tynn 1.4.0 → 2.0.0.alpha

data/test/secure_headers_test.rb

@@ -1,27 +1,39 @@
+# frozen_string_literal: true
+
+require_relative "helper"
 require_relative "../lib/tynn/secure_headers"
 
-test "secure headers" do
-  Tynn.plugin(Tynn::SecureHeaders)
+class SecureHeadersTest < Minitest::Test
+  HEADERS = Tynn::SecureHeaders::HEADERS
+
+  def setup
+    @app = Class.new(Tynn)
+  end
+
+  def test_dont_override_default_headers
+    @app.set(:default_headers, "Content-Type" => "application/json")
+
+    @app.plugin(Tynn::SecureHeaders)
+
+    assert @app.default_headers.key?("Content-Type")
+  end
+
+  def test_dont_override_if_exists
+    @app.set(:default_headers, "X-Frame-Options" => "DENY")
+
+    @app.plugin(Tynn::SecureHeaders)
 
-  Tynn.define do
-    root do
-      res.write("safe")
-    end
+    assert_equal "DENY", @app.default_headers["X-Frame-Options"]
   end
 
-  app = Tynn::Test.new
-  app.get("/")
+  def test_respond_with_secure_headers
+    @app.plugin(Tynn::SecureHeaders)
 
-  secure_headers = {
-    "X-Content-Type-Options" => "nosniff",
-    "X-Frame-Options" => "SAMEORIGIN",
-    "X-Permitted-Cross-Domain-Policies" => "none",
-    "X-XSS-Protection" => "1; mode=block"
-  }
+    @app.define {}
 
-  headers = app.res.headers
+    ts = Tynn::Test.new(@app)
+    ts.get("/")
 
-  secure_headers.each do |header, value|
-    assert_equal(value, headers[header])
+    assert_equal HEADERS, ts.res.headers
   end
 end

data/test/session_test.rb

@@ -1,20 +1,53 @@
-require "securerandom"
+# frozen_string_literal: true
+
+require_relative "helper"
 require_relative "../lib/tynn/session"
 
-test "session" do
-  Tynn.plugin(Tynn::Session, secret: SecureRandom.hex(64))
+class SessionTest < Minitest::Test
+  def setup
+    @app = Class.new(Tynn)
+  end
+
+  def test_raise_error_if_secret_is_empty
+    assert_raises { @app.plugin(Tynn::Session) }
+  end
+
+  def test_raise_error_if_secret_is_short
+    assert_raises { @app.plugin(Tynn::Session, secret: "__not_secure__") }
+  end
+
+  def test_set_and_get_session
+    @app.plugin(Tynn::Session, secret: SecureRandom.hex(64))
 
-  Tynn.define do
-    root do
-      session[:foo] = "foo"
+    @app.define do
+      get do
+        session[:foo] = "foo"
 
-      res.write(session[:foo])
+        res.write(session[:foo])
+      end
     end
+
+    ts = Tynn::Test.new(@app)
+    ts.get("/")
+
+    assert_equal "foo", ts.res.body
+    assert_equal "foo", ts.req.session["foo"]
   end
 
-  app = Tynn::Test.new
-  app.get("/")
+  def test_set_same_site_attribute
+    @app.plugin(Tynn::Session, secret: SecureRandom.hex(64))
+
+    @app.define do
+      get do
+        session[:foo] = "foo"
+      end
+    end
 
-  assert_equal "foo", app.res.body
-  assert_equal "foo", app.req.env["rack.session"]["foo"]
+    ts = Tynn::Test.new(@app)
+    ts.get("/")
+
+    cookie = ts.res.headers["Set-Cookie"]
+
+    assert_match(/; SameSite=Lax/, cookie)
+  end
 end

data/test/settings_test.rb

@@ -0,0 +1,53 @@
+# frozen_string_literal: true
+
+require_relative "helper"
+
+class SettingsTest < Minitest::Test
+  def setup
+    @app = Class.new(Tynn)
+  end
+
+  def test_set_and_get
+    @app.set(:foo, "foo")
+
+    assert_equal "foo", @app.settings[:foo]
+  end
+
+  def test_set_hash
+    @app.set(:foo, bar: "bar")
+
+    assert_equal "bar", @app.settings[:foo][:bar]
+  end
+
+  def test_set_hash_with_merge
+    @app.set(:foo, foo: "foo", bar: "bar")
+    @app.set(:foo, bar: "foo", baz: "baz")
+
+    assert_equal "foo", @app.settings[:foo][:foo]
+    assert_equal "foo", @app.settings[:foo][:bar]
+    assert_equal "baz", @app.settings[:foo][:baz]
+  end
+
+  def test_set_hash_without_merge
+    @app.set(:foo, bar: "bar")
+    @app.set!(:foo, baz: "baz")
+
+    assert_equal nil, @app.settings[:foo][:bar]
+    assert_equal "baz", @app.settings[:foo][:baz]
+  end
+
+  def test_inheritance
+    @app.set(:foo, "foo")
+
+    @child1 = Class.new(@app)
+    @child2 = Class.new(@child1)
+
+    assert_equal "foo", @child1.settings[:foo]
+    assert_equal "foo", @child2.settings[:foo]
+
+    @child2.set(:foo, "bar")
+
+    assert_equal "foo", @child1.settings[:foo]
+    assert_equal "bar", @child2.settings[:foo]
+  end
+end

data/test/ssl_test.rb

@@ -1,60 +1,132 @@
+# frozen_string_literal: true
+
+require_relative "helper"
 require_relative "../lib/tynn/ssl"
 
-setup do
-  Tynn::Test.new
-end
+class SSLTest < Minitest::Test
+  def setup
+    @app = Class.new(Tynn)
+  end
+
+  def test_redirect_to_https
+    @app.plugin(Tynn::SSL)
+
+    @app.define {}
 
-test "redirects to https" do |app|
-  Tynn.plugin(Tynn::SSL)
+    ts = Tynn::Test.new(@app)
+    ts.get("/")
 
-  Tynn.define do
+    assert_equal 301, ts.res.status
+    assert_equal "https://example.org/", ts.res.location
   end
 
-  app.get("/")
+  def test_redirect_port_80
+    @app.plugin(Tynn::SSL)
 
-  assert_equal 301, app.res.status
-  assert_equal "https://example.org/", app.res.location
-end
+    @app.define {}
 
-test "https request" do |app|
-  Tynn.plugin(Tynn::SSL)
+    ts = Tynn::Test.new(@app)
+    ts.get("/", {}, "HTTP_HOST" => "example.org:80")
 
-  Tynn.define do
-    root do
-      res.write("secure")
-    end
+    assert_equal 301, ts.res.status
+    assert_equal "https://example.org/", ts.res.location
   end
 
-  app.get("/", {}, "HTTPS" => "on")
+  def test_redirect_port_443
+    @app.plugin(Tynn::SSL)
 
-  assert_equal 200, app.res.status
-  assert_equal "secure", app.res.body
-end
+    @app.define {}
 
-test "hsts header" do |app|
-  Tynn.plugin(Tynn::SSL)
+    ts = Tynn::Test.new(@app)
+    ts.get("/", {}, "HTTP_HOST" => "example.org:443")
 
-  Tynn.define do
+    assert_equal 301, ts.res.status
+    assert_equal "https://example.org/", ts.res.location
   end
 
-  app = Tynn::Test.new
-  app.get("/", {}, "HTTPS" => "on")
+  def test_redirect_to_non_default_port
+    @app.plugin(Tynn::SSL)
 
-  header = app.res.headers["Strict-Transport-Security"]
+    @app.define {}
 
-  assert_equal "max-age=15552000; includeSubdomains", header
-end
+    ts = Tynn::Test.new(@app)
+    ts.get("/", {}, "HTTP_HOST" => "example.org:4567")
 
-test "hsts header options" do |app|
-  Tynn.plugin(Tynn::SSL, hsts: { expires: 1, subdomains: false, preload: true })
+    assert_equal 301, ts.res.status
+    assert_equal "https://example.org:4567/", ts.res.location
+  end
+
+  def test_accept_safe_request
+    @app.plugin(Tynn::SSL)
+
+    @app.define { res.write("secure") }
 
-  Tynn.define do
+    ts = Tynn::Test.new(@app)
+    ts.get("/", {}, "HTTPS" => "on")
+
+    assert_equal 200, ts.res.status
+    assert_equal "secure", ts.res.body
   end
 
-  app = Tynn::Test.new
-  app.get("/", {}, "HTTPS" => "on")
+  def test_set_hsts_header_with_defaults
+    @app.plugin(Tynn::SSL)
+
+    @app.define {}
+
+    ts = Tynn::Test.new(@app)
+    ts.get("/", {}, "HTTPS" => "on")
+
+    header = ts.res.headers["Strict-Transport-Security"]
+
+    assert_equal "max-age=15552000; includeSubdomains", header
+  end
 
-  header = app.res.headers["Strict-Transport-Security"]
+  def test_set_hsts_header_with_options
+    @app.plugin(Tynn::SSL, hsts: {
+      expires: 1, subdomains: false, preload: true
+    })
 
-  assert_equal "max-age=1; preload", header
+    @app.define {}
+
+    ts = Tynn::Test.new(@app)
+    ts.get("/", {}, "HTTPS" => "on")
+
+    header = ts.res.headers["Strict-Transport-Security"]
+
+    assert_equal "max-age=1; preload", header
+  end
+
+  def test_disable_hsts
+    @app.plugin(Tynn::SSL, hsts: false)
+
+    @app.define {}
+
+    ts = Tynn::Test.new(@app)
+    ts.get("/", {}, "HTTPS" => "on")
+
+    header = ts.res.headers["Strict-Transport-Security"]
+
+    assert_equal "max-age=0; includeSubdomains", header
+  end
+
+  def test_set_secure_flag
+    @app.plugin(Tynn::SSL, hsts: false)
+
+    @app.define do
+      get do
+        res.set_cookie("first", "cookie", secure: false)
+        res.set_cookie("other", "cookie", http_only: true)
+        res.set_cookie("secure", "cookie", secure: true)
+      end
+    end
+
+    ts = Tynn::Test.new(@app)
+    ts.get("/", {}, "HTTPS" => "on")
+
+    first, other, secure = ts.res.headers["Set-Cookie"].split("\n")
+
+    assert_equal "first=cookie; secure", first
+    assert_equal "other=cookie; HttpOnly; secure", other
+    assert_equal "secure=cookie; secure", secure
+  end
 end

data/test/static_test.rb

@@ -1,13 +1,32 @@
+# frozen_string_literal: true
+
+require_relative "helper"
 require_relative "../lib/tynn/static"
 
-test "static" do
-  Tynn.plugin(Tynn::Static, %w(/test), root: Dir.pwd)
+class StaticTest < Minitest::Test
+  def setup
+    @app = Class.new(Tynn)
+  end
+
+  def test_serve_static_files_ok
+    @app.plugin(Tynn::Static, ["/test"], root: Dir.pwd)
+
+    @app.define {}
 
-  Tynn.define do
+    ts = Tynn::Test.new(@app)
+    ts.get("/test/static_test.rb")
+
+    assert_equal 200, ts.res.status
   end
 
-  app = Tynn::Test.new
-  app.get("/test/static_test.rb")
+  def test_serve_static_files_not_found
+    @app.plugin(Tynn::Static, ["/test"], root: Dir.pwd)
+
+    @app.define {}
 
-  assert_equal File.read(__FILE__), app.res.body
+    ts = Tynn::Test.new(@app)
+    ts.get("/test/file_not_exists.rb")
+
+    assert_equal 404, ts.res.status
+  end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: tynn
 version: !ruby/object:Gem::Version
-  version: 1.4.0
+  version: 2.0.0.alpha
 platform: ruby
 authors:
-- Francesco Rodríguez
+- Francesco Rodriguez
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-11-19 00:00:00.000000000 Z
+date: 2016-05-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rack
@@ -16,70 +16,70 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.6'
+        version: 2.x
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.6'
+        version: 2.x
 - !ruby/object:Gem::Dependency
   name: syro
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.1'
+        version: '2.1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.1'
+        version: '2.1'
 - !ruby/object:Gem::Dependency
-  name: cutest
+  name: erubis
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.2'
+        version: '2.7'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.2'
+        version: '2.7'
 - !ruby/object:Gem::Dependency
-  name: erubis
+  name: minitest
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.7'
+        version: '5.8'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.7'
+        version: '5.8'
 - !ruby/object:Gem::Dependency
-  name: hmote
+  name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.4'
+        version: '11.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.4'
+        version: '11.0'
 - !ruby/object:Gem::Dependency
   name: tilt
   requirement: !ruby/object:Gem::Requirement
@@ -94,9 +94,8 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '2.0'
-description: Thin library to create web applications
-email:
-- frodsan@protonmail.ch
+description: A thin library for web development in Ruby
+email: hello@frodsan.com
 executables: []
 extensions: []
 extra_rdoc_files: []
@@ -104,12 +103,10 @@ files:
 - LICENSE
 - README.md
 - lib/tynn.rb
-- lib/tynn/all_methods.rb
+- lib/tynn/base.rb
+- lib/tynn/default_headers.rb
 - lib/tynn/environment.rb
-- lib/tynn/hmote.rb
 - lib/tynn/json.rb
-- lib/tynn/not_found.rb
-- lib/tynn/protection.rb
 - lib/tynn/render.rb
 - lib/tynn/request.rb
 - lib/tynn/response.rb
@@ -120,19 +117,18 @@ files:
 - lib/tynn/static.rb
 - lib/tynn/test.rb
 - lib/tynn/version.rb
-- test/all_methods_test.rb
-- test/core_test.rb
 - test/default_headers_test.rb
 - test/environment_test.rb
 - test/helper.rb
-- test/hmote_test.rb
 - test/json_test.rb
 - test/middleware_test.rb
-- test/not_found_test.rb
-- test/protection_test.rb
+- test/plugin_test.rb
 - test/render_test.rb
+- test/request_headers_test.rb
+- test/routing_test.rb
 - test/secure_headers_test.rb
 - test/session_test.rb
+- test/settings_test.rb
 - test/ssl_test.rb
 - test/static_test.rb
 homepage: https://github.com/frodsan/tynn
@@ -147,31 +143,30 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 2.3.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">="
+  - - ">"
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 1.3.1
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.4.8
+rubygems_version: 2.5.1
 signing_key: 
 specification_version: 4
-summary: Thin library to create web applications
+summary: A thin library for web development in Ruby
 test_files:
-- test/all_methods_test.rb
-- test/core_test.rb
 - test/default_headers_test.rb
 - test/environment_test.rb
 - test/helper.rb
-- test/hmote_test.rb
 - test/json_test.rb
 - test/middleware_test.rb
-- test/not_found_test.rb
-- test/protection_test.rb
+- test/plugin_test.rb
 - test/render_test.rb
+- test/request_headers_test.rb
+- test/routing_test.rb
 - test/secure_headers_test.rb
 - test/session_test.rb
+- test/settings_test.rb
 - test/ssl_test.rb
 - test/static_test.rb