stitches 3.0.0

data/spec/api_version_constraint_spec.rb

@@ -0,0 +1,33 @@
+require 'spec_helper.rb'
+
+describe Stitches::ApiVersionConstraint do
+  let(:version) { 2 }
+  let(:request) { double("request", headers: headers) }
+
+  subject(:constraint) { described_class.new(version) }
+
+  context "no accept header" do
+    let(:headers) { {} }
+    it "doesn't match" do
+      expect(constraint.matches?(request)).to eq(false)
+    end
+  end
+  context "accept header missing version" do
+    let(:headers) { { accept: "application/json" } }
+    it "doesn't match" do
+      expect(constraint.matches?(request)).to eq(false)
+    end
+  end
+  context "accept header has wrong version" do
+    let(:headers) { { accept: "application/json; version=1" } }
+    it "doesn't match" do
+      expect(constraint.matches?(request)).to eq(false)
+    end
+  end
+  context "accept header has correct version" do
+    let(:headers) { { accept: "application/json; version=2" } }
+    it "matcheds" do
+      expect(constraint.matches?(request)).to eq(true)
+    end
+  end
+end

data/spec/configuration_spec.rb

@@ -0,0 +1,105 @@
+require 'spec_helper.rb'
+
+describe Stitches::Configuration do
+  before do
+    Stitches.configuration.reset_to_defaults!
+  end
+
+  describe "global configuration" do
+    let(:whitelist_regexp) { %r{foo} }
+    let(:custom_http_auth_scheme) { "Blah" }
+    let(:env_var_to_hold_api_client_primary_key) { "FOOBAR" }
+
+    it "can be configured globally" do
+      Stitches.configure do |config|
+        config.whitelist_regexp                       = whitelist_regexp
+        config.custom_http_auth_scheme                = custom_http_auth_scheme
+        config.env_var_to_hold_api_client_primary_key = env_var_to_hold_api_client_primary_key
+      end
+
+      expect(Stitches.configuration.whitelist_regexp).to                       eq(whitelist_regexp)
+      expect(Stitches.configuration.custom_http_auth_scheme).to                eq(custom_http_auth_scheme)
+      expect(Stitches.configuration.env_var_to_hold_api_client_primary_key).to eq(env_var_to_hold_api_client_primary_key)
+    end
+
+    it "defaults to nil for whitelist_regexp" do
+      expect(Stitches.configuration.whitelist_regexp).to be_nil
+    end
+
+    it "sets a default for env_var_to_hold_api_client_primary_key" do
+      expect(Stitches.configuration.env_var_to_hold_api_client_primary_key).to eq("STITCHES_API_CLIENT_ID")
+    end
+
+    it "blows up if you try to use custom_http_auth_scheme without having set it" do
+      expect {
+        Stitches.configuration.custom_http_auth_scheme
+      }.to raise_error(/you must set a value for custom_http_auth_scheme/i)
+    end
+  end
+  describe "whitelist_regexp" do
+    let(:config) { Stitches::Configuration.new }
+    it "must be a regexp" do
+      expect {
+        config.whitelist_regexp = "foo"
+      }.to raise_error(/whitelist_regexp must be a Regexp/i)
+    end
+    it "may be nil" do
+      expect {
+        config.whitelist_regexp = nil
+      }.not_to raise_error
+    end
+    it "may be a regexp" do
+      expect {
+        config.whitelist_regexp = /foo/
+      }.not_to raise_error
+    end
+  end
+
+  describe "custom_http_auth_scheme" do
+    let(:config) { Stitches::Configuration.new }
+    it "must be a string" do
+      expect {
+        config.custom_http_auth_scheme = 42
+      }.to raise_error(/custom_http_auth_scheme must be a String/i)
+    end
+    it "may not be nil" do
+      expect {
+        config.custom_http_auth_scheme = nil
+      }.to raise_error(/custom_http_auth_scheme may not be blank/i)
+    end
+    it "may not be a blank string" do
+      expect {
+        config.custom_http_auth_scheme = "    "
+      }.to raise_error(/custom_http_auth_scheme may not be blank/i)
+    end
+    it "may be a String" do
+      expect {
+        config.custom_http_auth_scheme = "Foobar"
+      }.not_to raise_error
+    end
+  end
+
+  describe "env_var_to_hold_api_client_primary_key" do
+    let(:config) { Stitches::Configuration.new }
+    it "must be a string" do
+      expect {
+        config.env_var_to_hold_api_client_primary_key = 42
+      }.to raise_error(/env_var_to_hold_api_client_primary_key must be a String/i)
+    end
+    it "may not be nil" do
+      expect {
+        config.env_var_to_hold_api_client_primary_key = nil
+      }.to raise_error(/env_var_to_hold_api_client_primary_key may not be blank/i)
+    end
+    it "may not be a blank string" do
+      expect {
+        config.env_var_to_hold_api_client_primary_key = "    "
+      }.to raise_error(/env_var_to_hold_api_client_primary_key may not be blank/i)
+    end
+    it "may be a String" do
+      expect {
+        config.env_var_to_hold_api_client_primary_key = "Foobar"
+      }.not_to raise_error
+    end
+  end
+end

data/spec/errors_spec.rb

@@ -0,0 +1,99 @@
+require 'spec_helper.rb'
+
+class MyFakeError < StandardError
+end
+
+class FakePersonHolder
+  include ActiveModel::Validations
+  attr_accessor :name, :person
+
+  validates_presence_of :name
+
+  def valid?
+    # doing this because we can't use validates_associated on a non-AR object, and 
+    # our logic doesn't depend on validates_associated, per se
+    super.tap { 
+      unless person.valid?
+        errors.add(:person,"is not valid")
+      end
+    }
+  end
+end
+
+class FakePerson
+  include ActiveModel::Validations
+
+  attr_accessor :first_name, :last_name, :age
+
+  validates_each :first_name, :last_name do |record, attr, value|
+    record.errors.add attr, 'starts with z.' if value.to_s[0] == ?z
+  end
+
+  validates_numericality_of :age
+  validates_presence_of :first_name
+end
+
+describe Stitches::Errors do
+  it "can be created from an exception" do
+    exception = MyFakeError.new("OH NOES!")
+    errors    = Stitches::Errors.from_exception(exception)
+
+    expect(errors.size).to eq(1)
+    expect(errors.first.code).to eq("my_fake")
+    expect(errors.first.message).to eq("OH NOES!")
+  end
+
+  it "renders useful JSON" do
+    errors = Stitches::Errors.new([
+      Stitches::Error.new(code: "not_found", message: "Was not found, yo"),
+      Stitches::Error.new(code: "and_you_should_feel_bad", message: "And you should feel bad about even asking"),
+    ])
+
+    expect(errors.to_json).to eq(
+      [
+        {
+          "code" => "not_found",
+          "message" => "Was not found, yo",
+        },
+        {
+          "code" => "and_you_should_feel_bad",
+          "message" => "And you should feel bad about even asking",
+        }
+      ].to_json
+    )
+  end
+
+  context "creation from an active record object" do
+    let(:object) { FakePerson.new.tap { |person|
+      person.age = "asdfasdf"
+      person.last_name = "zjohnson"
+    }}
+    it "sets reasonable messages for the fields of the object" do
+      object.valid?
+      errors = Stitches::Errors.from_active_record_object(object)
+      errors_hash = JSON.parse(errors.to_json).sort_by {|_| _["code"] }
+      expect(errors_hash[0]["code"]).to eq("age_invalid")
+      expect(errors_hash[0]["message"]).to eq("Age is not a number")
+      expect(errors_hash[1]["code"]).to eq("first_name_invalid")
+      expect(errors_hash[1]["message"]).to eq("First name can't be blank")
+      expect(errors_hash[2]["code"]).to eq("last_name_invalid")
+      expect(errors_hash[2]["message"]).to eq("Last name starts with z.")
+    end
+
+    it "digs one level deep into the object for associated active-records" do
+      holder = FakePersonHolder.new
+      holder.name = nil
+      holder.person = object
+
+      holder.valid?
+
+      errors = Stitches::Errors.from_active_record_object(holder)
+      errors_hash = JSON.parse(errors.to_json).sort_by {|_| _["code"] }
+      expect(errors_hash[0]["code"]).to eq("name_invalid")
+      expect(errors_hash[0]["message"]).to eq("Name can't be blank")
+      expect(errors_hash[1]["code"]).to eq("person_invalid")
+      expect(errors_hash[1]["message"]).to eq("Age is not a number, First name can't be blank, Last name starts with z.")
+    end
+  end
+end
+

data/spec/spec/have_api_error_spec.rb

@@ -0,0 +1,78 @@
+require 'spec_helper.rb'
+require 'stitches/spec'
+
+describe "have_api_error" do
+  let(:errors) {
+    [
+      { code: "foo", message: "bar" },
+      { code: "baz", message: "quux" }
+    ]
+  }
+  let(:response) {
+    double(
+      response_code: response_code,
+      body: { errors: errors }.to_json)
+  }
+  context "missing required arguments from expectation" do
+    let(:response_code) { 422 }
+    it "blows up with a decent message" do
+      expect {
+        expect(response).to have_api_error(message: errors.first[:message])
+      }.to raise_error(/key not found: :code/)
+      expect {
+        expect(response).to have_api_error(code: errors.first[:code])
+      }.to raise_error(/key not found: :message/)
+    end
+  end
+  context "no expected status specified" do
+    context "status is 422" do
+      let(:response_code) { 422 }
+      context "an error in the expectation exists" do
+        it "indicates there is an error" do
+          expect(response).to have_api_error(errors.first)
+        end
+        it "indicates there is an error for another error in the errors list" do
+          expect(response).to have_api_error(errors.second)
+        end
+        it "indicates there is an error via regexp" do
+          expect(response).to have_api_error(code: errors.second[:code], message: /^.*$/)
+        end
+      end
+      context "no error from the expectation exists" do
+        it "indicates there is no error" do
+          expect(response).not_to have_api_error(code: "blah", message: "crud")
+        end
+      end
+    end
+    context "status is 200" do
+      let(:response_code) { 200 }
+      it "indicates there is no error" do
+        expect(response).not_to have_api_error(errors.first)
+      end
+    end
+    context "status is e.g. 404" do
+      let(:response_code) { 404 }
+      it "indicates there is no error" do
+        expect(response).not_to have_api_error(errors.first)
+      end
+    end
+  end
+  context "expected status is specified" do
+    context "status is the expected status" do
+      let(:response_code) { 404 }
+      it "indicates there is an error" do
+        expect(response).to have_api_error(status: 404,
+                                           code: errors.first[:code],
+                                           message: errors.first[:message])
+      end
+    end
+    context "status is not the expected status" do
+      let(:response_code) { 422 }
+      it "indicates there is no error" do
+        expect(response).not_to have_api_error(status: 404,
+                                               code: errors.first[:code],
+                                               message: errors.first[:bar])
+      end
+    end
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,10 @@
+GEM_ROOT = File.expand_path(File.join(File.dirname(__FILE__),'..'))
+Dir["#{GEM_ROOT}/spec/support/**/*.rb"].sort.each {|f| require f}
+
+require 'rails/all'
+require 'stitches'
+
+RSpec.configure do |config|
+  config.order = "random"
+end
+I18n.enforce_available_locales = false # situps

data/spec/valid_mime_type_spec.rb

@@ -0,0 +1,166 @@
+require 'spec_helper.rb'
+
+describe Stitches::ValidMimeType do
+  let(:app) { double("rack app") }
+  
+  before do
+    allow(app).to receive(:call).with(env)
+  end
+
+  subject(:middleware) { described_class.new(app, namespace: "/api") }
+
+  shared_examples "an unacceptable response" do
+    it "returns a 406" do
+      expect(@response.status).to eq(406)
+    end
+    it "stops the call chain preventing anything from happening" do
+      expect(app).not_to have_received(:call)
+    end
+    it "sends a reasonable message" do
+      expect(@response.body.first).to match(/didn't have the right mime type or version number. We only accept application\/json/)
+    end
+  end
+
+  describe "#call" do
+    context "not in namespace" do
+      context "not in whitelist" do
+        let(:env) {
+          {
+            "PATH_INFO" => "/index/home",
+          }
+        }
+
+        before do
+          @response = middleware.call(env)
+        end
+
+        it_behaves_like "an unacceptable response"
+      end
+      context "whitelisting" do
+        let(:env) {
+          {
+            "PATH_INFO" => "/index/home",
+          }
+        }
+
+        context "whitelist is explicit in middleware usage" do
+          before do
+            @response = middleware.call(env)
+          end
+
+          context "passes the whitelist" do
+            subject(:middleware) { described_class.new(app, except: %r{\A/resque\/.*\Z}) }
+            let(:env) {
+              {
+                "PATH_INFO" => "/resque/overview"
+              }
+            }
+            it "calls through to the rest of the chain" do
+              expect(app).to have_received(:call).with(env)
+            end
+          end
+
+          context "fails the whitelist" do
+            subject(:middleware) { described_class.new(app, except: %r{\A/resque\/.*\Z}) }
+            let(:env) {
+              {
+                "PATH_INFO" => "//resque/overview" # subtle
+              }
+            }
+            it_behaves_like "an unacceptable response"
+          end
+          context "except: is not given a regexp" do
+            let(:env) {
+              {
+                "PATH_INFO" => "//resque/overview"
+              }
+            }
+            it "blows up" do
+              expect {
+                described_class.new(app, except: "/resque")
+              }.to raise_error(/must be a Regexp/i)
+            end
+          end
+        end
+        context "whitelist is implicit from the configuration" do
+
+          before do
+            Stitches.configuration.whitelist_regexp = %r{\A/resque/.*\Z}
+            @response = middleware.call(env)
+          end
+
+          context "passes the whitelist" do
+            subject(:middleware) { described_class.new(app) }
+            let(:env) {
+              {
+                "PATH_INFO" => "/resque/overview"
+              }
+            }
+            it "calls through to the rest of the chain" do
+              expect(app).to have_received(:call).with(env)
+            end
+          end
+
+          context "fails the whitelist" do
+            subject(:middleware) { described_class.new(app) }
+            let(:env) {
+              {
+                "PATH_INFO" => "//resque/overview" # subtle
+              }
+            }
+            it_behaves_like "an unacceptable response"
+          end
+        end
+      end
+    end
+
+    context "valid header" do
+      let(:env) {
+        {
+          "PATH_INFO" => "/api/ping",
+          "HTTP_ACCEPT" => "application/json; version=99",
+        }
+      }
+
+      before do
+        @response = middleware.call(env)
+      end
+      it "calls through to the rest of the chain" do
+        expect(app).to have_received(:call).with(env)
+      end
+    end
+
+    context "unacceptable responses" do
+      before do
+        @response = middleware.call(env)
+        @response.finish
+      end
+      context "no header" do
+        let(:env) {
+          {
+            "PATH_INFO" => "/api/ping",
+          }
+        }
+        it_behaves_like "an unacceptable response"
+      end
+      context "bad mime type" do
+        let(:env) {
+          {
+            "PATH_INFO" => "/api/ping",
+            "HTTP_ACCEPT" => "application/json; version=bleorgh",
+          }
+        }
+        it_behaves_like "an unacceptable response"
+      end
+      context "bad version" do
+        let(:env) {
+          {
+            "PATH_INFO" => "/api/ping",
+            "HTTP_ACCEPT" => "application/xml; version=1",
+          }
+        }
+        it_behaves_like "an unacceptable response"
+      end
+    end
+  end
+end