socky-server 0.4.1 → 0.5.0.beta1

data/socky-server.gemspec

@@ -1,10 +1,10 @@
 # -*- encoding: utf-8 -*-
 $:.push File.expand_path("../lib", __FILE__)
-require "socky"
+require "socky/server/version"
 
 Gem::Specification.new do |s|
   s.name        = "socky-server"
-  s.version     = Socky::VERSION
+  s.version     = Socky::Server::VERSION
   s.platform    = Gem::Platform::RUBY
   s.authors     = ["Bernard Potocki"]
   s.email       = ["bernard.potocki@imanel.org"]
@@ -12,12 +12,10 @@ Gem::Specification.new do |s|
   s.summary     = %q{Socky is a WebSocket server and client for Ruby}
   s.description = %q{Socky is a WebSocket server and client for Ruby}
   
-  s.add_runtime_dependency 'em-websocket', '~> 0.3.0'
-  s.add_runtime_dependency 'em-http-request'
-  s.add_runtime_dependency 'json'
+  s.add_dependency 'websocket-rack', ">= 0.2.1"
+  s.add_dependency 'socky-authenticator', '~> 0.5.0.beta5'
+  s.add_dependency 'json'
   s.add_development_dependency 'rspec', '~> 2.0'
-  s.add_development_dependency 'rack'
-  s.add_development_dependency 'mongrel'
 
   s.files         = `git ls-files`.split("\n")
   s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")

data/spec/fixtures/example_config.yml

@@ -0,0 +1,3 @@
+debug: true
+applications:
+  some_test_app: some_test_secret

data/spec/integration/ws_channels_spec.rb

@@ -0,0 +1,144 @@
+require 'spec_helper'
+
+describe 'WebSocket Channels' do
+  
+  before { @application = Socky::Server::Application.new('test_application', 'test_secret')}
+  after  { Socky::Server::Application.list.delete('test_application') }
+  
+  context "connected to application" do
+    subject { mock_websocket(@application.name) }
+    before  { subject.on_open({'PATH_INFO' => @application.name}); subject.connection.id = "1234567890" }
+    after   { subject.on_close({}) }
+    
+    context "public channel" do
+      let(:channel_name) { 'test_channel' }
+      
+      it "should be able to join without auth" do
+        subject.should_receive(:send_data).with({ 'event' => 'socky:subscribe:success', 'channel' => channel_name })
+        subject.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name }.to_json)
+      end
+    
+      it "should have channel on his list after auth" do
+        subject.connection.channels[channel_name].should be_nil
+        subject.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name }.to_json)
+        subject.connection.channels[channel_name].should_not be_nil
+      end
+      
+      it "should allow unsubscribing from channel" do
+        subject.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name }.to_json)
+        subject.should_receive(:send_data).with({ 'event' => 'socky:unsubscribe:success', 'channel' => channel_name })
+        subject.on_message({}, { 'event' => 'socky:unsubscribe', 'channel' => channel_name }.to_json)
+      end
+      
+      it "should not have channel on his list after unsubscribing" do
+        subject.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name }.to_json)
+        subject.on_message({}, { 'event' => 'socky:unsubscribe', 'channel' => channel_name }.to_json)
+        subject.connection.channels[channel_name].should be_nil
+      end
+    end
+    
+    context "private channel" do
+      let(:channel_name) { 'private-test_channel' }
+      
+      it "should not be able to join without auth" do
+        subject.should_receive(:send_data).with({ 'event' => 'socky:subscribe:failure', 'channel' => channel_name })
+        subject.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name }.to_json)
+      end
+      
+      it "should not be able to join with invalid auth" do
+        subject.should_receive(:send_data).with({ 'event' => 'socky:subscribe:failure', 'channel' => channel_name })
+        subject.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name, 'auth' => 'invalid' }.to_json)
+      end
+      
+      it "should be able to join with valid auth" do
+        subject.should_receive(:send_data).with({ 'event' => 'socky:subscribe:success', 'channel' => channel_name })
+        subject.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name, 'auth' => 'afdc07ceaa841db71d0d01fb2b17850b:d77b99ea70fdb487a8d6d4279cea37199b991f7fed9dd8be900c8451b344cb18' }.to_json)
+      end
+      
+      it "should require modified auth to join with changing read rights" do
+        subject.should_receive(:send_data).with({ 'event' => 'socky:subscribe:failure', 'channel' => channel_name })
+        subject.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name, 'read' => false, 'auth' => 'afdc07ceaa841db71d0d01fb2b17850b:d77b99ea70fdb487a8d6d4279cea37199b991f7fed9dd8be900c8451b344cb18' }.to_json)
+      end
+      
+      it "should allow changing read rights with valid auth" do
+        subject.should_receive(:send_data).with({ 'event' => 'socky:subscribe:success', 'channel' => channel_name })
+        subject.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name, 'read' => false, 'auth' => '6e039ada5575795e53c382ba316ceb5f:18e4bb05c33e89ca446ac5d5c30dacfb7e2b81bb08ff342cd1ed5013a94549bf' }.to_json)
+      end
+      
+      it "should require modified auth to join with changing write rights" do
+        subject.should_receive(:send_data).with({ 'event' => 'socky:subscribe:failure', 'channel' => channel_name })
+        subject.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name, 'write' => true, 'auth' => 'afdc07ceaa841db71d0d01fb2b17850b:d77b99ea70fdb487a8d6d4279cea37199b991f7fed9dd8be900c8451b344cb18' }.to_json)
+      end
+      
+      it "should allow changing read rights with valid auth" do
+        subject.should_receive(:send_data).with({ 'event' => 'socky:subscribe:success', 'channel' => channel_name })
+        subject.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name, 'write' => true, 'auth' => '94eebeb7b285adaf303d3644aedad77e:69943f47af7a051a75d17ea06ef00aceb8511f446d4e0dc9ef7b55cb2ea85634' }.to_json)
+      end
+      
+      it "should ignore changing hide right" do
+        subject.should_receive(:send_data).with({ 'event' => 'socky:subscribe:success', 'channel' => channel_name })
+        subject.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name, 'hide' => true, 'auth' => 'afdc07ceaa841db71d0d01fb2b17850b:d77b99ea70fdb487a8d6d4279cea37199b991f7fed9dd8be900c8451b344cb18' }.to_json)
+      end
+    end
+    
+    context "presence channel" do
+      let(:channel_name) { 'presence-test_channel' }
+      
+      it "should not be able to join without auth" do
+        subject.should_receive(:send_data).with({ 'event' => 'socky:subscribe:failure', 'channel' => channel_name })
+        subject.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name }.to_json)
+      end
+      
+      it "should not be able to join with invalid auth" do
+        subject.should_receive(:send_data).with({ 'event' => 'socky:subscribe:failure', 'channel' => channel_name })
+        subject.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name, 'auth' => 'invalid' }.to_json)
+      end
+      
+      it "should be able to join with valid auth" do
+        subject.should_receive(:send_data).with({ 'event' => 'socky:subscribe:success', 'channel' => channel_name, 'members' => [] })
+        subject.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name, 'auth' => 'ec7ca4b2d08958ad7f98bb5df4f63c5c:72fa6a183de7aa0dbeb10db03daec3d6e9fb590c38fc1b6aee0bc69a585c16ee' }.to_json)
+      end
+      
+      it "should require modified auth to join with changing read rights" do
+        subject.should_receive(:send_data).with({ 'event' => 'socky:subscribe:failure', 'channel' => channel_name })
+        subject.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name, 'read' => false, 'auth' => 'ec7ca4b2d08958ad7f98bb5df4f63c5c:72fa6a183de7aa0dbeb10db03daec3d6e9fb590c38fc1b6aee0bc69a585c16ee' }.to_json)
+      end
+      
+      it "should allow changing read rights with valid auth" do
+        subject.should_receive(:send_data).with({ 'event' => 'socky:subscribe:success', 'channel' => channel_name, 'members' => [] })
+        subject.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name, 'read' => false, 'auth' => 'ec7ca4b2d08958ad7f98bb5df4f63c5c:cb123cdaf630653a61b7cd03941847a9a49d45d88d6c61f9858fb9754f7ad40a' }.to_json)
+      end
+      
+      it "should require modified auth to join with changing write rights" do
+        subject.should_receive(:send_data).with({ 'event' => 'socky:subscribe:failure', 'channel' => channel_name })
+        subject.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name, 'write' => true, 'auth' => 'ec7ca4b2d08958ad7f98bb5df4f63c5c:72fa6a183de7aa0dbeb10db03daec3d6e9fb590c38fc1b6aee0bc69a585c16ee' }.to_json)
+      end
+      
+      it "should allow changing read rights with valid auth" do
+        subject.should_receive(:send_data).with({ 'event' => 'socky:subscribe:success', 'channel' => channel_name, 'members' => [] })
+        subject.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name, 'write' => true, 'auth' => 'ec7ca4b2d08958ad7f98bb5df4f63c5c:d7c118d5dad01318c8be2f96bd00e2d3f13bf2893270fd60d92c89027c78e035' }.to_json)
+      end
+      
+      it "should require modified auth to join with changing hide right" do
+        subject.should_receive(:send_data).with({ 'event' => 'socky:subscribe:failure', 'channel' => channel_name })
+        subject.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name, 'hide' => true, 'auth' => 'ec7ca4b2d08958ad7f98bb5df4f63c5c:72fa6a183de7aa0dbeb10db03daec3d6e9fb590c38fc1b6aee0bc69a585c16ee' }.to_json)
+      end
+      
+      it "should allow changing hide rights with valid auth" do
+        subject.should_receive(:send_data).with({ 'event' => 'socky:subscribe:success', 'channel' => channel_name, 'members' => [] })
+        subject.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name, 'hide' => true, 'auth' => 'ec7ca4b2d08958ad7f98bb5df4f63c5c:2f8dfc64afdd0acc59f690f45d24b48d40fb9859dbe7dc39677b60457a64739c' }.to_json)
+      end
+      
+      it "should require changing auth after changind user data" do
+        subject.should_receive(:send_data).with({ 'event' => 'socky:subscribe:failure', 'channel' => channel_name })
+        subject.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name, 'data' => "{\"some\":\"data\"}", 'auth' => 'ec7ca4b2d08958ad7f98bb5df4f63c5c:72fa6a183de7aa0dbeb10db03daec3d6e9fb590c38fc1b6aee0bc69a585c16ee' }.to_json)
+      end
+      
+      it "should allow passing user data with valid auth" do
+        subject.should_receive(:send_data).with({ 'event' => 'socky:subscribe:success', 'channel' => channel_name, 'members' => [] })
+        subject.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name, 'data' => "{\"some\":\"data\"}", 'auth' => 'ec7ca4b2d08958ad7f98bb5df4f63c5c:9cdbfc5746f67c26784f75683a0f89a70f6079f0030f48ac8193458717f0791e' }.to_json)
+      end
+    end
+  end
+  
+end

data/spec/integration/ws_connection_spec.rb

@@ -0,0 +1,48 @@
+require 'spec_helper'
+
+describe 'WebSocket Connection' do
+  
+  before { @application = Socky::Server::Application.new('test_application', 'test_secret')}
+  after  { Socky::Server::Application.list.delete('test_application') }
+  
+  context 'Valid application' do
+    subject { mock_websocket(@application.name) }
+    
+    it "should receive confirmation on connection" do
+      subject.should_receive(:send_data).with(hash_including( 'event' => 'socky:connection:established' ))
+      subject.on_open({'PATH_INFO' => @application.name})
+    end
+        
+    it "should generate connection" do
+      subject.on_open({'PATH_INFO' => @application.name})
+      subject.connection.should_not be_nil
+      subject.connection.class.should eql(Socky::Server::Connection)
+    end
+    
+    it "should not close connection" do
+      subject.should_not_receive(:on_close)
+      subject.on_open({'PATH_INFO' => @application.name})
+    end
+  end
+  
+  context "Invalid application" do
+    subject { mock_websocket('invalid_name') }
+    
+    it "should receive 'application invalid' error" do
+      subject.should_receive(:send_data).with({ 'event' => 'socky:connection:error', 'reason' => 'refused' })
+      subject.on_open({'PATH_INFO' => 'invalid_name'})
+    end
+        
+    it "should generate connection" do
+      subject.on_open({'PATH_INFO' => 'invalid_name'})
+      subject.connection.should_not be_nil
+      subject.connection.class.should eql(Socky::Server::Connection)
+    end
+    
+    it "should close connection" do
+      subject.should_receive(:on_close)
+      subject.on_open({'PATH_INFO' => 'invlaid_name'})
+    end
+  end
+  
+end

data/spec/integration/ws_presence_spec.rb

@@ -0,0 +1,118 @@
+require 'spec_helper'
+
+describe 'WebSocket Presence notification' do
+    
+  before { @application = Socky::Server::Application.new('test_application', 'test_secret')}
+  after  { Socky::Server::Application.list.delete(@application.name) }
+  
+  subject { mock_websocket(@application.name) }
+  before  { subject.on_open({'PATH_INFO' => @application.name}); subject.connection.id = "1234567890" }
+  after   { subject.on_close({}) }
+  let(:channel_name) { 'presence-test_channel' }
+  
+  context 'no other users on the same channel' do
+    it "should return empty list if no other users are on channel" do
+      subject.should_receive(:send_data).with({ 'event' => 'socky:subscribe:success', 'channel' => channel_name, 'members' => [] })
+      subject.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name, 'auth' => 'ec7ca4b2d08958ad7f98bb5df4f63c5c:72fa6a183de7aa0dbeb10db03daec3d6e9fb590c38fc1b6aee0bc69a585c16ee' }.to_json)
+    end
+    it "should not receive notification about own joining to channel" do
+      subject.should_not_receive(:send_data).with(hash_including('event' => 'socky:member:added'))
+      subject.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name, 'auth' => 'ec7ca4b2d08958ad7f98bb5df4f63c5c:72fa6a183de7aa0dbeb10db03daec3d6e9fb590c38fc1b6aee0bc69a585c16ee' }.to_json)
+    end
+    it "should not receive notification about own disconnection from channel" do
+      subject.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name, 'auth' => 'ec7ca4b2d08958ad7f98bb5df4f63c5c:72fa6a183de7aa0dbeb10db03daec3d6e9fb590c38fc1b6aee0bc69a585c16ee' }.to_json)
+      subject.should_not_receive(:send_data).with(hash_including('event' => 'socky:member:removed'))
+      subject.on_message({}, { 'event' => 'socky:unsubscribe', 'channel' => channel_name }.to_json)
+    end
+  end
+  
+  context 'other user on the same channel' do
+    let(:other_user) { mock_websocket(@application.name) }
+    before do
+      other_user.on_open({'PATH_INFO' => @application.name})
+      other_user.connection.id = "123"
+      other_user.should_receive(:send_data).with({ 'event' => 'socky:subscribe:success', 'channel' => channel_name, 'members' => [] })
+      other_user.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name, 'auth' => 'ec7ca4b2d08958ad7f98bb5df4f63c5c:2ed67632bf9a03e7e28068284efae222256f80dfafe798abff85455401d6000e' }.to_json)
+    end
+    after { other_user.on_close({}) }
+    
+    it "should return other users list" do
+      subject.should_receive(:send_data).with({ 'event' => 'socky:subscribe:success', 'channel' => channel_name, 'members' => [{"data"=>{}, "connection_id"=>"123"}] })
+      subject.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name, 'auth' => 'ec7ca4b2d08958ad7f98bb5df4f63c5c:72fa6a183de7aa0dbeb10db03daec3d6e9fb590c38fc1b6aee0bc69a585c16ee' }.to_json)      
+    end
+    
+    it "should send channel join notification to other members" do
+      other_user.should_receive(:send_data).with({ 'event' => 'socky:member:added', 'connection_id' => subject.connection.id, 'channel' => channel_name, 'data' => {} })
+      subject.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name, 'auth' => 'ec7ca4b2d08958ad7f98bb5df4f63c5c:72fa6a183de7aa0dbeb10db03daec3d6e9fb590c38fc1b6aee0bc69a585c16ee' }.to_json)      
+    end
+    
+    it "should send valid user data with join notification" do
+      other_user.should_receive(:send_data).with({ 'event' => 'socky:member:added', 'connection_id' => subject.connection.id, 'channel' => channel_name, 'data' => { 'some' => 'data' } })
+      subject.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name, 'data' => "{\"some\":\"data\"}", 'auth' => 'ec7ca4b2d08958ad7f98bb5df4f63c5c:9cdbfc5746f67c26784f75683a0f89a70f6079f0030f48ac8193458717f0791e' }.to_json)
+    end
+    
+    it "should send channel exit notification to other members" do
+      subject.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name, 'data' => "{\"some\":\"data\"}", 'auth' => 'ec7ca4b2d08958ad7f98bb5df4f63c5c:9cdbfc5746f67c26784f75683a0f89a70f6079f0030f48ac8193458717f0791e' }.to_json)
+      other_user.should_receive(:send_data).with({ 'event' => 'socky:member:removed', 'connection_id' => subject.connection.id, 'channel' => channel_name })
+      subject.on_message({}, { 'event' => 'socky:unsubscribe', 'channel' => channel_name }.to_json)
+    end
+  end
+  
+  context 'other user on other channel' do
+    let(:other_user) { mock_websocket(@application.name) }
+    before do
+      other_user.on_open({'PATH_INFO' => @application.name})
+      other_user.connection.id = "123"
+      other_user.should_receive(:send_data).with({ 'event' => 'socky:subscribe:success', 'channel' => 'presence-other_channel', 'members' => [] })
+      other_user.on_message({}, { 'event' => 'socky:subscribe', 'channel' => 'presence-other_channel', 'auth' => 'ec7ca4b2d08958ad7f98bb5df4f63c5c:6861bcb873a4a9c4bcd6b7fc1bf3b170684f191ebbdb1e222614900c9243a0fa' }.to_json)
+    end
+    after { other_user.on_close({}) }
+    
+    it "should return empty users list" do
+      subject.should_receive(:send_data).with({ 'event' => 'socky:subscribe:success', 'channel' => channel_name, 'members' => [] })
+      subject.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name, 'auth' => 'ec7ca4b2d08958ad7f98bb5df4f63c5c:72fa6a183de7aa0dbeb10db03daec3d6e9fb590c38fc1b6aee0bc69a585c16ee' }.to_json)      
+    end
+    
+    it "should not send channel join notification to members on other channels" do
+      other_user.should_not_receive(:send_data).with(hash_including('event' => 'socky:member:added'))
+      subject.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name, 'auth' => 'ec7ca4b2d08958ad7f98bb5df4f63c5c:72fa6a183de7aa0dbeb10db03daec3d6e9fb590c38fc1b6aee0bc69a585c16ee' }.to_json)      
+    end
+    
+    it "should not send channel exit notification to members on other channels" do
+      subject.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name, 'data' => "{\"some\":\"data\"}", 'auth' => 'ec7ca4b2d08958ad7f98bb5df4f63c5c:9cdbfc5746f67c26784f75683a0f89a70f6079f0030f48ac8193458717f0791e' }.to_json)
+      other_user.should_not_receive(:send_data).with(hash_including('event' => 'socky:member:removed'))
+      subject.on_message({}, { 'event' => 'socky:unsubscribe', 'channel' => channel_name }.to_json)
+    end
+  end
+  
+  context 'other user on the same channel but different application' do
+    before { @application2 = Socky::Server::Application.new('other_application', 'other_secret')}
+    after  { Socky::Server::Application.list.delete(@application2.name) }
+    
+    let(:other_user) { mock_websocket(@application2.name) }
+    before do
+      other_user.on_open({'PATH_INFO' => @application2.name})
+      other_user.connection.id = "123"
+      other_user.should_receive(:send_data).with({ 'event' => 'socky:subscribe:success', 'channel' => channel_name, 'members' => [] })
+      other_user.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name, 'auth' => 'ec7ca4b2d08958ad7f98bb5df4f63c5c:5667cf407419d95a042e4e0479f25fa4b62ed548285e80db0af0fc5262ea60c6' }.to_json)
+    end
+    after { other_user.on_close({}) }
+    
+    it "should return empty users list" do
+      subject.should_receive(:send_data).with({ 'event' => 'socky:subscribe:success', 'channel' => channel_name, 'members' => [] })
+      subject.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name, 'auth' => 'ec7ca4b2d08958ad7f98bb5df4f63c5c:72fa6a183de7aa0dbeb10db03daec3d6e9fb590c38fc1b6aee0bc69a585c16ee' }.to_json)      
+    end
+    
+    it "should not send channel join notification to members on other channels" do
+      other_user.should_not_receive(:send_data).with(hash_including('event' => 'socky:member:added'))
+      subject.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name, 'auth' => 'ec7ca4b2d08958ad7f98bb5df4f63c5c:72fa6a183de7aa0dbeb10db03daec3d6e9fb590c38fc1b6aee0bc69a585c16ee' }.to_json)      
+    end
+    
+    it "should not send channel exit notification to members on other channels" do
+      subject.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name, 'data' => "{\"some\":\"data\"}", 'auth' => 'ec7ca4b2d08958ad7f98bb5df4f63c5c:9cdbfc5746f67c26784f75683a0f89a70f6079f0030f48ac8193458717f0791e' }.to_json)
+      other_user.should_not_receive(:send_data).with(hash_including('event' => 'socky:member:removed'))
+      subject.on_message({}, { 'event' => 'socky:unsubscribe', 'channel' => channel_name }.to_json)
+    end
+  end
+    
+end

data/spec/integration/ws_rights_spec.rb

@@ -0,0 +1,133 @@
+require 'spec_helper'
+
+describe 'WebSocket Rights' do
+  
+  before { @application = Socky::Server::Application.new('test_application', 'test_secret')}
+  after  { Socky::Server::Application.list.delete('test_application') }
+  
+  context "connected to application" do
+    subject { mock_websocket(@application.name) }
+    before  { subject.on_open({'PATH_INFO' => @application.name}); subject.connection.id = "1234567890" }
+    after   { subject.on_close({}) }
+    
+    let(:other_user) do
+      return @other_user if defined?(@other_user)
+      other = mock_websocket(@application.name)
+      other.on_open({'PATH_INFO' => @application.name})
+      other.connection.id = "1234567891"
+      @other_user = other
+    end
+    after { @other_user.on_close({}) if defined?(@other_user) }
+    
+    context "public channel" do
+      let(:channel_name) { 'test_channel' }
+      
+      it "should not be able to disable read permission" do
+        subject.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name, 'read' => false }.to_json)
+        subject.should_receive(:send_data).with({ 'event' => 'test_event', 'channel' => channel_name })
+        Socky::Server::Channel.find_or_create(@application.name, channel_name).send_data({ 'event' => 'test_event', 'channel' => channel_name })
+      end
+      
+      it "should not be able to enable write permission" do
+        subject.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name }.to_json)
+        other_user.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name, 'write' => true }.to_json)
+        subject.should_not_receive(:send_data).with({ 'event' => 'test_event', 'channel' => channel_name })
+        other_user.on_message({}, { 'event' => 'test_event', 'channel' => channel_name }.to_json)
+      end
+    end
+    
+    context "private channel" do
+      let(:channel_name) { 'private-test_channel' }
+      
+      it "should be able to disable read permission" do
+        subject.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name, 'read' => false, 'auth' => auth_token(subject, channel_name, 'read' => false) }.to_json)
+        subject.should_not_receive(:send_data).with({ 'event' => 'test_event', 'channel' => channel_name })
+        Socky::Server::Channel.find_or_create(@application.name, channel_name).send_data({ 'event' => 'test_event', 'channel' => channel_name })
+      end
+            
+      it "should be able to enable write pemission" do
+        subject.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name, 'auth' => auth_token(subject, channel_name) }.to_json)
+        other_user.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name, 'write' => true, 'auth' => auth_token(other_user, channel_name, 'write' => true) }.to_json)
+        subject.should_receive(:send_data).with({ 'event' => 'test_event', 'channel' => channel_name, 'data' => nil })
+        other_user.on_message({}, { 'event' => 'test_event', 'channel' => channel_name }.to_json)
+      end
+      
+      it "should still send messages with read permission disabled" do
+        subject.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name, 'auth' => auth_token(subject, channel_name) }.to_json)
+        other_user.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name, 'read' => false, 'write' => true, 'auth' => auth_token(other_user, channel_name, 'read' => false, 'write' => true) }.to_json)
+        subject.should_receive(:send_data).with({ 'event' => 'test_event', 'channel' => channel_name, 'data' => nil })
+        other_user.on_message({}, { 'event' => 'test_event', 'channel' => channel_name }.to_json)
+      end
+      
+      it "should still receive messages with write permission disabled" do
+        subject.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name, 'write' => false, 'auth' => auth_token(subject, channel_name, 'write' => false) }.to_json)
+        other_user.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name, 'write' => true, 'auth' => auth_token(other_user, channel_name, 'write' => true) }.to_json)
+        subject.should_receive(:send_data).with({ 'event' => 'test_event', 'channel' => channel_name, 'data' => nil })
+        other_user.on_message({}, { 'event' => 'test_event', 'channel' => channel_name }.to_json)
+      end
+    end
+    
+    context "presence channel" do
+      let(:channel_name) { 'presence-test_channel' }
+      
+      it "should be able to disable read permission" do
+        subject.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name, 'read' => false, 'auth' => auth_token(subject, channel_name, 'read' => false) }.to_json)
+        subject.should_not_receive(:send_data).with({ 'event' => 'test_event', 'channel' => channel_name })
+        Socky::Server::Channel.find_or_create(@application.name, channel_name).send_data({ 'event' => 'test_event', 'channel' => channel_name })
+      end
+      
+      it "should still send messages with read permission disabled" do
+        subject.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name, 'auth' => auth_token(subject, channel_name) }.to_json)
+        other_user.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name, 'read' => false, 'write' => true, 'auth' => auth_token(other_user, channel_name, 'read' => false, 'write' => true) }.to_json)
+        subject.should_receive(:send_data).with({ 'event' => 'test_event', 'channel' => channel_name, 'data' => nil })
+        other_user.on_message({}, { 'event' => 'test_event', 'channel' => channel_name }.to_json)
+      end
+      
+      it "should not receive members notification with read permission disabled" do
+        subject.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name, 'read' => false, 'auth' => auth_token(subject, channel_name, 'read' => false) }.to_json)
+        subject.should_not_receive(:send_data)
+        other_user.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name, 'auth' => auth_token(other_user, channel_name) }.to_json)
+      end
+      
+      it "should be able to enable write pemission" do
+        subject.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name, 'auth' => auth_token(subject, channel_name) }.to_json)
+        other_user.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name, 'write' => true, 'auth' => auth_token(other_user, channel_name, 'write' => true) }.to_json)
+        subject.should_receive(:send_data).with({ 'event' => 'test_event', 'channel' => channel_name, 'data' => nil })
+        other_user.on_message({}, { 'event' => 'test_event', 'channel' => channel_name }.to_json)
+      end
+      
+      it "should still receive messages with write permission disabled" do
+        subject.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name, 'write' => false, 'auth' => auth_token(subject, channel_name, 'write' => false) }.to_json)
+        other_user.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name, 'write' => true, 'auth' => auth_token(other_user, channel_name, 'write' => true) }.to_json)
+        subject.should_receive(:send_data).with({ 'event' => 'test_event', 'channel' => channel_name, 'data' => nil })
+        other_user.on_message({}, { 'event' => 'test_event', 'channel' => channel_name }.to_json)
+      end
+      
+      it "should still send members notification with write permission disabled" do
+        subject.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name, 'auth' => auth_token(subject, channel_name) }.to_json)
+        subject.should_receive(:send_data).with({ 'event' => 'socky:member:added', 'channel' => channel_name, 'connection_id' => other_user.connection.id, 'data' => {} })
+        other_user.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name, 'write' => false, 'auth' => auth_token(other_user, channel_name, 'write' => false) }.to_json)
+      end
+      
+      it "should be able to enable hide permission" do
+        subject.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name, 'auth' => auth_token(subject, channel_name) }.to_json)
+        subject.should_not_receive(:send_data).with({ 'event' => 'socky:member:added', 'channel' => channel_name, 'connection_id' => other_user.connection.id, 'data' => {} })
+        other_user.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name, 'hide' => true, 'auth' => auth_token(other_user, channel_name, 'hide' => true) }.to_json)
+      end
+      
+      it "should still receive messages with hide permission enabled" do
+        subject.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name, 'hide' => true, 'auth' => auth_token(subject, channel_name, 'hide' => true) }.to_json)
+        subject.should_receive(:send_data).with({ 'event' => 'test_event', 'channel' => channel_name })
+        Socky::Server::Channel.find_or_create(@application.name, channel_name).send_data({ 'event' => 'test_event', 'channel' => channel_name })
+      end
+      
+      it "should be able to send messages whild hide permission is enabled" do
+        subject.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name, 'auth' => auth_token(subject, channel_name) }.to_json)
+        other_user.on_message({}, { 'event' => 'socky:subscribe', 'channel' => channel_name, 'write' => true, 'hide' => true, 'auth' => auth_token(other_user, channel_name, 'write' => true, 'hide' => true) }.to_json)
+        subject.should_receive(:send_data).with({ 'event' => 'test_event', 'channel' => channel_name, 'data' => nil })
+        other_user.on_message({}, { 'event' => 'test_event', 'channel' => channel_name }.to_json)
+      end
+    end
+  end
+  
+end