stratagem 0.1.8 → 0.1.9

data/lib/tasks/_old_stratagem.rake

@@ -1,99 +0,0 @@
-
-# this is a hack for the integration test session. some versions do not correctly
-# close the body from the Rack request, causing an error
-require 'rack/lint'
-module Rack
-  # Rack::Lint validates your application and the requests and
-  # responses according to the Rack spec.
-
-  class Lint
-    alias_method :old_call, :call
-
-    def call(env)
-      status, headers, body = old_call(env)
-      body.close
-      [status,headers,body]
-    end
-  end
-end
-
-namespace :stratagem do
-  task :default => [:analyze]
-
-  task :analyze => :environment do
-    require 'stratagem'
-
-    authentication = Stratagem::Authentication.new
-
-    snapshot = Stratagem::Snapshot.create(authentication.project)
-    Stratagem::Client.new(authentication).send(snapshot)
-
-    puts "--------------"
-    snapshot.model.views.each do |view|
-      next if view.partial?
-      puts "#{view.render_path} - #{view.forms.map {|f| f.export }.inspect}"
-    end
-    
-    Launchy::Browser.run("#{authentication.base_url}/projects/#{authentication.project}")
-  end
-
-  task :exercise => :environment do
-    require 'stratagem'
-
-    class Mocker
-      include Stratagem::AutoMock
-    end
-    
-    include ActionController::Integration::Runner
-    model = Stratagem::ModelBuilder.new.run
-
-    @mocker = Mocker.new
-    
-    model.models.each do |model|
-      model_builder = @mocker.setup_model(model.klass)
-      if (model_builder)
-        begin
-          mocked = model_builder.mock{}
-          puts "VALID? #{mocked.valid?}"
-        rescue
-          puts $!.message
-          puts "^^^^^^^^^^^^^^^^^^^"
-        end
-        
-      else
-        puts "unable to locate builder for #{model.klass.name}"
-      end
-      
-    end
-
-    open_session do |session|
-      model.routes.each {|route_container|
-        route = route_container.route
-        name = ActionController::Routing::Routes.named_routes.routes.index(route).to_s
-        verb = route.conditions[:method].to_s
-        segs = route.segments.inject("") { |str,s| str << s.to_s }
-        segs.chop! if segs.length > 1
-        reqs = route.requirements.empty? ? "" : route.requirements.inspect
-        route = {:name => name, :verb => verb, :segs => segs, :reqs => reqs}
-
-        if ((route[:verb] != '') && (route[:verb] != 'any'))
-          path = route[:segs].gsub('(.:format)', '')
-
-          puts route[:verb]
-          puts path
-
-          self.send(route[:verb], path)
-          session.reset!
-
-        end
-  #      puts route[:name]
-  #      p route.requirements
-      }
-    end
-
-#    routes.each do |r|
-#      puts "#{r[:name].rjust(name_width)} #{r[:verb].ljust(verb_width)} #{r[:segs].ljust(segs_width)} #{r[:reqs]}"
-#    end
-
-  end
-end

data/spec/model/component_spec.rb

@@ -1,43 +0,0 @@
-require 'spec/spec_helper'
-require 'lib/security'
-
-module Security
-  module Model
-    module Component
-      class View
-        def full_path
-          File.join(RAILS_ROOT, 'spec', 'samples', @render_path+"."+@extension)
-        end
-      end
-    end
-  end
-end
-
-
-describe Security::Model::Component::Model do
-  before do
-    path = File.join(RAILS_ROOT, 'spec', 'samples', 'sample_model.rb')
-    models = Security::::Model::Component::Model.load_all(path)
-    @model = models.first
-  end
-  
-  it "should not error on serialize" do
-    lambda { @model.export.to_json }.should_not raise_exception
-  end
-  
-  it "should export a hash" do
-    @model.export.should be_kind_of(Hash)
-  end
-end
-
-describe Security::::Model::Component::View do
-  before do
-    @view = Security::::Model::Component::View.new('index.html.erb')
-    @template = @view.read
-  end
-  
-  it "should read the template from disk" do
-    @template.should_not be_nil
-    @template.size.should > 0
-  end
-end

data/spec/model/components/view_spec.rb

@@ -1,43 +0,0 @@
-require 'spec/spec_helper'
-require 'lib/security'
-
-describe Security::Model::Component::View do
-  before do
-    @view = Security::Model::Component::View.new('signup.html.erb')
-    @template = @view.read
-  end
-
-  describe :file_system_pointers do
-    it "should give the correct full path" do
-      File.exists?(@view.full_path).should be_true
-    end
-  
-    it "should give the correct directory" do
-      @view.directory.should eql(File.join(RAILS_ROOT, 'spec', 'samples'))
-    end
-  end
-
-  describe :loading do
-    it "should read the template from disk" do
-      @template.should_not be_nil
-      @template.size.should > 0
-    end
-  end
-
-  describe :html_extraction do
-    it "should identify the models that the forms are talking about" do
-      @view.forms.first.model.should eql(User)
-    end
-
-    it "should have 2 forms" do
-      @view.forms.each {|f| p f.export }
-      @view.forms.size.should eql(2)
-    end
-
-    it "should have 3 fields in each form" do
-      @view.forms.each {|form|
-        form.fields.size.should eql(3)
-      }
-    end
-  end
-end

data/spec/model/test_spec.rb

@@ -1,10 +0,0 @@
-require 'spec/spec_helper'
-require 'lib/security'
-
-describe Object do
-  it "should test" do
-    source = File.open(File.join(RAILS_ROOT, "spec","samples","sample_model.rb")).readlines.join("\n")
-    tree = RedParse.new(source).parse
-    p tree.first.linerange.first
-  end
-end

data/spec/samples/404.html.erb

@@ -1,30 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
-       "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-
-<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
-
-<head>
-  <meta http-equiv="content-type" content="text/html; charset=UTF-8" />
-  <title>The page you were looking for doesn't exist (404)</title>
-	<style type="text/css">
-		body { background-color: #fff; color: #666; text-align: center; font-family: arial, sans-serif; }
-		div.dialog {
-			width: 25em;
-			padding: 0 4em;
-			margin: 4em auto 0 auto;
-			border: 1px solid #ccc;
-			border-right-color: #999;
-			border-bottom-color: #999;
-		}
-		h1 { font-size: 100%; color: #f00; line-height: 1.5em; }
-	</style>
-</head>
-
-<body>
-  <!-- This file lives in public/404.html -->
-  <div class="dialog">
-    <h1>The page you were looking for doesn't exist.</h1>
-    <p>You may have mistyped the address or the page may have moved.</p>
-  </div>
-</body>
-</html>

data/spec/samples/_form.html.erb

@@ -1,8 +0,0 @@
-<%= form.label :login %><br />
-<%= form.text_field :login %><br />
-<br />
-<%= form.label :password, form.object.new_record? ? nil : "Change password" %><br />
-<%= form.password_field :password %><br />
-<br />
-<%= form.label :password_confirmation %><br />
-<%= form.password_field :password_confirmation %><br />

data/spec/samples/index.html.erb

@@ -1,77 +0,0 @@
-<div class="contact">email1@clearnetsec.com</div>
-<div class="contact">&email2@clearnetsec.com-</div>
-
-	<strong>About</strong>
-	<p>
-	We are a team of security engineers, software developers and machine learning experts with a unique perspective on security.
-	ClearNet Security is a security services and development firm offering penetration testing, vulnerability assessments, and software development expertise since 2004.
-	</p>
-
-	<br />
-	
-	<strong>
-	Expertise for less
-	</strong>
-	<p>
-	We accept direct work and project based work from partner companies.  Our direct à la carte rate is $135 per hour.  
-	</p>
-</div>
-
-<div class="profiles">
-
-	<h1>ClearNet Security Principals</h1>
-	
-	<ul id="profiles">
-		<li>
-			<%= image_tag 'photos/tate.png', :class => 'profile' %>
-			<h3>Tate Hansen, Owner, Principal</h3>
-			<p>
-				Tate has 15+ years of engineering experience. He has specialized in security, including security
-				product development, security assessments, penetration testing, and building defensively strong 
-				systems.  Prior to ClearNet Security, Tate worked as a security engineer on both the 
-				Intrusion Detection and Vulnerability Assessment product teams at StillSecure, did a stint at Sun 
-				Microsystems where he solved critical networking problems for Sun’s customers, and was a 
-				member of Sun’s CCC Security Team.  Tate has performed well over 100 security assessments 
-				and is ClearNet Security’s PCI DSS engineer.  
-			</p>
-			<p>
-				<%= link_to image_tag("icons/linkedin_s.png"), "http://www.linkedin.com/in/tatehansen", :target => '_blank', :rel => 'nofollow', :class => :facebook  %>
-				<%= link_to image_tag("icons/twitter_s.png"), "http://www.twitter.com/tatehansen", :target => '_blank', :rel => 'nofollow', :class => :twitter  %>
-				<%= link_to image_tag("icons/blog_s.png"), "http://blog.clearnetsec.com", :target => '_blank', :rel => 'nofollow', :class => :blog  %>		
-			</p>
-			<div class="cf"></div>
-		</li>
-		<li>
-			<%= image_tag 'photos/cj.png', :class => 'profile' %>
-			<h3>Charles Grimes II, Owner, Principal</h3>
-			<p>
-				Charles has 12+ years of software design and engineering experience. He has a 
-				proven track record of successfully bringing new products and intellectual property to market. 
-				His teams have produced new data analysis technologies for Social Media, Business Activity 
-				Monitoring, Business Process Monitoring, Log Analysis and Security Information and Event 
-				Management. He has patented work in the area of adaptive, distributed data collection. 
-				Charles is ClearNet Security's principal technologist. 
-			<p>
-			<%= link_to image_tag("icons/linkedin_s.png"), "http://www.linkedin.com/in/charlesgrimes", :target => '_blank', :rel => 'nofollow', :class => :facebook  %>
-			<%= link_to image_tag("icons/twitter_s.png"), "http://www.twitter.com/cj2", :target => '_blank', :rel => 'nofollow', :class => :twitter  %>
-			</p>
-			<div class="cf"></div>
-		</li>
-	</ul>
-
-	<div class="cf"></div>
-
-	<br />
-
-	<h1>Our Team of Specialists</h1>
-	<p>
-	We have a great network of security and software specialist.  We frequently pull in specialist to provide 
-	specific expertise for the job at hand.  Our network includes team leaders of commercial intrusion detection
-	products and commercial vulnerability assessment products.  We work with AI (artificial intelligence) and 
-	machine learning experts and engineers with strong mathematics and cryptography experience.  Our software 
-	expertise covers Java, .NET, Ruby, Ruby on Rails, C, C++.  
-	</p>
-	<div class="cf">email1@clearnetsec.com&nbsp;</div>
-</div>
-<br />
-<div class="cf">&nbsp;</div>

data/spec/samples/sample_model.rb

@@ -1,5 +0,0 @@
-class SampleModel
-  def show
-    puts "hi"
-  end
-end

data/spec/samples/signup.html.erb

@@ -1,14 +0,0 @@
-<h1>Register</h1>
- 
-<% form_for @user, :url => account_path do |f| %>
-  <%= f.error_messages %>
-  <%= render :partial => "form", :object => f, :locals => {:a => 'a'} %>
-  <%= f.submit "Register" %>
-<% end %>
-
-<% form_for @user, :url => account_path do |f| %>
-  <%= f.error_messages %>
-  <%= render :partial => "form", :object => f %>
-  <%= f.submit "Register" %>
-<% end %>
-

data/spec/scan/checks/email_address_spec.rb

@@ -1,24 +0,0 @@
-require "spec/spec_helper"
-require 'lib/security'
-
-describe Security::Scan::Checks::EmailAddress do
-  before do
-    path = File.join('..', '..', 'spec', 'samples', 'index.html.erb')
-    @template = Security::Model::Component::View.new(path)
-    @scanner = Security::Scan::Checks::EmailAddress.new(nil)
-    @scanner.scan(@template.read)
-  end
-
-  it "should have 2 results" do
-    @scanner.results.size.should eql(2)
-  end
-
-  it "should find the email address email1@clearnetsec.com" do
-    @scanner.results.find {|r| r.payload[0] == 'email1@clearnetsec.com' }.should_not be_nil
-  end
-
-  it "should find the email address email2@clearnetsec.com" do
-    @scanner.results.find {|r| r.payload[0] == 'email2@clearnetsec.com' }.should_not be_nil
-  end
-end
-

data/spec/scan/checks/error_pages_spec.rb

@@ -1,22 +0,0 @@
-require "spec/spec_helper"
-require 'lib/security'
-
-
-describe Security::Scan::Checks::EmailAddress do
-  before do
-    path = File.join('..', '..', 'spec', 'samples', '404.html.erb')
-    @template = Security::Model::Component::View.new(path)
-    @scanner = Security::Scan::Checks::ErrorPages.new(nil)
-    @scanner.instance_variable_set(:@view, @template)
-    @scanner.scan(@template.read)
-  end
-
-  it "should have 1 result" do
-    @scanner.results.size.should eql(1)
-  end
-
-  it "should point out the 404 page" do
-    @scanner.results.first.component.path.should be_include('404.html')
-  end
-end
-