punk 0.0.3 → 0.2.0

data/spec/models/punk/identity_spec.rb

@@ -0,0 +1,61 @@
+# frozen_string_literal: true
+
+describe PUNK::Identity do
+  it 'is valid with valid attributes' do
+    expect { create(:identity) }.not_to raise_error
+  end
+
+  it 'must claim an email or a phone' do
+    identity = build(:identity, claim_type: 'zork', claim: 'xyzzy')
+    expect(identity.valid?).to be(false)
+    expect(identity.errors[:claim_type].first).to eq('is not in range or set: [:email, :phone]')
+  end
+
+  it 'is assigned a uuid on save' do
+    identity = build(:identity)
+    expect(identity.id).to be_nil
+    identity.save
+    expect(valid_uuid?(identity.id)).to be(true)
+  end
+
+  it 'can be saved with a custom uuid' do
+    uuid = generate(:uuid)
+    identity = create(:identity, id: uuid)
+    expect(identity.id).to eq(uuid)
+  end
+
+  it 'may belong to a user' do
+    identity_with_user = create(:identity)
+    expect(identity_with_user.user).to exist
+    identity_without_user = create(:identity, user: nil)
+    expect(identity_without_user.user).to be_nil
+  end
+
+  it 'has an email? accessor' do
+    identity_with_email = build(:identity, claim_type: 'email')
+    expect(identity_with_email.email?).to be(true)
+    identity_without_email = build(:identity, claim_type: 'phone')
+    expect(identity_without_email.email?).to be(false)
+  end
+
+  it 'has a phone? accessor' do
+    identity_with_phone = create(:identity, claim_type: 'phone')
+    expect(identity_with_phone.phone?).to be(true)
+    identity_without_phone = create(:identity, claim_type: 'email')
+    expect(identity_without_phone.phone?).to be(false)
+  end
+
+  it 'has a unique claim' do
+    identity = create(:identity)
+    duplicate_identity = build(:identity, claim_type: identity.claim_type, claim: identity.claim)
+    expect(duplicate_identity.valid?).to be(false)
+    expect(duplicate_identity.errors[:claim].first).to eq('is already taken')
+  end
+
+  it 'can have multiple sessions' do
+    identity = create(:identity)
+    expect(identity.sessions.count).to eq(0)
+    create_list(:session, 3, identity: identity)
+    expect(identity.sessions.count).to eq(3)
+  end
+end

data/spec/models/punk/session_spec.rb

@@ -0,0 +1,156 @@
+# frozen_string_literal: true
+
+describe PUNK::Session do
+  it "is valid with valid attributes" do
+    expect { create(:session) }.not_to raise_error
+  end
+
+  it "is assigned a uuid on save" do
+    session = build(:session)
+    expect(session.id).to be_nil
+    session.save
+    expect(valid_uuid?(session.id)).to be(true)
+  end
+
+  it "can be saved with a custom uuid" do
+    uuid = generate(:uuid)
+    session = create(:session, id: uuid)
+    expect(session.id).to eq(uuid)
+  end
+
+  it "must belong to an identity" do
+    session = build(:session, identity: nil)
+    expect(session.valid?).to be(false)
+    expect(session.errors[:identity].first).to eq('is not present')
+  end
+
+  it "may have a user" do
+    session = build(:session)
+    expect(session.user).to exist
+    session = build(:session, identity: create(:identity, user: nil))
+    expect(session.user).to be_nil
+  end
+
+  it "can contain client data" do
+    identity = create(:session, data: { foo: 'bar' })
+    expect(identity.data[:foo]).to eq('bar')
+  end
+
+  it "permits only three validation attempts" do
+    session = create(:session, attempt_count: 3)
+    expect(session.valid?).to be(true)
+    expect { session.increment_attempts }.to raise_error(Sequel::ValidationFailed, "attempt_count is not in range or set: [0, 1, 2, 3]")
+  end
+
+  it "starts in the created state" do
+    session = create(:session)
+    expect(session.created?).to be(true)
+  end
+
+  it "can be challenged" do
+    session = create(:session)
+    expect(session.may_challenge?).to be(true)
+    session.challenge!
+    expect(session.pending?).to be(true)
+  end
+
+  it "can be verified" do
+    session = create(:session)
+    session.challenge!
+    expect(session.may_verify?).to be(true)
+    session.verify!
+    expect(session.active?).to be(true)
+  end
+
+  it "will not timeout when first created" do
+    session = create(:session)
+    session.timeout?
+    expect(session.created?).to be(true)
+  end
+
+  it "will timeout after 5 minutes if not active" do
+    session = create(:session)
+    Timecop.travel(6.minutes.from_now)
+    expect(described_class.expiring.count).to eq(1)
+    session.timeout?
+    expect(session.expired?).to be(true)
+  end
+
+  it "will not time out after 5 minutes if active" do
+    session = create(:session, state: :active)
+    Timecop.travel(1.week.from_now)
+    expect(described_class.expiring.count).to eq(0)
+    session.timeout?
+    expect(session.active?).to be(true)
+  end
+
+  it "will timeout after 1 month if active but unused" do
+    session = create(:session, state: :active)
+    Timecop.travel((1.month + 1.day).from_now)
+    expect(described_class.expiring.count).to eq(1)
+    session.timeout?
+    expect(session.expired?).to be(true)
+  end
+
+  it "will not timeout after 1 month if active and used" do
+    session = create(:session, state: :active)
+    Timecop.travel(6.months.from_now)
+    session.touch
+    session.timeout?
+    expect(session.active?).to be(true)
+  end
+
+  it "will timeout after 1 year if active and used" do
+    session = create(:session, state: :active)
+    Timecop.travel((1.year + 1.day).from_now)
+    session.touch
+    session.timeout?
+    expect(session.expired?).to be(true)
+  end
+
+  it "can be cleared" do
+    session = create(:session, state: :active)
+    expect(session.may_clear?).to be(true)
+    session.clear!
+    expect(session.deleted?).to be(true)
+  end
+
+  context "when many sessions exist" do
+    before do
+      create(:session, state: :created)
+      create(:session, state: :pending)
+      create(:session, state: :active)
+      create(:session, state: :expired)
+      create(:session, state: :deleted)
+    end
+
+    it "can be scoped to created sessions" do
+      expect(described_class.count).to eq(5)
+      expect(described_class.created.count).to eq(1)
+    end
+
+    it "can be scoped to pending sessions" do
+      expect(described_class.count).to eq(5)
+      expect(described_class.pending.count).to eq(1)
+    end
+
+    it "can be scoped to active sessions" do
+      expect(described_class.count).to eq(5)
+      expect(described_class.active.count).to eq(1)
+    end
+
+    it "can be scoped to expired sessions" do
+      expect(described_class.count).to eq(5)
+      expect(described_class.expired.count).to eq(1)
+    end
+
+    it "can be scoped to deleted sessions" do
+      expect(described_class.count).to eq(5)
+      expect(described_class.deleted.count).to eq(1)
+    end
+
+    it "can be accessed at random" do
+      expect { described_class.sample }.not_to raise_error
+    end
+  end
+end

data/spec/models/punk/tenant_spec.rb

@@ -0,0 +1,51 @@
+# frozen_string_literal: true
+
+describe PUNK::Tenant do
+  it "is valid with valid attributes" do
+    expect { create(:tenant) }.not_to raise_error
+  end
+
+  it "is assigned a uuid on save" do
+    tenant = build(:tenant)
+    expect(tenant.id).to be_nil
+    tenant.save
+    expect(valid_uuid?(tenant.id)).to be(true)
+  end
+
+  it "can be saved with a custom uuid" do
+    uuid = generate(:uuid)
+    tenant = create(:tenant, id: uuid)
+    expect(tenant.id).to eq(uuid)
+  end
+
+  it "is invalid without a name" do
+    tenant = build(:tenant, name: nil)
+    expect(tenant.valid?).to be(false)
+    expect(tenant.errors[:name].first).to eq('is not present')
+  end
+
+  it "is valid without an icon" do
+    tenant = build(:tenant, icon: nil)
+    expect(tenant.valid?).to be(true)
+  end
+
+  it "is invalid if the icon is not a URL" do
+    tenant = build(:tenant, icon: Faker::Alphanumeric.alpha)
+    expect(tenant.valid?).to be(false)
+    expect(tenant.errors[:icon].first).to eq('is not a URL')
+  end
+
+  it "can have multiple users" do
+    tenant = create(:tenant)
+    expect(tenant.users.count).to eq(0)
+    3.times { create(:user).add_tenant(tenant) }
+    expect(tenant.users.count).to eq(3)
+  end
+
+  it "can have multiple groups" do
+    tenant = create(:tenant)
+    expect(tenant.groups.count).to eq(0)
+    create_list(:group, 3, tenant: tenant)
+    expect(tenant.groups.count).to eq(3)
+  end
+end

data/spec/models/punk/tenant_user_metadata_spec.rb

@@ -0,0 +1,61 @@
+# frozen_string_literal: true
+
+describe PUNK::TenantUserMetadata do
+  it "is valid with valid attributes" do
+    expect { create(:tenant_user_metadata) }.not_to raise_error
+  end
+
+  it "is invalid without a tenant" do
+    tenant_user_metadata = build(:tenant_user_metadata, tenant: nil)
+    expect(tenant_user_metadata.valid?).to be(false)
+    expect(tenant_user_metadata.errors[:tenant].first).to eq('is not present')
+  end
+
+  it "is invalid without a user" do
+    tenant_user_metadata = build(:tenant_user_metadata, user: nil)
+    expect(tenant_user_metadata.valid?).to be(false)
+    expect(tenant_user_metadata.errors[:user].first).to eq('is not present')
+  end
+
+  it "displays as the two IDs concatenated" do
+    tenant_user_metadata = create(:tenant_user_metadata)
+    expect(tenant_user_metadata.to_s).to include(tenant_user_metadata.tenant.id)
+    expect(tenant_user_metadata.to_s).to include(tenant_user_metadata.user.id)
+  end
+
+  context "when a user and a tenant exist" do
+    let(:user) { create(:user) }
+    let(:tenant) { create(:tenant) }
+
+    context "when a user is added to a tenant" do
+      let(:tenant_user_metadata) do
+        described_class[tenant: tenant, user: user]
+      end
+
+      before do
+        tenant.add_user(user)
+      end
+
+      it "is created automatically" do
+        expect(tenant_user_metadata).not_to be_nil
+        expect(tenant.users).to include(user)
+      end
+
+      it "destroying it will remove the user from the tenant" do
+        expect(tenant.users).to include(user)
+        tenant_user_metadata.destroy
+        tenant.reload
+        expect(tenant.users).not_to include(user)
+      end
+    end
+
+    context "when it is created" do
+      it "adds a user to a tenant" do
+        expect(tenant.users).not_to include(user)
+        create(:tenant_user_metadata, tenant: tenant, user: user)
+        tenant.reload
+        expect(tenant.users).to include(user)
+      end
+    end
+  end
+end

data/spec/models/punk/user_spec.rb

@@ -0,0 +1,115 @@
+# frozen_string_literal: true
+
+describe PUNK::User do
+  it "is valid with valid attributes" do
+    expect { create(:user) }.not_to raise_error
+  end
+
+  it "is assigned a uuid on save" do
+    user = build(:user)
+    expect(user.id).to be_nil
+    user.save
+    expect(valid_uuid?(user.id)).to be(true)
+  end
+
+  it "can be saved with a custom uuid" do
+    uuid = generate(:uuid)
+    user = create(:user, id: uuid)
+    expect(user.id).to eq(uuid)
+  end
+
+  it "is invalid without a name" do
+    user = build(:user, name: nil)
+    expect(user.valid?).to be(false)
+    expect(user.errors[:name].first).to eq('is not present')
+  end
+
+  it "validates name presence in the database" do
+    user = build(:user, name: nil)
+    expect { user.save(validate: false) }.to raise_error(Sequel::NotNullConstraintViolation)
+  end
+
+  it "is valid without an icon" do
+    user = build(:user, icon: nil)
+    expect(user.valid?).to be(true)
+  end
+
+  it "is invalid if the icon is not a URL" do
+    user = build(:user, icon: Faker::Alphanumeric.alpha)
+    expect(user.valid?).to be(false)
+    expect(user.errors[:icon].first).to eq('is not a URL')
+  end
+
+  it "is valid without an email" do
+    user = build(:user, email: nil)
+    expect(user.valid?).to be(true)
+  end
+
+  it "is invalid if the email is not an email address" do
+    user = build(:user, email: Faker::Alphanumeric.alpha)
+    expect(user.valid?).to be(false)
+    expect(user.errors[:email].first).to eq('is not an email address')
+  end
+
+  it "has a unique email" do
+    email = create(:user).email
+    user = build(:user, email: email)
+    expect(user.valid?).to be(false)
+    expect(user.errors[:email].first).to eq('is already taken')
+  end
+
+  it "validates email uniqueness in the database" do
+    email = create(:user).email
+    user = build(:user, email: email)
+    expect { user.save(validate: false) }.to raise_error(Sequel::UniqueConstraintViolation)
+  end
+
+  it "is valid without a phone" do
+    user = build(:user, phone: nil)
+    expect(user.valid?).to be(true)
+  end
+
+  it "is invalid if the phone is not a phone number" do
+    user = build(:user, phone: Faker::Alphanumeric.alpha)
+    expect(user.valid?).to be(false)
+    expect(user.errors[:phone].first).to eq('is not a phone number')
+  end
+
+  it "has a unique phone" do
+    phone = create(:user).phone
+    user = build(:user, phone: phone)
+    expect(user.valid?).to be(false)
+    expect(user.errors[:phone].first).to eq('is already taken')
+  end
+
+  it "validates phone uniqueness in the database" do
+    phone = create(:user).phone
+    user = build(:user, phone: phone)
+    expect { user.save(validate: false) }.to raise_error(Sequel::UniqueConstraintViolation)
+  end
+
+  it "is invalid without either an email or a phone" do
+    user = build(:user, email: nil, phone: nil)
+    user.valid?
+    expect(user.errors[:email].first).to eq('is not present')
+    expect(user.errors[:phone].first).to eq('is not present')
+  end
+
+  it "can belong to multiple tenants" do
+    user = create(:user)
+    expect(user.tenants.count).to eq(0)
+    3.times { create(:tenant).add_user(user) }
+    expect(user.tenants.count).to eq(3)
+  end
+
+  it "can belong to multiple groups" do
+    user = create(:user)
+    expect(user.groups.count).to eq(0)
+    3.times { create(:group).add_user(user) }
+    expect(user.groups.count).to eq(3)
+  end
+
+  it "can have many sessions"
+
+  it "has an active sessions scope"
+end

data/spec/routes/groups/get_groups_spec.rb

@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+
+describe PUNK, "GET /groups" do
+  include_context "Punk"
+
+  context 'when the user is not authenticated' do
+    before do
+      get '/groups'
+    end
+
+    it { is_expected.not_to be_successful }
+  end
+
+  context 'when the user is authenticated' do
+    let(:tenant) { create(:tenant) }
+    let(:identity) { create(:identity, claim_type: 'phone') }
+    let(:group) { create(:group, tenant: tenant) }
+
+    before do
+      identity.user.add_tenant(tenant)
+      identity.user.add_group(group)
+      login(identity.claim)
+      get "/groups?tenant_id=#{tenant.id}"
+    end
+
+    after do
+      logout
+    end
+
+    it { is_expected.to be_successful }
+    its(:body) { is_expected.to match(group.name) }
+  end
+end