pws 0.9.2 → 1.0.0.pre.1

data/README.md

@@ -1,40 +1,44 @@
-pws ![Build status](http://travis-ci.org/janlelis/pws.png)
+pws [![Build status](http://travis-ci.org/janlelis/pws.png)](http://travis-ci.org/janlelis/pws)
 ===
 pws is a command-line password safe/manager written in Ruby.
 
-![Screenshot](http://rbjl.net/pws-example.png)
+*ATTENTION* Refactoring in progress / The latest stable version is 0.9.2
+
+Usage
+---
+[![Screenshot](http://rbjl.net/pws-example.png)](http://rbjl.net/60-pws-the-ruby-powered-command-line-password-manager)
+
 
 Installation
 ---
 You can install pws with
 `$ gem install pws`
 
-Run `$ pws help` for usage information.
+Run `$ pws --help` for usage information.
 
-Misc
+
+1.0 / Updating from 0.9
 ---
-Trust the code by reading the source!
+You can try out the newest version with:
+`$ gem install pws --pre`
 
-Originally based on [this tutorial](http://rbjl.net/41-tutorial-build-your-own-password-safe-with-ruby)
+The 0.9 password files are not compatible with that version, however, you can convert your safe with:
+`$ pws resave --in 0.9 --out 1.0`
 
-Cucumber specs loosely based on [the ones](https://github.com/thecatwasnot/passwordsafe/blob/master/features/) by thecatwasnot - thanks
 
-Features coming in 1.0
+Reading the source
 ---
-Around March or April 2012
+Trust the code by reading the source! It's originally based on [this tutorial](http://rbjl.net/41-tutorial-build-your-own-password-safe-with-ruby). You might want to start reading in the [0.9.2 tag](https://github.com/janlelis/pws/tree/0.9.2), because it's got less features and therefore is less code.
 
-* Significantly improved crypto methods
-* Tests for the crypto stuff
-* Different storage format, but will be backwards compatible
-* Little UI tweaks
 
 Contributions by
 ---
 * [brianewing](https://github.com/brianewing/)
 * [dquimper](https://github.com/dquimper/)
 * [grapz](https://github.com/grapz/)
+* Cucumber specs loosely based on [the ones](https://github.com/thecatwasnot/passwordsafe/blob/master/features/) by [thecatwasnot](https://github.com/thecatwasnot/)
+
 
 Copyright
 ---
-
 © 2010-2012 Jan Lelis, MIT license

data/features/add.feature

@@ -3,6 +3,7 @@ Feature: Add
   As a user
   I want to add new passwords to my password safe
 
+  @slow-hack
   Scenario: Add a new password for "github"
     Given A safe exists with master password "my_master_password"
     When I run `pws add github` interactively
@@ -12,6 +13,7 @@ Feature: Add
     And  the output should contain "Please enter a password for github:"
     And  the output should contain "The password for github has been added"
     
+  @slow-hack
   Scenario: Add a new password for "github", already passing it as command line paramenter (not recommended)
     Given A safe exists with master password "my_master_password"
     When I run `pws add github github_password` interactively
@@ -33,7 +35,7 @@ Feature: Add
     And  I type ""
     Then the output should contain "Master password:"
     And  the output should contain "Please enter a password for github:"
-    And  the output should contain "Cannot add an empty password!"
+    And  the output should contain "Cannot set an empty password!"
     
   Scenario: Try to add a new password for "github" (but the master password is wrong)
     Given A safe exists with master password "my_master_password"
@@ -42,4 +44,14 @@ Feature: Add
     Then the output should contain "Master password:"
     And  the output should contain "NO ACCESS"
     
-  
+  @slow-hack
+  Scenario: Set a new password for "github", this also sets the timestamp
+    Given A safe exists with master password "my_master_password"
+    When I run `pws ls` interactively
+    And  I type "my_master_password"
+    Then the output from "pws ls" should not contain the current date
+    When I run `pws add github github_password` interactively
+    And  I type "my_master_password"
+    And  I run `pws show` interactively
+    And  I type "my_master_password"
+    Then the output from "pws show" should contain the current date

data/features/create.feature

@@ -0,0 +1,23 @@
+Feature: Create
+  In order to use the password safe
+  As a user
+  I want to create a new safe
+
+  Scenario: Trying to call a pws task (except help or version), but safe does not exist, yet
+    When I run `pws` interactively
+    And I type "some_new_master_password"
+    And I type "some_new_master_password"
+    Then the output should match /No password safe detected, creating one at.*pws.*/
+    And  the output should contain "Please enter the new master password:"
+    And  the output should contain "Please enter the new master password, again:"
+    And  the output should contain "There aren't any passwords stored"
+    
+  Scenario: Creating a new safe fails, if password confirmation is wrong 
+    When I run `pws` interactively
+    And I type "some_new_master_password"
+    And I type "some_new_master_password_wrong"
+    Then the output should match /No password safe detected, creating one at.*pws.*/
+    And  the output should contain "Please enter the new master password:"
+    And  the output should contain "Please enter the new master password, again:"
+    And  the output should contain "don't match"
+  

data/features/in-out.feature

@@ -0,0 +1,54 @@
+Feature: --in and --out options
+  In order to use the newest pws version
+  As a user
+  I want to convert my password file into a different file format
+  
+  Scenario: Cannot access a 0.9 safe with the current version without --in 0.9 option
+  Given A "0.9" safe exists with master password "password" and a key "github" with password "123456"
+    When I run `pws` interactively
+    And  I type "password"
+    And  the output should contain "NO ACCESS"
+    And  the output should contain "you will need to convert"
+  
+  Scenario: Can access a 0.9 safe, if --in 0.9 option is given
+    Given A "0.9" safe exists with master password "password" and a key "github" with password "123456"
+    When I run `pws --in 0.9` interactively
+    And  I type "password"
+    Then the output should contain "Master password:"
+    Then the output should contain "Entries"
+    Then the output should contain "github"
+  
+  Scenario: Using --in 0.5 option, but --in 0.5 is not supported
+    Given A safe exists with master password "password" and a key "github" with password "123456"
+    When I run `pws --in 0.5` interactively
+    And  I type "password"
+    Then the output should contain "Master password:"
+    Then the output should contain "Input format <0.5> is not supported"
+  
+  Scenario: Using --in 0.9 option, but safe is not in 0.9 format
+    Given A safe exists with master password "password" and a key "github" with password "123456"
+    When I run `pws --in 0.9` interactively
+    And  I type "password"
+    Then the output should contain "Master password:"
+    Then the output should contain "NO ACCESS"
+  
+  @slow-hack
+  Scenario: Succesfully converts from 0.9 to 1.0 with --in 0.9 and out --1.0 options
+    Given A "0.9" safe exists with master password "password" and a key "github" with password "123456"
+    When I run `pws resave --in 0.9 --out 1.0` interactively
+    And  I type "password"
+    Then the output from "pws resave --in 0.9 --out 1.0" should contain "Master password:"
+    Then the output from "pws resave --in 0.9 --out 1.0" should contain "resaved"
+    When I run `pws` interactively
+    And  I type "password"
+    Then the output from "pws" should contain "Master password:"
+    Then the output from "pws" should contain "Entries"
+    Then the output from "pws" should contain "github"
+  
+  Scenario: Trying to convert to 0.9, but --out 0.9 is not supported
+    Given A "0.9" safe exists with master password "password" and a key "github" with password "123456"
+    When I run `pws resave --in 0.9 --out 0.9` interactively
+    And  I type "password"
+    Then the output should contain "Master password:"
+    Then the output should contain "Output format <0.9> is not supported"
+  

data/features/master.feature

@@ -30,6 +30,7 @@ Feature: Master
     And  the output should contain "again"
     And  the output should contain "don't match"
   
+  @slow-hack
   Scenario: Change the master password, already passing it as command line parameter (not recommended)
     Given A safe exists with master password "my_master_password"
     When I run `pws master my_new_master_password` interactively

data/features/misc.feature

@@ -19,4 +19,18 @@ Feature: Misc
     And  the output should contain "Unknown action"
     And  the output should contain "blubb"
     
+  Scenario: I am asking for help
+    When I run `pws --help` interactively
+    And  the output should contain "Usage"
+    And  the output should contain "pws"
+    And  the output should contain "action"
+    And  the output should contain "help"
+    And  the output should contain "namespace"
+    And  the output should contain "master"
+  
+  Scenario: I am asking for the version
+    When I run `pws --version` interactively
+    And  the output should contain "pws"
+    And  the output should contain "J-_-L"
+    And  the output should contain "github"
   

data/features/namespaces.feature

@@ -1,14 +1,16 @@
-Feature: Namespaces
+Feature: Namespaces and creating new safes
   In order to keep things separate
   As a user
   I want to use different safes
 
-  Scenario: Use a pws namespace
-    Given A safe exists with master password "my_master_password" and a key "github" with password "github_password"
+  @slow-hack
+  Scenario: Use a pws namespace, creating a new safe
     When I run `pws -work show` interactively
     And I type "some_new_master_password"
+    And I type "some_new_master_password"
     Then the output should match /No password safe detected, creating one at.*pws.*-work/
-    And  the output should contain "Please enter a new master password:"
+    And  the output should contain "Please enter the new master password:"
+    And  the output should contain "Please enter the new master password, again:"
     And  the output should contain "There aren't any passwords stored"
     
   Scenario: Only passing "-" operates on usual main namespace 

data/features/remove.feature

@@ -3,6 +3,7 @@ Feature: Remove
   As a user
   I want to remove passwords from my password safe
   
+  @slow-hack
   Scenario: Remove password entry "github"
     Given A safe exists with master password "my_master_password" and a key "github" with password "github_password"
     When I run `pws remove github` interactively

data/features/resave.feature

@@ -0,0 +1,37 @@
+Feature: Resave
+  In order to do nothing, but apply options to the safe and always save it
+  As a user
+  I want resave the save
+  
+  @slow-hack
+  Scenario: Usual resave
+    Given A safe exists with master password "my_master_password" and keys
+      | some      | 123 |
+      | password  | 345 |
+      | entries   | 678 |
+    When I run `pws resave` interactively
+    And  I type "my_master_password"
+    Then the output from "pws resave" should contain "resaved"
+    When I run `pws` interactively
+    And  I type "my_master_password"
+    And  the output from "pws" should contain "some"
+    And  the output from "pws" should contain "password"
+    And  the output from "pws" should contain "entries"
+    
+  @slow-hack
+  Scenario: Useful for converting when used together with --in and --out options
+    Given A "0.9" safe exists with master password "password" and a key "github" with password "123456"
+    When I run `pws show` interactively
+    And  I type "password"
+    Then the output from "pws show" should contain "Master password:"
+    Then the output from "pws show" should contain "NO ACCESS"
+    Then the output from "pws show" should contain "convert"
+    When I run `pws resave --in 0.9 --out 1.0` interactively
+    And  I type "password"
+    Then the output from "pws resave --in 0.9 --out 1.0" should contain "Master password:"
+    Then the output from "pws resave --in 0.9 --out 1.0" should contain "resaved"
+    When I run `pws` interactively
+    And  I type "password"
+    Then the output from "pws" should contain "Master password:"
+    Then the output from "pws" should contain "Entries"
+    Then the output from "pws" should contain "github"

data/features/show.feature

@@ -2,7 +2,7 @@ Feature: Show
   In order to have an overview of my password safe
   As a user
   I want show a list of password entry keys
-
+  
   Scenario: Show the list
     Given A safe exists with master password "my_master_password" and keys
       | some      | 123 |
@@ -14,7 +14,7 @@ Feature: Show
     And  the output should contain "some"
     And  the output should contain "password"
     And  the output should contain "entries"
-
+    
   Scenario: Show the list and filter for regex
     Given A safe exists with master password "my_master_password" and keys
       | some-abc       | 123 |
@@ -34,7 +34,40 @@ Feature: Show
     When I run `pws show "(("` interactively
     And  I type "my_master_password"
     Then the output should contain "Invalid regex"
-
+    
+  Scenario: Show the list and filter for regex, but no results
+    Given A safe exists with master password "my_master_password" and keys
+      | some-abc       | 123 |
+      | password-aDc!  | 345 |
+      | entries        | 678 |
+    When I run `pws show unknown` interactively
+    And  I type "my_master_password"
+    Then the output should contain "No passwords found"
+    
+  Scenario: Also shows last change date for each entry
+    Given A safe exists with master password "my_master_password" and a key "github" with password "github_password" and timestamp "42424242"
+    When I run `pws show` interactively
+    And  I type "my_master_password"
+    Then the output should contain "Entries"
+    And  the output should contain "github"
+    And  the output should contain "71-05-07"
+    
+  Scenario: Don't show the last timestamp if it is 0
+    Given A safe exists with master password "my_master_password" and a key "github" with password "github_password" and timestamp "0"
+    When I run `pws show` interactively
+    And  I type "my_master_password"
+    Then the output should contain "Entries"
+    And  the output should contain "github"
+    And  the output should not contain "70-01-01"
+    
+  Scenario: Don't show the last timestamp if there is none
+    Given A safe exists with master password "my_master_password" and a key "github" with password "github_password"
+    When I run `pws show` interactively
+    And  I type "my_master_password"
+    Then the output should contain "Entries"
+    And  the output should contain "github"
+    And  the output should not contain "70-01-01"
+    
   Scenario: Show the list (but there is no entry yet)
     Given A safe exists with master password "my_master_password"
     When I run `pws show` interactively

data/features/step_definitions/pws_steps.rb

@@ -1,13 +1,29 @@
-def create_safe(master, key_hash = {})
+require 'fileutils'
+
+def create_safe(master, key_hash = {}, timestamp = nil)
   ENV["PWS_CHARPOOL"] = ENV["PWS_LENGTH"] = ENV["PWS_SECONDS"] = nil
   restore, $stdout = $stdout, StringIO.new # tmp silence $stdout
-  pws = PWS.new(password: master)
+  pws = PWS.new(password: master, iterations: 5)
   key_hash.each{ |key, password|
     pws.add key, password
   }
+  
+  # only generating global timestamp for every entry
+  if timestamp
+    pws.instance_variable_get(:@data).each{ |_, entry|
+      entry[:timestamp] = timestamp
+    }
+    pws.resave
+  end
+  
   $stdout = restore
 end
 
+# faking legacy version safe using a fixture, maybe do it properly sometime
+def create_09_safe
+  FileUtils.cp File.dirname(__FILE__) + '/../../spec/fixtures/0.9/correct', ENV['PWS']
+end
+
 Given /^A safe exists with master password "([^"]*)"$/ do |master_password|
   create_safe(master_password)
 end
@@ -16,10 +32,18 @@ Given /^A safe exists with master password "([^"]*)" and a key "([^"]+)" with pa
   create_safe(master_password, key => password)
 end
 
+Given /^A safe exists with master password "([^"]*)" and a key "([^"]+)" with password "([^"]+)" and timestamp "([^"]+)"$/ do |master_password, key, password, timestamp|
+  create_safe(master_password, { key => password }, timestamp)
+end
+
 Given /^A safe exists with master password "([^"]*)" and keys$/ do |master_password, key_table|
   create_safe(master_password, key_table.rows_hash)
 end
 
+Given /^A "0.9" safe exists with master password "password" and a key "github" with password "123456"$/ do
+  create_09_safe
+end
+
 Given /^A clipboard content of "([^"]*)"$/ do |content|
   Clipboard.copy content
 end
@@ -36,6 +60,22 @@ Then /^the clipboard should match ([^\/].+)$/ do |expected|
   assert_matching_output(expected, Clipboard.paste) 
 end
 
+Then /^the output should contain the current date$/ do |cmd|
+  assert_partial_output(Time.now.strftime('%y-%m-%d'), all_output)
+end
+
+Then /^the output should not contain the current date$/ do |cmd|
+  assert_no_partial_output(Time.now.strftime('%y-%m-%d'), all_output)
+end
+
+Then /^the output from "([^"]*)" should contain the current date$/ do |cmd|
+  assert_partial_output(Time.now.strftime('%y-%m-%d'), output_from(cmd))
+end
+
+Then /^the output from "([^"]*)" should not contain the current date$/ do |cmd|
+  assert_no_partial_output(Time.now.strftime('%y-%m-%d'), output_from(cmd))
+end
+
 When /^I set env variable "(\w+)" to "([^"]*)"$/ do |var, value|
   ENV[var] = value
 end

data/features/support/env.rb

@@ -18,6 +18,7 @@ BEGIN{
 END{
   Clipboard.clear
   ENV["PWS"] = $original_pws_file
+  FileUtils.rm Dir['pws-test-*']
 }
 
 Around do |_, block|
@@ -33,9 +34,9 @@ end
 # Hacks
 
 Before('@slow-hack') do
-  @aruba_io_wait_seconds = 0.5
+  @aruba_io_wait_seconds = 5 # 0.5 would be ok... except for "output from", travis even needs more
 end
 
 Before('@wait-11s') do
-  @aruba_timeout_seconds = 11
+  @aruba_timeout_seconds = 12
 end

data/features/update.feature

@@ -0,0 +1,60 @@
+Feature: Update
+  In order to keep my privacy
+  As a user
+  I want to update a password entry
+
+  @slow-hack
+  Scenario: Set a new password for "github"
+    Given A safe exists with master password "my_master_password" and a key "github" with password "old_password"
+    When I run `pws update github` interactively
+    And  I type "my_master_password"
+    And  I type "new_password"
+    Then the output should contain "Master password:"
+    And  the output should contain "Please enter a new password for github:"
+    And  the output should contain "The password for github has been updated"
+    
+  @slow-hack
+  Scenario: Set a new password for "github", already passing it as command line paramenter (not recommended)
+    Given A safe exists with master password "my_master_password" and a key "github" with password "old_password"
+    When I run `pws update github new_password` interactively
+    And  I type "my_master_password"
+    Then the output should contain "Master password:"
+    And  the output should contain "The password for github has been updated"
+    
+  Scenario: Try to update the password for "github" (but it does not exist)
+    Given A safe exists with master password "my_master_password"
+    When I run `pws update github` interactively
+    And  I type "my_master_password"
+    Then the output should contain "Master password:"
+    And  the output should contain "There is no password stored for github, so you cannot update it!"
+    
+  @slow-hack
+  Scenario: Try to update the password for "github" (but it's empty)
+    Given A safe exists with master password "my_master_password" and a key "github" with password "old_password"
+    When I run `pws update github` interactively
+    And  I type "my_master_password"
+    And  I type ""
+    Then the output should contain "Master password:"
+    And  the output should contain "Please enter a new password for github:"
+    And  the output should contain "Cannot set an empty password!"
+    
+  Scenario: Try to update the password for "github" (but the master password is wrong)
+    Given A safe exists with master password "my_master_password"
+    When I run `pws update github` interactively
+    And  I type "my_master_password_wrong"
+    Then the output should contain "Master password:"
+    And  the output should contain "NO ACCESS"
+    
+  @slow-hack
+  Scenario: Set a new password for "github", this also sets the timestamp
+    Given A safe exists with master password "my_master_password" and a key "github" with password "old_password" and timestamp "42424242"
+    When I run `pws ls` interactively
+    And  I type "my_master_password"
+    Then the output from "pws ls" should not contain the current date
+    When I run `pws update github github_password` interactively
+    And  I type "my_master_password"
+    And  I run `pws show` interactively
+    And  I type "my_master_password"
+    Then the output from "pws show" should contain the current date
+    
+