leifcr-refile 0.6.3

data/lib/refile/file_double.rb

@@ -0,0 +1,13 @@
+module Refile
+  class FileDouble
+    attr_reader :original_filename, :content_type
+    def initialize(data, name = nil, content_type: nil)
+      @io = StringIO.new(data)
+      @original_filename = name
+      @content_type = content_type
+    end
+
+    extend Forwardable
+    def_delegators :@io, :read, :rewind, :size, :eof?, :close
+  end
+end

data/lib/refile/image_processing.rb

@@ -0,0 +1 @@
+raise "[Refile] image processing has been extracted into a separate gem, see https://github.com/refile/refile-mini_magick"

data/lib/refile/rails.rb

@@ -0,0 +1,54 @@
+require "refile"
+require "refile/rails/attachment_helper"
+
+module Refile
+  # @api private
+  class Engine < Rails::Engine
+    initializer "refile.setup", before: :load_environment_config do
+      if RUBY_PLATFORM == "java"
+        # Work around a bug in JRuby, see: https://github.com/jruby/jruby/issues/2779
+        Encoding.default_internal = nil
+      end
+
+      Refile.store ||= Refile::Backend::FileSystem.new(Rails.root.join("tmp/uploads/store").to_s)
+      Refile.cache ||= Refile::Backend::FileSystem.new(Rails.root.join("tmp/uploads/cache").to_s)
+
+      ActiveSupport.on_load :active_record do
+        require "refile/attachment/active_record"
+      end
+
+      ActionView::Base.send(:include, Refile::AttachmentHelper)
+      ActionView::Helpers::FormBuilder.send(:include, AttachmentHelper::FormBuilder)
+    end
+
+    initializer "refile.app" do
+      Refile.logger = Rails.logger
+      Refile.app = Refile::App.new
+    end
+
+    initializer "refile.secret_key" do |app|
+      Refile.secret_key ||= if app.respond_to?(:secrets)
+        app.secrets.secret_key_base
+      elsif app.config.respond_to?(:secret_key_base)
+        app.config.secret_key_base
+      elsif app.config.respond_to?(:secret_token)
+        app.config.secret_token
+      end
+    end
+  end
+end
+
+# Add in missing methods for file uploads in Rails < 4
+ActionDispatch::Http::UploadedFile.class_eval do
+  unless instance_methods.include?(:eof?)
+    def eof?
+      @tempfile.eof?
+    end
+  end
+
+  unless instance_methods.include?(:close)
+    def close
+      @tempfile.close
+    end
+  end
+end

data/lib/refile/rails/attachment_helper.rb

@@ -0,0 +1,121 @@
+module Refile
+  # Rails view helpers which aid in using Refile from views.
+  module AttachmentHelper
+    # Form builder extension
+    module FormBuilder
+      # @see AttachmentHelper#attachment_field
+      def attachment_field(method, options = {})
+        self.multipart = true
+        @template.attachment_field(@object_name, method, objectify_options(options))
+      end
+
+      # @see AttachmentHelper#attachment_cache_field
+      def attachment_cache_field(method, options = {})
+        self.multipart = true
+        @template.attachment_cache_field(@object_name, method, objectify_options(options))
+      end
+    end
+
+    # View helper which generates a url for an attachment. This generates a URL
+    # to the {Refile::App} which is assumed to be mounted in the Rails
+    # application.
+    #
+    # @see Refile.attachment_url
+    #
+    # @param [Refile::Attachment] object   Instance of a class which has an attached file
+    # @param [Symbol] name                 The name of the attachment column
+    # @param [String, nil] filename        The filename to be appended to the URL
+    # @param [String, nil] fallback        The path to an asset to be used as a fallback
+    # @param [String, nil] format          A file extension to be appended to the URL
+    # @param [String, nil] host            Override the host
+    # @return [String, nil]                The generated URL
+    def attachment_url(record, name, *args, fallback: nil, **opts)
+      file = record && record.public_send(name)
+      if file
+        Refile.attachment_url(record, name, *args, **opts)
+      elsif fallback
+        asset_url(fallback)
+      end
+    end
+
+    # Generates an image tag for the given attachment, adding appropriate
+    # classes and optionally falling back to the given fallback image if there
+    # is no file attached.
+    #
+    # Returns `nil` if there is no file attached and no fallback specified.
+    #
+    # @param [String] fallback                   The path to an image asset to be used as a fallback
+    # @param [Hash] options                      Additional options for the image tag
+    # @see #attachment_url
+    # @return [ActiveSupport::SafeBuffer, nil]   The generated image tag
+    def attachment_image_tag(record, name, *args, fallback: nil, host: nil, prefix: nil, format: nil, **options)
+      file = record && record.public_send(name)
+      classes = ["attachment", (record.class.model_name.singular if record), name, *options[:class]]
+
+      if file
+        image_tag(attachment_url(record, name, *args, host: host, prefix: prefix, format: format), options.merge(class: classes))
+      elsif fallback
+        classes << "fallback"
+        image_tag(fallback, options.merge(class: classes))
+      end
+    end
+
+    # Generates a form field which can be used with records which have
+    # attachments. This will generate both a file field as well as a hidden
+    # field which tracks the id of the file in the cache before it is
+    # permanently stored.
+    #
+    # @param object_name                    The name of the object to generate a field for
+    # @param method                         The name of the field
+    # @param [Hash] options
+    # @option options [Object] object       Set by the form builder, currently required for direct/presigned uploads to work.
+    # @option options [Boolean] direct      If set to true, adds the appropriate data attributes for direct uploads with refile.js.
+    # @option options [Boolean] presign     If set to true, adds the appropriate data attributes for presigned uploads with refile.js.
+    # @return [ActiveSupport::SafeBuffer]   The generated form field
+    def attachment_field(object_name, method, object:, **options)
+      options[:data] ||= {}
+
+      definition = object.send(:"#{method}_attachment_definition")
+      options[:accept] = definition.accept
+
+      if options[:direct]
+        url = Refile.attachment_upload_url(object, method, host: options[:host], prefix: options[:prefix])
+        options[:data].merge!(direct: true, as: "file", url: url)
+      end
+
+      if options[:presigned] and definition.cache.respond_to?(:presign)
+        url = Refile.attachment_presign_url(object, method, host: options[:host], prefix: options[:prefix])
+        options[:data].merge!(direct: true, presigned: true, url: url)
+      end
+
+      options[:data][:reference] = SecureRandom.hex
+      options[:include_hidden] = false
+
+      attachment_cache_field(object_name, method, object: object, **options) + file_field(object_name, method, options)
+    end
+
+    # Generates a hidden form field which tracks the id of the file in the cache
+    # before it is permanently stored.
+    #
+    # @param object_name                    The name of the object to generate a field for
+    # @param method                         The name of the field
+    # @param [Hash] options
+    # @option options [Object] object       Set by the form builder
+    # @return [ActiveSupport::SafeBuffer]   The generated hidden form field
+    def attachment_cache_field(object_name, method, object:, **options)
+      options[:data] ||= {}
+      options[:data][:reference] ||= SecureRandom.hex
+
+      hidden_options = {
+        multiple: options[:multiple],
+        value: object.send("#{method}_data").try(:to_json),
+        object: object,
+        id: nil,
+        data: { reference: options[:data][:reference] }
+      }
+      hidden_options.merge!(index: options[:index]) if options.key?(:index)
+
+      hidden_field(object_name, method, hidden_options)
+    end
+  end
+end

data/lib/refile/random_hasher.rb

@@ -0,0 +1,11 @@
+module Refile
+  # A file hasher which ignores the file contents and always returns a random string.
+  class RandomHasher
+    # Generate a random string
+    #
+    # @return [String]
+    def hash(_uploadable = nil)
+      SecureRandom.hex(30)
+    end
+  end
+end

data/lib/refile/signature.rb

@@ -0,0 +1,36 @@
+module Refile
+  # A signature summarizes an HTTP request a client can make to upload a file
+  # to directly upload a file to a backend. This signature is usually generated
+  # by a backend's `presign` method.
+  class Signature
+    # @return [String] the name of the field that the file will be uploaded as.
+    attr_reader :as
+
+    # @return [String] the id the file will receive once uploaded.
+    attr_reader :id
+
+    # @return [String] the url the file should be uploaded to.
+    attr_reader :url
+
+    # @return [String] additional fields to be sent alongside the file.
+    attr_reader :fields
+
+    # @api private
+    def initialize(as:, id:, url:, fields:)
+      @as = as
+      @id = id
+      @url = url
+      @fields = fields
+    end
+
+    # @return [Hash{Symbol => Object}] an object suitable for serialization to JSON
+    def as_json(*)
+      { as: @as, id: @id, url: @url, fields: @fields }
+    end
+
+    # @return [String] the signature serialized as JSON
+    def to_json(*)
+      as_json.to_json
+    end
+  end
+end

data/lib/refile/simple_form.rb

@@ -0,0 +1,17 @@
+# make attachment_field behave like a normal input type so we get nice wrapper and labels
+# <%= f.input :cover_image, as: :attachment, direct: true, presigned: true %>
+module SimpleForm
+  module Inputs
+    class AttachmentInput < Base
+      def input(wrapper_options = nil)
+        refile_options = [:presigned, :direct, :multiple]
+        merged_input_options = merge_wrapper_options(input_options.slice(*refile_options).merge(input_html_options), wrapper_options)
+        @builder.attachment_field(attribute_name, merged_input_options)
+      end
+    end
+  end
+end
+
+SimpleForm::FormBuilder.class_eval do
+  map_type :attachment, to: SimpleForm::Inputs::AttachmentInput
+end

data/lib/refile/type.rb

@@ -0,0 +1,28 @@
+module Refile
+  # A type represents an alias for one or multiple content types.
+  # By adding types, you could simplify this:
+  #
+  #     attachment :document, content_type: %w[text/plain application/pdf]
+  #
+  # To this:
+  #
+  #     attachment :document, type: :document
+  #
+  # Simply define a new type like this:
+  #
+  #     Refile.types[:document] = Refile::Type.new(:document,
+  #       content_type: %w[text/plain application/pdf]
+  #     )
+  #
+  class Type
+    # @return [String, Array<String>] The type's content types
+    attr_accessor :content_type
+
+    # @param [Symbol] name                            the name of the type
+    # @param [String, Array<String>] content_type     content types which are valid for this type
+    def initialize(name, content_type: nil)
+      @name = name
+      @content_type = content_type
+    end
+  end
+end

data/lib/refile/version.rb

@@ -0,0 +1,3 @@
+module Refile
+  VERSION = "0.6.3"
+end

data/spec/refile/active_record_helper.rb

@@ -0,0 +1,35 @@
+require "active_record"
+
+I18n.enforce_available_locales = true
+
+ActiveRecord::Base.establish_connection(
+  adapter: "sqlite3",
+  database: File.expand_path("test_app/db/db.sqlite", File.dirname(__FILE__)),
+  verbosity: "quiet"
+)
+
+class TestMigration < ActiveRecord::Migration
+  def self.up
+    create_table :posts, force: true do |t|
+      t.integer :user_id
+      t.column :title, :string
+      t.column :image_id, :string
+      t.column :document_id, :string
+      t.column :document_filename, :string
+      t.column :document_content_type, :string
+      t.column :document_size, :integer
+    end
+
+    create_table :users, force: true
+
+    create_table :documents, force: true do |t|
+      t.belongs_to :post, null: false
+      t.column :file_id, :string, null: false
+      t.column :file_filename, :string
+      t.column :file_content_type, :string
+      t.column :file_size, :integer, null: false
+    end
+  end
+end
+
+TestMigration.up

data/spec/refile/app_spec.rb

@@ -0,0 +1,424 @@
+require "rack/test"
+
+describe Refile::App do
+  include Rack::Test::Methods
+
+  def app
+    res = Refile::App.new
+    res.settings.set :public_folder, ""
+    res
+  end
+
+  before do
+    allow(Refile).to receive(:token).and_return("token")
+  end
+
+  describe "GET /:backend/:id/:filename" do
+    it "returns a stored file" do
+      file = Refile.store.upload(StringIO.new("hello"))
+      get "/token/store/#{file.id}/hello"
+
+      expect(last_response.status).to eq(200)
+      expect(last_response.body).to eq("hello")
+    end
+
+    it "sets appropriate filename from URL" do
+      file = Refile.store.upload(StringIO.new("hello"))
+      get "/token/store/#{file.id}/logo@2x.png"
+
+      expect(last_response.status).to eq(200)
+      expect(last_response.headers["Content-Disposition"]).to eq 'inline; filename="logo@2x.png"'
+    end
+
+    it "sets appropriate content type from extension" do
+      file = Refile.store.upload(StringIO.new("hello"))
+      get "/token/store/#{file.id}/hello.html"
+
+      expect(last_response.status).to eq(200)
+      expect(last_response.body).to eq("hello")
+      expect(last_response.headers["Content-Type"]).to include("text/html")
+    end
+
+    it "downloads the uploaded file if force download is enabled" do
+      file = Refile.store.upload(StringIO.new("hello"))
+      get "/token/store/#{file.id}/hello?force_download=true"
+
+      expect(last_response.status).to eq(200)
+      expect(last_response.headers["Content-Disposition"]).to include("attachment")
+    end
+
+    it "returns a 404 if the file doesn't exist" do
+      Refile.store.upload(StringIO.new("hello"))
+
+      get "/token/store/doesnotexist/hello"
+
+      expect(last_response.status).to eq(404)
+      expect(last_response.content_type).to eq("text/plain;charset=utf-8")
+      expect(last_response.body).to eq("not found")
+    end
+
+    it "returns a 404 if the backend doesn't exist" do
+      file = Refile.store.upload(StringIO.new("hello"))
+
+      get "/token/doesnotexist/#{file.id}/hello"
+
+      expect(last_response.status).to eq(404)
+      expect(last_response.content_type).to eq("text/plain;charset=utf-8")
+      expect(last_response.body).to eq("not found")
+    end
+
+    context "with allow origin" do
+      before(:each) do
+        allow(Refile).to receive(:allow_origin).and_return("example.com")
+      end
+
+      it "sets CORS header" do
+        file = Refile.store.upload(StringIO.new("hello"))
+
+        get "/token/store/#{file.id}/hello"
+
+        expect(last_response.status).to eq(200)
+        expect(last_response.body).to eq("hello")
+        expect(last_response.headers["Access-Control-Allow-Origin"]).to eq("example.com")
+      end
+    end
+
+    it "returns a 200 for head requests" do
+      file = Refile.store.upload(StringIO.new("hello"))
+
+      head "/token/store/#{file.id}/hello"
+
+      expect(last_response.status).to eq(200)
+      expect(last_response.body).to be_empty
+    end
+
+    it "returns a 404 for head requests if the file doesn't exist" do
+      Refile.store.upload(StringIO.new("hello"))
+
+      head "/token/store/doesnotexist/hello"
+
+      expect(last_response.status).to eq(404)
+      expect(last_response.body).to be_empty
+    end
+
+    it "returns a 404 for non get requests" do
+      file = Refile.store.upload(StringIO.new("hello"))
+
+      post "/token/store/#{file.id}/hello"
+
+      expect(last_response.status).to eq(404)
+      expect(last_response.content_type).to eq("text/plain;charset=utf-8")
+      expect(last_response.body).to eq("not found")
+    end
+
+    context "verification" do
+      before do
+        allow(Refile).to receive(:token).and_call_original
+      end
+
+      context "with a valid token" do
+        let(:file) { Refile.store.upload(StringIO.new("hello")) }
+        it "accepts the token" do
+          token = Refile.token("/store/#{file.id}/hello")
+
+          get "/#{token}/store/#{file.id}/hello"
+
+          expect(last_response.status).to eq(200)
+          expect(last_response.body).to eq("hello")
+        end
+
+        context "with a valid `expires_at`" do
+          let(:expires_at) { (Time.now + 1.seconds).to_i }
+
+          it "accepts the expires at" do
+            token =
+              Refile.token("/store/#{file.id}/hello?expires_at=#{expires_at}")
+
+            get "/#{token}/store/#{file.id}/hello?expires_at=#{expires_at}"
+
+            expect(last_response.status).to eq(200)
+            expect(last_response.body).to eq("hello")
+          end
+        end
+
+        context "with an `expires_at` in the past" do
+          let(:expires_at) { (Time.now - 1.seconds).to_i }
+
+          it "returns a 403" do
+            token =
+              Refile.token("/store/#{file.id}/hello?expires_at=#{expires_at}")
+
+            get "/#{token}/store/#{file.id}/hello?expires_at=#{expires_at}"
+
+            expect(last_response.status).to eq(403)
+            expect(last_response.body).to eq("forbidden")
+          end
+        end
+
+        context "missing `expires_at` in requiest when it was part of token" do
+          let(:expires_at) { (Time.now + 1.seconds).to_i }
+
+          it "returns a 403" do
+            token =
+              Refile.token("/store/#{file.id}/hello?expires_at=#{expires_at}")
+
+            get "/#{token}/store/#{file.id}/hello"
+
+            expect(last_response.status).to eq(403)
+            expect(last_response.body).to eq("forbidden")
+          end
+        end
+      end
+
+      it "returns a 403 for unsigned get requests" do
+        file = Refile.store.upload(StringIO.new("hello"))
+
+        get "/eviltoken/store/#{file.id}/hello"
+
+        expect(last_response.status).to eq(403)
+        expect(last_response.body).to eq("forbidden")
+      end
+
+      it "does not retrieve nor process files for unauthenticated requests" do
+        file = Refile.store.upload(StringIO.new("hello"))
+
+        expect(Refile.store).not_to receive(:get)
+        get "/eviltoken/store/#{file.id}/hello"
+
+        expect(last_response.status).to eq(403)
+        expect(last_response.body).to eq("forbidden")
+      end
+    end
+
+    context "when unrestricted" do
+      before do
+        allow(Refile).to receive(:allow_downloads_from).and_return(:all)
+      end
+
+      it "gets signatures from all backends" do
+        file = Refile.store.upload(StringIO.new("hello"))
+        get "/token/store/#{file.id}/test.txt"
+        expect(last_response.status).to eq(200)
+      end
+    end
+
+    context "when restricted" do
+      before do
+        allow(Refile).to receive(:allow_downloads_from).and_return(["store"])
+      end
+
+      it "gets signatures from allowed backend" do
+        file = Refile.store.upload(StringIO.new("hello"))
+        get "/token/store/#{file.id}/test.txt"
+        expect(last_response.status).to eq(200)
+      end
+
+      it "returns 404 if backend is not allowed" do
+        file = Refile.store.upload(StringIO.new("hello"))
+        get "/token/cache/#{file.id}/test.txt"
+        expect(last_response.status).to eq(404)
+      end
+    end
+  end
+
+  describe "GET /:backend/:processor/:id/:filename" do
+    it "returns 404 if processor does not exist" do
+      file = Refile.store.upload(StringIO.new("hello"))
+
+      get "/token/store/doesnotexist/#{file.id}/hello"
+
+      expect(last_response.status).to eq(404)
+      expect(last_response.content_type).to eq("text/plain;charset=utf-8")
+      expect(last_response.body).to eq("not found")
+    end
+
+    it "applies block processor to file" do
+      file = Refile.store.upload(StringIO.new("hello"))
+
+      get "/token/store/reverse/#{file.id}/hello"
+
+      expect(last_response.status).to eq(200)
+      expect(last_response.body).to eq("olleh")
+    end
+
+    it "applies object processor to file" do
+      file = Refile.store.upload(StringIO.new("hello"))
+
+      get "/token/store/upcase/#{file.id}/hello"
+
+      expect(last_response.status).to eq(200)
+      expect(last_response.body).to eq("HELLO")
+    end
+
+    it "applies processor with arguments" do
+      file = Refile.store.upload(StringIO.new("hello"))
+
+      get "/token/store/concat/foo/bar/baz/#{file.id}/hello"
+
+      expect(last_response.status).to eq(200)
+      expect(last_response.body).to eq("hellofoobarbaz")
+    end
+
+    it "applies processor with format" do
+      file = Refile.store.upload(StringIO.new("hello"))
+
+      get "/token/store/convert_case/#{file.id}/hello.up"
+
+      expect(last_response.status).to eq(200)
+      expect(last_response.body).to eq("HELLO")
+    end
+
+    it "returns a 403 for unsigned request" do
+      file = Refile.store.upload(StringIO.new("hello"))
+
+      get "/eviltoken/store/reverse/#{file.id}/hello"
+
+      expect(last_response.status).to eq(403)
+      expect(last_response.body).to eq("forbidden")
+    end
+  end
+
+  describe "POST /:backend" do
+    it "uploads a file for direct upload backends" do
+      file = Rack::Test::UploadedFile.new(path("hello.txt"))
+      post "/cache", file: file
+
+      expect(last_response.status).to eq(200)
+      expect(JSON.parse(last_response.body)["id"]).not_to be_empty
+    end
+
+    it "does not require signed request param to upload" do
+      allow(Refile).to receive(:secret_key).and_return("abcd1234")
+
+      file = Rack::Test::UploadedFile.new(path("hello.txt"))
+      post "/cache", file: file
+
+      expect(last_response.status).to eq(200)
+      expect(JSON.parse(last_response.body)["id"]).not_to be_empty
+    end
+
+    it "returns the url of the uploaded file" do
+      file = Rack::Test::UploadedFile.new(path("hello.txt"))
+      post "/cache", file: file
+
+      expect(last_response.status).to eq(200)
+      expect(JSON.parse(last_response.body)["url"]).not_to be_empty
+      expect(JSON.parse(last_response.body)["url"]).to include("hello.txt")
+      expect(JSON.parse(last_response.body)["url"]).to include("cache")
+    end
+
+    context "when unrestricted" do
+      before do
+        allow(Refile).to receive(:allow_uploads_to).and_return(:all)
+      end
+
+      it "allows uploads to all backends" do
+        post "/store", file: Rack::Test::UploadedFile.new(path("hello.txt"))
+        expect(last_response.status).to eq(200)
+      end
+    end
+
+    context "when restricted" do
+      before do
+        allow(Refile).to receive(:allow_uploads_to).and_return(["cache"])
+      end
+
+      it "allows uploads to allowed backends" do
+        post "/cache", file: Rack::Test::UploadedFile.new(path("hello.txt"))
+        expect(last_response.status).to eq(200)
+      end
+
+      it "returns 404 if backend is not allowed" do
+        post "/store", file: Rack::Test::UploadedFile.new(path("hello.txt"))
+        expect(last_response.status).to eq(404)
+      end
+    end
+
+    context "when file is invalid" do
+      before do
+        allow(Refile).to receive(:allow_uploads_to).and_return(:all)
+      end
+
+      context "when file is too big" do
+        before do
+          backend = double
+          allow(backend).to receive(:upload).with(anything).and_raise(Refile::InvalidMaxSize)
+          allow_any_instance_of(Refile::App).to receive(:backend).and_return(backend)
+        end
+
+        it "returns 413 if file is too big" do
+          post "/store_max_size", file: Rack::Test::UploadedFile.new(path("hello.txt"))
+          expect(last_response.status).to eq(413)
+        end
+      end
+
+      context "when other unexpected exception happens" do
+        before do
+          backend = double
+          allow(backend).to receive(:upload).with(anything).and_raise(Refile::InvalidFile)
+          allow_any_instance_of(Refile::App).to receive(:backend).and_return(backend)
+        end
+
+        it "returns 400 if file is too big" do
+          post "/store_max_size", file: Rack::Test::UploadedFile.new(path("hello.txt"))
+          expect(last_response.status).to eq(400)
+        end
+      end
+    end
+  end
+
+  describe "GET /:backend/presign" do
+    it "returns presign signature" do
+      get "/limited_cache/presign"
+
+      expect(last_response.status).to eq(200)
+      result = JSON.parse(last_response.body)
+      expect(result["id"]).not_to be_empty
+      expect(result["url"]).to eq("/presigned/posts/upload")
+      expect(result["as"]).to eq("file")
+    end
+
+    context "when unrestricted" do
+      before do
+        allow(Refile).to receive(:allow_uploads_to).and_return(:all)
+      end
+
+      it "gets signatures from all backends" do
+        get "/limited_cache/presign"
+        expect(last_response.status).to eq(200)
+      end
+    end
+
+    context "when restricted" do
+      before do
+        allow(Refile).to receive(:allow_uploads_to).and_return(["limited_cache"])
+      end
+
+      it "gets signatures from allowed backend" do
+        get "/limited_cache/presign"
+        expect(last_response.status).to eq(200)
+      end
+
+      it "returns 404 if backend is not allowed" do
+        get "/store/presign"
+        expect(last_response.status).to eq(404)
+      end
+    end
+  end
+
+  it "returns a 404 if id not given" do
+    get "/token/store"
+
+    expect(last_response.status).to eq(404)
+    expect(last_response.content_type).to eq("text/plain;charset=utf-8")
+    expect(last_response.body).to eq("not found")
+  end
+
+  it "returns a 404 for root" do
+    get "/"
+
+    expect(last_response.status).to eq(404)
+    expect(last_response.content_type).to eq("text/plain;charset=utf-8")
+    expect(last_response.body).to eq("not found")
+  end
+end