openstax_api 8.3.1 → 9.2.0

data/spec/controllers/openstax/api/v1/api_controller_spec.rb

@@ -1,176 +0,0 @@
-require 'rails_helper'
-
-module OpenStax
-  module Api
-    module V1
-      describe ApiController do
-
-        let!(:user)                     { FactoryBot.create :user }
-        let!(:user_2)                   { FactoryBot.create :user }
-        let!(:application)              { double('Doorkeeper::Application') }
-        let!(:doorkeeper_token)         { double('Doorkeeper::AccessToken') }
-        let!(:non_doorkeeper_user_proc) { lambda { user } }
-        let!(:controller)               { ApiController.new }
-        let!(:dummy_controller)         {
-          c = ::Api::V1::DummyController.new
-          c.response = ActionDispatch::TestResponse.new
-          c
-        }
-
-        context 'no authentication' do
-          before (:each) do
-            controller.doorkeeper_token = nil
-            controller.present_user = nil
-          end
-
-          it 'has no human_user and no application' do
-            expect(controller.send :session_user?).to eq false
-            expect(controller.current_application).to be_nil
-            expect(controller.current_human_user).to be_nil
-            expect(controller.current_session_user).to be_nil
-          end
-        end
-
-        context 'session' do
-          before (:each) do
-            controller.doorkeeper_token = nil
-            controller.present_user = user
-          end
-
-          it 'has a human_user but no application' do
-            expect(controller.send :session_user?).to eq true
-            expect(controller.current_application).to be_nil
-            expect(controller.current_human_user).to eq user
-            expect(controller.current_session_user).to eq user
-          end
-        end
-
-        context 'token with application and human user' do
-          before (:each) do
-            controller.doorkeeper_token = doorkeeper_token
-            controller.present_user = nil
-          end
-
-          it 'has a human_user from token and an application' do
-            allow(doorkeeper_token).to receive(:application).and_return(application)
-            allow(doorkeeper_token).to receive(:resource_owner_id).and_return(user.id)
-
-            expect(controller.send :session_user?).to eq false
-            expect(controller.current_application).to eq application
-            expect(controller.current_human_user).to eq user
-            expect(controller.current_session_user).to be_nil
-          end
-        end
-
-        context 'token with application only' do
-          before (:each) do
-            controller.doorkeeper_token = doorkeeper_token
-            controller.present_user = nil
-          end
-
-          it 'has an application but no human_user' do
-            allow(doorkeeper_token).to receive(:application).and_return(application)
-            allow(doorkeeper_token).to receive(:resource_owner_id).and_return(nil)
-
-            expect(controller.send :session_user?).to eq false
-            expect(controller.current_application).to eq application
-            expect(controller.current_human_user).to eq nil
-            expect(controller.current_session_user).to eq nil
-          end
-        end
-
-        context 'session and token' do
-          before (:each) do
-            controller.doorkeeper_token = doorkeeper_token
-            controller.present_user = user_2
-          end
-
-          it 'ignores the session unless explicitly asked' do
-            allow(doorkeeper_token).to receive(:application).and_return(application)
-            allow(doorkeeper_token).to receive(:resource_owner_id).and_return(user)
-
-            expect(controller.send :session_user?).to eq false
-            expect(controller.current_application).to eq application
-            expect(controller.current_human_user).to eq user
-            expect(controller.current_session_user).to eq user_2
-          end
-        end
-
-        context 'date' do
-          before(:each) do
-            instance_variable_set('@controller', dummy_controller)
-          end
-
-          it 'sets the Date header for successful API calls' do
-            @controller.present_user = user
-            get 'dummy'
-            expect(Time.parse(response.headers['Date'])).to be_within(1.second).of(Time.now)
-          end
-        end
-
-        context 'cors without origin configured' do
-          before(:each) do
-            instance_variable_set('@controller', dummy_controller)
-          end
-
-          it 'sets the CORS headers for anonymous users' do
-            get 'dummy'
-            expect(response.headers['Access-Control-Allow-Origin']).to be_nil
-            expect(response.headers['Access-Control-Allow-Credentials']).to be_nil
-          end
-
-          it 'sets the CORS headers for token users' do
-            token = Doorkeeper::AccessToken.create!.token
-            @request.headers['Authorization'] = "Bearer #{token}"
-            get 'dummy'
-            expect(response.headers['Access-Control-Allow-Origin']).to be_nil
-            expect(response.headers['Access-Control-Allow-Credentials']).to be_nil
-          end
-
-          it 'sets the CORS headers for session users (the browser should block the request due to no Access-Control-Allow-Credentials header)' do
-            @controller.present_user = user
-            get 'dummy'
-            expect(response.headers['Access-Control-Allow-Origin']).to be_nil
-            expect(response.headers['Access-Control-Allow-Credentials']).to be_nil
-          end
-        end
-
-        context 'cors with origin configured' do
-          before(:each) do
-            instance_variable_set('@controller', dummy_controller)
-            OpenStax::Api.configuration.validate_cors_origin = lambda{ |request|
-              request.headers["HTTP_ORIGIN"] == @valid_origin
-            }
-          end
-          after(:each) { OpenStax::Api.configuration.validate_cors_origin = nil }
-
-          context 'when configured proc is true' do
-            before(:each) do
-              @valid_origin = 'http://good-host'
-              @request.headers['HTTP_ORIGIN'] = @valid_origin
-            end
-
-            it 'sets the origin to whatever was reqeusted' do
-              get 'dummy'
-              expect(response.headers['Access-Control-Allow-Origin']).to eq @valid_origin
-            end
-
-            it 'sets the origin to whatever was requested even if there was an exception raised' do
-              get 'explode'
-              expect(response.headers['Access-Control-Allow-Origin']).to eq @valid_origin
-            end
-          end
-
-          it 'clears the headers if the configured proc is falsy' do
-            @valid_origin = 'http://good-host'
-            @request.headers['HTTP_ORIGIN'] = 'http://evil-host'
-            get 'dummy'
-            expect(response.headers['Access-Control-Allow-Origin']).to eq ''
-          end
-
-        end
-
-      end
-    end
-  end
-end

data/spec/dummy/README.md

@@ -1 +0,0 @@
-Dummy application used to test the openstax_api gem.

data/spec/dummy/Rakefile

@@ -1,6 +0,0 @@
-# Add your own tasks in files placed in lib/tasks ending in .rake,
-# for example lib/tasks/capistrano.rake, and they will automatically be available to Rake.
-
-require File.expand_path('../config/application', __FILE__)
-
-Rails.application.load_tasks

data/spec/dummy/app/assets/javascripts/application.js

@@ -1,13 +0,0 @@
-// This is a manifest file that'll be compiled into application.js, which will include all the files
-// listed below.
-//
-// Any JavaScript/Coffee file within this directory, lib/assets/javascripts, vendor/assets/javascripts,
-// or vendor/assets/javascripts of plugins, if any, can be referenced here using a relative path.
-//
-// It's not advisable to add code directly here, but if you do, it'll appear at the bottom of the
-// compiled file.
-//
-// Read Sprockets README (https://github.com/sstephenson/sprockets#sprockets-directives) for details
-// about supported directives.
-//
-//= require_tree .

data/spec/dummy/app/assets/stylesheets/application.css

@@ -1,15 +0,0 @@
-/*
- * This is a manifest file that'll be compiled into application.css, which will include all the files
- * listed below.
- *
- * Any CSS and SCSS file within this directory, lib/assets/stylesheets, vendor/assets/stylesheets,
- * or vendor/assets/stylesheets of plugins, if any, can be referenced here using a relative path.
- *
- * You're free to add application-wide styles to this file and they'll appear at the bottom of the
- * compiled file so the styles you add here take precedence over styles defined in any styles
- * defined in the other CSS/SCSS files in this directory. It is generally better to create a new
- * file per style scope.
- *
- *= require_tree .
- *= require_self
- */

data/spec/dummy/app/controllers/api/v1/dummy_controller.rb

@@ -1,23 +0,0 @@
-module Api
-  module V1
-
-    class DummyControllerError < StandardError; end
-
-    class DummyController < OpenStax::Api::V1::ApiController
-
-      rescue_from DummyControllerError do |e|
-        render nothing: true, status: 500
-      end
-
-      def dummy
-        head(:ok)
-      end
-
-      def explode
-        raise DummyControllerError, "kaboom"
-      end
-
-    end
-
-  end
-end

data/spec/dummy/app/helpers/application_helper.rb

@@ -1,2 +0,0 @@
-module ApplicationHelper
-end

data/spec/dummy/app/models/user.rb

@@ -1,2 +0,0 @@
-class User < ActiveRecord::Base
-end

data/spec/dummy/app/representers/user_representer.rb

@@ -1,13 +0,0 @@
-require 'representable/json'
-
-class UserRepresenter < Roar::Decorator
-
-  include Roar::JSON
-
-  property :unused, as: :username, readable: false, writeable: false,
-                    schema_info: { required: true }
-  property :name, readable: true, writeable: true
-  property :email, readable: false, writeable: true
-  property :password_hash, readable: false, writeable: false
-
-end

data/spec/dummy/app/representers/user_search_representer.rb

@@ -1,5 +0,0 @@
-require 'representable/json'
-
-class UserSearchRepresenter < OpenStax::Api::V1::AbstractSearchRepresenter
-  collection :items, inherit: true, class: User, decorator: UserRepresenter
-end

data/spec/dummy/app/routines/search_users.rb

@@ -1,42 +0,0 @@
-# Dummy routine for testing the abstract search representer
-
-class SearchUsers
-
-  lev_routine
-
-  uses_routine OSU::SearchAndOrganizeRelation,
-               as: :search,
-               translations: { outputs: { type: :verbatim } }
-
-  SORTABLE_FIELDS = {
-    'name' => :name,
-    'created_at' => :created_at
-  }
-
-  protected
-
-  def exec(params = {})
-    run(:search, relation: User.unscoped,
-                 sortable_fields: SORTABLE_FIELDS,
-                 params: params) do |with|
-      with.keyword :username do |names|
-        snames = to_string_array(names, append_wildcard: true)
-        next @items = @items.none if snames.empty?
-        @items = @items.where{username.like_any snames}
-      end
-
-      with.keyword :first_name do |names|
-        snames = to_string_array(names, append_wildcard: true)
-        next @items = @items.none if snames.empty?
-        @items = @items.where{name.like_any snames}
-      end
-
-      with.keyword :last_name do |names|
-        snames = to_string_array(names, append_wildcard: true)
-                   .collect{|name| "% #{name}"}
-        next @items = @items.none if snames.empty?
-        @items = @items.where{name.like_any snames}
-      end
-    end
-  end
-end

data/spec/dummy/app/views/layouts/application.html.erb

@@ -1,14 +0,0 @@
-<!DOCTYPE html>
-<html>
-<head>
-  <title>Dummy</title>
-  <%= stylesheet_link_tag    'application', media: 'all', 'data-turbolinks-track' => true %>
-  <%= javascript_include_tag 'application', 'data-turbolinks-track' => true %>
-  <%= csrf_meta_tags %>
-</head>
-<body>
-
-<%= yield %>
-
-</body>
-</html>

data/spec/dummy/bin/bundle

@@ -1,3 +0,0 @@
-#!/usr/bin/env ruby
-ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile', __FILE__)
-load Gem.bin_path('bundler', 'bundle')

data/spec/dummy/bin/rails

@@ -1,4 +0,0 @@
-#!/usr/bin/env ruby
-APP_PATH = File.expand_path('../../config/application',  __FILE__)
-require_relative '../config/boot'
-require 'rails/commands'

data/spec/dummy/bin/rake

@@ -1,4 +0,0 @@
-#!/usr/bin/env ruby
-require_relative '../config/boot'
-require 'rake'
-Rake.application.run

data/spec/dummy/config.ru

@@ -1,4 +0,0 @@
-# This file is used by Rack-based servers to start the application.
-
-require ::File.expand_path('../config/environment',  __FILE__)
-run Rails.application

data/spec/dummy/config/application.rb

@@ -1,23 +0,0 @@
-require File.expand_path('../boot', __FILE__)
-
-require 'rails/all'
-
-Bundler.require(*Rails.groups)
-require "openstax_api"
-
-module Dummy
-  class Application < Rails::Application
-    # Settings in config/environments/* take precedence over those specified here.
-    # Application configuration should go into files in config/initializers
-    # -- all .rb files in that directory are automatically loaded.
-
-    # Set Time.zone default to the specified zone and make Active Record auto-convert to this zone.
-    # Run "rake -D time" for a list of tasks for finding time zone names. Default is UTC.
-    # config.time_zone = 'Central Time (US & Canada)'
-
-    # The default locale is :en and all translations from config/locales/*.rb,yml are auto loaded.
-    # config.i18n.load_path += Dir[Rails.root.join('my', 'locales', '*.{rb,yml}').to_s]
-    # config.i18n.default_locale = :de
-  end
-end
-

data/spec/dummy/config/boot.rb

@@ -1,5 +0,0 @@
-# Set up gems listed in the Gemfile.
-ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../../../Gemfile', __FILE__)
-
-require 'bundler/setup' if File.exist?(ENV['BUNDLE_GEMFILE'])
-$LOAD_PATH.unshift File.expand_path('../../../../lib', __FILE__)

data/spec/dummy/config/database.yml

@@ -1,25 +0,0 @@
-# SQLite version 3.x
-#   gem install sqlite3
-#
-#   Ensure the SQLite 3 gem is defined in your Gemfile
-#   gem 'sqlite3'
-#
-default: &default
-  adapter: sqlite3
-  pool: 5
-  timeout: 5000
-
-development:
-  <<: *default
-  database: db/development.sqlite3
-
-# Warning: The database defined as "test" will be erased and
-# re-generated from your development database when you run "rake".
-# Do not set this db to the same as development or production.
-test:
-  <<: *default
-  database: db/test.sqlite3
-
-production:
-  <<: *default
-  database: db/production.sqlite3

data/spec/dummy/config/environment.rb

@@ -1,7 +0,0 @@
-# Load the Rails application.
-require File.expand_path('../application', __FILE__)
-
-require 'controller_includes'
-
-# Initialize the Rails application.
-Rails.application.initialize!

data/spec/dummy/config/environments/development.rb

@@ -1,37 +0,0 @@
-Rails.application.configure do
-  # Settings specified here will take precedence over those in config/application.rb.
-
-  # In the development environment your application's code is reloaded on
-  # every request. This slows down response time but is perfect for development
-  # since you don't have to restart the web server when you make code changes.
-  config.cache_classes = false
-
-  # Do not eager load code on boot.
-  config.eager_load = false
-
-  # Show full error reports and disable caching.
-  config.consider_all_requests_local       = true
-  config.action_controller.perform_caching = false
-
-  # Don't care if the mailer can't send.
-  config.action_mailer.raise_delivery_errors = false
-
-  # Print deprecation notices to the Rails logger.
-  config.active_support.deprecation = :log
-
-  # Raise an error on page load if there are pending migrations.
-  config.active_record.migration_error = :page_load
-
-  # Debug mode disables concatenation and preprocessing of assets.
-  # This option may cause significant delays in view rendering with a large
-  # number of complex assets.
-  config.assets.debug = true
-
-  # Adds additional error checking when serving assets at runtime.
-  # Checks for improperly declared sprockets dependencies.
-  # Raises helpful error messages.
-  config.assets.raise_runtime_errors = true
-
-  # Raises error for missing translations
-  # config.action_view.raise_on_missing_translations = true
-end