tentd 0.0.1

data/spec/integration/api/profile_spec.rb

@@ -0,0 +1,285 @@
+require 'spec_helper'
+
+describe TentD::API::Profile do
+  def app
+    TentD::API.new
+  end
+
+  let(:env) { {} }
+  let(:params) { Hash.new }
+
+  let(:authorized_info_types) { [] }
+  let(:authorized_scopes) { [] }
+  let(:app_authorization) do
+    Fabricate(
+      :app_authorization,
+      :app => Fabricate(:app),
+      :profile_info_types => authorized_info_types,
+      :scopes => authorized_scopes
+    )
+  end
+
+  let(:basic_info_type) { "https://tent.io/types/info/basic/v0.1.0" }
+  let(:basic_info_content) do
+    {
+      "name" => "John Smith",
+      "age" => 21
+    }
+  end
+
+  let(:work_history_type) { "https://tent.io/types/info/work-history/v0.1.0" }
+  let(:work_history_content) do
+    {
+      "employers" => ["Foo Corp"]
+    }
+  end
+
+  def url_encode_type(type)
+    URI.encode(type, ":/")
+  end
+
+  def create_info(type, content, options = {})
+    Fabricate(:profile_info, :public => options[:public], :type => type, :content => content)
+  end
+
+  describe 'GET /profile' do
+    context 'when read_profile scope authorized' do
+      let(:authorized_scopes) { [:read_profile] }
+      before { env['current_auth'] = app_authorization }
+
+      context 'when authorized for all info types' do
+        let(:authorized_info_types) { ['all'] }
+
+        it 'should return all info types' do
+          TentD::Model::ProfileInfo.all.destroy
+
+          profile_infos = []
+          profile_infos << Fabricate(:profile_info, :public => false)
+          profile_infos << Fabricate(:basic_profile_info, :public => false)
+
+          json_get '/profile', params, env
+          expect(last_response.body).to eq({
+            "#{ profile_infos.first.type.uri }" => profile_infos.first.content.merge(:permissions => profile_infos.first.permissions_json),
+            "#{ profile_infos.last.type.uri }" => profile_infos.last.content.merge(:permissions => profile_infos.first.permissions_json)
+          }.to_json)
+        end
+      end
+
+      context 'when authorized for specific info types' do
+        let(:authorized_info_types) { ['https://tent.io/types/info/basic'] }
+
+        it 'should only return authorized info types' do
+          TentD::Model::ProfileInfo.all.destroy
+
+          profile_infos = []
+          profile_infos << Fabricate(:profile_info, :public => false, :type => "https://tent.io/types/info/basic/v0.1.0")
+          profile_infos << Fabricate(:profile_info, :public => false)
+
+          json_get '/profile', params, env
+          expect(last_response.body).to eq({
+            "#{ profile_infos.first.type.uri }" => profile_infos.first.content.merge(:permissions => profile_infos.first.permissions_json)
+          }.to_json)
+        end
+      end
+    end
+
+    context 'when read_profile scope unauthorized' do
+      it 'should only return public profile into types' do
+        TentD::Model::ProfileInfo.all.destroy
+
+        profile_infos = []
+        profile_infos << Fabricate(:profile_info, :public => true)
+        profile_infos << Fabricate(:basic_profile_info, :public => false)
+
+        json_get '/profile', params, env
+        expect(last_response.body).to eq({
+          "#{ profile_infos.first.type.uri }" => profile_infos.first.content.merge(:permissions => profile_infos.first.permissions_json)
+        }.to_json)
+      end
+    end
+  end
+
+  describe 'PUT /profile/:type_url' do
+    before { env['current_auth'] = app_authorization }
+
+    context 'when authorized' do
+      let(:authorized_scopes) { [:write_profile] }
+
+      can_update_basic_info_type = proc do
+        it 'should update info type' do
+          info = create_info(basic_info_type, basic_info_content, :public => false)
+
+          expect(info.type.uri).to eq(basic_info_type)
+
+          data = {
+            "name" => "John Doe"
+          }
+
+          json_put "/profile/#{url_encode_type(basic_info_type)}", data, env
+
+          expect(last_response.status).to eq(200)
+          expect(info.reload.content).to eq(data)
+
+          expect(info.reload.type.uri).to eq(basic_info_type)
+
+        end
+
+        it 'should create unless exists' do
+          TentD::Model::ProfileInfo.all.destroy
+
+          data = {
+            "name" => "John Doe"
+          }
+
+          expect(lambda {
+            json_put "/profile/#{url_encode_type(basic_info_type)}", data, env
+          }).to change(TentD::Model::ProfileInfo, :count).by(1)
+
+          info = TentD::Model::ProfileInfo.last
+          expect(last_response.status).to eq(200)
+          expect(info.content).to eq(data)
+          expect(info.type.version).to eq('0.1.0')
+        end
+      end
+
+      context 'when all info types authorized' do
+        let(:authorized_info_types) { ['all'] }
+
+        context '', &can_update_basic_info_type
+      end
+
+      context 'when specific info types authorized' do
+        context 'when :type_url authorized info type' do
+          let(:authorized_info_types) { [basic_info_type] }
+
+          context '', &can_update_basic_info_type
+        end
+
+        context 'when :type_url not authoried info type' do
+          it 'should return 403' do
+            json_put "/profile/#{url_encode_type(basic_info_type)}", params, env
+            expect(last_response.status).to eq(403)
+          end
+        end
+      end
+    end
+
+    context 'when not authorized' do
+      it 'should return 403' do
+        json_put "/profile/#{url_encode_type(basic_info_type)}", params, env
+        expect(last_response.status).to eq(403)
+      end
+    end
+  end
+
+  describe 'PATCH /profile' do
+    before { env['current_auth'] = app_authorization }
+
+    def diff_encode_type(type)
+      type.gsub(/~/, '~0').gsub(/\//, '~1')
+    end
+
+    context 'when authorized' do
+      let(:authorized_scopes) { [:write_profile] }
+
+      can_update_basic_info_type = proc do
+        it 'should update basic info with diff' do
+          TentD::Model::ProfileInfo.all.destroy
+
+          info = create_info(basic_info_type, basic_info_content, :public => false)
+
+          diff = [
+            { "add" => "#{diff_encode_type(basic_info_type)}/city", "value" => "New York" },
+            { "remove" => "#{diff_encode_type(basic_info_type)}/age" },
+            { "replace" => "#{diff_encode_type(basic_info_type)}/name", "value" => "Alex Smith" }
+          ]
+
+          expected_data = {
+            "city" => "New York",
+            "name" => "Alex Smith",
+          }
+
+          json_patch "/profile", diff, env
+
+          expect(last_response.status).to eq(200)
+          expect(info.reload.content).to eq(expected_data)
+        end
+
+        it 'should return 422 if diff tests fail' do
+          TentD::Model::ProfileInfo.all.destroy
+
+          info = create_info(basic_info_type, basic_info_content, :public => false)
+
+          diff = [
+            { "add" => "#{diff_encode_type(basic_info_type)}/city", "value" => "New York" },
+            { "remove" => "#{diff_encode_type(basic_info_type)}/age" },
+            { "replace" => "#{diff_encode_type(basic_info_type)}/name", "value" => "Alex Smith" },
+            { "test" => "#{diff_encode_type(basic_info_type)}/age", "value" => 40 },
+          ]
+
+          expected_data = info.content
+
+          json_patch "/profile", diff, env
+
+          expect(last_response.status).to eq(422)
+          expect(info.reload.content).to eq(expected_data)
+        end
+      end
+
+      context 'when all info types authorized' do
+        let(:authorized_info_types) { ['all'] }
+
+        context '', &can_update_basic_info_type
+
+        it 'should update any info' do
+          TentD::Model::ProfileInfo.all.destroy
+
+          info = create_info(basic_info_type, basic_info_content, :public => false)
+
+          diff = [
+            { "add" => "#{diff_encode_type(basic_info_type)}/city", "value" => "New York" },
+            { "remove" => "#{diff_encode_type(basic_info_type)}/age" },
+            { "replace" => "#{diff_encode_type(basic_info_type)}/name", "value" => "Alex Smith" },
+            { "add" => "#{diff_encode_type(work_history_type)}/employers", "value" => ["Foo Corp"] },
+            { "move" => "#{diff_encode_type(basic_info_type)}/name", "to" => "#{diff_encode_type(work_history_type)}/name" },
+            { "add" => "#{diff_encode_type(work_history_type)}/employers/1", "value" => "Bar Corp" },
+            { "add" => "#{diff_encode_type(work_history_type)}/city", "value" => "London" }
+          ]
+
+          expected_basic_data = {
+            "city" => "New York",
+          }
+
+          expected_work_data = {
+            "name" => "Alex Smith",
+            "employers" => ["Foo Corp", "Bar Corp"],
+            "city" => "London",
+          }
+
+          expect(lambda {
+            json_patch "/profile", diff, env
+          }).to change(TentD::Model::ProfileInfo, :count).by(1)
+
+          expect(last_response.status).to eq(200)
+          expect(info.reload.content).to eq(expected_basic_data)
+
+          work_info = TentD::Model::ProfileInfo.last
+          expect(work_info.content).to eq(expected_work_data)
+        end
+      end
+
+      context 'when specific info types authorized' do
+        let(:authorized_info_types) { [basic_info_type] }
+
+        context '', &can_update_basic_info_type
+      end
+    end
+
+    context 'when not authorized' do
+      it 'should return 403' do
+        json_patch '/profile', params, env
+        expect(last_response.status).to eq(403)
+      end
+    end
+  end
+end

data/spec/integration/api/router_spec.rb

@@ -0,0 +1,102 @@
+require 'spec_helper'
+
+describe TentD::API::Router do
+  class TestMiddleware < TentD::API::Middleware
+    def action(env)
+      env['response'] = { 'params' => env['params'] }
+      env
+    end
+  end
+
+  class TestMiddlewarePrematureResponse < TentD::API::Middleware
+    def action(env)
+      [200, { 'Content-Type' => 'text/plain' }, 'Premature-Response']
+    end
+  end
+
+  class TestMountedApp
+    include TentD::API::Router
+
+    get '/chunky/:bacon' do |b|
+      b.use TestMiddleware
+    end
+  end
+
+  class PrefixMountedApp
+    def initialize(app)
+      @app = app
+    end
+
+    def call(env)
+      myprefix = '/prefix'
+
+      if env['PATH_INFO'].start_with?(myprefix)
+        env['SCRIPT_NAME'] = env['SCRIPT_NAME'][0..-2] if env['SCRIPT_NAME'].end_with?('/') # strip trailing slash
+        env['SCRIPT_NAME'] += myprefix
+
+        env['PATH_INFO'].sub! myprefix, ''
+        @app.call(env)
+      end
+    end
+  end
+
+  class TestApp
+    include TentD::API::Router
+
+    get '/foo/:bar' do |b|
+      b.use TestMiddleware
+    end
+
+    get '/premature/response' do |b|
+      b.use TestMiddlewarePrematureResponse
+      b.use TestMiddleware
+    end
+
+    post %r{^/foo/([^/]+)/bar} do |b|
+      b.use TestMiddleware
+    end
+
+    mount TestMountedApp
+  end
+
+  def app
+    TestApp.new
+  end
+
+  let(:env) { { 'authorized_scopes' => [] } }
+
+  context "as a mounted app with a prefix" do
+    let(:app) { PrefixMountedApp.new(TestApp.new) }
+
+    it "still matches the path name" do
+      json_get '/prefix/foo/baz', nil, env
+      expect(last_response.status).to eq(200)
+      expect(JSON.parse(last_response.body)['params']['bar']).to eq('baz')
+    end
+  end
+
+  it "should extract params" do
+    json_get '/foo/baz', nil, env
+    expect(last_response.status).to eq(200)
+    expect(JSON.parse(last_response.body)['params']['bar']).to eq('baz')
+  end
+
+  it "should merge both sets of params" do
+    json_post '/foo/baz/bar?chunky=bacon', nil, env
+    expect(last_response.status).to eq(200)
+    actual_body = JSON.parse(last_response.body)
+    expect(actual_body['params']['chunky']).to eq('bacon')
+    expect(actual_body['params']['captures']).to include('baz')
+  end
+
+  it "should work with mount" do
+    json_get '/chunky/crunch', nil, env
+    expect(last_response.status).to eq(200)
+    expect(JSON.parse(last_response.body)['params']['bacon']).to eq('crunch')
+  end
+
+  it "should allow middleware to prematurely respond" do
+    json_get '/premature/response', nil, env
+    expect(last_response.body).to eq('Premature-Response')
+  end
+end

data/spec/integration/model/app_authorization_spec.rb

@@ -0,0 +1,59 @@
+require 'spec_helper'
+
+describe TentD::Model::AppAuthorization do
+  let(:app_authorization) { Fabricate(:app_authorization, :app => Fabricate(:app)) }
+
+  describe '.follow_url' do
+    it 'should find app authorization with follow_ui scope and follow_url' do
+      Fabricate(:app_authorization, :app => Fabricate(:app), :scopes => %w{ follow_ui }, :follow_url => 'https://follow.example.org/awesome-ui')
+      app_auth = Fabricate(:app_authorization, :app => Fabricate(:app), :scopes => %w{ read_posts follow_ui write_posts }, :follow_url => 'https://follow.example.com')
+      entity = 'https://johndoe.example.org'
+
+      follow_url = described_class.follow_url(entity)
+      expect(follow_url).to eq("#{app_auth.follow_url}?entity=#{URI.encode_www_form_component(entity)}")
+    end
+  end
+
+  describe '#as_json' do
+    let(:app_attributes) do
+      {
+        :id => app_authorization.public_id,
+        :post_types => app_authorization.post_types,
+        :profile_info_types => app_authorization.profile_info_types,
+        :scopes => app_authorization.scopes,
+        :notification_url => app_authorization.notification_url,
+        :created_at => app_authorization.created_at.to_time.to_i,
+        :updated_at => app_authorization.updated_at.to_time.to_i
+      }
+    end
+
+    context 'with options[:app]' do
+      let(:options) { { :app => true } }
+
+      it 'should return everything except mac stuff' do
+        expect(app_authorization.as_json(options)).to eq(app_attributes)
+      end
+
+      context 'and options[:authorization_token]' do
+        before { options[:authorization_token] = true }
+        it 'should return token code' do
+          expect(app_authorization.as_json(options)).to eq(app_attributes.merge(
+            :token_code => app_authorization.token_code
+          ))
+        end
+      end
+
+      context 'and options[:mac]' do
+        before { options[:mac] = true }
+
+        it 'should return mac stuff' do
+          expect(app_authorization.as_json(options)).to eq(app_attributes.merge(
+            :mac_key_id => app_authorization.mac_key_id,
+            :mac_key => app_authorization.mac_key,
+            :mac_algorithm => app_authorization.mac_algorithm
+          ))
+        end
+      end
+    end
+  end
+end

data/spec/integration/model/app_spec.rb

@@ -0,0 +1,63 @@
+require 'spec_helper'
+
+describe TentD::Model::App do
+  let(:app) { Fabricate(:app) }
+
+  describe '#as_json' do
+    let(:public_attributes) do
+      {
+        :id => app.public_id,
+        :name => app.name,
+        :description => app.description,
+        :url => app.url,
+        :icon => app.icon,
+        :redirect_uris => app.redirect_uris,
+        :scopes => app.scopes,
+        :authorizations => []
+      }
+    end
+
+    context 'without options' do
+      it 'should return public_attributes' do
+        expect(app.as_json).to eq(public_attributes)
+      end
+    end
+
+    with_mac_keys = proc do
+      it 'should return mac keys' do
+        expect(app.as_json(options)).to eq(public_attributes.merge(
+          :mac_key_id => app.mac_key_id,
+          :mac_key => app.mac_key,
+          :mac_algorithm => app.mac_algorithm
+        ))
+      end
+    end
+
+    context 'with options[:mac]' do
+      let(:options) { { :mac => true } }
+      context &with_mac_keys
+    end
+
+    context 'with options[:exclude]' do
+      it 'should excude specified keys' do
+        attribtues = public_attributes
+        attribtues.delete(:id)
+        expect(app.as_json(:exclude => [:id])).to eq(attribtues)
+      end
+    end
+
+    context 'with options[:app]' do
+      let!(:app) { Fabricate(:app) }
+      let!(:authorization) { Fabricate(:app_authorization, :app => app) }
+
+      it 'should return authorizations' do
+        options = { :app => true }
+        expect(app.as_json(options)).to eq(public_attributes.merge(
+          :authorizations => [authorization.as_json(options)],
+          :created_at => app.created_at.to_time.to_i,
+          :updated_at => app.updated_at.to_time.to_i
+        ))
+      end
+    end
+  end
+end