moonrope 1.3.3 → 2.0.2

data/test/tests/param_set_test.rb

@@ -0,0 +1,44 @@
+require 'ostruct'
+
+class ParamSetTest < Test::Unit::TestCase
+
+  def test_param_set
+    set = Moonrope::ParamSet.new('fruit' => 'Banana')
+    # Test that values which aren't included are nil
+    assert_equal nil, set.vegetable
+    assert_equal nil, set[:vegetable]
+    # Test values can be accessed if they are provided
+    assert_equal 'Banana', set.fruit
+    assert_equal 'Banana', set[:fruit]
+    assert_equal 'Banana', set['fruit']
+  end
+
+  def test_default_params
+    set = Moonrope::ParamSet.new('fruit' => 'Banana')
+    set._defaults = {'vegetable' => 'Tomato', 'fruit' => 'Apple'}
+    # Check that the default is provided
+    assert_equal 'Tomato', set.vegetable
+    # Check that the fruit default isn't used.
+    assert_equal 'Banana', set.fruit
+  end
+
+  def test_nilification
+    set = Moonrope::ParamSet.new('fruit' => '')
+    assert_equal nil, set.fruit
+    assert_equal nil, set[:fruit]
+    assert_equal nil, set['fruit']
+  end
+
+  def test_key_presence
+    set = Moonrope::ParamSet.new('fruit' => 'Apple')
+    set._defaults = {'meat' => 'Beef'}
+    assert_equal true, set.has?(:fruit)
+    assert_equal true, set.has?(:meat)
+    assert_equal false, set.has?(:vegetable)
+  end
+
+  class ParamSetCopyTestThing
+    attr_accessor :fruit, :vegetable
+  end
+
+end

data/test/tests/rack_middleware_test.rb

@@ -0,0 +1,131 @@
+class RackMiddlewareTest < Test::Unit::TestCase
+
+  include Rack::Test::Methods
+
+  def app
+    @app ||= begin
+      base = Moonrope::Base.new do
+        authenticator :default do
+          error "Denied", "No suitable credentials were provided."
+          lookup do
+            # if there is a x-moonrope-username header, check the auth
+            # or raise access denied.
+            if request.headers['X-Moonrope-Username']
+              if request.headers['X-Moonrope-Username'] == 'user' && request.headers['X-Moonrope-Password'] == 'password'
+                User.new(:admin => true)
+              else
+                error "Denied"
+              end
+            end
+          end
+        end
+        controller :users do
+          action :list do
+            # return an empty array
+            action { [] }
+          end
+
+          action :echo do
+            param :name, :required => true
+            action { params.name }
+          end
+        end
+      end
+      Moonrope::RackMiddleware.new(nil, base)
+    end
+  end
+
+  def test_non_api_requests_404
+    get "/"
+    assert_equal 404, last_response.status
+  end
+
+  def test_api_request_validation
+    get "/api/"
+    assert_equal 400, last_response.status
+    get "/api/v1"
+    assert_equal 400, last_response.status
+    get "/api/v1/controller"
+    assert_equal 400, last_response.status
+  end
+
+  def test_api_methods
+    params = {:page => 1}.to_json
+    get "/api/v1/users/list", {:params => params}
+    assert_equal 200, last_response.status
+    assert response_json = JSON.parse(last_response.body)
+    assert_equal 'success', response_json['status']
+    assert response_json['data'].is_a?(Array)
+    assert_equal 'application/json', last_response.headers['Content-Type']
+    assert last_response.headers['Content-Length']
+  end
+
+  def test_params_in_body
+    post "/api/v1/users/echo", '{"name":"Adam"}', {'CONTENT_TYPE' => 'application/json'}
+    assert_equal 200, last_response.status
+    assert response_json = JSON.parse(last_response.body)
+    assert_equal 'success', response_json['status']
+    assert_equal 'Adam', response_json['data']
+  end
+
+  def test_params_in_body_with_charset
+    post "/api/v1/users/echo", '{"name":"Adam"}', {'CONTENT_TYPE' => 'application/json; charset=utf8'}
+    assert_equal 200, last_response.status
+    assert response_json = JSON.parse(last_response.body)
+    assert_equal 'success', response_json['status']
+    assert_equal 'Adam', response_json['data']
+  end
+
+  def test_passing_invalid_json_renders_a_bad_request
+    get "/api/v1/users/list", {:params => "{invalidjson}"}
+    assert_equal 400, last_response.status
+    assert response_json = JSON.parse(last_response.body)
+    assert_equal 'invalid-json', response_json['status']
+  end
+
+  def test_authenticated_api_methods
+    # correct credential
+    get "/api/v1/users/list", {}, auth_headers('user', 'password')
+    assert response_json = JSON.parse(last_response.body)
+    assert_equal 'success', response_json['status']
+    # invalid password
+    get "/api/v1/users/list", {}, auth_headers('user-invalid', 'password-invalid')
+    assert response_json = JSON.parse(last_response.body)
+    assert_equal 'error', response_json['status']
+    assert_equal 'Denied', response_json['data']['code']
+  end
+
+  def test_request_callback_is_invoked
+    request_count = 0
+    app.base.on_request = Proc.new do |base, env|
+      request_count += 1
+    end
+    assert_equal 0, request_count
+    get "/api/v1/users/list"
+    assert_equal 1, request_count
+    get "/api/v1/users/list"
+    assert_equal 2, request_count
+  end
+
+  def test_force_ssl
+    begin
+      app.base.force_ssl = true
+      get "/api/v1/users/list"
+      assert_equal 400, last_response.status
+      assert response_json = JSON.parse(last_response.body)
+      assert_equal 'http-not-supported', response_json['status']
+
+      get "/api/v1/users/list", {}, {'HTTPS' => 'on'}
+      assert_equal 200, last_response.status
+    ensure
+      app.base.force_ssl = false
+    end
+  end
+
+  private
+
+  def auth_headers(username, password)
+    {'HTTP_X_MOONROPE_USERNAME' => username, 'HTTP_X_MOONROPE_PASSWORD' => password}
+  end
+
+end

data/test/tests/request_test.rb

@@ -0,0 +1,232 @@
+class RequestTest < Test::Unit::TestCase
+
+
+  def test_validation
+    # Create a simple API server with just the users & list controller
+    base = Moonrope::Base.new do
+      controller :users do
+        action :list
+      end
+    end
+
+    request = base.request(make_rack_env_hash('/api/v1/users/list'))
+    assert_equal true, request.valid?
+    request = base.request(make_rack_env_hash('/api/v1/missing/unknown'))
+    assert_equal false, request.valid?
+
+    request = base.request(make_rack_env_hash('/api/v1'))
+    assert_equal false, request.valid?
+    request = base.request(make_rack_env_hash('/api/v1/users'))
+    assert_equal false, request.valid?
+  end
+
+  def test_version
+    base = Moonrope::Base.new
+    request = base.request(make_rack_env_hash('/api/v0/users/list'))
+    assert_equal 1, request.version
+    request = base.request(make_rack_env_hash('/api/v1/users/list'))
+    assert_equal 1, request.version
+    request = base.request(make_rack_env_hash('/api/v2/users/list'))
+    assert_equal 2, request.version
+    request = base.request(make_rack_env_hash('/api/v100/users/list'))
+    assert_equal 100, request.version
+  end
+
+  def test_controllers_and_actions
+    base = Moonrope::Base.new do
+      controller :users do
+        action :list
+      end
+    end
+    request = base.request(make_rack_env_hash('/api/v1/users/list'))
+    assert request.controller.is_a?(Moonrope::Controller)
+    assert_equal :users, request.controller.name
+    assert request.action.is_a?(Moonrope::Action)
+    assert_equal :list, request.action.name
+  end
+
+  def test_params_are_accessible
+    env = make_rack_env_hash('/api/v1/users/list', {'params' => {'page' => 1}})
+    request = Moonrope::Base.new.request(env)
+    assert request.params.is_a?(Moonrope::ParamSet)
+    assert_equal '1', request.params.page
+  end
+
+  def test_actions_can_be_executed
+    base = Moonrope::Base.new do
+      controller :users do
+        action :list do
+          action { true }
+        end
+      end
+    end
+
+    request = base.request(make_rack_env_hash('/api/v1/users/list'))
+    assert result = request.execute
+    assert result.is_a?(Moonrope::ActionResult), "request.action does not return an ActionResult, was a #{result.class}"
+  end
+
+  def test_headers_are_accessible
+    base = Moonrope::Base.new
+    env = make_rack_env_hash('/api/v1/users/list', {}, {'HTTP_X_EXAMPLE_HEADER' => 'Hello'})
+    request = base.request(env)
+    assert_equal 'Hello', request.headers['X-Example-Header']
+  end
+
+  def test_ip_is_accessible
+    base = Moonrope::Base.new
+    env = make_rack_env_hash('/api/v1/users/list')
+    request = base.request(env)
+    assert_equal '127.0.0.1', request.ip
+  end
+
+  def test_authenticated_requests
+    base = Moonrope::Base.new do
+      authenticator :default do
+        lookup do
+          User.new(:admin => true)
+        end
+      end
+      controller :users do
+        action :list do
+          action { true }
+        end
+      end
+    end
+    # authenticated
+    request = base.request(make_rack_env_hash('/api/v1/users/list'))
+    assert result = request.execute
+    assert_equal User, request.identity.class
+    assert_equal false, request.anonymous?
+    assert_equal true, request.authenticated?
+  end
+
+  def test_authentication_failures
+    base = Moonrope::Base.new do
+      authenticator :default do
+        lookup do
+          error :access_denied, "Not permitted"
+        end
+      end
+
+      controller :users do
+        action :list do
+          action { true}
+        end
+      end
+    end
+    request = base.request(make_rack_env_hash('/api/v1/users/list'))
+    assert result = request.execute
+    assert_equal "access-denied", result.status
+    assert_equal nil, request.identity
+    assert_equal true, request.anonymous?
+    assert_equal false, request.authenticated?
+  end
+
+  def test_requests_which_authenticator_says_are_anonymous
+    base = Moonrope::Base.new do
+      authenticator :default do
+        lookup { nil }
+      end
+      controller :users do
+        action :list do
+          action { true }
+        end
+      end
+    end
+    request = base.request(make_rack_env_hash('/api/v1/users/list'))
+    assert result = request.execute
+    assert_equal "success", result.status
+    assert_equal nil, request.identity
+    assert_equal true, request.anonymous?
+    assert_equal false, request.authenticated?
+  end
+
+  def test_trying_to_use_invalid_authenticator_raises_error
+    base = Moonrope::Base.new do
+      authenticator :default do
+        lookup do
+          User.new(:admin => true)
+        end
+      end
+      controller :users do
+        action :list do
+          authenticator :blah
+          action { true }
+        end
+      end
+    end
+
+    request = base.request(make_rack_env_hash('/api/v1/users/list'))
+    assert_raises Moonrope::Errors::MissingAuthenticator do
+      request.execute
+    end
+  end
+
+  def test_raising_errors_from_the_authenticator_lookup
+    base = Moonrope::Base.new do
+      authenticator :default do
+        error 'InvalidToken', 'Token provided is invalid', :attributes => {:token => 'The token looked up'}
+        lookup do
+          error 'InvalidToken', :token => request.headers['X-Example-Header']
+        end
+      end
+      controller :users do
+        action :list do
+          action { true }
+        end
+      end
+    end
+    request = base.request(make_rack_env_hash('/api/v1/users/list', {}, {"HTTP_X_EXAMPLE_HEADER" => "1234567"}))
+    assert result = request.execute
+    assert_equal "error", result.status
+    assert_equal "InvalidToken", result.data[:code]
+    assert_equal "1234567", result.data[:token]
+    assert_equal "Token provided is invalid", result.data[:message]
+  end
+
+  def test_appropriate_error_is_returned_from_access_checks
+    base = Moonrope::Base.new do
+      authenticator :default do
+        lookup { :admin }
+        rule :default, "CustomError", "Must be authenticated as admin user" do
+          identity == :anonymous
+        end
+      end
+      controller :users do
+        action :list do
+          action { true }
+        end
+      end
+    end
+    request = base.request(make_rack_env_hash('/api/v1/users/list', {}, {"HTTP_X_EXAMPLE_HEADER" => "1234567"}))
+    assert result = request.execute
+    assert_equal "error", result.status
+    assert_equal "CustomError", result.data[:code]
+    assert_equal "Must be authenticated as admin user", result.data[:message]
+  end
+
+  def test_appropriate_error_can_be_returned_from_authenticator_error_hash
+    base = Moonrope::Base.new do
+      authenticator :default do
+        lookup { :admin }
+        error "CustomError", "Some custom error message override"
+        rule :default, "CustomError", "Must be authenticated as admin user" do
+          identity == :anonymous
+        end
+      end
+      controller :users do
+        action :list do
+          action { true }
+        end
+      end
+    end
+    request = base.request(make_rack_env_hash('/api/v1/users/list', {}, {"HTTP_X_EXAMPLE_HEADER" => "1234567"}))
+    assert result = request.execute
+    assert_equal "error", result.status
+    assert_equal "CustomError", result.data[:code]
+    assert_equal "Some custom error message override", result.data[:message]
+  end
+
+
+end

data/test/tests/structures_param_extensions_test.rb

@@ -0,0 +1,159 @@
+class StructuresParamExtensionsTest < Test::Unit::TestCase
+  def setup
+    @base = Moonrope::Base.new do
+      structure :animal do
+        basic :id
+        full :color
+        expansion :user, :structure => :user
+      end
+      structure :user do
+        basic :id
+      end
+      controller :users do
+        action :info do
+          action do
+            structure @auth_user
+          end
+        end
+      end
+    end
+    @user = User.new(:id => 456)
+    @animal = Animal.new(:id => 123, :user => @user, :color => 'blue')
+  end
+
+  def test_no_expansions_occur_by_default_with_array
+    request = FakeRequest.new(:params => {'_expansions' => ['user']})
+    environment = Moonrope::EvalEnvironment.new(@base, request)
+    structure = environment.structure(:animal, @animal)
+    assert_equal nil, structure[:user]
+  end
+
+  def test_default_behaviour_when_paramable_is_only_option
+    request = FakeRequest.new(:params => {})
+    environment = Moonrope::EvalEnvironment.new(@base, request)
+    # From nil
+    structure = environment.structure(:animal, @animal, :paramable => true)
+    assert_equal nil, structure[:user]
+    assert_equal nil, structure[:color]
+  end
+
+  def test_no_expansions_occur_by_default_with_true
+    request = FakeRequest.new(:params => {'_expansions' => true})
+    environment = Moonrope::EvalEnvironment.new(@base, request)
+    structure = environment.structure(:animal, @animal)
+    assert_equal nil, structure[:user]
+  end
+
+  def test_expansions_use_paramable_value_as_default
+    request = FakeRequest.new(:params => {})
+    environment = Moonrope::EvalEnvironment.new(@base, request)
+    # From nil
+    structure = environment.structure(:animal, @animal, :paramable => {:expansions => nil})
+    assert_equal nil, structure[:user]
+    # From true
+    structure = environment.structure(:animal, @animal, :paramable => {:expansions => true})
+    assert_equal Hash, structure[:user].class
+    # From a list
+    structure = environment.structure(:animal, @animal, :paramable => {:expansions => [:user]})
+    assert_equal Hash, structure[:user].class
+  end
+
+  def test_all_expansions_are_provided_when_paramable_is_true
+    request = FakeRequest.new(:params => {"_expansions" => true})
+    environment = Moonrope::EvalEnvironment.new(@base, request)
+    structure = environment.structure(:animal, @animal, :paramable => true)
+    assert_equal Hash, structure[:user].class
+  end
+
+  def test_using_array_as_expansions_param
+    request = FakeRequest.new(:params => {'_expansions' => ['user']})
+    environment = Moonrope::EvalEnvironment.new(@base, request)
+    # Works
+    structure = environment.structure(:animal, @animal, :paramable => {:expansions => [:user]})
+    assert_equal Hash, structure[:user].class
+    # Works
+    structure = environment.structure(:animal, @animal, :paramable => {:expansions => true})
+    assert_equal Hash, structure[:user].class
+    # Shouldn't ret
+    structure = environment.structure(:animal, @animal, :paramable => {:expansions => [:other]})
+    assert_equal nil, structure[:user]
+  end
+
+  def test_surpressing_default_expansions_with_empty_array
+    request = FakeRequest.new(:params => {'_expansions' => []})
+    environment = Moonrope::EvalEnvironment.new(@base, request)
+    # Shouldn't return the user structure because we've asked for none
+    structure = environment.structure(:animal, @animal, :paramable => {:expansions => [:user]})
+    assert_equal nil, structure[:user]
+    # Shouldn't return the user structure because we've asked for none
+    structure = environment.structure(:animal, @animal, :paramable => {:expansions => true})
+    assert_equal nil, structure[:user]
+  end
+
+  def test_surpressing_default_expansions_with_false
+    request = FakeRequest.new(:params => {'_expansions' => false})
+    environment = Moonrope::EvalEnvironment.new(@base, request)
+    # Shouldn't return the user structure because we've asked for none
+    structure = environment.structure(:animal, @animal, :paramable => true)
+    assert_equal nil, structure[:user]
+    # Shouldn't return the user structure because we've asked for none
+    structure = environment.structure(:animal, @animal, :paramable => {:expansions => [:user]})
+    assert_equal nil, structure[:user]
+    # Shouldn't return the user structure because we've asked for none
+    structure = environment.structure(:animal, @animal, :paramable => {:expansions => true})
+    assert_equal nil, structure[:user]
+  end
+
+
+  def test_using_true_as_expansions_param_to_return_all_suitable_expansions
+    request = FakeRequest.new(:params => {'_expansions' => true})
+    environment = Moonrope::EvalEnvironment.new(@base, request)
+    # Requesting all with no default
+    structure = environment.structure(:animal, @animal, :paramable => {:expansions => nil})
+    assert_equal Hash, structure[:user].class
+    # Requesting all with no array default
+    structure = environment.structure(:animal, @animal, :paramable => {:expansions => [:user]})
+    assert_equal Hash, structure[:user].class
+    # Requesting all with true default
+    structure = environment.structure(:animal, @animal, :paramable => {:expansions => true})
+    assert_equal Hash, structure[:user].class
+  end
+
+  def test_empty_paramable_array
+    request = FakeRequest.new(:params => {'_expansions' => true})
+    environment = Moonrope::EvalEnvironment.new(@base, request)
+    # Should not return anything because paramable doesn't specify expansions
+    # as a suitable option
+    structure = environment.structure(:animal, @animal, :paramable => {})
+    assert_equal nil, structure[:user]
+  end
+
+  def test_returning_full_data_by_default
+    request = FakeRequest.new()
+    environment = Moonrope::EvalEnvironment.new(@base, request)
+    structure = environment.structure(:animal, @animal, :paramable => {:full => true, :expansions => false})
+    assert_equal String, structure[:color].class
+  end
+
+  def test_full_value_provides_full_access
+    request = FakeRequest.new(:params => {'_full' => true})
+    environment = Moonrope::EvalEnvironment.new(@base, request)
+    # No full value set
+    structure = environment.structure(:animal, @animal, :paramable => {})
+    assert_equal nil, structure[:color]
+    # With full set as default
+    structure = environment.structure(:animal, @animal, :paramable => {:full => true})
+    assert_equal String, structure[:color].class
+    # With full set as hidden by default
+    structure = environment.structure(:animal, @animal, :paramable => {:full => false})
+    assert_equal String, structure[:color].class
+  end
+
+  def test_supressing_default_full_data
+    request = FakeRequest.new(:params => {'_full' => false})
+    environment = Moonrope::EvalEnvironment.new(@base, request)
+    structure = environment.structure(:animal, @animal, :paramable => {:full => true})
+    assert_equal nil, structure[:color]
+  end
+
+end