RubyGems - stratagem - Versions diffs - 0.2.3 → 0.2.4 - Mend

stratagem 0.2.3 → 0.2.4

Files changed (65) hide show

data/Manifest +16 -6
data/Rakefile +8 -1
data/lib/generators/stratagem/install/install_base.rb +13 -3
data/lib/generators/stratagem/install/install_generator.rb +1 -1
data/lib/stratagem.rb +42 -18
data/lib/stratagem/authentication.rb +2 -5
data/lib/stratagem/auto_mock.rb +1 -0
data/lib/stratagem/auto_mock/aquifer.rb +49 -26
data/lib/stratagem/auto_mock/factory.rb +1 -6
data/lib/stratagem/auto_mock/user_loader.rb +38 -0
data/lib/stratagem/client.rb +15 -4
data/lib/stratagem/configuration/auth_auth.rb +19 -0
data/lib/stratagem/configuration/core.rb +20 -0
data/lib/stratagem/crawler/authentication.rb +17 -12
data/lib/stratagem/crawler/authentication/automated.rb +40 -0
data/lib/stratagem/crawler/authentication/base.rb +140 -0
data/lib/stratagem/crawler/authentication/configured.rb +27 -0
data/lib/stratagem/crawler/parameter_resolver.rb +12 -8
data/lib/stratagem/crawler/route_invoker.rb +10 -13
data/lib/stratagem/crawler/session.rb +14 -2
data/lib/stratagem/crawler/site_model.rb +4 -173
data/lib/stratagem/crawler/site_model/edge.rb +20 -0
data/lib/stratagem/crawler/site_model/page.rb +121 -0
data/lib/stratagem/crawler/site_model/page_set.rb +58 -0
data/lib/stratagem/instrumentation/models.rb +3 -14
data/lib/stratagem/instrumentation/models/annotations.rb +39 -5
data/lib/stratagem/instrumentation/models/authentication.rb +0 -1
data/lib/stratagem/instrumentation/models/authentication/authlogic/detect.rb +1 -0
data/lib/stratagem/instrumentation/models/authentication/devise/detect.rb +1 -1
data/lib/stratagem/instrumentation/models/authentication/devise/instrumentation.rb +0 -4
data/lib/stratagem/instrumentation/models/metadata.rb +23 -1
data/lib/stratagem/instrumentation/models/persistence.rb +3 -4
data/lib/stratagem/instrumentation/models/persistence/active_record/metadata.rb +2 -2
data/lib/stratagem/interface/browser.rb +9 -3
data/lib/stratagem/interface/public/javascripts/stratagem.js +14 -12
data/lib/stratagem/interface/views/index.haml +3 -3
data/lib/stratagem/logger.rb +28 -2
data/lib/stratagem/model.rb +6 -0
data/lib/stratagem/model/application.rb +21 -134
data/lib/stratagem/model/components/base.rb +1 -4
data/lib/stratagem/model/components/controller.rb +1 -2
data/lib/stratagem/model/components/model.rb +15 -15
data/lib/stratagem/model/components/route.rb +3 -2
data/lib/stratagem/model/components/view.rb +0 -1
data/lib/stratagem/model/containers/base.rb +60 -0
data/lib/stratagem/model/containers/gem.rb +25 -0
data/lib/stratagem/model/containers/plugin.rb +11 -0
data/lib/stratagem/model/containers/route.rb +19 -0
data/lib/stratagem/model/parse_util.rb +3 -3
data/lib/stratagem/model_builder.rb +1 -4
data/lib/stratagem/rack_hack.rb +15 -0
data/lib/stratagem/site_crawler.rb +5 -4
data/lib/stratagem/snapshot.rb +5 -7
data/spec/stratagem/configuration_spec.rb +32 -0
data/stratagem.gemspec +5 -8
data/templates/install/environments/stratagem.rb.erb +31 -2
data/templates/install/script/stratagem +16 -0
data/templates/install/tasks/stratagem.rake +2 -2
metadata +36 -65
data/bin/stratagem +0 -58
data/lib/stratagem/scan.rb +0 -19
data/lib/stratagem/scan/checks/email_address.rb +0 -15
data/lib/stratagem/scan/checks/error_pages.rb +0 -25
data/lib/stratagem/scan/result.rb +0 -45
data/lib/stratagem/scanner.rb +0 -32

data/lib/stratagem/auto_mock/user_loader.rb ADDED

@@ -0,0 +1,38 @@
+# Locates an instance of a user from configured credentials
+module Stratagem::AutoMock
+  module UserLoader
+    def load_user_from_configuration(credentials)
+      possible_matches = []
+      auth_creds = credentials.authentication_parameters
+      model = credentials.model.constantize
+      @all_user_objects ||= model.all
+      log "\tloaded #{@all_user_objects.size} users from the database"
+      @all_user_objects.each do |user|
+        matching_attributes = matching_credentials(auth_creds, user)
+        possible_matches << [user, matching_attributes] if matching_attributes > 0
+      end
+      match = possible_matches.sort {|a,b| a[1] <=> b[1] }.last
+      if (match)
+        user = match.first
+        auth_creds.each {|k,v| user.stratagem.mock_attributes[k] = v }
+        user
+      else
+        nil
+      end
+    end
+    def matching_credentials(authentication_parameters, user)
+      count = 0
+      authentication_parameters.each do |attribute, value|
+        begin
+          count += 1 if (value == user.send(attribute.to_sym))
+        rescue
+        end
+      end
+      count
+    end
+  end
+end

data/lib/stratagem/client.rb CHANGED

@@ -1,4 +1,6 @@
 require 'uri'
+require 'zlib'
+require 'base64'
 module Stratagem
   class Client
@@ -7,18 +9,29 @@ module Stratagem
     end
     def send(snapshot)
+      Stratagem.logger.phase('exporting')
       Stratagem.logger.debug "Sending report to server"
       url = URI.parse("#{@authentication.base_url}/snapshots")
       req = Stratagem.ssl? ? Net::HTTPS::Post.new(url.path) : Net::HTTP::Post.new(url.path)
+      model = snapshot.model.export.to_json
+      puts "Size: #{model.size}"
+      compressed = Zlib::Deflate.deflate(model, Zlib::BEST_COMPRESSION)
+      base64 = Base64.encode64(compressed)
+      puts "Compressed size: #{compressed.size}"
+      puts "Compressed size base 64: #{base64.size}"
       req.set_form_data({
         'auth_token' => @authentication.credentials[:token],
         'project_id' => @authentication.credentials[:project],
         'timestamp' => snapshot.timestamp.to_i,
-        'model' => snapshot.model.export.to_json
+        'model' => model
       }, ';')
       client = Stratagem.ssl? ? Net::HTTPS.new(url.host, url.port) : Net::HTTP.new(url.host, url.port)
-      res = client.start {|http| http.request(req) }
+      res = client.start {|http|
+        http.read_timeout= 360
+        http.request(req)
+      }
       puts "response:"
       case res
       when Net::HTTPSuccess, Net::HTTPRedirection
@@ -27,8 +40,6 @@ module Stratagem
       else
         res.error!
       end
-      Stratagem.logger.phase('complete')
     end
   end
 end

data/lib/stratagem/configuration/auth_auth.rb ADDED

@@ -0,0 +1,19 @@
+module Stratagem
+  module Configuration
+    class AuthAuth
+      attr_accessor :model, :authorized_to_view_others_data, :authorized_to_modify_others_data, :authorized_to_upload_files, :authentication_parameters
+      def initialize
+        self.authorized_to_view_others_data = true
+        self.authorized_to_modify_others_data = false
+        self.authorized_to_upload_files = true
+        self.model = 'User'
+      end
+      def credentials(authentication_parameters)
+        self.authentication_parameters = authentication_parameters
+      end
+    end
+  end
+end

data/lib/stratagem/configuration/core.rb ADDED

@@ -0,0 +1,20 @@
+module Stratagem
+  module Configuration
+    class Core
+      attr_accessor :use_transactional_crawling, :use_automatic_mocking
+      attr_reader :credentials
+      def initialize
+        @use_automatic_mocking = false
+        @use_transactional_crawling = true
+        @credentials = []
+      end
+      def authenticate_with(&block)
+        user = AuthAuth.new
+        block.call(user)
+        @credentials << user
+      end
+    end
+  end
+end

data/lib/stratagem/crawler/authentication.rb CHANGED

@@ -7,20 +7,25 @@ module Stratagem::Crawler
   module Authentication
     include Stratagem::Crawler::TraceUtils
-    def users
+    def user_model
+      model = nil
       page = find_login_form
-      users = []
       if (page)
         form = page.login_form
         attr_names = form.inputs.map {|input| input.guess_attribute.to_sym }
         model = guess_login_model(attr_names)
-        if (model)
-          users = aquifer.instances_of(model.klass)
-        else
-          log "ERROR: Unable to determine user model"
-        end
+      end
+      log "Authenticating with model #{model.klass.name}"
+      model
+    end
+    def users
+      users = []
+      model = user_model()
+      if (model)
+        users = aquifer.instances_of(model.klass).select {|user| user.stratagem.mock_attributes.size > 0 }
       else
-        log "ERROR: Could not find login form"
+        log "ERROR: Unable to determine authentication model and / or form"
       end
       users
     end
@@ -54,8 +59,7 @@ module Stratagem::Crawler
           authentication.success = authentication.response_page.login_form.nil?
         end
       rescue
-        puts $!.message
-        puts $!.backtrace
+        Stratagem.logger.error($!)
       end
       puts "authenticated? #{authentication.success}"
@@ -80,12 +84,13 @@ module Stratagem::Crawler
         # if the first page has one or more redirects to it then use it; otherwise select with page with the fewest inputs
         if (possibilities.first.inbound_edges(:redirect).size > 0)
-          return possibilities.first
+          authentication.login_page = possibilities.first
+          return authentication.login_page
         else
           page = possibilities.sort {|a,b| a.login_form.inputs.size <=> b.login_form.inputs.size }.first
           if (page)
             authentication.login_page = page
-            return page
+            return authentication.login_page
           end
         end
       else

data/lib/stratagem/crawler/authentication/automated.rb ADDED

@@ -0,0 +1,40 @@
+module Stratagem::Crawler::Authentication
+  class AuthenticationData
+    attr_accessor :success, :login_page, :form, :response_page, :ssl, :authenticated_with
+  end
+  class Base
+    include Stratagem::Crawler::TraceUtils
+    def user_models
+      model = nil
+      page = find_login_form
+      if (page)
+        form = page.login_form
+        attr_names = form.inputs.map {|input| input.guess_attribute.to_sym }
+        model = guess_login_model(attr_names)
+      end
+      log "Authenticating with model #{model.klass.name}"
+      [model]
+    end
+    def guess_login_model(attr_names)
+      selections = application_model.models.select {|model|
+        puts "#{model.klass.name} - #{model.model_attributes.keys.inspect}"
+        intersect = (model.model_attributes.keys & attr_names)
+        intersect.size > 0
+      }.sort {|a,b|
+        a_intersect = (a.model_attributes.keys & attr_names)
+        b_intersect = (b.model_attributes.keys & attr_names)
+        b_intersect.size <=> a_intersect.size
+      }
+      explicit_model = application_model.models.find {|model| model.klass.name == 'User' }
+      selections.unshift explicit_model if explicit_model
+      puts "selecting model #{selections.first.klass.name} for authentication" if (selections.size > 0)
+      selections.first
+    end
+ end
+end

data/lib/stratagem/crawler/authentication/base.rb ADDED

@@ -0,0 +1,140 @@
+module Stratagem::Crawler::Authentication
+  class AuthenticationData
+    attr_accessor :success, :login_page, :form, :response_page, :ssl, :authenticated_with
+  end
+  class Base
+    include Stratagem::Crawler::TraceUtils
+    def users
+      users = []
+      user_models.each do |user_model|
+        users += aquifer.instances_of(user_model.klass).select {|user| user.stratagem.mock_attributes.size > 0 }
+      end
+      users
+    end
+    def reset_authentication
+      @authentication_data = nil
+    end
+    def authentication
+      unless @authentication_data
+        @authentication_data = AuthenticationData.new()
+        site_model.authentication = @authentication_data
+      end
+      @authentication_data
+    end
+    def authenticate(user, recursion_count=0)
+      reset_authentication
+      login(user)
+      route = application_model.routes.recognize(request.path, :post)
+      redirected_to = nil
+      page = site_model.add(route, controller, request, response) {|redirect_url| redirected_to = redirect_url }
+      authentication.response_page = page
+      begin
+        if (request.url == (redirected_to || '')) || (![200,302].include?(response.code.to_i))
+          authentication.success = false
+        else
+          authentication.success = authentication.response_page.login_form.nil?
+        end
+      rescue
+        Stratagem.logger.error($!)
+      end
+      puts "authenticated? #{authentication.success}"
+      if (response && authentication.success)
+        authentication.ssl = request.ssl?
+        authentication.authenticated_with = user
+        yield
+        logout
+      else
+        puts response.body
+        false
+      end
+    end
+    def find_login_form
+      puts "finding login form"
+      if authentication.login_page.nil?
+        puts "locating login page"
+        puts "testing #{site_models.first.pages.size} pages"
+        possibilities = site_models.first.pages.select {|page| page.login_form != nil }
+        possibilities.sort! {|a,b| b.inbound_edges(:redirect).size <=> a.inbound_edges(:redirect).size }
+        # if the first page has one or more redirects to it then use it; otherwise select with page with the fewest inputs
+        if (possibilities.first.inbound_edges(:redirect).size > 0)
+          authentication.login_page = possibilities.first
+          return authentication.login_page
+        else
+          page = possibilities.sort {|a,b| a.login_form.inputs.size <=> b.login_form.inputs.size }.first
+          if (page)
+            authentication.login_page = page
+            return authentication.login_page
+          end
+        end
+      else
+        return authentication.login_page
+      end
+      nil
+    end
+    def logout
+      reset!
+    end
+    def login(user)
+      populate_login_form(user).submit {|action,params|
+        post(action, params)
+      }
+    end
+    def populate_login_form(user)
+      # set up the form
+      page = find_login_form
+      page.reload {|url| get url; [request,response] }
+      form = page.login_form
+      # map the input values
+      form.inputs.each do |input|
+        # try the expected
+        attribute_name = input.guess_attribute.to_sym
+        attribute_value = user.stratagem.read_mock_attribute(attribute_name) || input.value
+        # try again
+        if (attribute_value.nil? || attribute_value == '')
+          attribute_name = input.guess_alternate_attribute.to_sym
+          attribute_value = user.stratagem.read_mock_attribute(attribute_name) || input.value
+        end
+        # if it still failed is it a confirmation value? if so, try the original
+        if (attribute_value.nil? || attribute_value == '')
+          if (attribute_name.to_s =~ /confirm/)
+            possible_match = attribute_name.to_s.split('_').select {|a| a !~ /confirm/ }.join('_')
+            if user.stratagem.mock_attributes.keys.include?(possible_match)
+              attribute_value = user.stratagem.read_mock_attribute(possible_match) || input.value
+            end
+          end
+        end
+        if (input.kind_of? Stratagem::Crawler::Toggle)
+          input.check
+        elsif (user.stratagem.mock_attributes.keys.include?(attribute_name))
+          input.value = user.stratagem.read_mock_attribute(attribute_name) unless input.hidden?
+        elsif (attribute_name.to_s == 'authenticity_token')
+          puts input.value
+        else
+          puts user.stratagem.mock_attributes.inspect
+          puts "ERROR: Cannot find attribute #{attribute_name} in model #{user.class.name}"
+        end
+      end
+      form
+    end
+  end
+end

data/lib/stratagem/crawler/authentication/configured.rb ADDED

@@ -0,0 +1,27 @@
+module Stratagem::Crawler::Authentication
+  class Configured < Base
+    include Stratagem::AutoMock::UserLoader
+    def user_models
+      credentials.map {|user_credentials|
+        application_model.models.find {|model| model.klass.name == user_credentials.model }
+      }.compact
+    end
+    def users
+      log "Loading users for #{credentials.size} sets of credentials"
+      credentials.each do |user_credentials|
+        user = load_user_from_configuration(user_credentials)
+        if (user)
+          log "Loaded credentials for user #{user.id}: #{user.stratagem.mock_attributes.inspect}"
+          user.stratagem.related_objects.each do |object|
+            (objects_by_class[object.class] ||= []) << object
+          end
+        end
+      end
+      log "Loaded #{objects_by_class.keys.size} object types: #{objects_by_class.keys.inspect}"
+    end
+  end
+end

data/lib/stratagem/crawler/parameter_resolver.rb CHANGED

@@ -6,12 +6,13 @@ module Stratagem::Crawler
       route_infos, params = build_url(route_container, resolved_params)
       route_info = route_infos.first
       unknown_params = params.keys
+      puts "resolving parameter types - #{unknown_params.inspect}"
       if (unknown_params.size > 0)
         resolve_with_convention(unknown_params, resolved_params)
         resolve_with_instrumentation(route_container, resolved_params)
         resolve_id_with_convention(route_container, unknown_params, resolved_params)
-        log "\tresolved parameter types - #{resolved_params.inspect}"
+        log "\tresolved parameter types - #{resolved_params.keys.inspect}, unknown - #{unknown_params.inspect}"
       end
       if (resolved_params.size > 0)
@@ -43,7 +44,7 @@ module Stratagem::Crawler
             # TODO inspect is a hack, refactor
             if (invocation.args.include?(value.first)) || (invocation.args.inspect.include?('"'+value.first.to_s+'"'))
               # found match
-              puts "\t\tresolved #{key} to #{invocation.model_class}"
+              puts "\t\tresolved #{key} to #{invocation.model_class} using instrumentation"
               unknown_params.delete(key)
               resolved_params[key] = invocation.model_class
               progress += 1
@@ -58,15 +59,18 @@ module Stratagem::Crawler
     end
     def resolve_with_convention(unknown_params, resolved_params)
-      unknown_params.each do |param|
-        if (param =~ /_id$/)
+      unknown_params.clone.each do |param|
+        if (param.to_s =~ /_id$/)
           begin
-            model = param.gsub(/^:/,'').gsub(/_id$/, '').camelize.constantize
+            puts "\t\tattempting to resolve #{param.sub(/^:/,'').sub(/_id$/, '').camelize}"
+            model = param.sub(/^:/,'').sub(/_id$/, '').camelize.constantize
             #success
             resolved_params[param] = model
             unknown_params.delete(param)
-            puts "\t\tresolved #{param} to #{model} using convention"
+            puts "\t\tresolved #{param} to #{model.name} using convention"
           rescue NameError
+            puts "NAMEERROR: #{$!.message}"
+          rescue
             puts "ERROR: #{$!.message}"
           end
         end
@@ -77,12 +81,12 @@ module Stratagem::Crawler
     def resolve_id_with_convention(route_container, unknown_params, resolved_params)
       if (unknown_params.include?('id'))
         route_container.path.split('/').inject(nil) {|prev,part|
-          if (prev && part == ':id')
+          if (prev && part =~ /^\:id/)
             begin
               resolved_params['id'] = prev.singularize.camelize.constantize
               unknown_params.delete('id')
             rescue
-              puts $!.message
+              Stratagem.logger.error($!)
             end
           end
           part