locomotivecms_steam 1.2.1 → 1.3.0.rc1

data/spec/unit/liquid/tags/action_spec.rb

@@ -12,6 +12,15 @@ describe Locomotive::Steam::Liquid::Tags::Action do
 
   subject { render_template(source, context) }
 
+  describe 'parsing' do
+
+    describe 'raises an error if the syntax is incorrect' do
+      let(:source) { '{% action %}{% endaction %}' }
+      it { expect { subject }.to raise_exception(Liquid::SyntaxError) }
+    end
+
+  end
+
   describe 'rendering' do
 
     it { is_expected.to eq '' }

data/spec/unit/liquid/tags/authorize_spec.rb

@@ -0,0 +1,51 @@
+require 'spec_helper'
+
+describe Locomotive::Steam::Liquid::Tags::Authorize do
+
+  let(:site)        { instance_double('Site', default_locale: 'en', prefix_default_locale: false) }
+  let(:page)        { instance_double('Page', fullpath: 'me/sign_in', templatized?: false) }
+  let(:page_handle) { "'sign_in'" }
+  let(:source)      { "{% authorize 'accounts', #{page_handle} %}Hello world!" }
+  let(:assigns)     { {} }
+  let(:services)    { Locomotive::Steam::Services.build_instance }
+  let(:context)     { ::Liquid::Context.new(assigns, {}, { services: services }) }
+
+  before {
+    allow(services).to receive(:current_site).and_return(site)
+    allow(services.page_finder).to receive(:by_handle).and_return(page)
+  }
+
+  subject { render_template(source, context) }
+
+  describe 'validating syntax' do
+
+    describe 'no page handle' do
+      let(:source) { '{% authorize accounts %}' }
+      it { expect { subject }.to raise_exception(Liquid::SyntaxError) }
+    end
+
+  end
+
+  describe '#render' do
+
+    context 'unauthenticated account' do
+
+      it 'redirects to the sign in page' do
+        expect { subject }.to raise_error(Locomotive::Steam::RedirectionException, 'Redirect to /me/sign_in')
+      end
+
+    end
+
+    context 'authenticated account' do
+
+      let(:assigns) { { 'current_account' => liquid_instance_double('Account', {}) } }
+
+      it 'renders the page' do
+        expect(subject).to eq 'Hello world!'
+      end
+
+    end
+
+  end
+
+end

data/spec/unit/liquid/tags/link_to_spec.rb

@@ -20,7 +20,7 @@ describe Locomotive::Steam::Liquid::Tags::PathTo do
     context 'unknown tag' do
 
       let(:source) { '{% link_to index %}{% endbar %}{% endlink_to %}' }
-      it { expect { subject }.to raise_error("Liquid syntax error: Unknown tag 'endbar'") }
+      it { expect { subject }.to raise_error("Liquid syntax error (line 1): Unknown tag 'endbar'") }
 
     end
 

data/spec/unit/liquid/tags/paginate_spec.rb

@@ -45,7 +45,7 @@ EOF
 
       subject { output }
 
-      it { expect { subject }.to raise_error(::Liquid::ArgumentError, "Liquid error: Cannot paginate 'projects'. Not found.") }
+      it { expect { subject }.to raise_error(::Liquid::ArgumentError, "Liquid error (line 1): Cannot paginate 'projects'. Not found.") }
 
     end
 

data/spec/unit/liquid/tags/snippet_spec.rb

@@ -37,6 +37,16 @@ describe Locomotive::Steam::Liquid::Tags::Snippet do
 
     it { is_expected.to eq 'Locomotive built by NoCoffee' }
 
+    context 'rendering error (action) found in the snippet' do
+
+      let(:snippet) { instance_double('Snippet', template: nil, :template= => nil, liquid_source: '{% action "Hello world" %}a.b(+}{% endaction %}') }
+
+      it 'raises ParsingRenderingError' do
+        expect { subject }.to raise_exception(Locomotive::Steam::ParsingRenderingError)
+      end
+
+    end
+
   end
 
 end

data/spec/unit/middlewares/auth_spec.rb

@@ -0,0 +1,31 @@
+require 'spec_helper'
+
+require_relative '../../../lib/locomotive/steam/middlewares/thread_safe'
+require_relative '../../../lib/locomotive/steam/middlewares/helpers'
+require_relative '../../../lib/locomotive/steam/middlewares/auth'
+
+describe Locomotive::Steam::Middlewares::Auth::AuthOptions do
+
+  let(:metafields)  { { 'smtp' => { 'address' => '127.0.0.1', 'user_name' => 'John', 'password' => 'doe', 'port' => 25 } } }
+  let(:site)        { instance_double('Site', metafields: metafields) }
+  let(:params)      { {} }
+
+  let(:options) { described_class.new(site, params) }
+
+  describe '#smtp' do
+
+    subject { options.smtp }
+
+    it { is_expected.to eq('address': '127.0.0.1', 'user_name': 'John', 'password': 'doe', 'port': 25) }
+
+    context 'no smtp metafields' do
+
+      let(:metafields) { {} }
+
+      it { is_expected.to eq({}) }
+
+    end
+
+  end
+
+end

data/spec/unit/middlewares/redirection_spec.rb

@@ -0,0 +1,37 @@
+require 'spec_helper'
+
+require_relative '../../../lib/locomotive/steam/middlewares/thread_safe'
+require_relative '../../../lib/locomotive/steam/middlewares/helpers'
+require_relative '../../../lib/locomotive/steam/middlewares/redirection'
+
+describe Locomotive::Steam::Middlewares::Redirection do
+
+  let(:site)            { instance_double('Site') }
+  let(:url)             { 'http://models.example.com/about-us' }
+  let(:locomotive_path) { nil }
+  let(:app)             { ->(env) { [200, env, 'app'] } }
+  let(:middleware)      { described_class.new(app) }
+
+  subject do
+    env = env_for(url, 'steam.site' => site)
+    env['steam.request']    = Rack::Request.new(env)
+    env['locomotive.path']  = locomotive_path
+    code, env = middleware.call(env)
+    [code, env['Location']]
+  end
+
+  describe 'no redirection exception raised' do
+
+    it { is_expected.to eq [200, nil] }
+
+  end
+
+  describe 'redirection exception raised' do
+
+    let(:app) { ->(env) { raise Locomotive::Steam::RedirectionException.new('/sign_in') } }
+
+    it { is_expected.to eq [302, '/sign_in'] }
+
+  end
+
+end

data/spec/unit/middlewares/url_redirection_spec.rb

@@ -7,7 +7,7 @@ require_relative '../../../lib/locomotive/steam/middlewares/url_redirection'
 describe Locomotive::Steam::Middlewares::UrlRedirection do
 
   let(:redirections)    { [] }
-  let(:site)            { instance_double('Site', url_redirections: redirections) }
+  let(:site)            { instance_double('Site', _id: 42, url_redirections: redirections) }
   let(:url)             { 'http://models.example.com' }
   let(:locomotive_path) { nil }
   let(:app)             { ->(env) { [200, env, 'app'] } }
@@ -54,6 +54,25 @@ describe Locomotive::Steam::Middlewares::UrlRedirection do
 
       end
 
+      describe 'let the parent app know about the redirection when it happens' do
+
+        let(:events) { [] }
+
+        before {
+          @subscriber = ActiveSupport::Notifications.subscribe('steam.serve.url_redirection') do |name, start, finish, id, payload|
+            events << payload[:url]
+          end
+        }
+
+        after { ActiveSupport::Notifications.unsubscribe(@subscriber) }
+
+        it 'emits an event' do
+          subject
+          expect(events).to eq ['/foo.php']
+        end
+
+      end
+
       describe 'url with a query string' do
 
         let(:url) { 'http://models.example.com/foo.php?a=1' }

data/spec/unit/services/action_service_spec.rb

@@ -6,7 +6,9 @@ describe Locomotive::Steam::ActionService do
   let(:site)          { instance_double('Site', as_json: site_hash ) }
   let(:email_service) { instance_double('EmailService') }
   let(:entry_service) { instance_double('ContentService') }
-  let(:service)       { described_class.new(site, email_service, entry_service) }
+  let(:api_service)   { instance_double('ExternalAPIService') }
+  let(:redirection_service) { instance_double('PageRedirectionService') }
+  let(:service)       { described_class.new(site, email_service, content_entry: entry_service, api: api_service, redirection: redirection_service) }
 
   describe '#run' do
 
@@ -20,6 +22,30 @@ describe Locomotive::Steam::ActionService do
 
     it { is_expected.to eq 2.0 }
 
+    describe 'deal with exceptions' do
+
+      context 'wrong syntax' do
+
+        let(:script) { 'a +/ b * var;' }
+
+        it 'raises a meaningful exception' do
+          expect { subject }.to raise_error(Locomotive::Steam::ActionError, "eof or line terminator in regexp (line 2)")
+        end
+
+      end
+
+      context 'other error' do
+
+        let(:script) { 'a.b' }
+
+        it 'raises a meaningful exception' do
+          expect { subject }.to raise_error(Locomotive::Steam::ActionError, "identifier 'a' undefined")
+        end
+
+      end
+
+    end
+
     describe 'with params' do
 
       let(:params)  { { 'foo' => 'hello' } }
@@ -166,6 +192,36 @@ describe Locomotive::Steam::ActionService do
 
       end
 
+      describe 'callAPI' do
+
+        let(:script) { "callAPI('POST', 'https://api.stripe.com/v1/charges', { username: 'abcdefghij', data: { token: '123456789' } })" }
+
+        it 'forwards the action to the external api service' do
+          expect(api_service).to receive(:consume).with(
+            'https://api.stripe.com/v1/charges', {
+              method: 'POST',
+              username: 'abcdefghij',
+              data: {
+                token: '123456789'
+              }
+            }, true
+          )
+          subject
+        end
+
+      end
+
+      describe 'redirectTo' do
+
+        let(:script) { "redirectTo('about-us');" }
+
+        it 'stops the rendering process and redirects the user to another page' do
+          expect(redirection_service).to receive(:redirect_to).with('about-us', nil).and_raise(Locomotive::Steam::RedirectionException.new('/about-us'))
+          expect { subject }.to raise_exception(Locomotive::Steam::RedirectionException, 'Redirect to /about-us')
+        end
+
+      end
+
     end
 
   end

data/spec/unit/services/asset_host_service_spec.rb

@@ -53,6 +53,21 @@ describe Locomotive::Steam::AssetHostService do
 
   end
 
+  describe 'the host with prefix' do
+
+    let(:host) { 'http://somewhere.net/other/' }
+    let(:source) { '/sites/42/assets/1/banner.png' }
+    it { is_expected.to eq 'http://somewhere.net/other/sites/42/assets/1/banner.png' }
+
+    describe 'also with https' do
+
+      let(:host) { 'https://somewhere.net/other/' }
+      it { is_expected.to eq 'https://somewhere.net/other/sites/42/assets/1/banner.png' }
+
+    end
+
+  end
+
   describe 'the host is a string' do
 
     let(:host) { 'http://assets.locomotivecms.com' }

data/spec/unit/services/auth_service_spec.rb

@@ -0,0 +1,156 @@
+require 'spec_helper'
+
+describe Locomotive::Steam::AuthService do
+
+  let(:entries) { instance_double('ContentService') }
+  let(:emails)  { instance_double('EmailService') }
+  let(:service) { described_class.new(entries, emails) }
+
+  let(:default_auth_options) { {
+    type:               'accounts',
+    id_field:           'email',
+    id:                 'john@doe.net',
+    password_field:     'password',
+    password:           'easyone',
+    reset_password_url: '/reset-password',
+    reset_token:        '42',
+    from:               'contact@acme.org',
+    subject:            'Instructions for changing your password',
+    email_handle:       'reset-password-email',
+    smtp:               {}
+  } }
+
+  let(:auth_options) { instance_double('AuthOptions', default_auth_options) }
+
+  describe '#sign_in' do
+
+    subject { service.sign_in(auth_options) }
+
+    it 'returns :wrong_credentials if no entry matches the email' do
+      expect(entries).to receive(:all).with('accounts', { 'email' => 'john@doe.net' }).and_return([])
+      is_expected.to eq :wrong_credentials
+    end
+
+    it "returns :wrong_credentials if the password doesn't the entry's password" do
+      entry = build_account('fakeone')
+      expect(entries).to receive(:all).with('accounts', { 'email' => 'john@doe.net' }).and_return([entry])
+      is_expected.to eq :wrong_credentials
+    end
+
+    it "returns both :signed_in and the entry if the password matches the entry's password" do
+      entry = build_account('easyone')
+      expect(entries).to receive(:all).with('accounts', { 'email' => 'john@doe.net' }).and_return([entry])
+      is_expected.to eq [:signed_in, entry]
+    end
+
+  end
+
+  describe '#forgot_password' do
+
+    let(:liquid_context) { {} }
+
+    subject { service.forgot_password(auth_options, liquid_context) }
+
+    it 'returns :wrong_email if no entry matches the email' do
+      expect(entries).to receive(:all).with('accounts', { 'email' => 'john@doe.net' }).and_return([])
+      is_expected.to eq :wrong_email
+    end
+
+    it 'sends the instructions by email if an entry matches the email' do
+      allow(SecureRandom).to receive(:hex).and_return('42a')
+      entry = build_account('easyone', '42a')
+      expect(entries).to receive(:all).with('accounts', { 'email' => 'john@doe.net' }).and_return([entry])
+      expect(entries).to receive(:update_decorated_entry)
+      expect(emails).to receive(:send_email).with({
+        from:         'contact@acme.org',
+        to:           'john@doe.net',
+        subject:      'Instructions for changing your password',
+        page_handle:  'reset-password-email',
+        smtp:         {} }, liquid_context)
+      is_expected.to eq :reset_password_instructions_sent
+      expect(liquid_context['reset_password_url']).to eq '/reset-password?auth_reset_token=42a'
+    end
+
+    context 'no email template' do
+
+      let(:_auth_options) { default_auth_options.merge(email_handle: nil) }
+      let(:auth_options)  { instance_double('AuthOptions', _auth_options) }
+
+      it 'also sends the instructions by email with a default email template' do
+        allow(SecureRandom).to receive(:hex).and_return('42a')
+        entry = build_account('easyone', '42a')
+        expect(entries).to receive(:all).with('accounts', { 'email' => 'john@doe.net' }).and_return([entry])
+        expect(entries).to receive(:update_decorated_entry)
+        expect(emails).to receive(:send_email).with({
+          from:         'contact@acme.org',
+          to:           'john@doe.net',
+          subject:      'Instructions for changing your password',
+          body:         (<<-EMAIL
+Hi,
+To reset your password please follow the link below: /reset-password?auth_reset_token=42a.
+Thanks!
+EMAIL
+          ),
+          smtp:         {} }, liquid_context)
+        is_expected.to eq :reset_password_instructions_sent
+        expect(liquid_context['reset_password_url']).to eq '/reset-password?auth_reset_token=42a'
+      end
+
+    end
+
+  end
+
+  describe '#reset_password' do
+
+    let(:_auth_options) { default_auth_options }
+    let(:auth_options) { instance_double('AuthOptions', _auth_options) }
+
+    subject { service.reset_password(auth_options) }
+
+    context 'no auth token' do
+
+      let(:_auth_options) { default_auth_options.merge({ reset_token: '' }) }
+      it { is_expected.to eq :invalid_token }
+
+    end
+
+    context 'password too short' do
+
+      let(:_auth_options) { default_auth_options.merge({ password: '' }) }
+      it { is_expected.to eq :password_too_short }
+
+    end
+
+    context 'expired auth token' do
+
+      it 'returns :invalid_token' do
+        entry = instance_double('Account', :[] => (Time.zone.now - 3.hours).iso8601)
+        expect(entries).to receive(:all).with('accounts', { '_auth_reset_token' => '42' }).and_return([entry])
+        is_expected.to eq :invalid_token
+      end
+
+    end
+
+    context 'valid auth token and password' do
+
+      it 'returns :password_reset and entry' do
+        entry = instance_double('Account', :[] => (Time.zone.now - 1.hours).iso8601)
+        expect(entries).to receive(:all).with('accounts', { '_auth_reset_token' => '42' }).and_return([entry])
+        expect(BCrypt::Password).to receive(:create).with('easyone').and_return('hashedeasyone')
+        expect(entries).to receive(:update_decorated_entry).with(entry, { 'password_hash' => 'hashedeasyone', '_auth_reset_token' => nil, '_auth_reset_sent_at' => nil })
+        is_expected.to eq [:password_reset, entry]
+      end
+
+    end
+
+  end
+
+  def build_account(password = 'easyone', reset_token = nil)
+    encrypted_password = BCrypt::Password.create(password)
+    entry = instance_double('Account', password: BCrypt::Password.new(encrypted_password))
+    allow(entry).to receive(:[]).with(:password_hash).and_return(encrypted_password)
+    allow(entry).to receive(:[]).with('_auth_reset_token').and_return(reset_token)
+    entry
+  end
+
+end