practical 0.1.0

data/app/lib/practical/test/helpers/passkey/system/selenium.rb

@@ -0,0 +1,107 @@
+# frozen_string_literal: true
+
+require "webauthn/fake_client"
+
+module Practical::Test::Helpers::Passkey::System::Selenium
+  extend ActiveSupport::Concern
+  include Practical::Test::Helpers::Passkey::System::Base
+
+  included do
+    teardown do
+      if @virtual_authenticator.present? && @virtual_authenticator.valid?
+        @virtual_authenticator.remove!
+      end
+    rescue Selenium::WebDriver::Error::InvalidArgumentError
+    end
+
+    def self.selenium_driver_key
+      if ENV.has_key?("HEADLESS_TESTS")
+        return :headless_chrome
+      else
+        return :chrome
+      end
+    end
+
+    driven_by :selenium, using: selenium_driver_key, screen_size: [1400, 1400] do |options|
+      options.accept_insecure_certs = true
+      options.args << "--auto-open-devtools-for-tabs"
+    end
+  end
+
+  def create_passkey_for_user_and_return_webauthn_credential(user:)
+    webauthn_credential = create_webauthn_credential_from_scratch(webauthn_client: user_webauthn_client,
+                                                                  rp_id: user_relying_party_id,
+                                                                  relying_party: user_relying_party
+                                                                 )
+    # rubocop:disable Layout/LineLength
+    keypair = fake_authenticator.instance_variable_get("@credentials")[user_relying_party_id][webauthn_credential.id][:credential_key]
+    # rubocop:enable Layout/LineLength
+
+    resident_credential = create_credential(
+      rp_id: user_relying_party_id,
+      id: webauthn_credential.id.bytes,
+      keypair: keypair
+    )
+
+    authenticator = add_virtual_authenticator
+    authenticator.add_credential(resident_credential)
+
+    user.passkeys.create!(
+      label: SecureRandom.hex,
+      external_id: Base64.strict_encode64(webauthn_credential.id),
+      public_key: Base64.strict_encode64(webauthn_credential.public_key),
+      sign_count: 0
+    )
+
+    return webauthn_credential
+  end
+
+  def authenticator_options(options: {})
+    options = options.reverse_merge({
+      protocol: :ctap2,
+      resident_key: true,
+      user_verification: true,
+      user_verified: true
+    })
+    Selenium::WebDriver::VirtualAuthenticatorOptions.new(**options)
+  end
+
+  def add_virtual_authenticator(options: authenticator_options)
+    @virtual_authenticator ||= Capybara.current_session.driver.browser.add_virtual_authenticator(options)
+  end
+
+  def default_authenticator
+    @virtual_authenticator
+  end
+
+  def create_credential(rp_id:, user_handle: generate_user_handle, id:, keypair:)
+    private_key = Base64.strict_encode64(keypair.private_to_der)
+    decoded_private_key = Base64.strict_decode64(private_key).bytes
+
+    return Selenium::WebDriver::Credential.resident(
+      id: id,
+      private_key: decoded_private_key,
+      rp_id: rp_id,
+      user_handle: user_handle
+    )
+
+    Selenium::WebDriver::Credential.resident(
+      id: generate_credential_id,
+      private_key: decoded_private_key,
+      rp_id: "localhost",
+      user_handle: generate_user_handle
+    )
+
+    keypair.public_key.to_bn.to_s(2)
+    private_key = keypair.private_key.to_bn.to_s(2)
+    return Selenium::WebDriver::Credential.resident(id: id.bytes,
+                                                    private_key: private_key.bytes,
+                                                    rp_id: rp_id,
+                                                    user_handle: user_handle.bytes
+                                                   )
+  end
+
+  def generate_user_handle
+    SecureRandom.uuid.bytes
+  end
+end

data/app/lib/practical/test/helpers/passkey/test_helper.rb

@@ -0,0 +1,128 @@
+# frozen_string_literal: true
+
+require "webauthn/fake_client"
+
+module Practical::Test::Helpers::Passkey::TestHelper
+  def assert_passkey_registration_challenge(
+    data:,
+    stored_challenge:,
+    relying_party_data:,
+    user_data:,
+    credentials_to_exclude: []
+  )
+    authentication_selection = {"residentKey"=>"required", "userVerification"=>"required"}
+
+    assert_equal stored_challenge, data["challenge"]
+    assert_equal relying_party_data, data["rp"]
+    assert_equal user_data, data["user"]
+    assert_equal authentication_selection, data["authenticatorSelection"]
+
+    assert_equal credentials_to_exclude, data["excludeCredentials"]
+  end
+
+  def assert_passkey_authentication_challenge(
+    data:,
+    stored_challenge:,
+    credentials_to_allow: []
+  )
+    assert_equal stored_challenge, data["challenge"]
+    assert_equal "required", data["userVerification"]
+
+    assert_equal credential_id_for_challenge(passkeys: credentials_to_allow), data["allowCredentials"]
+  end
+
+  def credential_id_for_challenge(passkeys:)
+    Array.wrap(passkeys).map{|x| {"type" => "public-key", "id" => x.external_id} }
+  end
+
+  def administrator_user_data(administrator:)
+    {"name"=>administrator.email, "id"=>administrator.webauthn_id, "displayName"=>administrator.email}
+  end
+
+  def user_data(user:)
+    {"name"=>user.email, "id"=>user.webauthn_id, "displayName"=>user.name}
+  end
+
+  def credential_data_for_passkey(passkey:)
+    {"type"=>"public-key", "id"=> passkey.external_id}
+  end
+
+  def relying_party_origin
+    AppSettings.relying_party_origin
+  end
+
+  def admin_relying_party_origin
+    AppSettings.admin_relying_party_origin
+  end
+
+  def admin_relying_party_id
+    URI.parse(admin_relying_party_origin).host
+  end
+
+  def user_relying_party_id
+    URI.parse(relying_party_origin).host
+  end
+
+  def admin_relying_party(options: {})
+    return WebAuthn::RelyingParty.new(**{
+      allowed_origins: admin_relying_party_origin,
+      name: I18n.translate("administrator.app_title.text")
+    }.merge(options))
+  end
+
+  def relying_party(options: {})
+    return WebAuthn::RelyingParty.new(**{
+      allowed_origins: relying_party_origin,
+      name: I18n.translate("app_title.text")
+    }.merge(options))
+  end
+
+  def fake_authenticator
+    return WebAuthn::FakeAuthenticator.new
+  end
+
+  def fake_client(origin: "https://example.test", authenticator: WebAuthn::FakeAuthenticator.new)
+    return WebAuthn::FakeClient.new(origin, authenticator: authenticator)
+  end
+
+  def encode_challenge(raw_challenge:)
+    Base64.strict_encode64(raw_challenge)
+  end
+
+  def assertion_from_client(client:, challenge:, user_verified: true)
+    client.get(challenge: challenge, user_verified: user_verified)
+  end
+
+  def hydrate_response_from_raw_credential(client:, relying_party:, raw_credential:)
+    attestation_object = if client.encoding
+      relying_party.encoder.decode(raw_credential["response"]["attestationObject"])
+    else
+      raw_credential["response"]["attestationObject"]
+    end
+
+  client_data_json =
+    if client.encoding
+      relying_party.encoder.decode(raw_credential["response"]["clientDataJSON"])
+    else
+      raw_credential["response"]["clientDataJSON"]
+    end
+
+  return WebAuthn::AuthenticatorAttestationResponse.new(
+    attestation_object: attestation_object,
+    client_data_json: client_data_json,
+    relying_party: relying_party
+  )
+  end
+
+  def create_credential_and_return_payload_from_challenge(client:, challenge:, user_verified: true)
+    return client.create(challenge: challenge, user_verified: user_verified)
+  end
+
+  def get_credential_payload_from_challenge(client:, challenge:, user_verified: true)
+    client.get(challenge: challenge, user_verified: user_verified)
+  end
+
+  def encoded_public_key(credential:, relying_party:)
+    relying_party.encoder.encode(credential.public_key)
+  end
+end

data/app/lib/practical/test/helpers/postmark.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+module Practical::Test::Helpers::Postmark
+  def extract_template_model(mail:)
+    scanner = StringScanner.new(mail.body.encoded)
+    scanner.skip_until(/Model:\r\n/)
+
+    result = scanner.scan_until(/^Use the #prerender/)
+    return JSON.parse(result.gsub("Use the #prerender", ''))
+  end
+end

data/app/lib/practical/test/helpers/relation_builder_assertions.rb

@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+
+module Practical::Test::Helpers::RelationBuilderAssertions
+  def assert_relation_ordering_matches(expected:, relation:, instance:)
+    assert_not_equal expected, relation
+    assert_sql_transformation(expected: expected, actual: instance.apply_ordering(scope: relation))
+  end
+
+  def assert_relation_filtering_matches(expected:, relation:, instance:)
+    assert_not_equal expected, relation
+    assert_sql_transformation(expected: expected, actual: instance.apply_filtering(scope: relation))
+  end
+
+  def assert_sql_transformation(expected:, actual:)
+    message = {expected_sql: expected.to_sql, actual_sql: actual.to_sql}
+    assert_equal expected, actual, message
+  end
+end

data/app/lib/practical/test/helpers/setup/debug.rb

@@ -0,0 +1,8 @@
+# frozen_string_literal: true
+
+module Practical::Test::Helpers::Setup::Debug
+  # rubocop:disable Rails/Output
+  puts "MINITEST_PARALLEL_EXECUTOR_SIZE: #{Minitest.parallel_executor.size}"
+  puts "PARALLEL_WORKERS: #{ENV["PARALLEL_WORKERS"]}"
+  # rubocop:enable Rails/Output
+end

data/app/lib/practical/test/helpers/setup/faker_seed_pinning.rb

@@ -0,0 +1,8 @@
+# frozen_string_literal: true
+
+module Practical::Test::Helpers::Setup::FakerSeedPinning
+  def before_setup
+    super
+    Faker::Config.random = Random.new(Minitest.seed)
+  end
+end

data/app/lib/practical/test/helpers/setup/simplecov.rb

@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+module Practical::Test::Helpers::Setup::Simplecov
+  extend ActiveSupport::Concern
+
+  if ENV['COVERAGE']
+    included do
+      parallelize_setup do |worker|
+        SimpleCov.command_name "#{SimpleCov.command_name}-#{worker}"
+      end
+
+      parallelize_teardown do |worker|
+        SimpleCov.result
+      end
+    end
+  end
+end

data/app/lib/practical/test/helpers/shrine/test_data.rb

@@ -0,0 +1,101 @@
+# frozen_string_literal: true
+
+require "shrine/storage/memory"
+
+Shrine.storages = {
+  cache: Shrine::Storage::Memory.new,
+  store: Shrine::Storage::Memory.new
+}
+
+module Practical::Test::Helpers::Shrine::TestData
+  def image_data
+    attacher = Shrine::Attacher.new
+    attacher.set(uploaded_image)
+
+    attacher.data
+  end
+
+  def uploaded_image
+    file = image_file
+    uploaded_file = Shrine.upload(file, :store, metadata: false)
+    uploaded_file.metadata.merge!(
+      "size" => File.size(file.path),
+      "mime_type" => "image/jpeg",
+      "filenae" => "test.jpeg"
+    )
+
+    uploaded_file
+  end
+
+  def image_filepath
+    file_fixture("dog.jpeg")
+  end
+
+  def image_file
+    File.open(image_filepath)
+  end
+
+  def heic_filepath
+    file_fixture("island.heic")
+  end
+
+  def heic_file
+    File.open(heic_filepath)
+  end
+
+  def csv_filepath
+    file_fixture("example.csv")
+  end
+
+  def csv_file
+    File.open(csv_filepath)
+  end
+
+  def excel_filepath
+    file_fixture("example.xlsx")
+  end
+
+  def excel_file
+    File.open(excel_filepath)
+  end
+
+  def word_filepath
+    file_fixture("example.docx")
+  end
+
+  def pdf_file
+    File.open(pdf_filepath)
+  end
+
+  def pdf_filepath
+    file_fixture("example.pdf")
+  end
+
+  def word_file
+    File.open(word_filepath)
+  end
+
+  def numbers_filepath
+    file_fixture("numbers-example.numbers")
+  end
+
+  def numbers_file
+    File.open(numbers_filepath)
+  end
+
+  def plaintext_filepath
+    file_fixture("example.txt")
+  end
+
+  def plaintext_file
+    File.open(plaintext_filepath)
+  end
+
+  def rtf_filepath
+    file_fixture("example.rtf")
+  end
+
+  def rtf_file
+    File.open(rtf_filepath)
+  end
+end

data/app/lib/practical/test/helpers/spy_assertions.rb

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+
+module Practical::Test::Helpers::SpyAssertions
+  def assert_times_called(spy:, times:)
+    assert_equal times, spy.calls.count
+  end
+end

data/app/lib/practical/test/helpers/system/assertions.rb

@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+
+module Practical::Test::Helpers::System::Assertions
+  def assert_toast_message(text:)
+    within(".notification-messages") do
+      assert_selector("dialog", text: text)
+    end
+  end
+
+  def assert_sign_in_user(user:)
+    create_passkey_for_user_and_return_webauthn_credential(
+      user: user
+    )
+
+    if Capybara.current_driver == :rack_test
+      page.driver.browser.post(new_user_session_challenge_url, as: :json)
+      challenge_data = JSON.parse(page.driver.response.body)
+    end
+
+    visit new_user_session_url
+
+    fill_in "Email", with: user.email
+
+    if Capybara.current_driver == :rack_test
+      credential_data = user_webauthn_client.get(challenge: challenge_data["challenge"], user_verified: true)
+      find("input[type=hidden]#user_passkey_credential", visible: false).set(JSON.generate(credential_data))
+    end
+
+    click_on "Sign in"
+
+    assert_toast_message(text: I18n.translate("devise.sessions.signed_in"))
+  end
+end

data/app/lib/practical/test/helpers/system/capybara_prep.rb

@@ -0,0 +1,10 @@
+# frozen_string_literal: true
+
+module Practical::Test::Helpers::System::CapybaraPrep
+  extend ActiveSupport::Concern
+  included do
+    Capybara.save_path = Rails.root.join("tmp", "capybara").to_s
+    Capybara.server_host = AppSettings.default_host
+    Capybara.server = :puma, { Host: "ssl://#{Capybara.server_host}"}
+  end
+end