RubyGems - punk - Versions diffs - 0.1.0 → 0.3.1 - Mend

punk 0.1.0 → 0.3.1

Files changed (145) hide show

checksums.yaml +4 -4
data/.editorconfig +9 -0
data/.github/workflows/ship.yml +3 -1
data/.github/workflows/test.yml +26 -1
data/.rdoc_options +23 -0
data/.rgignore +1 -0
data/.rspec +2 -0
data/Gemfile +5 -6
data/Gemfile.lock +17 -30
data/README.md +7 -1
data/Rakefile +0 -1
data/VERSION +1 -1
data/app/migrations/001_lets_punk.rb +3 -0
data/app/routes/hello.rb +4 -0
data/env/.gitignore +3 -0
data/env/spec/test.sh +3 -0
data/lib/punk/actions/.keep +0 -0
data/lib/punk/actions/groups/list.rb +24 -0
data/lib/punk/actions/sessions/clear.rb +21 -0
data/lib/punk/actions/sessions/create.rb +64 -0
data/lib/punk/actions/sessions/list.rb +18 -0
data/lib/punk/actions/sessions/verify.rb +24 -0
data/lib/punk/actions/tenants/list.rb +18 -0
data/lib/punk/actions/users/list_group.rb +18 -0
data/lib/punk/actions/users/list_tenant.rb +18 -0
data/lib/punk/actions/users/show.rb +18 -0
data/lib/punk/commands/list.rb +12 -6
data/lib/punk/config/defaults.json +3 -0
data/lib/punk/config/schema.json +3 -0
data/lib/punk/core/app.rb +4 -6
data/lib/punk/core/commander.rb +12 -7
data/lib/punk/core/exec.rb +2 -0
data/lib/punk/core/load.rb +0 -1
data/lib/punk/framework/command.rb +5 -1
data/lib/punk/framework/plugins/validation.rb +0 -14
data/lib/punk/helpers/loggable.rb +1 -1
data/lib/punk/migrations/001_punk.rb +103 -0
data/lib/punk/models/.keep +0 -0
data/lib/punk/models/group.rb +20 -0
data/lib/punk/models/group_user_metadata.rb +17 -0
data/lib/punk/models/identity.rb +29 -0
data/lib/punk/models/session.rb +89 -0
data/lib/punk/models/tenant.rb +19 -0
data/lib/punk/models/tenant_user_metadata.rb +17 -0
data/lib/punk/models/user.rb +31 -0
data/lib/punk/routes/groups.rb +31 -0
data/lib/punk/routes/plivo.rb +4 -0
data/lib/punk/routes/sessions.rb +108 -0
data/lib/punk/routes/swagger.rb +9 -0
data/lib/punk/routes/tenants.rb +29 -0
data/lib/punk/routes/users.rb +36 -0
data/lib/punk/services/.keep +0 -0
data/lib/punk/services/challenge_claim.rb +46 -0
data/lib/punk/services/create_identities.rb +25 -0
data/lib/punk/services/generate_swagger.rb +25 -0
data/lib/punk/services/prove_claim.rb +29 -0
data/lib/punk/services/secret.rb +9 -0
data/lib/punk/templates/groups/list.jbuilder +7 -0
data/lib/punk/templates/plivo.slim +16 -0
data/lib/punk/templates/sessions/list.jbuilder +6 -0
data/lib/punk/templates/sessions/pending.jbuilder +4 -0
data/lib/punk/templates/tenants/list.jbuilder +7 -0
data/lib/punk/templates/tenants/list.slim +8 -0
data/lib/punk/templates/users/list.jbuilder +7 -0
data/lib/punk/templates/users/list.rcsv +4 -0
data/lib/punk/templates/users/show.jbuilder +5 -0
data/lib/punk/views/groups/list.rb +22 -0
data/lib/punk/views/plivo_store.rb +15 -0
data/lib/punk/views/sessions/list.rb +22 -0
data/lib/punk/views/sessions/pending.rb +28 -0
data/lib/punk/views/tenants/list.rb +22 -0
data/lib/punk/views/users/list.rb +22 -0
data/lib/punk/views/users/show.rb +22 -0
data/lib/punk/workers/.keep +0 -0
data/lib/punk/workers/expire_sessions.rb +9 -0
data/lib/punk/workers/geocode_session_worker.rb +48 -0
data/lib/punk/workers/identify_session_worker.rb +45 -0
data/lib/punk/workers/secret.rb +18 -0
data/lib/punk/workers/send_email_worker.rb +51 -0
data/lib/punk/workers/send_sms_worker.rb +40 -0
data/punk.gemspec +141 -15
data/schema.psql +345 -0
data/spec/actions/groups/punk/list_groups_action_spec.rb +36 -0
data/spec/actions/sessions/punk/clear_session_action_spec.rb +29 -0
data/spec/actions/sessions/punk/create_session_action_spec.rb +33 -0
data/spec/actions/sessions/punk/list_sessions_action_spec.rb +26 -0
data/spec/actions/sessions/punk/verify_session_action_spec.rb +59 -0
data/spec/actions/tenants/punk/list_tenants_action_spec.rb +25 -0
data/spec/actions/users/punk/list_group_users_action_spec.rb +26 -0
data/spec/actions/users/punk/list_tenant_users_action_spec.rb +26 -0
data/spec/factories/group.rb +12 -0
data/spec/factories/group_user_metadata.rb +10 -0
data/spec/factories/identity.rb +19 -0
data/spec/factories/session.rb +12 -0
data/spec/factories/tenant.rb +10 -0
data/spec/factories/tenant_user_metadata.rb +10 -0
data/spec/factories/user.rb +12 -0
data/spec/lib/commands/auth_spec.rb +11 -0
data/spec/lib/commands/generate_spec.rb +7 -0
data/spec/lib/commands/http_spec.rb +23 -0
data/spec/lib/commands/list_spec.rb +7 -0
data/spec/lib/commands/swagger_spec.rb +7 -0
data/spec/lib/engine/punk_env_spec.rb +13 -0
data/spec/lib/engine/punk_exec_spec.rb +9 -0
data/spec/lib/engine/punk_init_spec.rb +9 -0
data/spec/lib/engine/punk_store_spec.rb +10 -0
data/spec/lib/punk.env +7 -0
data/spec/models/punk/group_spec.rb +50 -0
data/spec/models/punk/group_user_metadata_spec.rb +61 -0
data/spec/models/punk/identity_spec.rb +61 -0
data/spec/models/punk/session_spec.rb +156 -0
data/spec/models/punk/tenant_spec.rb +51 -0
data/spec/models/punk/tenant_user_metadata_spec.rb +61 -0
data/spec/models/punk/user_spec.rb +115 -0
data/spec/routes/groups/get_groups_spec.rb +33 -0
data/spec/routes/plivo/get_plivo_spec.rb +11 -0
data/spec/routes/sessions/delete_session_spec.rb +11 -0
data/spec/routes/sessions/get_sessions_spec.rb +30 -0
data/spec/routes/sessions/patch_session_spec.rb +11 -0
data/spec/routes/sessions/post_session_spec.rb +11 -0
data/spec/routes/swagger/get_swagger_spec.rb +12 -0
data/spec/routes/tenants/get_tenants_spec.rb +31 -0
data/spec/routes/users/get_users_spec.rb +60 -0
data/spec/services/punk/challenge_claim_service_spec.rb +7 -0
data/spec/services/punk/create_identities_service_spec.rb +14 -0
data/spec/services/punk/generate_swagger_service_spec.rb +7 -0
data/spec/services/punk/prove_claim_service_spec.rb +7 -0
data/spec/services/punk/secret_service_spec.rb +7 -0
data/spec/spec_helper.rb +122 -0
data/spec/vcr_cassettes/PUNK_GeocodeSessionWorker/updates_the_session_data.yml +57 -0
data/spec/vcr_cassettes/PUNK_IdentifySessionWorker/updates_the_session_data.yml +112 -0
data/spec/views/punk/plivo_store_spec.rb +7 -0
data/spec/views/sessions/punk/list_sessions_view_spec.rb +7 -0
data/spec/views/sessions/punk/pending_session_view_spec.rb +7 -0
data/spec/views/tenants/punk/list_tenants_view_spec.rb +7 -0
data/spec/views/users/punk/list_groups_view_spec.rb +7 -0
data/spec/views/users/punk/list_users_view_spec.rb +7 -0
data/spec/workers/punk/expire_sessions_worker_spec.rb +31 -0
data/spec/workers/punk/geocode_session_worker_spec.rb +14 -0
data/spec/workers/punk/identify_session_worker_spec.rb +15 -0
data/spec/workers/punk/secret_worker_spec.rb +20 -0
data/spec/workers/punk/send_email_worker_spec.rb +46 -0
data/spec/workers/punk/send_sms_worker_spec.rb +33 -0
metadata +150 -12
data/lib/punk/views/all.rb +0 -4

data/spec/models/punk/user_spec.rb ADDED

@@ -0,0 +1,115 @@
+# frozen_string_literal: true
+describe PUNK::User do
+  it "is valid with valid attributes" do
+    expect { create(:user) }.not_to raise_error
+  end
+  it "is assigned a uuid on save" do
+    user = build(:user)
+    expect(user.id).to be_nil
+    user.save
+    expect(valid_uuid?(user.id)).to be(true)
+  end
+  it "can be saved with a custom uuid" do
+    uuid = generate(:uuid)
+    user = create(:user, id: uuid)
+    expect(user.id).to eq(uuid)
+  end
+  it "is invalid without a name" do
+    user = build(:user, name: nil)
+    expect(user.valid?).to be(false)
+    expect(user.errors[:name].first).to eq('is not present')
+  end
+  it "validates name presence in the database" do
+    user = build(:user, name: nil)
+    expect { user.save(validate: false) }.to raise_error(Sequel::NotNullConstraintViolation)
+  end
+  it "is valid without an icon" do
+    user = build(:user, icon: nil)
+    expect(user.valid?).to be(true)
+  end
+  it "is invalid if the icon is not a URL" do
+    user = build(:user, icon: Faker::Alphanumeric.alpha)
+    expect(user.valid?).to be(false)
+    expect(user.errors[:icon].first).to eq('is not a URL')
+  end
+  it "is valid without an email" do
+    user = build(:user, email: nil)
+    expect(user.valid?).to be(true)
+  end
+  it "is invalid if the email is not an email address" do
+    user = build(:user, email: Faker::Alphanumeric.alpha)
+    expect(user.valid?).to be(false)
+    expect(user.errors[:email].first).to eq('is not an email address')
+  end
+  it "has a unique email" do
+    email = create(:user).email
+    user = build(:user, email: email)
+    expect(user.valid?).to be(false)
+    expect(user.errors[:email].first).to eq('is already taken')
+  end
+  it "validates email uniqueness in the database" do
+    email = create(:user).email
+    user = build(:user, email: email)
+    expect { user.save(validate: false) }.to raise_error(Sequel::UniqueConstraintViolation)
+  end
+  it "is valid without a phone" do
+    user = build(:user, phone: nil)
+    expect(user.valid?).to be(true)
+  end
+  it "is invalid if the phone is not a phone number" do
+    user = build(:user, phone: Faker::Alphanumeric.alpha)
+    expect(user.valid?).to be(false)
+    expect(user.errors[:phone].first).to eq('is not a phone number')
+  end
+  it "has a unique phone" do
+    phone = create(:user).phone
+    user = build(:user, phone: phone)
+    expect(user.valid?).to be(false)
+    expect(user.errors[:phone].first).to eq('is already taken')
+  end
+  it "validates phone uniqueness in the database" do
+    phone = create(:user).phone
+    user = build(:user, phone: phone)
+    expect { user.save(validate: false) }.to raise_error(Sequel::UniqueConstraintViolation)
+  end
+  it "is invalid without either an email or a phone" do
+    user = build(:user, email: nil, phone: nil)
+    user.valid?
+    expect(user.errors[:email].first).to eq('is not present')
+    expect(user.errors[:phone].first).to eq('is not present')
+  end
+  it "can belong to multiple tenants" do
+    user = create(:user)
+    expect(user.tenants.count).to eq(0)
+    3.times { create(:tenant).add_user(user) }
+    expect(user.tenants.count).to eq(3)
+  end
+  it "can belong to multiple groups" do
+    user = create(:user)
+    expect(user.groups.count).to eq(0)
+    3.times { create(:group).add_user(user) }
+    expect(user.groups.count).to eq(3)
+  end
+  it "can have many sessions"
+  it "has an active sessions scope"
+end

data/spec/routes/groups/get_groups_spec.rb ADDED

@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+describe PUNK, "GET /groups" do
+  include_context "Punk"
+  context 'when the user is not authenticated' do
+    before do
+      get '/groups'
+    end
+    it { is_expected.not_to be_successful }
+  end
+  context 'when the user is authenticated' do
+    let(:tenant) { create(:tenant) }
+    let(:identity) { create(:identity, claim_type: 'phone') }
+    let(:group) { create(:group, tenant: tenant) }
+    before do
+      identity.user.add_tenant(tenant)
+      identity.user.add_group(group)
+      login(identity.claim)
+      get "/groups?tenant_id=#{tenant.id}"
+    end
+    after do
+      logout
+    end
+    it { is_expected.to be_successful }
+    its(:body) { is_expected.to match(group.name) }
+  end
+end

data/spec/routes/plivo/get_plivo_spec.rb ADDED

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+describe PUNK, "GET /plivo" do
+  include_context "Punk"
+  before do
+    get '/plivo.html'
+  end
+  it { is_expected.to be_successful }
+end

data/spec/routes/sessions/delete_session_spec.rb ADDED

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+describe PUNK, "DELETE /sessions" do
+  include_context "Punk"
+  before do
+    delete '/sessions'
+  end
+  it { is_expected.not_to be_successful }
+end

data/spec/routes/sessions/get_sessions_spec.rb ADDED

@@ -0,0 +1,30 @@
+# frozen_string_literal: true
+describe PUNK, "GET /sessions" do
+  include_context "Punk"
+  context 'when the user is not authenticated' do
+    before do
+      get '/sessions'
+    end
+    it { is_expected.not_to be_successful }
+  end
+  context 'when the user is authenticated' do
+    let(:user) { create(:user) }
+    let(:identity) { create(:identity, user: user, claim_type: 'phone') }
+    before do
+      login(identity.claim)
+      get '/sessions'
+    end
+    after do
+      logout
+    end
+    it { is_expected.to be_successful }
+    its(:body) { is_expected.to match(user.active_sessions.first.id) }
+  end
+end

data/spec/routes/sessions/patch_session_spec.rb ADDED

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+describe PUNK, "PATCH /sessions" do
+  include_context "Punk"
+  before do
+    patch '/sessions'
+  end
+  it { is_expected.not_to be_successful }
+end

data/spec/routes/sessions/post_session_spec.rb ADDED

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+describe PUNK, "POST /sessions" do
+  include_context "Punk"
+  before do
+    post '/sessions'
+  end
+  it { is_expected.not_to be_successful }
+end

data/spec/routes/swagger/get_swagger_spec.rb ADDED

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+describe PUNK, "GET /swagger" do
+  include_context "Punk"
+  before do
+    get '/swagger'
+  end
+  it { is_expected.to be_successful }
+  its(:body) { is_expected.to match('"openapi": "3.0.0"') }
+end

data/spec/routes/tenants/get_tenants_spec.rb ADDED

@@ -0,0 +1,31 @@
+# frozen_string_literal: true
+describe PUNK, "GET /tenants" do
+  include_context "Punk"
+  context 'when the user is not authenticated' do
+    before do
+      get '/tenants'
+    end
+    it { is_expected.not_to be_successful }
+  end
+  context 'when the user is authenticated' do
+    let(:tenant) { create(:tenant) }
+    let(:identity) { create(:identity, claim_type: 'phone') }
+    before do
+      identity.user.add_tenant(tenant)
+      login(identity.claim)
+      get '/tenants'
+    end
+    after do
+      logout
+    end
+    it { is_expected.to be_successful }
+    its(:body) { is_expected.to match(tenant.name) }
+  end
+end

data/spec/routes/users/get_users_spec.rb ADDED

@@ -0,0 +1,60 @@
+# frozen_string_literal: true
+describe PUNK, "GET /users" do
+  include_context "Punk"
+  context 'when the user is not authenticated' do
+    before do
+      get '/users'
+    end
+    it { is_expected.not_to be_successful }
+  end
+  context 'when the user is authenticated' do
+    let(:tenant) { create(:tenant) }
+    let(:identity) { create(:identity, claim_type: 'phone') }
+    let(:group) { create(:group, tenant: tenant) }
+    let(:tenant_user) { create(:user) }
+    let(:group_user) { create(:user) }
+    before do
+      identity.user.add_tenant(tenant)
+      identity.user.add_group(group)
+      tenant_user.add_tenant(tenant)
+      group_user.add_tenant(tenant)
+      group_user.add_group(group)
+      login(identity.claim)
+    end
+    after do
+      logout
+    end
+    context 'without a group' do
+      before do
+        get "/users?tenant_id=#{tenant.id}"
+      end
+      it { is_expected.to be_successful }
+      its(:body) do
+        is_expected.to match(tenant_user.name)
+        is_expected.to match(group_user.name)
+      end
+    end
+    context 'with a group' do
+      before do
+        get "/users?tenant_id=#{tenant.id}&group_id=#{group.id}"
+      end
+      it { is_expected.to be_successful }
+      its(:body) do
+        is_expected.not_to match(tenant_user.name)
+        is_expected.to match(group_user.name)
+      end
+    end
+  end
+end

data/spec/services/punk/challenge_claim_service_spec.rb ADDED

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+describe PUNK::ChallengeClaimService do
+  context 'with no specs written' do
+    it 'displays a warning'
+  end
+end

data/spec/services/punk/create_identities_service_spec.rb ADDED

@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+describe PUNK::CreateIdentitiesService do
+  before do
+    create(:user, phone: nil)
+    create(:user, email: nil)
+  end
+  it 'creates identities for users that are missing them' do
+    expect(PUNK::Identity.count).to eq(0)
+    described_class.run
+    expect(PUNK::Identity.count).to eq(2)
+  end
+end

data/spec/services/punk/generate_swagger_service_spec.rb ADDED

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+describe PUNK::GenerateSwaggerService do
+  context 'with no specs written' do
+    it 'displays a warning'
+  end
+end

data/spec/services/punk/prove_claim_service_spec.rb ADDED

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+describe PUNK::ProveClaimService do
+  context 'with no specs written' do
+    it 'displays a warning'
+  end
+end

data/spec/services/punk/secret_service_spec.rb ADDED

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+describe PUNK::SecretService do
+  context 'with no specs written' do
+    it 'displays a warning'
+  end
+end

data/spec/spec_helper.rb ADDED

@@ -0,0 +1,122 @@
+# frozen_string_literal: true
+require 'simplecov'
+require 'coveralls'
+SimpleCov.start do
+  add_filter 'spec'
+  add_filter 'lib/punk/commands/auth.rb'
+  add_filter 'lib/punk/commands/generate.rb'
+  add_filter 'lib/punk/commands/http.rb'
+  add_filter 'lib/punk/commands/list.rb'
+  add_filter 'lib/punk/core/commands.rb'
+  add_filter 'lib/punk/framework/command.rb'
+  add_filter 'lib/punk/plugins/cors.rb'
+  add_filter 'lib/punk/plugins/ssl.rb'
+  add_filter 'lib/punk/startup/logger.rb'
+end
+Coveralls.wear!
+require_relative '../lib/punk'
+require 'factory_bot'
+require 'faker'
+require 'timecop'
+require 'securerandom'
+require 'vcr'
+require 'rack/test'
+Faker::Config.locale = 'en-US'
+FactoryBot.use_parent_strategy = false
+VCR.configure do |c|
+  c.ignore_localhost = true
+  c.cassette_library_dir = 'spec/vcr_cassettes'
+  c.hook_into :webmock
+  c.configure_rspec_metadata!
+end
+PUNK.init(task: 'spec', config: { app: { name: 'Punk Test' } }).exec
+Sidekiq.logger = SemanticLogger['PUNK::SKQ']
+RSpec.shared_context 'Punk' do # rubocop:disable RSpec/ContextWording
+  include Rack::Test::Methods
+  subject { last_response }
+  def app
+    PUNK.app
+  end
+  def login(claim)
+    PUNK.cache.delete(:plivo)
+    response =
+      PUNK.app.call(
+        "REQUEST_METHOD" => "POST",
+        "PATH_INFO" => "/sessions",
+        "CONTENT_TYPE" => "text/json",
+        "SCRIPT_NAME" => "",
+        "rack.input" => StringIO.new({ claim: claim }.to_json)
+      )
+    response = ActiveSupport::JSON.decode(response[-1].first).deep_symbolize_keys
+    slug = response[:slug]
+    PUNK::SendSmsWorker.drain
+    sms = PUNK.cache.get(:plivo).first
+    PUNK.app.call(
+      "REQUEST_METHOD" => "PATCH",
+      "PATH_INFO" => "/sessions/#{slug}",
+      "CONTENT_TYPE" => "text/json",
+      "SCRIPT_NAME" => "",
+      "rack.input" => StringIO.new({ secret: sms[:body][-7..-2] }.to_json)
+    )
+  end
+  def logout
+    PUNK.app.call(
+      "REQUEST_METHOD" => "DELETE",
+      "PATH_INFO" => "/sessions",
+      "SCRIPT_NAME" => "",
+      "rack.input" => StringIO.new
+    )
+  end
+end
+module Helpers
+  def valid_uuid?(data)
+    data.split('-').map { |s| Integer(s, 16) }.length == 5
+  end
+end
+FactoryBot.define do
+  sequence :phone do
+    phone = "+1#{Phony.normalize(Faker::PhoneNumber.cell_phone)}" until Phony.plausible?(phone)
+    phone
+  end
+  sequence :uuid do
+    SecureRandom.uuid
+  end
+end
+RSpec.configure do |config|
+  config.expect_with :rspec do |expectations|
+    expectations.include_chain_clauses_in_custom_matcher_descriptions = true
+  end
+  config.include Helpers
+  config.include FactoryBot::Syntax::Methods
+  config.before(:suite) do
+    FactoryBot.find_definitions
+  end
+  config.before do
+    Sidekiq::Worker.clear_all
+  end
+  config.around do |example|
+    PUNK.db.transaction(rollback: :always, auto_savepoint: true) { example.run }
+  end
+  PUNK.commands(:spec, config)
+end