openskip-skip_embedded 0.0.15

data/lib/skip_embedded/open_id_sso/authentication.rb

@@ -0,0 +1,21 @@
+module SkipEmbedded
+  module OpenIdSso
+    module Authentication
+      def self.included(base)
+        base.alias_method_chain :access_denied, :open_id_sso
+      end
+
+      private
+      def access_denied_with_open_id_sso(message = nil)
+        if op = SkipEmbedded::OpFixation.sso_openid_provider_url
+          store_location
+          authenticate_with_open_id(op, :method => "post", :return_to=>session_url, :required => SessionsController.attribute_adapter.keys) do
+            access_denied_without_open_id_sso(message)
+          end
+        else
+          access_denied_without_open_id_sso(message)
+        end
+      end
+    end
+  end
+end

data/lib/skip_embedded/open_id_sso/session_management.rb

@@ -0,0 +1,42 @@
+
+module SkipEmbedded
+  module OpenIdSso
+    module SessionManagement
+      def self.included(controller)
+        controller.before_filter :available_op_limitation, :only => %w[create]
+      end
+
+      private
+      def after_logout_path
+        OpFixation.sso_openid_logout_url || login_path
+      end
+
+      def login_successfully(user, personal_data)
+        if OpFixation.sso_enabled?
+          data = attribute_adapter.adapt(personal_data)
+          user.update_attributes!(data.slice(:display_name))
+          flash[:notice] = _("Successfully synchronized your display name with OP's")
+        end
+        super
+      end
+
+      def signup(identity_url, personal_data = {})
+        session[:user] = attribute_adapter.adapt(personal_data) if OpFixation.sso_enabled?
+        super
+      end
+
+      def available_op_limitation
+        if params[:openid_url] && !OpFixation.accept?(params[:openid_url])
+          logger.debug("login refused since #{params[:openid_url]} is not member #{OpFixation.servers.inspect}")
+          authenticate_failure
+        elsif OpFixation.sso_enabled? && !params["open_id_complete"].blank? && (params["openid.identity"] != params["openid.claimed_id"])
+          logger.debug("login refused since claimed_id differs from identity.")
+          authenticate_failure
+        else
+          true
+        end
+      end
+    end
+  end
+end
+

data/lib/skip_embedded/web_service_util/client.rb

@@ -0,0 +1,75 @@
+require 'json'
+require 'net/http'
+require "net/https"
+require 'uri'
+require 'erb'
+
+require 'skip_embedded/initial_settings'
+
+module SkipEmbedded
+  class WebServiceUtil
+    module Client
+      attr_writer :logger
+      def logger
+        @logger ||= if defined?(ActiveRecord::Base)
+                      ActiveRecord::Base.logger
+                    elsif defined?(Rails)
+                      Rails.logger
+                    elsif
+                      require 'logger'
+                      Logger.new
+                    end
+      end
+      # 別のWebアプリのWeb-APIをコールするためのユーティリティメソッド
+      # Webアプリ連携の際は、このメソッドを経由して利用すること
+      # 引数
+      #    :app_name = 呼び出したいWebアプリケーションのシンボル
+      #    :service_name = 呼び出したいWeb-APIの名前
+      #    :params = 呼び出す際のパラメータ
+      #    :controller_name = サービスのコントローラパス（デフォルトの規約は"services"）
+      #      services以外を指定も可能
+      def open_service app_name, service_name, params={}, controller_name="services"
+        ActiveSupport::Deprecation.warn("use 'open_service_with_url' with specified endopoint.")
+
+        app_url, app_ca_file = if app = InitialSettings['collaboration_apps'][app_name.to_s]
+                                 [ app["url"], app["ca_file"] ]
+                               else
+                                 [nil, nil]
+                               end
+        url = "#{app_url}/#{controller_name}/#{service_name}"
+        self.open_service_with_url(url, params, app_ca_file)
+      end
+
+      def open_service_with_url url, params = {}, app_ca_file = nil
+        url = "#{url}?" +
+          params.map{|key, val| "#{ERB::Util.u(key.to_s)}=#{ERB::Util.u(val.to_s)}"}.join('&')
+        self.get_json(url, app_ca_file)
+      end
+
+      def get_json(url, ca_file = nil)
+        uri = URI.parse url
+        http = Net::HTTP.new(uri.host, uri.port)
+        if uri.port == 443
+          http.use_ssl = true
+          if ca_file
+            http.verify_mode = OpenSSL::SSL::VERIFY_PEER
+            http.ca_file = ca_file
+            http.verify_depth = 5
+          else
+            http.verify_mode = OpenSSL::SSL::VERIFY_NONE
+          end
+        end
+        response = http.get("#{uri.path}?#{uri.query}", "X-SECRET-KEY" => InitialSettings['skip_collaboration']['secret_key'])
+        if response.code == "200"
+          JSON.parse(response.body)
+        else
+          logger.error "[WebServiceUtil Error] Response code is #{response.code} to access #{url}"
+          nil
+        end
+      rescue Errno::ECONNREFUSED, OpenSSL::SSL::SSLError, SocketError, ArgumentError, JSON::ParserError, URI::InvalidURIError => ex
+        logger.error "[WebServiceUtil Error] #{ex.to_s} to access #{url}"
+        nil
+      end
+    end
+  end
+end

data/lib/skip_embedded/web_service_util/server.rb

@@ -0,0 +1,14 @@
+module SkipEmbedded
+  # FIXME moduleにする
+  class WebServiceUtil
+    module Server
+      def check_secret_key
+        req_key = request.env["HTTP_X_SECRET_KEY"] && request.env["HTTP_X_SECRET_KEY"]
+        unless  req_key == InitialSettings['skip_collaboration']['secret_key']
+          render :text => { :error => "Forbidden" }.to_json, :status => :forbidden
+          return false
+        end
+      end
+    end
+  end
+end

data/lib/skip_embedded/web_service_util.rb

@@ -0,0 +1,26 @@
+# SKIP(Social Knowledge & Innovation Platform)
+# Copyright (C) 2008 TIS Inc.
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#  This program is distributed in the hope that it will be useful,
+#  but WITHOUT ANY WARRANTY; without even the implied warranty of
+#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#  GNU General Public License for more details.
+#
+#  You should have received a copy of the GNU General Public License
+#  along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+# アプリケーション連携用のライブラリ
+# 別のWebアプリを呼び出す際は、WebServiceUtilを利用する
+# 呼び出されるサービスを定義する際は、ForServicesModuleをincludeする
+require 'skip_embedded/web_service_util/client'
+
+module SkipEmbedded
+  class WebServiceUtil
+    extend SkipEmbedded::WebServiceUtil::Client
+  end
+end
+

data/lib/skip_embedded.rb

@@ -0,0 +1,4 @@
+# SkipEmbedded
+module SkipEmbedded
+  Version = "0.0.15"
+end

data/rails/init.rb

@@ -0,0 +1,6 @@
+# Include hook code here
+require 'skip_embedded/initial_settings'
+Thread.critical{
+  SkipEmbedded::InitialSettings.config = File.expand_path("config/initial_settings.yml", Rails.root)
+  SkipEmbedded.instance # force loading
+}

data/spec/skip_embedded/fulltext_search_cache/builder_base_spec.rb

@@ -0,0 +1,44 @@
+#!/usr/bin/env ruby
+# vim:set fileencoding=utf-8 filetype=ruby
+
+require File.expand_path("../../spec_helper", File.dirname(__FILE__))
+require 'skip_embedded/fulltext_search_cache/builder_base'
+
+describe SkipEmbedded::FulltextSearchCache::BuilderBase, :type => :model do
+  before do
+    @url_writer = mock("url_writer")
+
+    SkipEmbedded::FulltextSearchCache::BuilderBase.stub!(:url_writer).and_return(@url_writer)
+    SkipEmbedded::FulltextSearchCache::BuilderBase.entity_name = "target"
+
+    @it = SkipEmbedded::FulltextSearchCache::BuilderBase.new("--- entity ---")
+    @it.stub!(:root_url).and_return("http://asset.example.com/")
+  end
+
+  it{ @it.target.should == "--- entity ---" }
+
+  it{ @it.icon_url.should == "http://asset.example.com/images/icons/target.gif" }
+
+  it "to_metaはovverrideしてつかうこと" do
+    lambda{ @it.to_meta }.should raise_error(NotImplementedError)
+  end
+  it "titleはovverrideしてつかうこと" do
+    lambda{ @it.title }.should raise_error(NotImplementedError)
+  end
+  it "bodyはovverrideしてつかうこと" do
+    lambda{ @it.body }.should raise_error(NotImplementedError)
+  end
+
+  it "write_metaは、mediatorが返すパスにto_meta.to_yamlを書き込むこと" do
+    File.should_receive(:open).with("path", "wb").and_yield(fd = mock("fd"))
+    fd.should_receive(:write).with("--- meta ---".to_yaml)
+
+    mediator = mock("mediator")
+    mediator.should_receive(:meta_path).and_return("path")
+
+    @it.should_receive(:to_meta).and_return("--- meta ---")
+
+    @it.write_meta(mediator)
+  end
+end
+

data/spec/skip_embedded/fulltext_search_cache/mediator_spec.rb

@@ -0,0 +1,49 @@
+require File.expand_path(File.dirname(__FILE__) + '/../../spec_helper')
+require 'skip_embedded/fulltext_search_cache/mediator'
+
+describe SkipEmbedded::FulltextSearchCache, "new('path/to/cache/root', :since => 15.seconds.ago)", :type => :model do
+  before do
+    @fts_cache = SkipEmbedded::FulltextSearchCache::Mediator.new(:cache_dir => 'path/to/cache/root/app_cache', :url_prefix => "http://example.com", :since => 15.seconds.ago)
+  end
+
+  it{ @fts_cache.cache_dir.should == 'path/to/cache/root/app_cache' }
+
+  describe "出力先パスの算出" do
+    before do
+      @builder = mock("builder")
+      @builder.should_receive(:filename).and_return "file.html"
+    end
+
+    it do
+      @fts_cache.cache_path(@builder).should == "#{Dir.pwd}/path/to/cache/root/app_cache/file.html"
+    end
+
+    it do
+      @fts_cache.meta_path(@builder).should == "#{Dir.pwd}/path/to/cache/root/app_cache_meta/file.html"
+    end
+  end
+
+  describe "#build" do
+
+    before do
+      @model_klass = mock("model_klass")
+      @model_klass.should_receive(:name).and_return "MdelClass"
+      @model_klass.should_receive(:quoted_table_name).and_return "mdoel_classes"
+      @model_klass.should_receive(:scoped).and_return( [model_obj = mock("model_obj")] )
+      model_obj.should_receive(:id).and_return("--id--")
+
+      SkipEmbedded::FulltextSearchCache::PartialLoader.should_receive(:new).with([model_obj], 1000).and_return(loader = mock("loader"))
+      loader.should_receive(:each).and_yield( model_obj )
+
+      @builder_klass = mock("builder_klass")
+      @builder_klass.should_receive(:new).with( model_obj ).and_return( builder = mock("builder") )
+      builder.should_receive(:write_cache).with(@fts_cache)
+      builder.should_receive(:write_meta).with(@fts_cache)
+    end
+
+    it do
+      @fts_cache.build(@model_klass, @builder_klass)
+    end
+  end
+end
+

data/spec/skip_embedded/fulltext_search_cache/partial_loader_spec.rb

@@ -0,0 +1,20 @@
+require File.expand_path(File.dirname(__FILE__) + '/../../spec_helper')
+require 'skip_embedded/fulltext_search_cache/partial_loader'
+
+describe SkipEmbedded::FulltextSearchCache::PartialLoader, "new(mock_note, 100)", :type => :model do
+  before do
+    @klass = mock("mock_note")
+    @klass.should_receive(:count).and_return 101
+    @klass.should_receive(:find).with(:all, :limit => 100, :offset => 0).and_return((1..99).to_a)
+    @klass.should_receive(:find).with(:all, :limit => 100, :offset => 100).and_return [100, 101]
+
+    @loader = SkipEmbedded::FulltextSearchCache::PartialLoader.new(@klass, 100)
+  end
+
+  it do
+    mock_block = mock("block")
+    mock_block.should_receive(:call).exactly(101).times
+    @loader.each{|n| mock_block.call }
+  end
+end
+

data/spec/skip_embedded/initial_setting_spec.rb

@@ -0,0 +1,10 @@
+require File.expand_path(File.dirname(__FILE__) + '/../spec_helper')
+require 'skip_embedded/initial_settings'
+
+describe SkipEmbedded::InitialSettings do
+  # see spec/initial_setting.yml
+  it{
+    SkipEmbedded::InitialSettings[:skip_collaboration]["skip_url"].should ==  "http://test.openskip.org"
+  }
+end
+

data/spec/skip_embedded/op_fixation_spec.rb

@@ -0,0 +1,57 @@
+require File.expand_path(File.dirname(__FILE__) + '/../spec_helper')
+require 'skip_embedded/op_fixation'
+
+describe SkipEmbedded::OpFixation, "http://openid.example.comで擬似SSOをする場合", :type => :model do
+  before() do
+    SkipEmbedded::OpFixation.sso_openid_provider_url = "http://openid.example.com/"
+  end
+
+  it "sso_openid_provider_urlは@server_endpoint_urlであること" do
+    SkipEmbedded::OpFixation.sso_openid_provider_url.should == "http://openid.example.com/"
+  end
+
+  it "sso_openid_logout_urlは@server_endpoint_url + '/logout'であること" do
+    SkipEmbedded::OpFixation.sso_openid_logout_url.should == "http://openid.example.com/logout"
+  end
+end
+
+describe SkipEmbedded::OpFixation, "[http://openid.example.com]を受け付ける場合", :type => :model do
+  before(:all) do
+    @server_endpoint_url = "http://openid.example.com/server"
+    SkipEmbedded::OpFixation.servers = @server_endpoint_url
+  end
+
+  describe "OpenID.discoverのOP endpoint URLがhttp://openid.example.comの場合" do
+    before do
+      mock_op_service = mock("op_service")
+      mock_op_service.should_receive(:server_url).and_return @server_endpoint_url
+      OpenID.should_receive(:discover).and_return [:ignore, [mock_op_service]]
+    end
+
+    it "http://openid.example.com/alice/での問い合わせは許可すること" do
+      SkipEmbedded::OpFixation.accept?("http://openid.example.com/alice/").should be_true
+    end
+  end
+
+  describe "OpenID.discoverのOP endpoint URLがhttp://not-registered.example.comの場合" do
+    before do
+      mock_op_service = mock("op_service")
+      mock_op_service.should_receive(:server_url).and_return "http://not-registered.example.com"
+      OpenID.should_receive(:discover).and_return [:ignore, [mock_op_service]]
+    end
+
+    it "http://not-registered.example.com/alice/での問い合わせは許可しないこと" do
+      SkipEmbedded::OpFixation.accept?("http://not-registered.example.com/alice/").should be_false
+    end
+  end
+end
+
+describe SkipEmbedded::OpFixation, "serversを指定しない場合", :type => :model do
+  before(:all) do
+    SkipEmbedded::OpFixation.servers = []
+  end
+
+  it "http://not-registered.example.com/alice/での問い合わせを許可すること" do
+    SkipEmbedded::OpFixation.accept?("http://not-registered.example.com/alice/").should be_true
+  end
+end

data/spec/skip_embedded/web_service_util_spec.rb

@@ -0,0 +1,197 @@
+# SKIP(Social Knowledge & Innovation Platform)
+# Copyright (C) 2008 TIS Inc.
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#  This program is distributed in the hope that it will be useful,
+#  but WITHOUT ANY WARRANTY; without even the implied warranty of
+#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#  GNU General Public License for more details.
+#
+#  You should have received a copy of the GNU General Public License
+#  along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+require File.dirname(__FILE__) + '/../spec_helper'
+require 'skip_embedded/web_service_util'
+
+module SkipEmbedded
+  describe WebServiceUtil do
+    before do
+      @logger = mock("logger")
+      WebServiceUtil.logger = @logger
+    end
+
+    describe  ".open_service" do
+      before do
+        ActiveSupport::Deprecation.should_receive(:warn)
+        SkipEmbedded::InitialSettings.stub!(:[]).with("collaboration_apps").and_return("app" => {"url" => "http://testapp.host"})
+        @base = "http://testapp.host/services/user_info"
+      end
+      it "get_jsonをパラメータからURLを作りだすこと" do
+        WebServiceUtil.should_receive(:open_service_with_url).with(@base, { :id => "user", :key => "key" }, nil)
+        WebServiceUtil.open_service "app", "user_info", { :id => "user", :key => "key" }
+      end
+    end
+
+    describe  "open_service_with_url" do
+      it "paramsがエンコードされてget_jsonに渡されること" do
+        params = { :id => "user", :key => "ほげ%$# ふが" }
+        query_str = "key=%E3%81%BB%E3%81%92%25%24%23%20%E3%81%B5%E3%81%8C&id=user"
+
+        WebServiceUtil.should_receive(:get_json).with("url?#{query_str}", nil)
+        WebServiceUtil.open_service_with_url "url", params
+      end
+    end
+
+    describe  ".get_json" do
+      before do
+        @result = { "symbol" => "user", "type" => "entry"}
+        @response = mock('response', :code => "200", :body => @result.to_json)
+        @http = mock('http', :get => @response)
+      end
+      describe "レスポンスが正しく返ってくる場合" do
+        before do
+          Net::HTTP.stub!(:new).and_return(@http)
+        end
+        describe "httpの場合" do
+          it "bodyがパースされて返されること" do
+            WebServiceUtil.get_json("http://test.host/services/user_info?user_code=user").should == @result
+          end
+        end
+        describe "httpsの場合" do
+          before do
+            @http.stub!(:use_ssl=)
+            @http.stub!(:verify_mode=)
+          end
+          it "bodyがパースされて返されること" do
+            WebServiceUtil.get_json("https://test.host/services/user_info?user_code=user").should == @result
+          end
+          it "httpがuse_ssl = trueで呼ばれること" do
+            @http.should_receive(:use_ssl=).with(true)
+            WebServiceUtil.get_json("https://test.host/services/user_info?user_code=user")
+          end
+          it "httpがverify_mode = OpenSSL::SSL::VERIFY_NONE で呼ばれること" do
+            @http.should_receive(:verify_mode=).with(OpenSSL::SSL::VERIFY_NONE)
+            WebServiceUtil.get_json("https://test.host/services/user_info?user_code=user")
+          end
+          describe "httpsでca_fileありの場合" do
+            before do
+              @ca_file = "path/to/config/server.pem"
+              @http.stub!(:ca_file=)
+              @http.stub!(:verify_depth=)
+            end
+            it "bodyがパースされて返されること" do
+              WebServiceUtil.get_json("https://test.host/services/user_info?user_code=user", @ca_file).should == @result
+            end
+            it "httpに ca_file が設定されること" do
+              @http.should_receive(:ca_file=).with(@ca_file)
+              WebServiceUtil.get_json("https://test.host/services/user_info?user_code=user", @ca_file)
+            end
+            it "httpに verify_depth が設定されること" do
+              @http.should_receive(:verify_depth=).with(5)
+              WebServiceUtil.get_json("https://test.host/services/user_info?user_code=user", @ca_file)
+            end
+          end
+        end
+      end
+      describe "引数がnilの場合" do
+        it "nilが返ること" do
+          @logger.stub!(:error)
+          WebServiceUtil.get_json(nil).should be_nil
+        end
+        it "ログが出力されること" do
+          @logger.should_receive(:error).with(/[WebServiceUtil Error] .*/)
+          WebServiceUtil.get_json(nil).should be_nil
+        end
+      end
+      describe "返ってくるものが正しくparseできない場合" do
+        before do
+          Net::HTTP.stub!(:new).and_return(@http)
+          @response.stub!(:body).and_return("ぱーすにしっぱいする")
+          @url = "http://test.host/services/user_info?user_code=user"
+        end
+        it "nilが返ること" do
+          @logger.stub!(:error)
+          WebServiceUtil.get_json(@url).should be_nil
+        end
+        it "ログが出力されること" do
+          @logger.should_receive(:error).with(/[WebServiceUtil Error] .*/)
+          WebServiceUtil.get_json(@url).should be_nil
+        end
+      end
+      describe "ホストの無いURLが渡された場合" do
+        before do
+          @url = "/services/user_info?user_code=user"
+        end
+        it "nilが返ること" do
+          @logger.stub!(:error)
+          WebServiceUtil.get_json(@url).should be_nil
+        end
+        it "ログが出力されること" do
+          @logger.should_receive(:error).with(/[WebServiceUtil Error] .*/)
+          WebServiceUtil.get_json(@url).should be_nil
+        end
+      end
+      describe "レスポンスが404の場合" do
+        before do
+          @url = "/services/user_info?user_code=user"
+        end
+        before do
+          http = mock('http', :get => mock('response', :code => "404"))
+          Net::HTTP.stub!(:new).and_return(http)
+        end
+        it "nilが返ること" do
+          @logger.stub!(:error)
+          WebServiceUtil.get_json(@url).should be_nil
+        end
+        it "ログが出力されること" do
+          @logger.should_receive(:error).with("[WebServiceUtil Error] Response code is 404 to access #{@url}")
+          WebServiceUtil.get_json(@url).should be_nil
+        end
+      end
+
+      describe "ホストが見つからない場合" do
+        before do
+          @url = "http://test1.host/services/user_info?user_code=user"
+        end
+        it "nilが返ること" do
+          @logger.stub!(:error)
+          WebServiceUtil.get_json(@url).should be_nil
+        end
+        it "ログが出力されること" do
+          @logger.should_receive(:error).with(/[WebServiceUtil Error]/)
+          WebServiceUtil.get_json(@url).should be_nil
+        end
+      end
+
+      # 証明書でSSL認証を行なう場合、以下のエラーが起こる。環境が無いのでコメントアウト
+      # 自己証明書の場合 => hostname was not match with the server certificate
+      # 証明書が正しくない => SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
+      describe "証明書が正しくない場合場合" do
+        before do
+          mock_http = Net::HTTP.new("www.openskip.org", 443)
+
+          Net::HTTP.should_receive(:new).with("www.openskip.org", 443).and_return(mock_http)
+          mock_http.should_receive(:get).and_raise OpenSSL::SSL::SSLError
+
+
+          @url = "https://www.openskip.org/services/user_info?user_code=user"
+          @ca_file = "path/to/config/server.pem"
+        end
+
+        it "nilが返ること" do
+          SkipEmbedded::WebServiceUtil.logger = Logger.new("/dev/null")
+          SkipEmbedded::WebServiceUtil.get_json(@url, @ca_file).should be_nil
+        end
+
+        it "ログが出力されること" do
+          @logger.should_receive(:error).with("[WebServiceUtil Error] OpenSSL::SSL::SSLError to access #{@url}")
+
+          SkipEmbedded::WebServiceUtil.get_json(@url, @ca_file).should be_nil
+        end
+      end
+    end
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,16 @@
+#!/usr/bin/env ruby
+# vim:set fileencoding=utf-8 filetype=ruby
+
+require 'rubygems'
+
+gem 'rails', '2.1.2'
+require 'active_support'
+require 'action_controller'
+
+$LOAD_PATH.unshift File.expand_path("../../../../", File.dirname(__FILE__))
+$LOAD_PATH.unshift File.expand_path("../lib", File.dirname(__FILE__))
+
+RAILS_ENV="test"
+require 'skip_embedded/initial_settings'
+SkipEmbedded::InitialSettings.config = File.expand_path("initial_settings.yml", File.dirname(__FILE__))
+