rocketio 0.1.0 → 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/rocketio.rb +6 -3
- data/lib/rocketio/application.rb +3 -7
- data/lib/rocketio/controller.rb +62 -90
- data/lib/rocketio/controller/authentication.rb +38 -44
- data/lib/rocketio/controller/authorization.rb +8 -4
- data/lib/rocketio/controller/error_handlers.rb +12 -8
- data/lib/rocketio/controller/filters.rb +14 -19
- data/lib/rocketio/controller/helpers.rb +1 -1
- data/lib/rocketio/controller/middleware.rb +1 -1
- data/lib/rocketio/controller/render/engine.rb +3 -3
- data/lib/rocketio/controller/render/layout.rb +1 -1
- data/lib/rocketio/controller/render/layouts.rb +6 -6
- data/lib/rocketio/controller/render/template_vars.rb +3 -3
- data/lib/rocketio/controller/render/templates.rb +6 -6
- data/lib/rocketio/controller/sessions.rb +1 -1
- data/lib/rocketio/error_templates/409.html +11 -7
- data/lib/rocketio/error_templates/501.html +4 -4
- data/lib/rocketio/router.rb +35 -21
- data/lib/rocketio/version.rb +1 -1
- data/rocketio.gemspec +2 -0
- data/test/aliases_test.rb +2 -2
- data/test/api_test.rb +24 -117
- data/test/authentication_test.rb +96 -60
- data/test/authorization_test.rb +28 -17
- data/test/cache_control_test.rb +12 -12
- data/test/content_type_test.rb +7 -7
- data/test/cookies_test.rb +4 -4
- data/test/error_handlers_test.rb +14 -12
- data/test/etag_test.rb +32 -32
- data/test/filters_test.rb +96 -79
- data/test/halt_test.rb +1 -1
- data/test/helpers_test.rb +6 -6
- data/test/middleware_test.rb +4 -4
- data/test/redirect_test.rb +6 -7
- data/test/render/{post.erb → b.erb} +0 -0
- data/test/render/{put.erb → c.erb} +0 -0
- data/test/render/engine_test.rb +5 -5
- data/test/render/{get.erb → index.erb} +0 -0
- data/test/render/layout_test.rb +21 -17
- data/test/render/layouts_test.rb +14 -14
- data/test/render/render_test.rb +17 -14
- data/test/render/template_vars_test.rb +9 -9
- data/test/render/templates_test.rb +16 -16
- data/test/response_test.rb +4 -4
- data/test/routes_test.rb +21 -42
- data/test/sendfile_test.rb +8 -8
- data/test/sessions_test.rb +27 -27
- data/test/setup.rb +2 -0
- metadata +34 -6
data/test/api_test.rb
CHANGED
@@ -2,7 +2,7 @@ require 'setup'
|
|
2
2
|
|
3
3
|
spec :api do
|
4
4
|
|
5
|
-
it 'should contain
|
5
|
+
it 'should not contain methods defined by setup DSL' do
|
6
6
|
c = mock_controller {
|
7
7
|
basic_auth {}
|
8
8
|
digest_auth {}
|
@@ -24,12 +24,34 @@ spec :api do
|
|
24
24
|
assert(c.api).empty?
|
25
25
|
end
|
26
26
|
|
27
|
+
it 'should contain public methods' do
|
28
|
+
c = mock_controller {
|
29
|
+
def x; end
|
30
|
+
}
|
31
|
+
assert(c.api.keys) == [:x]
|
32
|
+
end
|
33
|
+
|
34
|
+
it 'should exclude protected methods' do
|
35
|
+
c = mock_controller {
|
36
|
+
protected
|
37
|
+
def x; end
|
38
|
+
}
|
39
|
+
assert(c.api).empty?
|
40
|
+
end
|
41
|
+
|
42
|
+
it 'should exclude private methods' do
|
43
|
+
c = mock_controller {
|
44
|
+
private
|
45
|
+
def x; end
|
46
|
+
}
|
47
|
+
assert(c.api).empty?
|
48
|
+
end
|
27
49
|
|
28
50
|
it 'should inherit api methods' do
|
29
51
|
a = mock_controller {
|
30
52
|
def x; end
|
31
53
|
}
|
32
|
-
|
54
|
+
|
33
55
|
b = mock_controller(a) {
|
34
56
|
def y; end
|
35
57
|
}
|
@@ -37,119 +59,4 @@ spec :api do
|
|
37
59
|
assert(b.api).include?(:x)
|
38
60
|
assert(b.api).include?(:y)
|
39
61
|
end
|
40
|
-
|
41
|
-
|
42
|
-
context :private_api do
|
43
|
-
|
44
|
-
it 'should contain auth methods' do
|
45
|
-
c = mock_controller {
|
46
|
-
basic_auth {}
|
47
|
-
digest_auth {}
|
48
|
-
token_auth {}
|
49
|
-
}
|
50
|
-
assert(c.private_api).include?(:basic_auth)
|
51
|
-
assert(c.private_api).include?(:__basic_auth__get__)
|
52
|
-
|
53
|
-
assert(c.private_api).include?(:digest_auth)
|
54
|
-
assert(c.private_api).include?(:__digest_auth__get__)
|
55
|
-
|
56
|
-
assert(c.private_api).include?(:token_auth)
|
57
|
-
end
|
58
|
-
|
59
|
-
it 'should contain error handler methods' do
|
60
|
-
c = mock_controller {
|
61
|
-
error(500) {}
|
62
|
-
}
|
63
|
-
assert(c.private_api).include?(:error_handlers)
|
64
|
-
assert(c.private_api).include?(:__404_error_handler__)
|
65
|
-
assert(c.private_api).include?(:__409_error_handler__)
|
66
|
-
assert(c.private_api).include?(:__501_error_handler__)
|
67
|
-
end
|
68
|
-
|
69
|
-
it 'should contain filters methods' do
|
70
|
-
c = mock_controller {
|
71
|
-
before {}
|
72
|
-
around {}
|
73
|
-
after {}
|
74
|
-
}
|
75
|
-
assert(c.private_api).include?(:before)
|
76
|
-
assert(c.private_api).include?(:'__before_*__')
|
77
|
-
|
78
|
-
assert(c.private_api).include?(:around)
|
79
|
-
assert(c.private_api).include?(:'__around_*__')
|
80
|
-
|
81
|
-
assert(c.private_api).include?(:after)
|
82
|
-
assert(c.private_api).include?(:'__after_*__')
|
83
|
-
|
84
|
-
end
|
85
|
-
|
86
|
-
it 'should contain middleware methods' do
|
87
|
-
c = mock_controller {
|
88
|
-
use proc {}
|
89
|
-
}
|
90
|
-
assert(c.private_api).include?(:middleware)
|
91
|
-
end
|
92
|
-
|
93
|
-
it 'should contain session methods' do
|
94
|
-
c = mock_controller {
|
95
|
-
sessions :cookies
|
96
|
-
}
|
97
|
-
assert(c.private_api).include?(:sessions)
|
98
|
-
end
|
99
|
-
|
100
|
-
context :render do
|
101
|
-
|
102
|
-
it 'should contain engine methods' do
|
103
|
-
c = mock_controller {
|
104
|
-
engine :ERB
|
105
|
-
}
|
106
|
-
|
107
|
-
assert(c.private_api).include?(:engine)
|
108
|
-
end
|
109
|
-
|
110
|
-
it 'should contain engine methods when engine defined as block' do
|
111
|
-
c = mock_controller {
|
112
|
-
engine {:ERB}
|
113
|
-
}
|
114
|
-
|
115
|
-
assert(c.private_api).include?(:engine)
|
116
|
-
assert(c.private_api).include?(:__rocketio_engine__)
|
117
|
-
end
|
118
|
-
|
119
|
-
it 'should contain layout methods' do
|
120
|
-
c = mock_controller {
|
121
|
-
layout :main
|
122
|
-
define_layout(:main) {}
|
123
|
-
define_layout(:file, file: :file)
|
124
|
-
}
|
125
|
-
|
126
|
-
assert(c.private_api).include?(:layout)
|
127
|
-
assert(c.private_api).include?(:layouts)
|
128
|
-
assert(c.private_api).include?(:__file_layout_file__)
|
129
|
-
assert(c.private_api).include?(:__file_layout__)
|
130
|
-
end
|
131
|
-
|
132
|
-
it 'should contain template methods' do
|
133
|
-
c = mock_controller {
|
134
|
-
define_template(:main) {}
|
135
|
-
define_template(:file, file: :file)
|
136
|
-
}
|
137
|
-
|
138
|
-
assert(c.private_api).include?(:templates)
|
139
|
-
assert(c.private_api).include?(:__file_template_file__)
|
140
|
-
assert(c.private_api).include?(:__file_template__)
|
141
|
-
end
|
142
|
-
|
143
|
-
it 'should contain template_var methods' do
|
144
|
-
c = mock_controller {
|
145
|
-
define_template_var(:var) {}
|
146
|
-
}
|
147
|
-
|
148
|
-
assert(c.private_api).include?(:__template_vars__)
|
149
|
-
assert(c.private_api).include?(:__var_template_var__)
|
150
|
-
end
|
151
|
-
|
152
|
-
end
|
153
|
-
|
154
|
-
end
|
155
62
|
end
|
data/test/authentication_test.rb
CHANGED
@@ -2,11 +2,14 @@ require 'setup'
|
|
2
2
|
|
3
3
|
spec :AuthenticationTest do
|
4
4
|
context 'inheritance' do
|
5
|
+
|
5
6
|
it 'inherits basic auth procedures from superclass' do
|
6
7
|
a = mock_controller {
|
7
8
|
basic_auth {|u,p| [u,p] == %w[u p]}
|
8
9
|
}
|
9
|
-
b = mock_controller(a)
|
10
|
+
b = mock_controller(a){
|
11
|
+
def index; end
|
12
|
+
}
|
10
13
|
app(b)
|
11
14
|
get
|
12
15
|
assert(last_response).is_unauthorized
|
@@ -21,6 +24,7 @@ spec :AuthenticationTest do
|
|
21
24
|
}
|
22
25
|
b = mock_controller(a) {
|
23
26
|
basic_auth {|u,p| [u,p] == %w[x y]}
|
27
|
+
def index; end
|
24
28
|
}
|
25
29
|
app(b)
|
26
30
|
get
|
@@ -30,7 +34,7 @@ spec :AuthenticationTest do
|
|
30
34
|
assert(last_response).is_authorized
|
31
35
|
end
|
32
36
|
|
33
|
-
it 'uses `
|
37
|
+
it 'uses `import` to override basic auth inherited from superclass' do
|
34
38
|
a = mock_controller {
|
35
39
|
basic_auth {|u,p| [u,p] == %w[u p]}
|
36
40
|
}
|
@@ -39,6 +43,7 @@ spec :AuthenticationTest do
|
|
39
43
|
}
|
40
44
|
c = mock_controller(a) {
|
41
45
|
import :basic_auth, from: b
|
46
|
+
def index; end
|
42
47
|
}
|
43
48
|
app(c)
|
44
49
|
get
|
@@ -48,12 +53,13 @@ spec :AuthenticationTest do
|
|
48
53
|
assert(last_response).is_authorized
|
49
54
|
end
|
50
55
|
|
51
|
-
it '
|
56
|
+
it 'imports basic auth procedures' do
|
52
57
|
a = mock_controller {
|
53
58
|
basic_auth {|u,p| [u,p] == %w[u p]}
|
54
59
|
}
|
55
60
|
b = mock_controller {
|
56
61
|
import :basic_auth, from: a
|
62
|
+
def index; end
|
57
63
|
}
|
58
64
|
app(b)
|
59
65
|
get
|
@@ -67,7 +73,9 @@ spec :AuthenticationTest do
|
|
67
73
|
a = mock_controller {
|
68
74
|
digest_auth {|u| {'u' => 'p'}[u]}
|
69
75
|
}
|
70
|
-
b = mock_controller(a)
|
76
|
+
b = mock_controller(a) {
|
77
|
+
def index; end
|
78
|
+
}
|
71
79
|
app(b)
|
72
80
|
get
|
73
81
|
assert(last_response).is_unauthorized
|
@@ -82,6 +90,7 @@ spec :AuthenticationTest do
|
|
82
90
|
}
|
83
91
|
b = mock_controller(a) {
|
84
92
|
digest_auth {|u| {'x' => 'y'}[u]}
|
93
|
+
def index; end
|
85
94
|
}
|
86
95
|
app(b)
|
87
96
|
get
|
@@ -91,7 +100,7 @@ spec :AuthenticationTest do
|
|
91
100
|
assert(last_response).is_authorized
|
92
101
|
end
|
93
102
|
|
94
|
-
it 'uses `
|
103
|
+
it 'uses `import` to override digest auth inherited from superclass' do
|
95
104
|
a = mock_controller {
|
96
105
|
digest_auth {|u| {'u' => 'p'}[u]}
|
97
106
|
}
|
@@ -100,8 +109,9 @@ spec :AuthenticationTest do
|
|
100
109
|
}
|
101
110
|
c = mock_controller(a) {
|
102
111
|
import :digest_auth, from: b
|
112
|
+
def index; end
|
103
113
|
}
|
104
|
-
app(
|
114
|
+
app(c)
|
105
115
|
get
|
106
116
|
assert(last_response).is_unauthorized
|
107
117
|
digest_authorize 'x', 'y'
|
@@ -109,12 +119,13 @@ spec :AuthenticationTest do
|
|
109
119
|
assert(last_response).is_authorized
|
110
120
|
end
|
111
121
|
|
112
|
-
it '
|
122
|
+
it 'imports digest auth procedures' do
|
113
123
|
a = mock_controller {
|
114
124
|
digest_auth {|u| {'u' => 'p'}[u]}
|
115
125
|
}
|
116
126
|
b = mock_controller {
|
117
127
|
import :digest_auth, from: a
|
128
|
+
def index; end
|
118
129
|
}
|
119
130
|
app(b)
|
120
131
|
get
|
@@ -126,17 +137,22 @@ spec :AuthenticationTest do
|
|
126
137
|
end
|
127
138
|
|
128
139
|
context 'basic auth' do
|
129
|
-
context 'protect all request
|
140
|
+
context 'protect all methods on any request method' do
|
141
|
+
|
130
142
|
before do
|
131
143
|
app mock_controller {
|
132
144
|
basic_auth {|u,p| [u,p] == %w[u p]}
|
133
|
-
|
145
|
+
def x; end
|
146
|
+
def y; end
|
147
|
+
def z; end
|
134
148
|
}
|
135
149
|
end
|
136
150
|
|
137
151
|
it 'returns "401 Unauthorized" if no authorization given' do
|
138
152
|
RocketIO::REQUEST_METHODS.each_value do |rqm|
|
139
|
-
send(rqm)
|
153
|
+
send(rqm, :x)
|
154
|
+
send(rqm, :y)
|
155
|
+
send(rqm, :z)
|
140
156
|
assert(last_response).is_unauthorized
|
141
157
|
end
|
142
158
|
end
|
@@ -144,7 +160,9 @@ spec :AuthenticationTest do
|
|
144
160
|
it 'returns "401 Unauthorized" if wrong authorization given' do
|
145
161
|
authorize('x', 'y')
|
146
162
|
RocketIO::REQUEST_METHODS.values.each do |rqm|
|
147
|
-
send(rqm)
|
163
|
+
send(rqm, :x)
|
164
|
+
send(rqm, :y)
|
165
|
+
send(rqm, :z)
|
148
166
|
assert(last_response).is_unauthorized
|
149
167
|
end
|
150
168
|
end
|
@@ -152,65 +170,75 @@ spec :AuthenticationTest do
|
|
152
170
|
it 'returns "200 Ok" response if authorization passed' do
|
153
171
|
authorize('u', 'p')
|
154
172
|
RocketIO::REQUEST_METHODS.values.each do |rqm|
|
155
|
-
send(rqm)
|
173
|
+
send(rqm, :x)
|
174
|
+
send(rqm, :y)
|
175
|
+
send(rqm, :z)
|
156
176
|
assert(last_response).ok?
|
157
177
|
end
|
158
178
|
end
|
159
179
|
end
|
160
180
|
|
161
|
-
context 'protect specific request
|
181
|
+
context 'protect specific methods on any request method' do
|
162
182
|
before do
|
163
|
-
@protected = %w[
|
183
|
+
@protected = %w[x y]
|
164
184
|
app mock_controller {
|
165
|
-
basic_auth(:
|
166
|
-
basic_auth(:
|
167
|
-
|
168
|
-
|
169
|
-
|
170
|
-
define_method(:delete) {}
|
185
|
+
basic_auth(:x) {|u,p| [u,p] == ['u', 'x']}
|
186
|
+
basic_auth(:y) {|u,p| [u,p] == ['u', 'y']}
|
187
|
+
def x; end
|
188
|
+
def y; end
|
189
|
+
def z; end
|
171
190
|
}
|
172
191
|
end
|
173
192
|
|
174
193
|
it 'returns "200 Ok" for un-protected methods' do
|
175
|
-
|
176
|
-
send(rqm)
|
194
|
+
RocketIO::REQUEST_METHODS.values.each do |rqm|
|
195
|
+
send(rqm, :z)
|
177
196
|
assert(last_response).ok?
|
178
197
|
end
|
179
198
|
end
|
180
199
|
|
181
200
|
it 'returns "401 Unauthorized" if no authorization given' do
|
182
|
-
@protected.each do |
|
183
|
-
|
184
|
-
|
201
|
+
@protected.each do |m|
|
202
|
+
RocketIO::REQUEST_METHODS.values.each do |rqm|
|
203
|
+
send(rqm, m)
|
204
|
+
assert(last_response).is_unauthorized
|
205
|
+
end
|
185
206
|
end
|
186
207
|
end
|
187
208
|
|
188
209
|
it 'returns "401 Unauthorized" if wrong authorization given' do
|
189
|
-
authorize('
|
190
|
-
@protected.each do |
|
191
|
-
|
192
|
-
|
210
|
+
authorize('', '')
|
211
|
+
@protected.each do |m|
|
212
|
+
RocketIO::REQUEST_METHODS.values.each do |rqm|
|
213
|
+
send(rqm, m)
|
214
|
+
assert(last_response).is_unauthorized
|
215
|
+
end
|
193
216
|
end
|
194
217
|
end
|
195
218
|
|
196
219
|
it 'returns "200 Ok" response if authorization passed' do
|
197
|
-
authorize('u', '
|
198
|
-
|
199
|
-
|
220
|
+
authorize('u', 'x')
|
221
|
+
RocketIO::REQUEST_METHODS.values.each do |rqm|
|
222
|
+
send(rqm, :x)
|
223
|
+
assert(last_response).ok?
|
224
|
+
end
|
200
225
|
|
201
|
-
authorize('u', '
|
202
|
-
|
203
|
-
|
226
|
+
authorize('u', 'y')
|
227
|
+
RocketIO::REQUEST_METHODS.values.each do |rqm|
|
228
|
+
send(rqm, :y)
|
229
|
+
assert(last_response).ok?
|
230
|
+
end
|
204
231
|
end
|
205
232
|
end
|
206
233
|
end
|
207
234
|
|
208
235
|
context 'digest auth' do
|
209
236
|
context 'hashed password' do
|
237
|
+
|
210
238
|
before do
|
211
239
|
app mock_controller {
|
212
240
|
digest_auth(passwords_hashed: true) {|u| {'u' => '5daad7ee02f846df2874dba8f7522112'}[u]}
|
213
|
-
|
241
|
+
def index; end
|
214
242
|
}
|
215
243
|
end
|
216
244
|
|
@@ -236,7 +264,7 @@ spec :AuthenticationTest do
|
|
236
264
|
before do
|
237
265
|
app mock_controller {
|
238
266
|
digest_auth {|u| {'u' => 'p'}[u]}
|
239
|
-
|
267
|
+
def index; end
|
240
268
|
}
|
241
269
|
end
|
242
270
|
|
@@ -258,49 +286,57 @@ spec :AuthenticationTest do
|
|
258
286
|
end
|
259
287
|
end
|
260
288
|
|
261
|
-
context 'protect specific request
|
289
|
+
context 'protect specific methods on any request method' do
|
290
|
+
|
262
291
|
before do
|
263
|
-
@protected = %w[
|
292
|
+
@protected = %w[x y]
|
264
293
|
app mock_controller {
|
265
|
-
digest_auth(:
|
266
|
-
digest_auth(:
|
267
|
-
|
268
|
-
|
269
|
-
|
270
|
-
define_method(:delete) {}
|
294
|
+
digest_auth(:x) {|u| {'u' => 'x'}[u] }
|
295
|
+
digest_auth(:y) {|u| {'u' => 'y'}[u]}
|
296
|
+
def x; end
|
297
|
+
def y; end
|
298
|
+
def z; end
|
271
299
|
}
|
272
300
|
end
|
273
301
|
|
274
302
|
it 'returns "200 Ok" for un-protected methods' do
|
275
|
-
|
276
|
-
send(rqm)
|
303
|
+
RocketIO::REQUEST_METHODS.values.each do |rqm|
|
304
|
+
send(rqm, :z)
|
277
305
|
assert(last_response).ok?
|
278
306
|
end
|
279
307
|
end
|
280
308
|
|
281
309
|
it 'returns "401 Unauthorized" if no authorization given' do
|
282
|
-
@protected.each do |
|
283
|
-
|
284
|
-
|
310
|
+
@protected.each do |m|
|
311
|
+
RocketIO::REQUEST_METHODS.values.each do |rqm|
|
312
|
+
send(rqm, m)
|
313
|
+
assert(last_response).is_unauthorized
|
314
|
+
end
|
285
315
|
end
|
286
316
|
end
|
287
317
|
|
288
318
|
it 'returns "401 Unauthorized" if wrong authorization given' do
|
289
|
-
digest_authorize('
|
290
|
-
@protected.each do |
|
291
|
-
|
292
|
-
|
319
|
+
digest_authorize('', '')
|
320
|
+
@protected.each do |m|
|
321
|
+
RocketIO::REQUEST_METHODS.values.each do |rqm|
|
322
|
+
send(rqm, m)
|
323
|
+
assert(last_response).is_unauthorized
|
324
|
+
end
|
293
325
|
end
|
294
326
|
end
|
295
327
|
|
296
328
|
it 'returns "200 Ok" response if authorization passed' do
|
297
|
-
digest_authorize('u', '
|
298
|
-
|
299
|
-
|
329
|
+
digest_authorize('u', 'x')
|
330
|
+
RocketIO::REQUEST_METHODS.values.each do |rqm|
|
331
|
+
send(rqm, :x)
|
332
|
+
assert(last_response).ok?
|
333
|
+
end
|
300
334
|
|
301
|
-
digest_authorize('u', '
|
302
|
-
|
303
|
-
|
335
|
+
digest_authorize('u', 'y')
|
336
|
+
RocketIO::REQUEST_METHODS.values.each do |rqm|
|
337
|
+
send(rqm, :y)
|
338
|
+
assert(last_response).ok?
|
339
|
+
end
|
304
340
|
end
|
305
341
|
end
|
306
342
|
end
|