practical 0.1.0

data/app/lib/practical/test/shared/auth/passkeys/forms/emergency_registration.rb

@@ -0,0 +1,82 @@
+# frozen_string_literal: true
+
+require 'ostruct'
+
+module Practical::Test::Shared::Auth::Passkeys::Forms::EmergencyRegistration
+  extend ActiveSupport::Concern
+
+  def dummy_webauthn_credential
+    OpenStruct.new(public_key: SecureRandom.hex, raw_id: SecureRandom.bytes(10), sign_count: 0)
+  end
+
+  included do
+    test "save: merges errors from the attempted new passkey and re-raises" do
+      form = form_instance_with_no_passkey_label_or_public_key
+
+      assert_no_difference "#{passkey_class}.count" do
+      assert_raises ActiveRecord::RecordInvalid do
+        form.save!
+      end
+      end
+
+      assert_equal true, form.errors.of_kind?(:public_key, :blank)
+      assert_equal true, form.errors.of_kind?(:passkey_label, :blank)
+    end
+
+    test "save: raises unexpected errors" do
+      form = valid_form_instance
+      Spy.on(form.emergency_registration, :use_for_and_notify!).and_raise(ArgumentError)
+
+      assert_no_difference "#{passkey_class}.count" do
+      assert_raises ArgumentError do
+        form.save!
+      end
+      end
+    end
+
+    test "save: raises an AlreadyUsedError if the emergency_registration has a passkey" do
+      form = form_instance_with_emergency_registration_that_has_passkey
+
+      assert_no_difference "#{passkey_class}.count" do
+      assert_raises already_used_error_class do
+        form.save!
+      end
+      end
+    end
+
+    test "save: raises an AlreadyUsedError if the emergency_registration has been used" do
+      form = form_instance_with_emergency_registration_with_used_at
+
+      assert_no_difference "#{passkey_class}.count" do
+      assert_raises already_used_error_class do
+        form.save!
+      end
+      end
+    end
+
+    test """save:
+      - creates the passkey for the owner
+      - marks the emergency_registration as used
+      - enqueues the email that a passkey has been created
+    """ do
+      form = valid_form_instance
+
+      time = Time.now.utc
+
+      Timecop.freeze(time) do
+      assert_difference "#{passkey_class}.count", +1 do
+        form.save!
+      end
+      end
+
+      emergency_registration = form.emergency_registration.reload
+
+      new_passkey = passkey_class.last
+      assert_equal new_passkey, emergency_registration.passkey
+      assert_equal time.to_formatted_s(:db), emergency_registration.used_at.to_formatted_s(:db)
+
+
+      assert_new_passkey_email(new_passkey: new_passkey)
+    end
+  end
+end

data/app/lib/practical/test/shared/auth/passkeys/models/emergency_registration/base.rb

@@ -0,0 +1,89 @@
+# frozen_string_literal: true
+
+module Practical::Test::Shared::Auth::Passkeys::Models::EmergencyRegistration::Base
+  extend ActiveSupport::Concern
+
+  included do
+    test "belongs_to the owner of the registration" do
+      reflection = model_class.reflect_on_association(owner_reflection_name)
+      assert_equal :belongs_to, reflection.macro
+    end
+
+    test "requires an owner to be valid" do
+      instance = model_instance
+      instance.send(:"#{owner_reflection_name}=", nil)
+
+      assert_equal false, instance.valid?
+      assert_equal true, instance.errors.of_kind?(owner_reflection_name, :blank)
+
+      instance.send(:"#{owner_reflection_name}=", owner_instance)
+      instance.valid?
+
+      assert_equal false, instance.errors.of_kind?(owner_reflection_name, :blank)
+    end
+
+    test "optionally belongs_to user_agent" do
+      reflection = model_class.reflect_on_association(user_agent_reflection_name)
+      assert_equal :belongs_to, reflection.macro
+      assert_equal user_agent_class_name, reflection.class_name
+      assert_equal true, reflection.options[:optional]
+    end
+
+    test "optionally belongs_to ip_address" do
+      reflection = model_class.reflect_on_association(ip_address_reflection_name)
+      assert_equal :belongs_to, reflection.macro
+      assert_equal ip_address_class_name, reflection.class_name
+      assert_equal true, reflection.options[:optional]
+    end
+
+    test "optionally belongs_to a passkey" do
+      reflection = model_class.reflect_on_association(:passkey)
+      assert_equal :belongs_to, reflection.macro
+      assert_equal true, reflection.options[:optional]
+    end
+
+    test "when a passkey is destroyed, the emergency_registration is destroyed as well" do
+      emergency_registration = model_instance_with_passkey
+      passkey = emergency_registration.passkey
+
+      passkey.destroy!
+
+      assert_nil model_class.find_by(id: emergency_registration.id)
+    end
+
+    test "available: scope only returns instances where used_at is nil" do
+      instance = model_instance
+      assert_nil instance.used_at
+
+      assert_includes model_class.available, instance
+
+      instance.update!(used_at: Time.now.utc)
+
+      assert_not_includes model_class.available, instance
+    end
+
+    test "generates_token_for emergency_registration that expires within the designated time" do
+      instance = model_instance
+
+      token = instance.generate_token_for(:emergency_registration)
+
+      assert_equal instance, model_class.find_by_token_for(:emergency_registration, token)
+
+      Timecop.freeze(Time.now.utc + expiration_timespan) do
+        assert_nil model_class.find_by_token_for(:emergency_registration, token)
+      end
+    end
+
+    test "generates_token_for emergency_registration that expires when used_at is set" do
+      instance = model_instance
+
+      token = instance.generate_token_for(:emergency_registration)
+
+      assert_equal instance, model_class.find_by_token_for(:emergency_registration, token)
+
+      instance.update!(used_at: Time.now.utc)
+
+      assert_nil model_class.find_by_token_for(:emergency_registration, token)
+    end
+  end
+end

data/app/lib/practical/test/shared/auth/passkeys/models/emergency_registration/use_for_and_notify.rb

@@ -0,0 +1,48 @@
+# frozen_string_literal: true
+
+module Practical::Test::Shared::Auth::Passkeys::Models::EmergencyRegistration::UseForAndNotify
+  extend ActiveSupport::Concern
+
+  included do
+    test "use_for_and_notify!: raises AlreadyUsedError if a passkey is present" do
+      instance = model_instance
+      instance.update!(passkey: create_passkey_instance)
+      assert_raises already_used_error_class do
+        instance.use_for_and_notify!(new_passkey: create_passkey_instance)
+      end
+    end
+
+    test "use_for_and_notify!: raises AlreadyUsed error used_at is present" do
+      instance = model_instance
+      instance.update!(used_at: Time.now)
+      assert_raises already_used_error_class do
+        instance.use_for_and_notify!(new_passkey: create_passkey_instance)
+      end
+    end
+
+    test """use_for_and_notify!:
+      - links to the given passkey
+      - marks the used_at
+      - matching PasskeyMailer.passkey_added class
+    """ do
+      instance = model_instance
+      passkey_instance = create_passkey_instance
+
+      time = Time.now.utc
+
+      Timecop.freeze(time) do
+        assert_enqueued_email_with(
+          passkey_mailer_class,
+          :passkey_added,
+          args: [{ passkey: passkey_instance }]
+        ) do
+          instance.use_for_and_notify!(new_passkey: passkey_instance)
+          instance.reload
+
+          assert_equal passkey_instance, instance.passkey
+          assert_equal time.to_formatted_s(:db), instance.used_at.to_formatted_s(:db)
+        end
+      end
+    end
+  end
+end

data/app/lib/practical/test/shared/auth/passkeys/models/passkey.rb

@@ -0,0 +1,101 @@
+# frozen_string_literal: true
+
+module Practical::Test::Shared::Auth::Passkeys::Models::Passkey
+  extend ActiveSupport::Concern
+
+  included do
+    test "belongs_to the owner of the passkey" do
+      reflection = model_class.reflect_on_association(owner_reflection_name)
+      assert_equal :belongs_to, reflection.macro
+    end
+
+    test "requires an owner in order to be valid" do
+      instance = model_instance
+      instance.send(:"#{owner_reflection_name}=", nil)
+
+      assert_equal false, instance.valid?
+      assert_equal true, instance.errors.of_kind?(owner_reflection_name, :blank)
+
+      instance.send(:"#{owner_reflection_name}=", owner_instance)
+      instance.valid?
+
+      assert_equal false, instance.errors.of_kind?(owner_reflection_name, :blank)
+    end
+
+    test "label: is required and cannot be blank" do
+      instance = model_instance
+      instance.label = "   "
+
+      assert_equal false, instance.valid?
+      assert_equal true, instance.errors.of_kind?(:label, :blank)
+
+      instance.label = Faker::Computer.stack
+
+      instance.valid?
+      assert_equal false, instance.errors.of_kind?(:label, :blank)
+    end
+
+    test "label: must be unique for an owner" do
+      instance = model_instance
+
+      assert_equal true, instance.valid?
+
+      new_instance = instance.send(:"#{owner_reflection_name}").passkeys.build(label: instance.label)
+
+      assert_equal false, new_instance.valid?
+      assert_equal true, new_instance.errors.of_kind?(:label, :taken)
+
+      new_instance = other_owner_instance.passkeys.build(label: instance.label)
+      new_instance.valid?
+      assert_equal false, new_instance.errors.of_kind?(:label, :taken)
+    end
+
+    test "external_id: is required and cannot be blank" do
+      instance = model_instance
+      instance.external_id = "   "
+
+      assert_equal false, instance.valid?
+      assert_equal true, instance.errors.of_kind?(:external_id, :blank)
+
+      instance.external_id = SecureRandom.hex
+
+      instance.valid?
+      assert_equal false, instance.errors.of_kind?(:external_id, :blank)
+    end
+
+    test "external_id: is unique" do
+      instance = model_class.new(external_id: model_instance.external_id)
+      assert_equal false, instance.valid?
+      assert_equal true, instance.errors.of_kind?(:external_id, :taken)
+
+      instance.external_id = SecureRandom.hex
+      instance.valid?
+
+      assert_equal false, instance.errors.of_kind?(:external_id, :taken)
+    end
+
+    test "public_key: is required and cannot be blank" do
+      instance = model_instance
+      instance.public_key = "   "
+
+      assert_equal false, instance.valid?
+      assert_equal true, instance.errors.of_kind?(:public_key, :blank)
+
+      instance.public_key = SecureRandom.hex
+
+      instance.valid?
+      assert_equal false, instance.errors.of_kind?(:public_key, :blank)
+    end
+
+    test "public_key: is unique" do
+      instance = model_class.new(public_key: model_instance.public_key)
+      assert_equal false, instance.valid?
+      assert_equal true, instance.errors.of_kind?(:public_key, :taken)
+
+      instance.public_key = SecureRandom.hex
+      instance.valid?
+
+      assert_equal false, instance.errors.of_kind?(:public_key, :taken)
+    end
+  end
+end

data/app/lib/practical/test/shared/auth/passkeys/models/resource_with_passkeys.rb

@@ -0,0 +1,57 @@
+# frozen_string_literal: true
+
+module Practical::Test::Shared::Auth::Passkeys::Models::ResourceWithPasskeys
+  extend ActiveSupport::Concern
+
+  included do
+    test "has many passkeys" do
+      reflection = model_class.reflect_on_association(:passkeys)
+      assert_equal :has_many, reflection.macro
+
+      assert_difference "#{passkey_class}.count", +1 do
+        new_passkey = model_instance.passkeys.create!(
+          label: SecureRandom.hex,
+          external_id: SecureRandom.hex,
+          public_key: SecureRandom.hex
+        )
+
+        assert_instance_of passkey_class, new_passkey
+
+        assert_includes model_instance.passkeys, new_passkey
+      end
+    end
+
+    test "passkeys_class" do
+      assert_equal passkey_class, model_class.passkeys_class
+    end
+
+    test "find_for_passkey: finds the instance for a given passkey" do
+      assert_equal model_instance, model_class.find_for_passkey(passkey_instance)
+    end
+
+    test "after_passkey_authentication: is defined" do
+      assert_equal true, model_instance.respond_to?(:after_passkey_authentication)
+    end
+
+    test "webauthn_id: is required and cannot be blank" do
+      instance = model_instance
+      instance.webauthn_id = ""
+      assert_equal false, instance.valid?
+      assert_equal true, instance.errors.of_kind?(:webauthn_id, :blank)
+
+      instance.webauthn_id = SecureRandom.hex
+      assert_equal true, instance.valid?
+    end
+
+    test "webauthn_id: is unique" do
+      instance = model_class.new(webauthn_id: model_instance.webauthn_id)
+      assert_equal false, instance.valid?
+      assert_equal true, instance.errors.of_kind?(:webauthn_id, :taken)
+
+      instance.webauthn_id = SecureRandom.hex
+      instance.valid?
+
+      assert_equal false, instance.errors.of_kind?(:webauthn_id, :taken)
+    end
+  end
+end

data/app/lib/practical/test/shared/auth/passkeys/policies/passkey.rb

@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+
+module Practical::Test::Shared::Auth::Passkeys::Policies::Passkey
+  extend ActiveSupport::Concern
+
+  included do
+    test "manage?: only true for the user's passkeys" do
+      passkey = resource_with_passkeys.passkeys.create!(
+        label: SecureRandom.hex,
+        external_id: SecureRandom.hex,
+        public_key: SecureRandom.hex
+      )
+
+      assert_equal true, policy_class.new(passkey, user: resource_with_passkeys).apply(:manage?)
+      assert_equal false, policy_class.new(passkey, user: other_resource_with_passkeys).apply(:manage?)
+    end
+  end
+end

data/app/lib/practical/test/shared/auth/passkeys/services/send_emergency_registration.rb

@@ -0,0 +1,41 @@
+# frozen_string_literal: true
+
+module Practical::Test::Shared::Auth::Passkeys::Services::SendEmergencyRegistration
+  extend ActiveSupport::Concern
+
+  included do
+    test "raises ActiveRecord::RecordNotFound if no resource with this email address" do
+      assert_raises ActiveRecord::RecordNotFound do
+        service_class.new(
+          email: "bad@example.com",
+          ip_address: Faker::Internet.ip_v4_address,
+          user_agent: Faker::Internet.user_agent,
+        ).run!
+      end
+    end
+
+    test "does not break if no ip_address given" do
+      assert_successful_run(service: service_class.new(
+        email: valid_email,
+        ip_address: "   ",
+        user_agent: Faker::Internet.user_agent,
+      ))
+    end
+
+    test "does not break if no user_agent given" do
+      assert_successful_run(service: service_class.new(
+        email: valid_email,
+        ip_address: Faker::Internet.ip_v4_address,
+        user_agent: "   ",
+      ))
+    end
+
+    test "returns true if the email was sent" do
+      assert_successful_run(service: service_class.new(
+        email: valid_email,
+        ip_address: Faker::Internet.ip_v4_address,
+        user_agent: Faker::Internet.user_agent,
+      ))
+    end
+  end
+end

data/app/lib/practical/test/shared/models/normalized_email.rb

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+module Practical::Test::Shared::Models::NormalizedEmail
+  extend ActiveSupport::Concern
+
+  included do
+    test "email: is normalized to lowercase and stripped" do
+      instance = model_instance
+      original_email = instance.email
+      normalized_email = instance.email.strip.downcase
+      instance = model_instance
+
+      instance.update!(email: original_email.upcase)
+      assert_equal instance, model_class.find_by(email: original_email.upcase)
+      assert_equal normalized_email, model_class.find_by(email: original_email.upcase).email
+
+
+      instance.update!(email: "\n\n\t#{original_email.upcase}\n\n\t")
+      assert_equal instance, model_class.find_by(email: "\n\n\t#{original_email.upcase}\n\n\t")
+      assert_equal normalized_email, model_class.find_by(email: "\n\n\t#{original_email.upcase}\n\n\t").email
+    end
+  end
+end

data/app/lib/practical/test/shared/models/user.rb

@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+module Practical::Test::Shared::Models::User
+  extend ActiveSupport::Concern
+
+  included do
+    test "name: required and cannot be blank" do
+      instance = model_instance
+      instance.name = ""
+      assert_equal false, instance.valid?
+      assert_equal true, instance.errors.of_kind?(:name, :blank)
+
+      instance.name = Faker::Name.name
+      assert_equal true, instance.valid?
+    end
+
+    test "email: required and cannot be blank" do
+      instance = model_instance
+      instance.email = ""
+      assert_equal false, instance.valid?
+      assert_equal true, instance.errors.of_kind?(:email, :blank)
+
+      instance.email = Faker::Internet.email
+      assert_equal true, instance.valid?
+    end
+  end
+end

data/app/lib/practical/test/shared/models/utility/ip_address.rb

@@ -0,0 +1,42 @@
+# frozen_string_literal: true
+
+module Practical::Test::Shared::Models::Utility::IPAddress
+  extend ActiveSupport::Concern
+  included do
+    test "address: is required and cannot be blank" do
+      instance = new_model_instance(address: nil)
+      assert_equal false, instance.valid?
+      assert_equal true, instance.errors.of_kind?(:address, :blank)
+
+      instance.address = Faker::Internet.ip_v6_address
+
+      assert_equal true, instance.valid?
+      assert_equal false, instance.errors.of_kind?(:address, :blank)
+    end
+
+    test "address: is unique" do
+      old_ip = Faker::Internet.ip_v6_address
+
+      old_instance = new_model_instance(address: old_ip)
+      old_instance.save!
+
+      instance = new_model_instance(address: old_ip)
+      assert_equal false, instance.valid?
+      assert_equal true, instance.errors.of_kind?(:address, :taken)
+
+      instance.address = Faker::Internet.ip_v6_address
+
+      assert_equal true, instance.valid?
+      assert_equal false, instance.errors.of_kind?(:address, :taken)
+    end
+
+    test "upsert_address: upserts a given IP Address" do
+      ip = Faker::Internet.ip_v6_address
+
+      assert_difference "#{model_class}.count", +1 do
+        instance = model_class.upsert_address(address: ip)
+        assert_equal model_class.upsert_address(address: ip), instance
+      end
+    end
+  end
+end

data/app/lib/practical/test/shared/models/utility/user_agent.rb

@@ -0,0 +1,43 @@
+# frozen_string_literal: true
+
+module Practical::Test::Shared::Models::Utility::UserAgent
+  extend ActiveSupport::Concern
+
+  included do
+    test "user_agent: is required and cannot be blank" do
+      instance = new_model_instance(user_agent: nil)
+      assert_equal false, instance.valid?
+      assert_equal true, instance.errors.of_kind?(:user_agent, :blank)
+
+      instance.user_agent = SecureRandom.hex
+
+      assert_equal true, instance.valid?
+      assert_equal false, instance.errors.of_kind?(:user_agent, :blank)
+    end
+
+    test "user_agent: is unique" do
+      old_user_agent = SecureRandom.hex
+
+      old_instance = new_model_instance(user_agent: old_user_agent)
+      old_instance.save!
+
+      instance = new_model_instance(user_agent: old_user_agent)
+      assert_equal false, instance.valid?
+      assert_equal true, instance.errors.of_kind?(:user_agent, :taken)
+
+      instance.user_agent = SecureRandom.hex
+
+      assert_equal true, instance.valid?
+      assert_equal false, instance.errors.of_kind?(:user_agent, :taken)
+    end
+
+    test "upsert_user_agent: upserts a given IP Address" do
+      user_agent = SecureRandom.hex
+
+      assert_difference "#{model_class}.count", +1 do
+        instance = model_class.upsert_user_agent(user_agent: user_agent)
+        assert_equal model_class.upsert_user_agent(user_agent: user_agent), instance
+      end
+    end
+  end
+end

data/app/lib/practical/views/button/styling.rb

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+module Practical::Views::Button::Styling
+  extend ActiveSupport::Concern
+
+  def initialize_style_utilities(appearance: nil, color_variant: nil, size: nil)
+    if appearance.present?
+      self.appearance = Practical::Views::WebAwesome::StyleUtility::AppearanceVariant.new(variants: appearance)
+    end
+
+    if color_variant.present?
+      self.color_variant = Practical::Views::WebAwesome::StyleUtility::ColorVariant.new(variant: color_variant)
+    end
+
+    if size.present?
+      self.size = Practical::Views::WebAwesome::StyleUtility::Size.new(size: size)
+    end
+  end
+
+  def css_classes_from_style_utilities
+    helpers.class_names([appearance&.to_css, color_variant&.to_css, size&.to_css].compact)
+  end
+end

data/app/lib/practical/views/error_handling.rb

@@ -0,0 +1,33 @@
+module Practical::Views::ErrorHandling
+  def self.build_error_json(model:, helpers:)
+    return model.errors.map do |error|
+      error_container_id = error_container_id(model: model, error: error, helpers: helpers)
+      element_id = error_element_id(model: model, error: error, helpers: helpers)
+
+      {
+        container_id: error_container_id,
+        element_to_invalidate_id: element_id,
+        message: error.message,
+        type: error.type
+      }
+    end
+  end
+
+  def self.error_container_id(model:, error:, helpers:)
+    if error.options[:error_container_id].present?
+      return error.options[:error_container_id]
+    else
+      attribute_name_parts = error.attribute.to_s.split(".")
+      return helpers.field_id(model, *attribute_name_parts, :errors)
+    end
+  end
+
+  def self.error_element_id(model:, error:, helpers:)
+    if error.options[:element_id].present?
+      return error.options[:element_id]
+    else
+      attribute_name_parts = error.attribute.to_s.split(".")
+      return helpers.field_id(model, *attribute_name_parts)
+    end
+  end
+end