pact_broker 2.0.0 → 2.0.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 22d05f1fc364395a7232c0f95a4566816533c476
-  data.tar.gz: acd6dbb2fc0f05ba3cfe47029b187435213fa5bb
+  metadata.gz: 880db0a792e03e1d623978995043fd1658e9674e
+  data.tar.gz: 0dca6bd356860e3392292b10bc3c23d18f51cd65
 SHA512:
-  metadata.gz: 4c70846fdbdff418c6a9f231384e8796cabc7003b4b8d631ebac9b6e9a306f7f6b9a48b4adf45fd49e471d5b8e5260609401b4581a806de0edbcedaa37b995a5
-  data.tar.gz: 7d9c77cda110fea93028b43ca5e7f489e8258b2f6132a6b6eb964d34af8267547a064b51f2d4118eddca2571b165e97282f9b97623a2c71301b66a4cba8d9693
+  metadata.gz: 2eab4b5d78400d982467ccd00f9e1e382a99cc145ee02d6721147a91de925f67f97c4a9cf3d998cef126ab73b1f41a85e308d64f5743aa8eef76b846052adf92
+  data.tar.gz: 9cd39079ca7a9ff6a595aee30933fd74dbc3c899a3fb65daf9522c040fa8a5979ccb3c5f2c295a3f7398c85d7010987812c24b43bd53aafe967690fbfe0dc238

data/CHANGELOG.md

@@ -2,6 +2,13 @@ Do this to generate your change history
 
     $ git log --pretty=format:'  * %h - %s (%an, %ad)' vX.Y.Z..HEAD
 
+#### 2.0.1 (2017-05-17)
+* 8d105aa - Allow an application version to be deleted via the API. (Beth Skurrie, Fri May 19 10:39:16 2017 +1000)
+* 025b0f7 - Ensure version numbers that don't conform to the semver2 spec don't cause errors when sorting versions. #103 (Beth Skurrie, Fri May 19 09:58:50 2017 +1000)
+* ca6d88e - Corrected hal link rels that had missing curies (prepended "pb:") (Beth Skurrie, Thu May 18 10:20:06 2017 +1000)
+* 1cabd5e - Use Rack::Protection. (Beth Skurrie, Tue May 16 10:13:40 2017 +1000)
+* 2a3bbd1 - Return 404 instead of 500 when Ruby standard URI lib can't parse the URI. https://github.com/pact-foundation/pact_broker/issues/101 (Beth Skurrie, Tue May 16 09:45:37 2017 +1000)
+
 #### 2.0.0 (2017-05-16)
 
 #### 2.0.0.beta.8 (2017-05-15)

data/lib/pact_broker/api/decorators/version_decorator.rb

@@ -25,7 +25,7 @@ module PactBroker
           }
         end
 
-        link :pacticipant do | options |
+        link :'pb:pacticipant' do | options |
           {
             title: 'Pacticipant',
             name: represented.pacticipant.name,

data/lib/pact_broker/api/decorators/webhook_decorator.rb

@@ -24,21 +24,21 @@ module PactBroker
 
         end
 
-        link :'pact-webhooks' do | options |
+        link :'pb:pact-webhooks' do | options |
           {
             title: "All webhooks for the pact between #{represented.consumer.name} and #{represented.provider.name}",
             href: webhooks_for_pact_url(represented.consumer, represented.provider, options[:base_url])
           }
         end
 
-        link :'webhooks' do | options |
+        link :'pb:webhooks' do | options |
           {
             title: "All webhooks",
             href: webhooks_url(options[:base_url])
           }
         end
 
-        link :execute do | options |
+        link :'pb:execute' do | options |
           {
             title: "Test the execution of the webhook by sending a POST request to this URL",
             href: webhook_execution_url(represented, options[:base_url])

data/lib/pact_broker/api/decorators/webhooks_decorator.rb

@@ -14,7 +14,14 @@ module PactBroker
           }
         end
 
-        links :webhooks do | context |
+        link :'pb:create' do | context |
+          {
+            title: "POST to create a webhook",
+            href: context[:resource_url]
+          }
+        end
+
+        links :'pb:webhooks' do | context |
           represented.entries.collect do | webhook |
             {
               title: webhook.description,
@@ -27,7 +34,8 @@ module PactBroker
         curies do | context |
           [{
             name: :pb,
-            href: context[:base_url] + '/doc/webhooks',
+            href: context[:base_url] + '/doc/webhooks-{rel}',
+            templated: true
           }]
         end
 

data/lib/pact_broker/api/resources/version.rb

@@ -12,7 +12,7 @@ module PactBroker
         end
 
         def allowed_methods
-          ["GET"]
+          ["GET", "DELETE"]
         end
 
         def resource_exists?
@@ -23,6 +23,11 @@ module PactBroker
           Decorators::VersionDecorator.new(version).to_json(user_options: {base_url: base_url})
         end
 
+        def delete_resource
+          version_service.delete version
+          true
+        end
+
         private
 
         def version

data/lib/pact_broker/app.rb

@@ -1,9 +1,12 @@
 require 'pact_broker/configuration'
 require 'pact_broker/db'
 require 'pact_broker/project_root'
+require 'rack-protection'
 require 'rack/hal_browser'
 require 'rack/pact_broker/add_pact_broker_version_header'
 require 'rack/pact_broker/convert_file_extension_to_accept_header'
+require 'rack/pact_broker/database_transaction'
+require 'rack/pact_broker/invalid_uri_protection'
 require 'sucker_punch'
 
 module PactBroker
@@ -54,6 +57,8 @@ module PactBroker
     def build_app
       @app = Rack::Builder.new
 
+      @app.use Rack::Protection, except: [:remote_token, :session_hijacking]
+      @app.use Rack::PactBroker::InvalidUriProtection
       @app.use Rack::PactBroker::AddPactBrokerVersionHeader
       @app.use Rack::Static, :urls => ["/stylesheets", "/css", "/fonts", "/js", "/javascripts", "/images"], :root => PactBroker.project_root.join("public")
       @app.use Rack::PactBroker::ConvertFileExtensionToAcceptHeader
@@ -79,7 +84,7 @@ module PactBroker
       end
 
       apps << PactBroker::UI::App.new
-      apps << PactBroker::API
+      apps << Rack::PactBroker::DatabaseTransaction.new(PactBroker::API, configuration.database_connection)
 
       @app.map "/" do
         run Rack::Cascade.new(apps)

data/lib/pact_broker/doc/views/webhooks-create.markdown

@@ -0,0 +1,38 @@
+# Create a webhook
+
+Allowed methods: POST
+
+1. Click the "NON-GET" button for the "pb:create" relation.
+3. Paste in the webhook JSON (example shown below) in the body section and click "Make Request".
+
+An example webhook to trigger a Bamboo job.
+
+    {
+      "request": {
+        "method": "POST",
+        "url": "http://master.ci.my.domain:8085/rest/api/latest/queue/SOME-PROJECT?os_authType=basic",
+        "username": "username",
+        "password": "password",
+        "headers": {
+          "Accept": "application/json"
+        }
+      }
+    }
+
+A request body can be specified as well.
+
+    {
+      "request": {
+        "method": "POST",
+        "url": "http://example.org/something",
+        "body": {
+          "some" : "json"
+        }
+      }
+    }
+
+**BEWARE** The password can be reverse engineered from the database, so make a separate account for the Pact Broker to use, don't use your personal account!
+
+### Testing
+
+To test a webhook, navigate to the webhook in the HAL browser, then make a POST request to the "execute" relation. The response or error will be shown in the window.

data/lib/pact_broker/doc/views/webhooks-webhooks.markdown

@@ -0,0 +1,15 @@
+# Webhooks
+
+Allowed methods: GET, DELETE
+
+### Testing
+
+To test a webhook, navigate to the webhook in the HAL browser, then make a POST request to the "execute" relation. The response or error will be shown in the window.
+
+### Deleting
+
+Send a DELETE request to the webhook URL.
+
+### Updating
+
+Currently not implemented. You will need to delete and re-create the webhook.

data/lib/pact_broker/domain/order_versions.rb

@@ -26,8 +26,22 @@ module PactBroker
           @sortable_number = PactBroker.configuration.version_parser.call version_model.number
         end
 
+        # Incoming version numbers are rejected if they can't be parsed by the version parser,
+        # however, the change from Versionomy to SemVer for version parsing means that some
+        # existing version numbers cannot be parsed and are returning nil.
+        # The main reason to sort the versions is to that we can get the "latest" pact.
+        # Any existing version with a number that cannot be parsed will almost definitely not
+        # be the "latest", so sort them first.
         def <=> other
-          self.sortable_number <=> other.sortable_number
+          if sortable_number.nil? && other.sortable_number.nil?
+            0
+          elsif sortable_number.nil?
+            -1
+          elsif other.sortable_number.nil?
+            1
+          else
+            self.sortable_number <=> other.sortable_number
+          end
         end
 
         def update_model new_order

data/lib/pact_broker/pacticipants/service.rb

@@ -75,15 +75,17 @@ module PactBroker
       def self.delete name
         pacticipant = find_pacticipant_by_name name
         connection = PactBroker::Domain::Pacticipant.new.db
+        version_ids = PactBroker::Domain::Version.where(pacticipant_id: pacticipant.id).select(:id)
         select_pacticipant = "select id from pacticipants where name = '#{name}'"
-        connection.run("delete from tags where version_id IN (select id from versions where pacticipant_id = #{pacticipant.id})")
-        connection.run("delete from pact_publications where consumer_version_id IN (select id from versions where pacticipant_id = #{pacticipant.id})")
+        tag_repository.delete_by_version_id version_ids
+        pact_repository.delete_by_version_id version_ids
         connection.run("delete from pact_publications where provider_id = #{pacticipant.id}")
         connection.run("delete from verifications where pact_version_id IN (select id from pact_versions where provider_id = #{pacticipant.id})")
         connection.run("delete from verifications where pact_version_id IN (select id from pact_versions where consumer_id = #{pacticipant.id})")
         connection.run("delete from pact_versions where provider_id = #{pacticipant.id}")
         connection.run("delete from pact_versions where consumer_id = #{pacticipant.id}")
         connection.run("delete from versions where pacticipant_id = #{pacticipant.id}")
+        version_repository.delete_by_id version_ids
         webhook_service.delete_by_pacticipant pacticipant
         connection.run("delete from pacticipants where id = #{pacticipant.id}")
       end

data/lib/pact_broker/pacts/repository.rb

@@ -48,6 +48,10 @@ module PactBroker
         PactPublication.where(id: id).delete
       end
 
+      def delete_by_version_id version_id
+        Sequel::Model.db[:pact_publications].where(consumer_version_id: version_id).delete
+      end
+
       def find_all_pact_versions_between consumer_name, options
         provider_name = options.fetch(:and)
         LatestPactPublicationsByConsumerVersion

data/lib/pact_broker/tags/repository.rb

@@ -22,6 +22,10 @@ module PactBroker
           .where(name_like(Sequel.qualify("pacticipants", "name"), args.fetch(:pacticipant_name)))
           .single_record
       end
+
+      def delete_by_version_id version_id
+        Sequel::Model.db[:tags].where(version_id: version_id).delete
+      end
     end
   end
 end

data/lib/pact_broker/version.rb

@@ -1,3 +1,3 @@
 module PactBroker
-  VERSION = '2.0.0'
+  VERSION = '2.0.1'
 end

data/lib/pact_broker/versions/repository.rb

@@ -34,6 +34,10 @@ module PactBroker
           create(pacticipant_id: pacticipant_id, number: number)
         end
       end
+
+      def delete_by_id version_ids
+        Sequel::Model.db[:versions].where(id: version_ids).delete
+      end
     end
   end
 end

data/lib/pact_broker/versions/service.rb

@@ -10,6 +10,12 @@ module PactBroker
       def self.find_by_pacticipant_name_and_number params
         version_repository.find_by_pacticipant_name_and_number params.fetch(:pacticipant_name), params.fetch(:pacticipant_version_number)
       end
+
+      def self.delete version
+        tag_repository.delete_by_version_id version.id
+        pact_repository.delete_by_version_id version.id
+        version_repository.delete_by_id version.id
+      end
     end
   end
-end
+end

data/lib/rack/pact_broker/database_transaction.rb

@@ -0,0 +1,42 @@
+require 'pact_broker/version'
+require 'sequel'
+
+module Rack
+  module PactBroker
+    class DatabaseTransaction
+
+      REQUEST_METHOD = "REQUEST_METHOD".freeze
+      TRANS_METHODS = %{POST PUT PATCH DELETE}.freeze
+
+      def initialize app, database_connection
+        @app = app
+        @database_connection = database_connection
+      end
+
+      def call env
+        if use_transaction? env
+          call_with_transaction env
+        else
+          call_without_transaction env
+        end
+      end
+
+      def use_transaction? env
+        TRANS_METHODS.include? env[REQUEST_METHOD]
+      end
+
+      def call_without_transaction env
+        @app.call(env)
+      end
+
+      def call_with_transaction env
+        response = nil
+        @database_connection.transaction do
+          response = @app.call(env)
+          raise Sequel::Rollback if response.first == 500
+        end
+        response
+      end
+    end
+  end
+end

data/lib/rack/pact_broker/invalid_uri_protection.rb

@@ -0,0 +1,36 @@
+require 'uri'
+
+# This class is for https://github.com/pact-foundation/pact_broker/issues/101
+# curl -i "http://127.0.0.1:9292/<script>"
+
+module Rack
+  module PactBroker
+    class InvalidUriProtection
+
+      def initialize app
+        @app = app
+      end
+
+      def call env
+        if valid_uri? env
+          @app.call(env)
+        else
+          [404, {}, []]
+        end
+      end
+
+      def valid_uri? env
+        begin
+          parse(::Rack::Request.new(env).url)
+          true
+        rescue URI::InvalidURIError
+          false
+        end
+      end
+
+      def parse uri
+        URI.parse(uri)
+      end
+    end
+  end
+end

data/pact_broker.gemspec

@@ -36,6 +36,7 @@ Gem::Specification.new do |gem|
   gem.add_runtime_dependency 'padrino-core', '~>0.12.4'
   gem.add_runtime_dependency 'haml', '~>4.0'
   gem.add_runtime_dependency 'sucker_punch', '~>2.0'
+  gem.add_runtime_dependency 'rack-protection', '~>1.5'
 
   gem.add_development_dependency 'sqlite3'
   gem.add_development_dependency 'pry-byebug'

data/script/publish-new.sh

@@ -1,7 +1,9 @@
 # set -x
 BODY=$(ruby -e "require 'json'; j = JSON.parse(File.read('script/foo-bar.json')); j['interactions'][0]['providerState'] = 'it is ' + Time.now.to_s; puts j.to_json")
+latest_url=$(curl http://localhost:9292/pacts/provider/Bar/consumer/Foo/latest | jq -r ._links.self.href)
+next_version=$(echo ${latest_url} | ruby -e "require 'semver'; puts SemVer.parse(ARGF.read[/\d+\.\d\.\d+/]).tap{ | v| v.minor = v.minor + 1}.format('%M.%m.%p')")
 echo ${BODY} >> tmp.json
 curl -v -XPUT \-H "Content-Type: application/json" \
 -d@tmp.json \
-http://127.0.0.1:9292/pacts/provider/Bar/consumer/Foo/version/1.0.0
+http://127.0.0.1:9292/pacts/provider/Bar/consumer/Foo/version/${next_version}
 rm tmp.json

data/script/recreate-pg-db.sh

@@ -1,3 +1,4 @@
+set -e
 psql postgres -c "DROP DATABASE pact_broker;"
 psql postgres -c "CREATE DATABASE pact_broker;"
 psql postgres -c "GRANT ALL PRIVILEGES ON DATABASE pact_broker TO pact_broker;"

data/spec/features/delete_version_spec.rb

@@ -0,0 +1,23 @@
+require 'spec/support/provider_state_builder'
+
+describe "Delete version" do
+
+  let(:path) { "/pacticipants/Consumer/versions/1.2.3" }
+  let(:last_response_body) { JSON.parse(subject.body, symbolize_names: true) }
+
+  subject { delete path; last_response }
+
+  before do
+    ProviderStateBuilder.new
+      .create_consumer("Another Consumer")
+      .create_consumer("Consumer")
+      .create_consumer_version("1.2.3")
+      .create_consumer_version_tag("prod")
+      .create_consumer_version("1.2.4")
+  end
+
+
+  it "returns a 200 HAL JSON response" do
+    expect(subject.status).to eq 204
+  end
+end

data/spec/lib/pact_broker/api/decorators/version_decorator_spec.rb

@@ -35,7 +35,7 @@ module PactBroker
         end
 
         it "includes a link to the pacticipant" do
-          expect(subject[:_links][:pacticipant]).to eq title: "Pacticipant", name: "Consumer", href: "http://example.org/pacticipants/Consumer"
+          expect(subject[:_links][:'pb:pacticipant']).to eq title: "Pacticipant", name: "Consumer", href: "http://example.org/pacticipants/Consumer"
         end
 
         it "includes a list of the tags" do

data/spec/lib/pact_broker/api/decorators/webhook_decorator_spec.rb

@@ -72,15 +72,15 @@ module PactBroker
           end
 
           it 'includes a link to its parent collection' do
-            expect(parsed_json[:_links][:'pact-webhooks'][:href]).to_not be_nil
+            expect(parsed_json[:_links][:'pb:pact-webhooks'][:href]).to_not be_nil
           end
 
           it 'includes a link to the webhooks resource' do
-            expect(parsed_json[:_links][:webhooks][:href]).to_not be_nil
+            expect(parsed_json[:_links][:'pb:webhooks'][:href]).to_not be_nil
           end
 
           it 'includes a link to execute the webhook directly' do
-            expect(parsed_json[:_links][:execute][:href]).to eq 'http://example.org/webhooks/some-uuid/execute'
+            expect(parsed_json[:_links][:'pb:execute'][:href]).to eq 'http://example.org/webhooks/some-uuid/execute'
           end
 
           it 'includes timestamps' do

data/spec/lib/pact_broker/api/decorators/webhooks_decorator_spec.rb

@@ -30,12 +30,12 @@ module PactBroker
           end
 
           it "includes a list of links to the webhooks" do
-            expect(subject[:_links][:webhooks]).to be_instance_of(Array)
-            expect(subject[:_links][:webhooks].first).to eq title: 'description', name: 'request description', href: 'http://example.org/webhooks/some-uuid'
+            expect(subject[:_links][:'pb:webhooks']).to be_instance_of(Array)
+            expect(subject[:_links][:'pb:webhooks'].first).to eq title: 'description', name: 'request description', href: 'http://example.org/webhooks/some-uuid'
           end
 
           it "includes curies" do
-            expect(subject[:_links][:curies]).to eq [{:name=>"pb", :href=>"http://example.org/doc/webhooks"}]
+            expect(subject[:_links][:curies]).to eq [{:name=>"pb", :href=>"http://example.org/doc/webhooks-{rel}", templated: true}]
           end
 
         end

data/spec/lib/pact_broker/app_spec.rb

@@ -3,9 +3,22 @@ require 'pact_broker/app'
 module PactBroker
   describe App do
 
+    class TestApp < PactBroker::App
+
+      def configure_database_connection
+        # do nothing
+      end
+
+      def post_configure
+        # do nothing
+      end
+
+    end
+
     let(:app) do
-      PactBroker::App.new do | configuration |
+      TestApp.new do | configuration |
         configuration.database_connection = PactBroker::DB.connection
+        configuration.auto_migrate_db = false
       end
     end
 
@@ -14,5 +27,26 @@ module PactBroker
       expect(last_response.headers['X-Pact-Broker-Version']).to match /\d/
     end
 
+    describe "transactions", no_db_clean: true do
+      let(:pact_content) { load_fixture('a_consumer-a_provider.json') }
+      let(:path) { "/pacts/provider/A%20Provider/consumer/A%20Consumer/versions/1.2.3" }
+      let(:response_body_json) { JSON.parse(subject.body) }
+
+      before do
+        PactBroker::Database.truncate
+        allow_any_instance_of(PactBroker::Pacts::Repository).to receive(:create).and_raise("an error")
+      end
+
+      after do
+        PactBroker::Database.truncate
+      end
+
+      subject { put path, pact_content, {'CONTENT_TYPE' => 'application/json' }; last_response  }
+
+      it "wraps the API with a database transaction" do
+        expect { subject }.to_not change { PactBroker::Domain::Pacticipant.count }
+      end
+    end
+
   end
 end

data/spec/lib/pact_broker/domain/order_versions_spec.rb

@@ -40,4 +40,26 @@ describe PactBroker::Domain::OrderVersions do
 
   end
 
+  context "when an existing version number in the database that Versionomy could parse cannot be parsed by SemVer" do
+    let!(:consumer) do
+      ProviderStateBuilder.new
+        .create_consumer
+        .create_consumer_version('1')
+        .create_consumer_version('2')
+        .create_consumer_version('3')
+        .create_consumer_version('4')
+        .and_return(:consumer)
+    end
+
+    let(:ordered_versions) { PactBroker::Domain::Version.order(:order).all.collect(&:number) }
+
+    it "sorts the unparseable version as being first and maintains their relative order" do
+      Sequel::Model.db[:versions].where(number: '1').update(number: 'z')
+      Sequel::Model.db[:versions].where(number: '2').update(number: 'a')
+      Sequel::Model.db[:versions].where(number: '4').update(number: 'h')
+      PactBroker::Domain::Version.create(number: '5', pacticipant_id: consumer.id)
+      expect(ordered_versions).to eq(['z', 'a', 'h', '3', '5'])
+    end
+  end
+
 end

data/spec/lib/pact_broker/pacts/repository_spec.rb

@@ -191,6 +191,29 @@ module PactBroker
 
       end
 
+      describe "delete_by_version_id" do
+        let!(:version) do
+          ProviderStateBuilder.new
+            .create_consumer
+            .create_provider
+            .create_consumer_version("4.5.6")
+            .create_pact
+            .create_consumer_version("1.2.3")
+            .create_pact
+            .and_return(:consumer_version)
+        end
+
+        subject { Repository.new.delete_by_version_id(version.id) }
+
+        it "deletes the pact publication" do
+          expect{ subject }.to change { PactPublication.count }.by(-1)
+        end
+
+        it "does not delete the content because it may be used by another pact" do
+          expect { subject }.to change { PactVersion.count }.by(0)
+        end
+      end
+
       describe "#find_all_pact_versions_between" do
 
         before do

data/spec/lib/pact_broker/tags/repository_spec.rb

@@ -62,6 +62,27 @@ module PactBroker
         end
       end
 
+      describe "delete_by_version_id" do
+        let!(:version) do
+          ProviderStateBuilder.new
+            .create_consumer
+            .create_provider
+            .create_consumer_version("4.5.6")
+            .create_consumer_version_tag("prod")
+            .create_consumer_version("1.2.3")
+            .create_consumer_version_tag("prod")
+            .create_consumer_version_tag("foo")
+            .and_return(:consumer_version)
+        end
+
+        subject { Repository.new.delete_by_version_id(version.id) }
+
+        it "deletes the tag" do
+          expect{ subject }.to change { PactBroker::Domain::Tag.count }.by(-2)
+        end
+
+      end
+
     end
   end
-end
+end

data/spec/lib/pact_broker/versions/repository_spec.rb

@@ -24,6 +24,22 @@ module PactBroker
         end
       end
 
+      describe "#delete_by_id" do
+        let!(:version) do
+          ProviderStateBuilder.new
+            .create_consumer
+            .create_consumer_version("1.2.3")
+            .create_consumer_version("4.5.6")
+            .and_return(:consumer_version)
+        end
+
+        subject { Repository.new.delete_by_id version.id }
+
+        it "deletes the version" do
+          expect { subject }.to change{ PactBroker::Domain::Version.count }.by(-1)
+        end
+      end
+
       describe "#find_by_pacticipant_name_and_number" do
 
         subject { described_class.new.find_by_pacticipant_name_and_number pacticipant_name, version_number }

data/spec/lib/pact_broker/versions/service_spec.rb

@@ -0,0 +1,35 @@
+require 'pact_broker/versions/service'
+
+module PactBroker
+
+  module Versions
+    describe Service do
+
+      describe ".delete" do
+        let!(:version) do
+          ProviderStateBuilder.new
+            .create_consumer
+            .create_provider
+            .create_consumer_version("1.2.3")
+            .create_consumer_version_tag("prod")
+            .create_pact
+            .and_return(:consumer_version)
+        end
+
+        subject { Service.delete(version) }
+
+        it "deletes the pact publication" do
+          expect{ subject }.to change { PactBroker::Pacts::PactPublication.count }.by(-1)
+        end
+
+        it "deletes the tags" do
+          expect{ subject }.to change { PactBroker::Domain::Tag.count }.by(-1)
+        end
+
+        it "deletes the version" do
+          expect{ subject }.to change { PactBroker::Domain::Version.count }.by(-1)
+        end
+      end
+    end
+  end
+end

data/spec/lib/rack/pact_broker/database_transaction_spec.rb

@@ -0,0 +1,45 @@
+require 'tasks/database'
+require 'rack/pact_broker/database_transaction'
+
+module Rack
+  module PactBroker
+    describe DatabaseTransaction, no_db_clean: true do
+
+      before do
+        ::PactBroker::Database.truncate
+      end
+
+      after do
+        ::PactBroker::Database.truncate
+      end
+
+      let(:api) do
+        ->(env) { ::PactBroker::Domain::Pacticipant.create(name: 'Foo'); [500, {}, []] }
+      end
+
+      let(:api_with_transaction) do
+        ::Rack::PactBroker::DatabaseTransaction.new(api, ::PactBroker::DB.connection)
+      end
+
+      subject { self.send(http_method, "/") }
+
+      context "for get requests" do
+        let(:app) { api_with_transaction }
+
+        let(:http_method) { :get }
+        it "does not use a transaction" do
+          expect { subject }.to change { ::PactBroker::Domain::Pacticipant.count }.by(1)
+        end
+      end
+
+      [:post, :put, :patch, :delete].each do | http_meth |
+        let(:http_method) { http_meth }
+        context "for #{http_meth} requests" do
+          it "uses a transaction and rollsback if there is a 500 error" do
+            expect { subject }.to change { ::PactBroker::Domain::Pacticipant.count }.by(0)
+          end
+        end
+      end
+    end
+  end
+end

data/spec/lib/rack/pact_broker/invalid_uri_protection_spec.rb

@@ -0,0 +1,30 @@
+require 'rack/pact_broker/invalid_uri_protection'
+
+module Rack
+  module PactBroker
+    describe InvalidUriProtection do
+
+      let(:app) { InvalidUriProtection.new(->(env){ [200,{},[]] }) }
+
+      subject { get "/badpath"; last_response }
+
+      context "with a URI that the Ruby default URI library cannot parse" do
+
+        before do
+          # Can't use or stub URI.parse because rack test uses it to execute the actual test
+          allow_any_instance_of(InvalidUriProtection).to receive(:parse).and_raise(URI::InvalidURIError)
+        end
+
+        it "returns a 404" do
+          expect(subject.status).to eq 404
+        end
+      end
+
+      context "when the URI can be parsed" do
+        it "passes the request to the underlying app" do
+          expect(subject.status).to eq 200
+        end
+      end
+    end
+  end
+end

data/spec/spec_helper.rb

@@ -5,6 +5,7 @@ $: << File.expand_path("../../", __FILE__)
 require 'rack/test'
 require 'db'
 require 'pact_broker/api'
+require 'tasks/database'
 require 'rspec/its'
 
 Dir.glob("./spec/support/**/*.rb") { |file| require file  }
@@ -14,7 +15,7 @@ I18n.config.enforce_available_locales = false
 RSpec.configure do | config |
   config.before :suite do
     raise "Wrong environment!!! Don't run this script!! ENV['RACK_ENV'] is #{ENV['RACK_ENV']} and RACK_ENV is #{RACK_ENV}" if ENV['RACK_ENV'] != 'test' || RACK_ENV != 'test'
-    PactBroker::DB.connection = DB::PACT_BROKER_DB
+    PactBroker::DB.connection = PactBroker::Database.database = DB::PACT_BROKER_DB
   end
 
   config.include Rack::Test::Methods

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: pact_broker
 version: !ruby/object:Gem::Version
-  version: 2.0.0
+  version: 2.0.1
 platform: ruby
 authors:
 - Bethany Skurrie
@@ -10,7 +10,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-05-15 00:00:00.000000000 Z
+date: 2017-05-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: httparty
@@ -234,6 +234,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '2.0'
+- !ruby/object:Gem::Dependency
+  name: rack-protection
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.5'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.5'
 - !ruby/object:Gem::Dependency
   name: sqlite3
   requirement: !ruby/object:Gem::Requirement
@@ -534,6 +548,8 @@ files:
 - lib/pact_broker/doc/views/self.markdown
 - lib/pact_broker/doc/views/tag-prod-version.markdown
 - lib/pact_broker/doc/views/tag-version.markdown
+- lib/pact_broker/doc/views/webhooks-create.markdown
+- lib/pact_broker/doc/views/webhooks-webhooks.markdown
 - lib/pact_broker/doc/views/webhooks.markdown
 - lib/pact_broker/domain.rb
 - lib/pact_broker/domain/group.rb
@@ -607,6 +623,8 @@ files:
 - lib/rack/hal_browser/redirect.rb
 - lib/rack/pact_broker/add_pact_broker_version_header.rb
 - lib/rack/pact_broker/convert_file_extension_to_accept_header.rb
+- lib/rack/pact_broker/database_transaction.rb
+- lib/rack/pact_broker/invalid_uri_protection.rb
 - pact_broker.gemspec
 - pact_broker_client-pact_broker.json
 - public/Network Graph_files/d3.v3.js
@@ -643,6 +661,7 @@ files:
 - script/update-hal-browser
 - spec/features/create_webhook_spec.rb
 - spec/features/delete_pact_spec.rb
+- spec/features/delete_version_spec.rb
 - spec/features/get_diff_spec.rb
 - spec/features/get_pact_spec.rb
 - spec/features/get_pact_versions_spec.rb
@@ -744,11 +763,14 @@ files:
 - spec/lib/pact_broker/verifications/summary_for_consumer_version_spec.rb
 - spec/lib/pact_broker/versions/parse_semantic_version_spec.rb
 - spec/lib/pact_broker/versions/repository_spec.rb
+- spec/lib/pact_broker/versions/service_spec.rb
 - spec/lib/pact_broker/webhooks/job_spec.rb
 - spec/lib/pact_broker/webhooks/repository_spec.rb
 - spec/lib/pact_broker/webhooks/service_spec.rb
 - spec/lib/rack/hal_browser/redirect_spec.rb
 - spec/lib/rack/pact_broker/add_pact_broker_version_header_spec.rb
+- spec/lib/rack/pact_broker/database_transaction_spec.rb
+- spec/lib/rack/pact_broker/invalid_uri_protection_spec.rb
 - spec/migrations/23_pact_versions_spec.rb
 - spec/migrations/24_populate_pact_contents_spec.rb
 - spec/migrations/34_latest_tagged_pacts_spec.rb
@@ -830,6 +852,7 @@ summary: See description
 test_files:
 - spec/features/create_webhook_spec.rb
 - spec/features/delete_pact_spec.rb
+- spec/features/delete_version_spec.rb
 - spec/features/get_diff_spec.rb
 - spec/features/get_pact_spec.rb
 - spec/features/get_pact_versions_spec.rb
@@ -931,11 +954,14 @@ test_files:
 - spec/lib/pact_broker/verifications/summary_for_consumer_version_spec.rb
 - spec/lib/pact_broker/versions/parse_semantic_version_spec.rb
 - spec/lib/pact_broker/versions/repository_spec.rb
+- spec/lib/pact_broker/versions/service_spec.rb
 - spec/lib/pact_broker/webhooks/job_spec.rb
 - spec/lib/pact_broker/webhooks/repository_spec.rb
 - spec/lib/pact_broker/webhooks/service_spec.rb
 - spec/lib/rack/hal_browser/redirect_spec.rb
 - spec/lib/rack/pact_broker/add_pact_broker_version_header_spec.rb
+- spec/lib/rack/pact_broker/database_transaction_spec.rb
+- spec/lib/rack/pact_broker/invalid_uri_protection_spec.rb
 - spec/migrations/23_pact_versions_spec.rb
 - spec/migrations/24_populate_pact_contents_spec.rb
 - spec/migrations/34_latest_tagged_pacts_spec.rb