [:all], :path => "/some/path/or.other/"}]      
+      filter_set = Rack::TicketOffice::Ticket.new(initialiser)
+      filter_set.user = "fred"
+      filter_set.user.should == "fred"
+    end
+  end
+end

data/spec/url_filter_spec.rb

@@ -0,0 +1,197 @@
+require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
+
+describe "Rack::TicketOffice::UrlFilter" do
+  context "(on creation)" do
+    before(:each) do
+      @initialiser = {:request_methods => [:options, :head, :get, :post, :put, :delete, :all],
+                     :path => "/some/path/or.other",
+                     :required_queries => {"query_a" => "value_a", "query_a" => "value_b"},
+                     :allowed_queries => ["query_c", "query_d"]}
+    end
+
+    it "should accept a valid initialiser" do
+      lambda {Rack::TicketOffice::UrlFilter.new(@initialiser)}.should_not raise_error
+    end
+
+    it "should reject unknown keys in the initialiser" do
+      @initialiser.merge!(:unknown => "unknown")
+      lambda {Rack::TicketOffice::UrlFilter.new(@initialiser)}.should raise_error(ArgumentError)
+    end
+
+    it "should an initialiser with missing methods" do
+      @initialiser.delete(:request_methods)
+      lambda {Rack::TicketOffice::UrlFilter.new(@initialiser)}.should raise_error(ArgumentError)
+    end
+
+    it "should reject invalid methods" do
+      @initialiser[:request_methods].push(:unknown)
+      lambda {Rack::TicketOffice::UrlFilter.new(@initialiser)}.should raise_error(ArgumentError)
+    end
+
+    it "should an initialiser with a missing path" do
+      @initialiser.delete(:path)
+      lambda {Rack::TicketOffice::UrlFilter.new(@initialiser)}.should raise_error(ArgumentError)
+    end
+    
+    it "should reject a path that cannot be matched against a string" do
+      @initialiser[:path] = 1
+      lambda {Rack::TicketOffice::UrlFilter.new(@initialiser)}.should raise_error(ArgumentError)
+    end
+    
+  end
+  
+  context "(at any time)" do
+    it "should define an appropriate equality operator ==" do
+      @initialiser_a = {:request_methods => [:options, :head, :post, :delete],
+                        :path => "/some/path/or.other",
+                        :required_queries => {"query_a" => "value_a", "query_b" => "value_b"},
+                        :allowed_queries => ["query_c", "query_d"]}
+
+      @initialiser_b = {:request_methods => [:head, :post, :delete],
+                        :path => "/some/path/or.other",
+                        :required_queries => {"query_a" => "value_a", "query_b" => "value_b"},
+                        :allowed_queries => ["query_c", "query_d"]}
+
+      @initialiser_c = {:request_methods => [:options, :head, :post, :delete],
+                        :path => "/some/new/path/or.other",
+                        :required_queries => {"query_a" => "value_a", "query_b" => "value_b"},
+                        :allowed_queries => ["query_c", "query_d"]}
+
+      @initialiser_d = {:request_methods => [:options, :head, :post, :delete],
+                        :path => "/some/path/or.other",
+                        :required_queries => {"query_a" => "value_b", "query_b" => "value_b"},
+                        :allowed_queries => ["query_c", "query_d"]}
+
+      @initialiser_e = {:request_methods => [:options, :head, :post, :delete],
+                        :path => "/some/path/or.other",
+                        :required_queries => {"query_a" => "value_a", "query_b" => "value_b"},
+                        :allowed_queries => ["query_c"]}
+      
+      filter_a  = Rack::TicketOffice::UrlFilter.new(@initialiser_a)
+      filter_aa = Rack::TicketOffice::UrlFilter.new(@initialiser_a)
+      filter_b  = Rack::TicketOffice::UrlFilter.new(@initialiser_b)
+      filter_c  = Rack::TicketOffice::UrlFilter.new(@initialiser_c)
+      filter_d  = Rack::TicketOffice::UrlFilter.new(@initialiser_d)
+      filter_e  = Rack::TicketOffice::UrlFilter.new(@initialiser_e)
+      
+      filter_a.should_not == "fred"
+      filter_a.should == filter_aa
+      filter_a.should_not == filter_b
+      filter_a.should_not == filter_c
+      filter_a.should_not == filter_d
+      filter_a.should_not == filter_e
+    end
+    
+    it "should be serialisable" do
+      @initialiser_a = {:request_methods => [:options, :head, :post, :delete],
+                        :path => "/some/path/or.other",
+                        :required_queries => {"query_a" => "value_a", "query_b" => "value_b"},
+                        :allowed_queries => ["query_c", "query_d"]}
+
+      @initialiser_b = {:request_methods => [:head, :post, :delete],
+                        :path => "/some/path/or.other",
+                        :required_queries => {"query_a" => "value_a", "query_b" => "value_b"},
+                        :allowed_queries => ["query_c", "query_d"]}
+      
+      filter_a  = Rack::TicketOffice::UrlFilter.new(@initialiser_a)
+      filter_b  = Rack::TicketOffice::UrlFilter.new(@initialiser_b)
+      
+      filter_a.should     == Marshal.load(Marshal.dump(filter_a))
+      filter_a.should_not == Marshal.load(Marshal.dump(filter_b))
+    end
+
+    it "should correctly serialise a regexp path" do
+      @initialiser = {:request_methods => [:options, :head, :post, :delete],
+                        :path => %r{some/regexp},
+                        :required_queries => {"query_a" => "value_a", "query_b" => "value_b"},
+                        :allowed_queries => ["query_c", "query_d"]}
+      
+      filter  = Rack::TicketOffice::UrlFilter.new(@initialiser)
+      filter.should     == Marshal.load(Marshal.dump(filter))
+    end
+  end
+  
+  context "(when matching against a Rack env)" do
+    before(:each) do
+      @initialiser = {:request_methods => [:options, :head, :post, :delete],
+                     :path => "/some/path/or.other",
+                     :required_queries => {"query_a" => "value_a", "query_b" => "value_b"},
+                     :allowed_queries => ["query_c", "query_d"]}
+    end
+    
+    it "should match a valid request" do
+      env = Rack::MockRequest.env_for("/some/path/or.other?query_a=value_a&query_b=value_b&query_c=value_c", {:method => "POST"})
+      Rack::TicketOffice::UrlFilter.new(@initialiser).match(env).should be_true
+    end
+
+    it "should reject an unmatched path" do
+      env = Rack::MockRequest.env_for("/some/new/path/or.other?query_a=value_a&query_b=value_b&query_c=value_c", {:method => "POST"})
+      Rack::TicketOffice::UrlFilter.new(@initialiser).match(env).should be_false
+    end
+
+    it "should reject a partial match with a superset path" do
+      env = Rack::MockRequest.env_for("/addthisbit/some/path/or.other?query_a=value_a&query_b=value_b&query_c=value_c", {:method => "POST"})
+      Rack::TicketOffice::UrlFilter.new(@initialiser).match(env).should be_false
+    end
+
+    it "should reject a partial match with a subset path" do
+      env = Rack::MockRequest.env_for("/path/or.other?query_a=value_a&query_b=value_b&query_c=value_c", {:method => "POST"})
+      Rack::TicketOffice::UrlFilter.new(@initialiser).match(env).should be_false
+    end
+    
+    it "should reject a bad method" do
+      env = Rack::MockRequest.env_for("/some/path/or.other?query_a=value_a&query_b=value_b&query_c=value_c", {:method => "GET"})
+      Rack::TicketOffice::UrlFilter.new(@initialiser).match(env).should be_false
+    end
+    
+    it "should accept any method when using :all" do
+      @initialiser[:request_methods] = [:all]
+      env = Rack::MockRequest.env_for("/some/path/or.other?query_a=value_a&query_b=value_b&query_c=value_c", {:method => "GET"})
+      Rack::TicketOffice::UrlFilter.new(@initialiser).match(env).should be_true
+    end
+    
+    it "should reject a missing required query" do
+      env = Rack::MockRequest.env_for("/some/path/or.other?query_a=value_a&query_c=value_c", {:method => "POST"})
+      Rack::TicketOffice::UrlFilter.new(@initialiser).match(env).should be_false
+    end
+    
+    it "should reject an incorrect query value for a required query" do
+      env = Rack::MockRequest.env_for("/some/path/or.other?query_a=value_x&query_b=value_b&query_c=value_c", {:method => "POST"})
+      Rack::TicketOffice::UrlFilter.new(@initialiser).match(env).should be_false
+    end
+    
+    it "should reject a query not on the allowed list" do
+      env = Rack::MockRequest.env_for("/some/path/or.other?query_a=value_a&query_b=value_b&query_c=value_c&query_x=value_x", {:method => "POST"})
+      Rack::TicketOffice::UrlFilter.new(@initialiser).match(env).should be_false
+    end
+  end
+  
+  context "(when matching a regexp path against a Rack env)" do
+    before(:each) do
+      @initialiser = {:request_methods => [:options, :head, :post, :delete],
+                     :path => %r{/some/path/or.other},
+                     :required_queries => {"query_a" => "value_a", "query_b" => "value_b"},
+                     :allowed_queries => ["query_c", "query_d"]}
+    end
+    
+    it "should match a valid request" do
+      env = Rack::MockRequest.env_for("/some/path/or.other?query_a=value_a&query_b=value_b&query_c=value_c", {:method => "POST"})
+      Rack::TicketOffice::UrlFilter.new(@initialiser).match(env).should be_true
+    end
+
+    it "should reject an unmatched path" do
+      env = Rack::MockRequest.env_for("/some/new/path/or.other?query_a=value_a&query_b=value_b&query_c=value_c", {:method => "POST"})
+      Rack::TicketOffice::UrlFilter.new(@initialiser).match(env).should be_false
+    end
+
+    it "should reject a partial match with a superset path" do
+      env = Rack::MockRequest.env_for("/addthisbit/some/path/or.other?query_a=value_a&query_b=value_b&query_c=value_c", {:method => "POST"})
+      Rack::TicketOffice::UrlFilter.new(@initialiser).match(env).should be_false
+    end
+
+    it "should reject a partial match with a subset path" do
+      env = Rack::MockRequest.env_for("/path/or.other?query_a=value_a&query_b=value_b&query_c=value_c", {:method => "POST"})
+      Rack::TicketOffice::UrlFilter.new(@initialiser).match(env).should be_false
+    end
+  end
+end

metadata

@@ -0,0 +1,107 @@
+--- !ruby/object:Gem::Specification 
+name: kissifer-rack-ticket-office
+version: !ruby/object:Gem::Version 
+  version: 0.0.1
+platform: ruby
+authors: 
+- kissifer
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2009-06-09 00:00:00 -07:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: hash-persistent
+  type: :runtime
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: 0.3.2
+    version: 
+- !ruby/object:Gem::Dependency 
+  name: sinatra-options-route
+  type: :runtime
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: "0"
+    version: 
+- !ruby/object:Gem::Dependency 
+  name: sinatra-response-header-helpers
+  type: :runtime
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: "0"
+    version: 
+description: 
+email: tierneydrchris@gmail.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files: 
+- LICENSE
+- README.rdoc
+files: 
+- .document
+- .gitignore
+- LICENSE
+- README.rdoc
+- Rakefile
+- VERSION
+- lib/rack/ticket-office/barrier.rb
+- lib/rack/ticket-office/booth.rb
+- lib/rack/ticket-office/monkey_patches.rb
+- lib/rack/ticket-office/ticket.rb
+- lib/rack/ticket-office/ticket_collection.rb
+- lib/rack/ticket-office/url_filter.rb
+- rack-ticket-office.gemspec
+- spec/barrier_spec.rb
+- spec/booth_spec.rb
+- spec/spec.opts
+- spec/spec_helper.rb
+- spec/ticket_collection_spec.rb
+- spec/ticket_spec.rb
+- spec/url_filter_spec.rb
+has_rdoc: false
+homepage: http://github.com/kissifer/rack-ticket-office
+post_install_message: 
+rdoc_options: 
+- --charset=UTF-8
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 1.2.0
+signing_key: 
+specification_version: 3
+summary: Rack middleware to allow/deny access to remote user by http method, path and query params.
+test_files: 
+- spec/barrier_spec.rb
+- spec/booth_spec.rb
+- spec/spec_helper.rb
+- spec/ticket_collection_spec.rb
+- spec/ticket_spec.rb
+- spec/url_filter_spec.rb