RubyGems - stratagem - Versions diffs - 0.2.3 → 0.2.4 - Mend

stratagem 0.2.3 → 0.2.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (65) hide show

data/Manifest +16 -6
data/Rakefile +8 -1
data/lib/generators/stratagem/install/install_base.rb +13 -3
data/lib/generators/stratagem/install/install_generator.rb +1 -1
data/lib/stratagem.rb +42 -18
data/lib/stratagem/authentication.rb +2 -5
data/lib/stratagem/auto_mock.rb +1 -0
data/lib/stratagem/auto_mock/aquifer.rb +49 -26
data/lib/stratagem/auto_mock/factory.rb +1 -6
data/lib/stratagem/auto_mock/user_loader.rb +38 -0
data/lib/stratagem/client.rb +15 -4
data/lib/stratagem/configuration/auth_auth.rb +19 -0
data/lib/stratagem/configuration/core.rb +20 -0
data/lib/stratagem/crawler/authentication.rb +17 -12
data/lib/stratagem/crawler/authentication/automated.rb +40 -0
data/lib/stratagem/crawler/authentication/base.rb +140 -0
data/lib/stratagem/crawler/authentication/configured.rb +27 -0
data/lib/stratagem/crawler/parameter_resolver.rb +12 -8
data/lib/stratagem/crawler/route_invoker.rb +10 -13
data/lib/stratagem/crawler/session.rb +14 -2
data/lib/stratagem/crawler/site_model.rb +4 -173
data/lib/stratagem/crawler/site_model/edge.rb +20 -0
data/lib/stratagem/crawler/site_model/page.rb +121 -0
data/lib/stratagem/crawler/site_model/page_set.rb +58 -0
data/lib/stratagem/instrumentation/models.rb +3 -14
data/lib/stratagem/instrumentation/models/annotations.rb +39 -5
data/lib/stratagem/instrumentation/models/authentication.rb +0 -1
data/lib/stratagem/instrumentation/models/authentication/authlogic/detect.rb +1 -0
data/lib/stratagem/instrumentation/models/authentication/devise/detect.rb +1 -1
data/lib/stratagem/instrumentation/models/authentication/devise/instrumentation.rb +0 -4
data/lib/stratagem/instrumentation/models/metadata.rb +23 -1
data/lib/stratagem/instrumentation/models/persistence.rb +3 -4
data/lib/stratagem/instrumentation/models/persistence/active_record/metadata.rb +2 -2
data/lib/stratagem/interface/browser.rb +9 -3
data/lib/stratagem/interface/public/javascripts/stratagem.js +14 -12
data/lib/stratagem/interface/views/index.haml +3 -3
data/lib/stratagem/logger.rb +28 -2
data/lib/stratagem/model.rb +6 -0
data/lib/stratagem/model/application.rb +21 -134
data/lib/stratagem/model/components/base.rb +1 -4
data/lib/stratagem/model/components/controller.rb +1 -2
data/lib/stratagem/model/components/model.rb +15 -15
data/lib/stratagem/model/components/route.rb +3 -2
data/lib/stratagem/model/components/view.rb +0 -1
data/lib/stratagem/model/containers/base.rb +60 -0
data/lib/stratagem/model/containers/gem.rb +25 -0
data/lib/stratagem/model/containers/plugin.rb +11 -0
data/lib/stratagem/model/containers/route.rb +19 -0
data/lib/stratagem/model/parse_util.rb +3 -3
data/lib/stratagem/model_builder.rb +1 -4
data/lib/stratagem/rack_hack.rb +15 -0
data/lib/stratagem/site_crawler.rb +5 -4
data/lib/stratagem/snapshot.rb +5 -7
data/spec/stratagem/configuration_spec.rb +32 -0
data/stratagem.gemspec +5 -8
data/templates/install/environments/stratagem.rb.erb +31 -2
data/templates/install/script/stratagem +16 -0
data/templates/install/tasks/stratagem.rake +2 -2
metadata +36 -65
data/bin/stratagem +0 -58
data/lib/stratagem/scan.rb +0 -19
data/lib/stratagem/scan/checks/email_address.rb +0 -15
data/lib/stratagem/scan/checks/error_pages.rb +0 -25
data/lib/stratagem/scan/result.rb +0 -45
data/lib/stratagem/scanner.rb +0 -32

data/lib/stratagem/auto_mock/user_loader.rb ADDED

@@ -0,0 +1,38 @@
+# Locates an instance of a user from configured credentials
+module Stratagem::AutoMock
+  module UserLoader
+    def load_user_from_configuration(credentials)
+      possible_matches = []
+      auth_creds = credentials.authentication_parameters
+      model = credentials.model.constantize
+      @all_user_objects ||= model.all
+      log "\tloaded #{@all_user_objects.size} users from the database"
+      @all_user_objects.each do |user|
+        matching_attributes = matching_credentials(auth_creds, user)
+        possible_matches << [user, matching_attributes] if matching_attributes > 0
+      end
+      match = possible_matches.sort {|a,b| a[1] <=> b[1] }.last
+      if (match)
+        user = match.first
+        auth_creds.each {|k,v| user.stratagem.mock_attributes[k] = v }
+        user
+      else
+        nil
+      end
+    end
+    def matching_credentials(authentication_parameters, user)
+      count = 0
+      authentication_parameters.each do |attribute, value|
+        begin
+          count += 1 if (value == user.send(attribute.to_sym))
+        rescue
+        end
+      end
+      count
+    end
+  end
+end

data/lib/stratagem/client.rb CHANGED

@@ -1,4 +1,6 @@
 require 'uri'
+require 'zlib'
+require 'base64'
 module Stratagem
   class Client
@@ -7,18 +9,29 @@ module Stratagem
     end
     def send(snapshot)
+      Stratagem.logger.phase('exporting')
       Stratagem.logger.debug "Sending report to server"
       url = URI.parse("#{@authentication.base_url}/snapshots")
       req = Stratagem.ssl? ? Net::HTTPS::Post.new(url.path) : Net::HTTP::Post.new(url.path)
+      model = snapshot.model.export.to_json
+      puts "Size: #{model.size}"
+      compressed = Zlib::Deflate.deflate(model, Zlib::BEST_COMPRESSION)
+      base64 = Base64.encode64(compressed)
+      puts "Compressed size: #{compressed.size}"
+      puts "Compressed size base 64: #{base64.size}"
       req.set_form_data({
         'auth_token' => @authentication.credentials[:token],
         'project_id' => @authentication.credentials[:project],
         'timestamp' => snapshot.timestamp.to_i,
-        'model' => snapshot.model.export.to_json
+        'model' => model
       }, ';')
       client = Stratagem.ssl? ? Net::HTTPS.new(url.host, url.port) : Net::HTTP.new(url.host, url.port)
-      res = client.start {|http| http.request(req) }
+      res = client.start {|http|
+        http.read_timeout= 360
+        http.request(req)
+      }
       puts "response:"
       case res
       when Net::HTTPSuccess, Net::HTTPRedirection
@@ -27,8 +40,6 @@ module Stratagem
       else
         res.error!
       end
-      Stratagem.logger.phase('complete')
     end
   end
 end

data/lib/stratagem/configuration/auth_auth.rb ADDED

@@ -0,0 +1,19 @@
+module Stratagem
+  module Configuration
+    class AuthAuth
+      attr_accessor :model, :authorized_to_view_others_data, :authorized_to_modify_others_data, :authorized_to_upload_files, :authentication_parameters
+      def initialize
+        self.authorized_to_view_others_data = true
+        self.authorized_to_modify_others_data = false
+        self.authorized_to_upload_files = true
+        self.model = 'User'
+      end
+      def credentials(authentication_parameters)
+        self.authentication_parameters = authentication_parameters
+      end
+    end
+  end
+end

data/lib/stratagem/configuration/core.rb ADDED

@@ -0,0 +1,20 @@
+module Stratagem
+  module Configuration
+    class Core
+      attr_accessor :use_transactional_crawling, :use_automatic_mocking
+      attr_reader :credentials
+      def initialize
+        @use_automatic_mocking = false
+        @use_transactional_crawling = true
+        @credentials = []
+      end
+      def authenticate_with(&block)
+        user = AuthAuth.new
+        block.call(user)
+        @credentials << user
+      end
+    end
+  end
+end

data/lib/stratagem/crawler/authentication.rb CHANGED

@@ -7,20 +7,25 @@ module Stratagem::Crawler
   module Authentication
     include Stratagem::Crawler::TraceUtils
-    def users
+    def user_model
+      model = nil
       page = find_login_form
-      users = []
       if (page)
         form = page.login_form
         attr_names = form.inputs.map {|input| input.guess_attribute.to_sym }
         model = guess_login_model(attr_names)
-        if (model)
-          users = aquifer.instances_of(model.klass)
-        else
-          log "ERROR: Unable to determine user model"
-        end
+      end
+      log "Authenticating with model #{model.klass.name}"
+      model
+    end
+    def users
+      users = []
+      model = user_model()
+      if (model)
+        users = aquifer.instances_of(model.klass).select {|user| user.stratagem.mock_attributes.size > 0 }
       else
-        log "ERROR: Could not find login form"
+        log "ERROR: Unable to determine authentication model and / or form"
       end
       users
     end
@@ -54,8 +59,7 @@ module Stratagem::Crawler
           authentication.success = authentication.response_page.login_form.nil?
         end
       rescue
-        puts $!.message
-        puts $!.backtrace
+        Stratagem.logger.error($!)
       end
       puts "authenticated? #{authentication.success}"
@@ -80,12 +84,13 @@ module Stratagem::Crawler
         # if the first page has one or more redirects to it then use it; otherwise select with page with the fewest inputs
         if (possibilities.first.inbound_edges(:redirect).size > 0)
-          return possibilities.first
+          authentication.login_page = possibilities.first
+          return authentication.login_page
         else
           page = possibilities.sort {|a,b| a.login_form.inputs.size <=> b.login_form.inputs.size }.first
           if (page)
             authentication.login_page = page
-            return page
+            return authentication.login_page
           end
         end
       else

data/lib/stratagem/crawler/authentication/automated.rb ADDED

@@ -0,0 +1,40 @@
+module Stratagem::Crawler::Authentication
+  class AuthenticationData
+    attr_accessor :success, :login_page, :form, :response_page, :ssl, :authenticated_with
+  end
+  class Base
+    include Stratagem::Crawler::TraceUtils
+    def user_models
+      model = nil
+      page = find_login_form
+      if (page)
+        form = page.login_form
+        attr_names = form.inputs.map {|input| input.guess_attribute.to_sym }
+        model = guess_login_model(attr_names)
+      end
+      log "Authenticating with model #{model.klass.name}"
+      [model]
+    end
+    def guess_login_model(attr_names)
+      selections = application_model.models.select {|model|
+        puts "#{model.klass.name} - #{model.model_attributes.keys.inspect}"
+        intersect = (model.model_attributes.keys & attr_names)
+        intersect.size > 0
+      }.sort {|a,b|
+        a_intersect = (a.model_attributes.keys & attr_names)
+        b_intersect = (b.model_attributes.keys & attr_names)
+        b_intersect.size <=> a_intersect.size
+      }
+      explicit_model = application_model.models.find {|model| model.klass.name == 'User' }
+      selections.unshift explicit_model if explicit_model
+      puts "selecting model #{selections.first.klass.name} for authentication" if (selections.size > 0)
+      selections.first
+    end
+ end
+end

data/lib/stratagem/crawler/authentication/base.rb ADDED

@@ -0,0 +1,140 @@
+module Stratagem::Crawler::Authentication
+  class AuthenticationData
+    attr_accessor :success, :login_page, :form, :response_page, :ssl, :authenticated_with
+  end
+  class Base
+    include Stratagem::Crawler::TraceUtils
+    def users
+      users = []
+      user_models.each do |user_model|
+        users += aquifer.instances_of(user_model.klass).select {|user| user.stratagem.mock_attributes.size > 0 }
+      end
+      users
+    end
+    def reset_authentication
+      @authentication_data = nil
+    end
+    def authentication
+      unless @authentication_data
+        @authentication_data = AuthenticationData.new()
+        site_model.authentication = @authentication_data
+      end
+      @authentication_data
+    end
+    def authenticate(user, recursion_count=0)
+      reset_authentication
+      login(user)
+      route = application_model.routes.recognize(request.path, :post)
+      redirected_to = nil
+      page = site_model.add(route, controller, request, response) {|redirect_url| redirected_to = redirect_url }
+      authentication.response_page = page
+      begin
+        if (request.url == (redirected_to || '')) || (![200,302].include?(response.code.to_i))
+          authentication.success = false
+        else
+          authentication.success = authentication.response_page.login_form.nil?
+        end
+      rescue
+        Stratagem.logger.error($!)
+      end
+      puts "authenticated? #{authentication.success}"
+      if (response && authentication.success)
+        authentication.ssl = request.ssl?
+        authentication.authenticated_with = user
+        yield
+        logout
+      else
+        puts response.body
+        false
+      end
+    end
+    def find_login_form
+      puts "finding login form"
+      if authentication.login_page.nil?
+        puts "locating login page"
+        puts "testing #{site_models.first.pages.size} pages"
+        possibilities = site_models.first.pages.select {|page| page.login_form != nil }
+        possibilities.sort! {|a,b| b.inbound_edges(:redirect).size <=> a.inbound_edges(:redirect).size }
+        # if the first page has one or more redirects to it then use it; otherwise select with page with the fewest inputs
+        if (possibilities.first.inbound_edges(:redirect).size > 0)
+          authentication.login_page = possibilities.first
+          return authentication.login_page
+        else
+          page = possibilities.sort {|a,b| a.login_form.inputs.size <=> b.login_form.inputs.size }.first
+          if (page)
+            authentication.login_page = page
+            return authentication.login_page
+          end
+        end
+      else
+        return authentication.login_page
+      end
+      nil
+    end
+    def logout
+      reset!
+    end
+    def login(user)
+      populate_login_form(user).submit {|action,params|
+        post(action, params)
+      }
+    end
+    def populate_login_form(user)
+      # set up the form
+      page = find_login_form
+      page.reload {|url| get url; [request,response] }
+      form = page.login_form
+      # map the input values
+      form.inputs.each do |input|
+        # try the expected
+        attribute_name = input.guess_attribute.to_sym
+        attribute_value = user.stratagem.read_mock_attribute(attribute_name) || input.value
+        # try again
+        if (attribute_value.nil? || attribute_value == '')
+          attribute_name = input.guess_alternate_attribute.to_sym
+          attribute_value = user.stratagem.read_mock_attribute(attribute_name) || input.value
+        end
+        # if it still failed is it a confirmation value? if so, try the original
+        if (attribute_value.nil? || attribute_value == '')
+          if (attribute_name.to_s =~ /confirm/)
+            possible_match = attribute_name.to_s.split('_').select {|a| a !~ /confirm/ }.join('_')
+            if user.stratagem.mock_attributes.keys.include?(possible_match)
+              attribute_value = user.stratagem.read_mock_attribute(possible_match) || input.value
+            end
+          end
+        end
+        if (input.kind_of? Stratagem::Crawler::Toggle)
+          input.check
+        elsif (user.stratagem.mock_attributes.keys.include?(attribute_name))
+          input.value = user.stratagem.read_mock_attribute(attribute_name) unless input.hidden?
+        elsif (attribute_name.to_s == 'authenticity_token')
+          puts input.value
+        else
+          puts user.stratagem.mock_attributes.inspect
+          puts "ERROR: Cannot find attribute #{attribute_name} in model #{user.class.name}"
+        end
+      end
+      form
+    end
+  end
+end

data/lib/stratagem/crawler/authentication/configured.rb ADDED

@@ -0,0 +1,27 @@
+module Stratagem::Crawler::Authentication
+  class Configured < Base
+    include Stratagem::AutoMock::UserLoader
+    def user_models
+      credentials.map {|user_credentials|
+        application_model.models.find {|model| model.klass.name == user_credentials.model }
+      }.compact
+    end
+    def users
+      log "Loading users for #{credentials.size} sets of credentials"
+      credentials.each do |user_credentials|
+        user = load_user_from_configuration(user_credentials)
+        if (user)
+          log "Loaded credentials for user #{user.id}: #{user.stratagem.mock_attributes.inspect}"
+          user.stratagem.related_objects.each do |object|
+            (objects_by_class[object.class] ||= []) << object
+          end
+        end
+      end
+      log "Loaded #{objects_by_class.keys.size} object types: #{objects_by_class.keys.inspect}"
+    end
+  end
+end

data/lib/stratagem/crawler/parameter_resolver.rb CHANGED

@@ -6,12 +6,13 @@ module Stratagem::Crawler
       route_infos, params = build_url(route_container, resolved_params)
       route_info = route_infos.first
       unknown_params = params.keys
+      puts "resolving parameter types - #{unknown_params.inspect}"
       if (unknown_params.size > 0)
         resolve_with_convention(unknown_params, resolved_params)
         resolve_with_instrumentation(route_container, resolved_params)
         resolve_id_with_convention(route_container, unknown_params, resolved_params)
-        log "\tresolved parameter types - #{resolved_params.inspect}"
+        log "\tresolved parameter types - #{resolved_params.keys.inspect}, unknown - #{unknown_params.inspect}"
       end
       if (resolved_params.size > 0)
@@ -43,7 +44,7 @@ module Stratagem::Crawler
             # TODO inspect is a hack, refactor
             if (invocation.args.include?(value.first)) || (invocation.args.inspect.include?('"'+value.first.to_s+'"'))
               # found match
-              puts "\t\tresolved #{key} to #{invocation.model_class}"
+              puts "\t\tresolved #{key} to #{invocation.model_class} using instrumentation"
               unknown_params.delete(key)
               resolved_params[key] = invocation.model_class
               progress += 1
@@ -58,15 +59,18 @@ module Stratagem::Crawler
     end
     def resolve_with_convention(unknown_params, resolved_params)
-      unknown_params.each do |param|
-        if (param =~ /_id$/)
+      unknown_params.clone.each do |param|
+        if (param.to_s =~ /_id$/)
           begin
-            model = param.gsub(/^:/,'').gsub(/_id$/, '').camelize.constantize
+            puts "\t\tattempting to resolve #{param.sub(/^:/,'').sub(/_id$/, '').camelize}"
+            model = param.sub(/^:/,'').sub(/_id$/, '').camelize.constantize
             #success
             resolved_params[param] = model
             unknown_params.delete(param)
-            puts "\t\tresolved #{param} to #{model} using convention"
+            puts "\t\tresolved #{param} to #{model.name} using convention"
           rescue NameError
+            puts "NAMEERROR: #{$!.message}"
+          rescue
             puts "ERROR: #{$!.message}"
           end
         end
@@ -77,12 +81,12 @@ module Stratagem::Crawler
     def resolve_id_with_convention(route_container, unknown_params, resolved_params)
       if (unknown_params.include?('id'))
         route_container.path.split('/').inject(nil) {|prev,part|
-          if (prev && part == ':id')
+          if (prev && part =~ /^\:id/)
             begin
               resolved_params['id'] = prev.singularize.camelize.constantize
               unknown_params.delete('id')
             rescue
-              puts $!.message
+              Stratagem.logger.error($!)
             end
           end
           part