refinerycms-api 1.0.0.beta

data/spec/fixtures/refinery_is_awesome.txt

@@ -0,0 +1 @@
+http://www.refineryhq.com/

data/spec/models/refinery/user_spec.rb

@@ -0,0 +1,23 @@
+require 'spec_helper'
+
+module Refinery
+  describe "User", type: :model do
+    before do
+      allow(Refinery::Api).to receive(:user_class).and_return(Refinery::Authentication::Devise::User)
+    end
+
+    let(:user) { Refinery::Api.user_class.new }
+
+    it "can generate an API key" do
+      expect(user).to receive(:save!)
+      user.generate_refinery_api_key!
+      expect(user.refinery_api_key).not_to be_blank
+    end
+
+    it "can clear an API key" do
+      expect(user).to receive(:save!)
+      user.clear_refinery_api_key!
+      expect(user.refinery_api_key).to be_blank
+    end
+  end
+end

data/spec/requests/rabl_cache_spec.rb

@@ -0,0 +1,17 @@
+require 'spec_helper'
+
+describe "Rabl Cache", type: :request, caching: true do
+  before do
+    allow(Refinery::Api).to receive(:requires_authentication).and_return(false)
+
+    create(:page)
+    expect(Refinery::Page.count).to eq(1)
+  end
+
+  it "doesn't create a cache key collision for models with different rabl templates" do
+    get "/api/v1/pages"
+    expect(response.status).to eq(200)
+
+    # pending
+  end
+end

data/spec/requests/ransackable_attributes_spec.rb

@@ -0,0 +1,80 @@
+require 'spec_helper'
+
+describe "Ransackable Attributes" do
+  # TODO: Fix if we use Ransack
+  # let(:user) { create(:user).tap(&:generate_refinery_api_key!) }
+  # let(:order) { create(:order_with_line_items, user: user) }
+  # context "filtering by attributes one association away" do
+  #   it "does not allow the filtering of variants by order attributes" do
+  #     2.times { create(:variant) }
+
+  #     get "/api/v1/variants?q[orders_email_start]=#{order.email}", token: user.refinery_api_key
+
+  #     variants_response = JSON.parse(response.body)
+  #     expect(variants_response['total_count']).to eq(Refinery::Variant.count)
+  #   end
+  # end
+
+  # context "filtering by attributes two associations away" do
+  #   it "does not allow the filtering of variants by user attributes" do
+  #     2.times { create(:variant) }
+
+  #     get "/api/v1/variants?q[orders_user_email_start]=#{order.user.email}", token: user.refinery_api_key
+
+  #     variants_response = JSON.parse(response.body)
+  #     expect(variants_response['total_count']).to eq(Refinery::Variant.count)
+  #   end
+  # end
+
+  # context "it maintains desired association behavior" do
+  #   it "allows filtering of variants product name" do
+  #     product = create(:product, name: "Fritos")
+  #     variant = create(:variant, product: product)
+  #     other_variant = create(:variant)
+
+  #     get "/api/v1/variants?q[product_name_or_sku_cont]=fritos", token: user.refinery_api_key
+
+  #     skus = JSON.parse(response.body)['variants'].map { |variant| variant['sku'] }
+  #     expect(skus).to include variant.sku
+  #     expect(skus).not_to include other_variant.sku
+  #   end
+  # end
+
+  # context "filtering by attributes" do
+  #   it "most attributes are not filterable by default" do
+  #     product = create(:product, meta_title: "special product")
+  #     other_product = create(:product)
+
+  #     get "/api/v1/products?q[meta_title_cont]=special", token: user.refinery_api_key
+
+  #     products_response = JSON.parse(response.body)
+  #     expect(products_response['total_count']).to eq(Refinery::Product.count)
+  #   end
+
+  #   it "id is filterable by default" do
+  #     product = create(:product)
+  #     other_product = create(:product)
+
+  #     get "/api/v1/products?q[id_eq]=#{product.id}", token: user.refinery_api_key
+
+  #     product_names = JSON.parse(response.body)['products'].map { |product| product['name'] }
+  #     expect(product_names).to include product.name
+  #     expect(product_names).not_to include other_product.name
+  #   end
+  # end
+
+  # context "filtering by whitelisted attributes" do
+  #   it "filtering is supported for whitelisted attributes" do
+  #     product = create(:product, name: "Fritos")
+  #     other_product = create(:product)
+
+  #     get "/api/v1/products?q[name_cont]=fritos", token: user.refinery_api_key
+
+  #     product_names = JSON.parse(response.body)['products'].map { |product| product['name'] }
+  #     expect(product_names).to include product.name
+  #     expect(product_names).not_to include other_product.name
+  #   end
+  # end
+
+
+end

data/spec/requests/version_spec.rb

@@ -0,0 +1,23 @@
+require 'spec_helper'
+
+describe "Version", type: :request do
+  let!(:pages) { 2.times.map { FactoryGirl.create(:page) } }
+
+  before do
+    allow(Refinery::Api).to receive(:requires_authentication).and_return(false)
+  end
+
+  describe "/api" do
+    it "be a redirect" do
+      get "/api/pages"
+      expect(response).to have_http_status 301
+    end
+  end
+
+  describe "/api/v1" do
+    it "be successful" do
+      get "/api/v1/pages"
+      expect(response).to have_http_status 200
+    end
+  end
+end

data/spec/shared_examples/protect_product_actions.rb

@@ -0,0 +1,17 @@
+shared_examples "modifying product actions are restricted" do
+  it "cannot create a new product if not an admin" do
+    api_post :create, :product => { :name => "Brand new product!" }
+    assert_unauthorized!
+  end
+
+  it "cannot update a product" do
+    api_put :update, :id => product.to_param, :product => { :name => "I hacked your store!" }
+    assert_unauthorized!
+  end
+
+  it "cannot delete a product" do
+    api_delete :destroy, :id => product.to_param
+    assert_unauthorized!
+  end
+end
+

data/spec/spec_helper.rb

@@ -0,0 +1,77 @@
+require 'rubygems'
+
+# Configure Rails Environment
+ENV["RAILS_ENV"] ||= 'test'
+
+
+if ENV["COVERAGE"]
+  # Run Coverage report
+  require 'simplecov'
+  SimpleCov.start do
+    add_group 'Controllers', 'app/controllers'
+    add_group 'Helpers', 'app/helpers'
+    add_group 'Mailers', 'app/mailers'
+    add_group 'Models', 'app/models'
+    add_group 'Views', 'app/views'
+    add_group 'Libraries', 'lib'
+  end
+end
+
+# This file is copied to spec/ when you run 'rails generate rspec:install'
+ENV["RAILS_ENV"] ||= 'test'
+
+begin
+  require File.expand_path("../dummy/config/environment", __FILE__)
+rescue LoadError
+  puts "Could not load dummy application. Please ensure you have run `bundle exec rake test_app`"
+  exit
+end
+
+require 'rspec/rails'
+# require 'ffaker'
+require 'capybara/rspec'
+
+
+# Requires supporting ruby files with custom matchers and macros, etc,
+# in spec/support/ and its subdirectories.
+Dir[File.dirname(__FILE__) + "/support/**/*.rb"].each {|f| require f}
+
+# require 'refinery/testing_support/factories'
+# require 'refinery/testing_support/preferences'
+
+require 'refinery/api/testing_support/caching'
+require 'refinery/api/testing_support/helpers'
+require 'refinery/api/testing_support/setup'
+# require 'refinery/testing_support/shoulda_matcher_configuration'
+
+RSpec.configure do |config|
+  config.mock_with :rspec
+  config.filter_run :focus => true
+  config.run_all_when_everything_filtered = true
+  config.backtrace_exclusion_patterns = %w(
+    rails actionpack railties capybara activesupport rack warden rspec actionview
+    activerecord dragonfly benchmark
+  ).map { |noisy| /#{noisy}/ }
+  config.color = true
+  config.fail_fast = ENV['FAIL_FAST'] || false
+  config.infer_spec_type_from_file_location!
+  config.raise_errors_for_deprecations!
+  config.use_transactional_fixtures = true
+
+  config.include FactoryGirl::Syntax::Methods
+  config.include Refinery::Api::TestingSupport::Helpers, :type => :controller
+  config.extend Refinery::Api::TestingSupport::Setup, :type => :controller
+  # config.include Refinery::TestingSupport::Preferences, :type => :controller
+
+  config.before do
+    Refinery::Api.requires_authentication = true
+  end
+end
+
+# Requires supporting files with custom matchers and macros, etc,
+# in ./support/ and its subdirectories including factories.
+([Rails.root.to_s] | ::Refinery::Plugins.registered.pathnames).map{|p|
+  Dir[File.join(p, 'spec', 'support', '**', '*.rb').to_s]
+}.flatten.sort.each do |support_file|
+  require support_file
+end

data/spec/support/controller_hacks.rb

@@ -0,0 +1,33 @@
+require 'active_support/all'
+module ControllerHacks
+  extend ActiveSupport::Concern
+
+  included do
+    routes { Refinery::Core::Engine.routes }
+  end
+
+  def api_get(action, params={}, session=nil, flash=nil)
+    api_process(action, params, session, flash, "GET")
+  end
+
+  def api_post(action, params={}, session=nil, flash=nil)
+    api_process(action, params, session, flash, "POST")
+  end
+
+  def api_put(action, params={}, session=nil, flash=nil)
+    api_process(action, params, session, flash, "PUT")
+  end
+
+  def api_delete(action, params={}, session=nil, flash=nil)
+    api_process(action, params, session, flash, "DELETE")
+  end
+
+  def api_process(action, params={}, session=nil, flash=nil, method="get")
+    scoping = respond_to?(:resource_scoping) ? resource_scoping : {}
+    process(action, method, params.merge(scoping).reverse_merge!(:format => :json), session, flash)
+  end
+end
+
+RSpec.configure do |config|
+  config.include ControllerHacks, type: :controller
+end

data/spec/support/database_cleaner.rb

@@ -0,0 +1,14 @@
+RSpec.configure do |config|
+  config.before(:suite) do
+    DatabaseCleaner.strategy = :transaction
+    DatabaseCleaner.clean_with(:truncation)
+  end
+
+  config.before(:each) do
+    DatabaseCleaner.start
+  end
+
+  config.after(:each) do
+    DatabaseCleaner.clean
+  end
+end

data/spec/support/have_attributes_matcher.rb

@@ -0,0 +1,9 @@
+RSpec::Matchers.define :have_attributes do |expected_attributes|
+  match do |actual|
+    # actual is a Hash object representing an object, like this:
+    # { "name" => "Product #1" }
+    actual_attributes = actual.keys.map(&:to_sym)
+    expected_attributes.map(&:to_sym).all? { |attr| actual_attributes.include?(attr) }
+  end
+end
+

data/tasks/refinery_api.rake

@@ -0,0 +1,14 @@
+namespace :refinery_api do
+  namespace :user do
+    namespace :api_token do
+      desc "Generate user API Token"
+      task :generate => :environment do
+        raise "USAGE: User email required e.g. 'EMAIL=refinery@example.org'" if ENV["EMAIL"].blank?
+        user = Refinery::Api.user_class.find_by_email ENV["EMAIL"]
+        user.generate_refinery_api_key! if user.present?
+        puts "API TOKEN for #{ENV['EMAIL']}: #{user.refinery_api_key}"
+        puts "Done!"
+      end
+    end
+  end
+end

data/tasks/rspec.rake

@@ -0,0 +1,4 @@
+require 'rspec/core/rake_task'
+
+desc "Run specs"
+RSpec::Core::RakeTask.new

metadata

@@ -0,0 +1,240 @@
+--- !ruby/object:Gem::Specification
+name: refinerycms-api
+version: !ruby/object:Gem::Version
+  version: 1.0.0.beta
+platform: ruby
+authors:
+- Brice Sanchez
+- Ryan Bigg
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2016-07-19 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: refinerycms-core
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 3.0.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 3.0.0
+- !ruby/object:Gem::Dependency
+  name: cancancan
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.10.1
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.10.1
+- !ruby/object:Gem::Dependency
+  name: decorators
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+- !ruby/object:Gem::Dependency
+  name: rabl
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.12.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.12.0
+- !ruby/object:Gem::Dependency
+  name: versioncake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 2.3.1
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 2.3.1
+- !ruby/object:Gem::Dependency
+  name: responders
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Refinery CMS's API
+email: 
+executables:
+- rails
+- rake
+- rspec
+- spring
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- ".rbenv-gemsets"
+- ".ruby-version"
+- ".travis.yml"
+- Gemfile
+- LICENSE
+- Rakefile
+- app/controllers/refinery/api/base_controller.rb
+- app/controllers/refinery/api/v1/blog/posts_controller.rb
+- app/controllers/refinery/api/v1/images_controller.rb
+- app/controllers/refinery/api/v1/inquiries/inquiries_controller.rb
+- app/controllers/refinery/api/v1/pages_controller.rb
+- app/controllers/refinery/api/v1/resources_controller.rb
+- app/decorators/models/refinery/authentication/devise/user_decorator.rb
+- app/helpers/refinery/api/api_helpers.rb
+- app/models/concerns/refinery/user_api_authentication.rb
+- app/models/refinery/ability.rb
+- app/views/refinery/api/errors/gateway_error.v1.rabl
+- app/views/refinery/api/errors/invalid_api_key.v1.rabl
+- app/views/refinery/api/errors/invalid_resource.v1.rabl
+- app/views/refinery/api/errors/must_specify_api_key.v1.rabl
+- app/views/refinery/api/errors/not_found.v1.rabl
+- app/views/refinery/api/errors/unauthorized.v1.rabl
+- app/views/refinery/api/v1/blog/posts/index.v1.rabl
+- app/views/refinery/api/v1/blog/posts/new.v1.rabl
+- app/views/refinery/api/v1/blog/posts/show.v1.rabl
+- app/views/refinery/api/v1/images/index.v1.rabl
+- app/views/refinery/api/v1/images/new.v1.rabl
+- app/views/refinery/api/v1/images/show.v1.rabl
+- app/views/refinery/api/v1/inquiries/inquiries/index.v1.rabl
+- app/views/refinery/api/v1/inquiries/inquiries/new.v1.rabl
+- app/views/refinery/api/v1/inquiries/inquiries/show.v1.rabl
+- app/views/refinery/api/v1/pages/index.v1.rabl
+- app/views/refinery/api/v1/pages/new.v1.rabl
+- app/views/refinery/api/v1/pages/pages.v1.rabl
+- app/views/refinery/api/v1/pages/show.v1.rabl
+- app/views/refinery/api/v1/resources/index.v1.rabl
+- app/views/refinery/api/v1/resources/new.v1.rabl
+- app/views/refinery/api/v1/resources/show.v1.rabl
+- bin/rails
+- bin/rake
+- bin/rspec
+- bin/spring
+- config/initializers/metal_load_paths.rb
+- config/locales/en.yml
+- config/routes.rb
+- db/migrate/20160501141738_add_api_key_to_refinery_authentication_devise_users.rb
+- lib/generators/refinery/api/api_generator.rb
+- lib/generators/refinery/api/templates/config/initializers/refinery/api.rb.erb
+- lib/refinery/api.rb
+- lib/refinery/api/configuration.rb
+- lib/refinery/api/controller_helpers/auth.rb
+- lib/refinery/api/controller_helpers/strong_parameters.rb
+- lib/refinery/api/controller_setup.rb
+- lib/refinery/api/engine.rb
+- lib/refinery/api/responders.rb
+- lib/refinery/api/responders/rabl_template.rb
+- lib/refinery/api/testing_support/caching.rb
+- lib/refinery/api/testing_support/helpers.rb
+- lib/refinery/api/testing_support/setup.rb
+- lib/refinery/permitted_attributes.rb
+- lib/refinery/responder.rb
+- lib/refinerycms-api.rb
+- readme.md
+- refinerycms_api.gemspec
+- script/rails
+- spec/controllers/refinery/api/base_controller_spec.rb
+- spec/controllers/refinery/api/v1/blog/posts_controller_spec.rb
+- spec/controllers/refinery/api/v1/images_controller_spec.rb
+- spec/controllers/refinery/api/v1/inquiries/inquiries_controller_spec.rb
+- spec/controllers/refinery/api/v1/pages_controller_spec.rb
+- spec/controllers/refinery/api/v1/resources_controller_spec.rb
+- spec/fixtures/refinery_is_awesome.txt
+- spec/fixtures/thinking-cat.jpg
+- spec/models/refinery/user_spec.rb
+- spec/requests/rabl_cache_spec.rb
+- spec/requests/ransackable_attributes_spec.rb
+- spec/requests/version_spec.rb
+- spec/shared_examples/protect_product_actions.rb
+- spec/spec_helper.rb
+- spec/support/controller_hacks.rb
+- spec/support/database_cleaner.rb
+- spec/support/have_attributes_matcher.rb
+- tasks/refinery_api.rake
+- tasks/rspec.rake
+homepage: http://www.refinerycms.com
+licenses:
+- BSD-3
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">"
+    - !ruby/object:Gem::Version
+      version: 1.3.1
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.4.5
+signing_key: 
+specification_version: 4
+summary: Refinery CMS's API
+test_files:
+- spec/controllers/refinery/api/base_controller_spec.rb
+- spec/controllers/refinery/api/v1/blog/posts_controller_spec.rb
+- spec/controllers/refinery/api/v1/images_controller_spec.rb
+- spec/controllers/refinery/api/v1/inquiries/inquiries_controller_spec.rb
+- spec/controllers/refinery/api/v1/pages_controller_spec.rb
+- spec/controllers/refinery/api/v1/resources_controller_spec.rb
+- spec/fixtures/refinery_is_awesome.txt
+- spec/fixtures/thinking-cat.jpg
+- spec/models/refinery/user_spec.rb
+- spec/requests/rabl_cache_spec.rb
+- spec/requests/ransackable_attributes_spec.rb
+- spec/requests/version_spec.rb
+- spec/shared_examples/protect_product_actions.rb
+- spec/spec_helper.rb
+- spec/support/controller_hacks.rb
+- spec/support/database_cleaner.rb
+- spec/support/have_attributes_matcher.rb