useless 0.1.2 → 0.2.0

data/lib/useless.rb

@@ -1,4 +1,14 @@
-$:.push File.expand_path('../lib', __FILE__)
+require 'useless/fs'
+require 'useless/mongo'
 
 module Useless
+
+  def self.mongo
+    @mongo ||= Useless::Mongo.for_env
+  end
+
+  def self.fs
+    @fs ||= Useless::FS.new(mongo)
+  end
+
 end

data/lib/useless/rack.rb

@@ -1,3 +1,5 @@
+require 'low/rack/default'
+require 'low/rack/exceptions'
 require 'low/rack/log_level'
 require 'low/rack/rack_errors'
 require 'low/rack/request_id'
@@ -5,29 +7,17 @@ require 'low/rack/request_logger'
 require 'low/rack/subdomain_map'
 require 'low/scoped_logger'
 
-require 'useless/fs'
-require 'useless/mongo'
-
-require 'useless/rack/middleware/exceptions'
-require 'useless/rack/middleware/assets'
-require 'useless/rack/middleware/mongo'
-require 'useless/rack/middleware/fs'
-require 'useless/rack/middleware/authentication/query_string'
-require 'useless/rack/middleware/authentication/request_header'
-require 'useless/rack/base'
+require 'useless/rack/exceptions'
+require 'useless/rack/fs'
+require 'useless/rack/mongo'
+require 'useless/rack/authentication/query_string'
+require 'useless/rack/authentication/request_header'
 
 module Useless
   class Rack
 
-    def self.mongo
-      @mongo ||= Useless::Mongo.for_env
-    end
-
-    def self.fs
-      @fs ||= Useless::FS.new(mongo)
-    end
-
-    def initialize(map = nil, &block)
+    def initialize(base = nil, map = nil, &block)
+      @base = base
       @map = map || {}
       instance_eval &block if block_given?
     end
@@ -38,22 +28,24 @@ module Useless
     end
 
     def call(env)
+      base = @base
       map = @map
 
       ::Rack::Builder.app do
-        use Middleware::Exceptions
+        use Low::Rack::Default
+        use Low::Rack::Exceptions
         use Low::Rack::RequestId
         use Low::Rack::RackErrors
         use Low::Rack::LogLevel
         use Low::Rack::RequestLogger, key: 'useless.logger'
         use ::Rack::CommonLogger
-        use Middleware::Assets
-        use Middleware::Mongo
-        use Middleware::FS
-        use Middleware::Authentication::QueryString
-        use Middleware::Authentication::RequestHeader
+        use Useless::Rack::Mongo
+        use Useless::Rack::FS
+        use Useless::Rack::Authentication::QueryString
+        use Useless::Rack::Authentication::RequestHeader
+        use Useless::Rack::Exceptions
 
-        run Low::Rack::SubdomainMap.new(Base.new, map)
+        run Low::Rack::SubdomainMap.new(base, map)
       end.call(env)
     end
 

data/lib/useless/rack/authentication/access_token.rb

@@ -0,0 +1,39 @@
+module Useless
+  class Rack
+    module Authentication
+      # The `Authentication::AccessToken` module defines the behavior for access-
+      # token-based authentication middleware. The middlewares are responsible
+      # only for providing the access token via the `#access_token_for_env`
+      # method.
+      module AccessToken
+        def initialize(app)
+          @app = app
+        end
+
+        def call(env)
+          # If we don't already have a user set in the environment,
+          unless env['useless.user']
+            # check to see if an access token was specified.
+            if access_token = access_token_for_env(env)
+              # If so, and a corresponding user can be found,
+              if user = env['useless.mongo']['users'].find_one('access_token' => access_token)
+                # set 'useless.user' in the environment.
+                env['useless.user'] = user
+              else
+                # Otherwise, return a 401 Unauthorized.
+                return [401, {'Content-Type' => 'text/plain'}, ["Invalid access token: #{access_token}"]]
+              end
+            end
+          end
+
+          @app.call(env)
+        end
+
+        private
+
+        def access_token_for_env(env)
+        end
+      end
+    end
+  end
+end

data/lib/useless/rack/authentication/query_string.rb

@@ -0,0 +1,19 @@
+require 'useless/rack/authentication/access_token'
+
+module Useless
+  class Rack
+    module Authentication
+      # The `Authentication::QueryString` middleware attempt to retrieve the
+      # access token from the query string.
+      class QueryString
+        include AccessToken
+
+        private
+
+        def access_token_for_env(env)
+          ::Rack::Utils.parse_query(env['QUERY_STRING'])['access_token']
+        end
+      end
+    end
+  end
+end

data/lib/useless/rack/authentication/request_header.rb

@@ -0,0 +1,19 @@
+require 'useless/rack/authentication/access_token'
+
+module Useless
+  class Rack
+    module Authentication
+      # The `Authentication::RequestHeader` middleware attempts to retrieve the
+      # access token from the `Authorization` request header.
+      class RequestHeader
+        include AccessToken
+
+        private
+
+        def access_token_for_env(env)
+          env['HTTP_AUTHORIZATION']
+        end
+      end
+    end
+  end
+end

data/lib/useless/rack/exceptions.rb

@@ -0,0 +1,28 @@
+module Useless
+  class Rack
+    # `Rack::Exceptions` sets 'low.show_exceptions' to true if the request
+    # has been authenticated as an admin user.
+    class Exceptions
+      def initialize(app)
+        @app = app
+      end
+
+      def call(env)
+        # If low.show_exceptions has yet to be set,
+        unless env['low.show_exceptions']
+
+          # set it to true if
+          env['low.show_exceptions'] =
+
+            # the request has been authenticated,
+            (!env['useless.user'].nil? and
+
+            # and the user is an admin.
+            (env['useless.user']['admin'] == true))
+        end
+
+        @app.call(env)
+      end
+    end
+  end
+end

data/lib/useless/rack/files.rb

@@ -0,0 +1,37 @@
+require 'useless/fs'
+
+module Useless
+  class Rack
+    # `Rack::Files` retrieves files from Useless::FS and serves them up.
+    class Files
+
+      def initialize(app)
+        @app = app
+      end
+
+      def call(env)
+        if env['PATH_INFO'] =~ /^\/file/
+          begin
+            # The file ID is everything after the second '/' in the path
+            id = env['PATH_INFO'].split('/')[2]
+
+            # Retrieve the file from FS
+            file = env['useless.fs'].get(BSON::ObjectId(id))
+
+            # and serve it up with the associated content type
+            return [200, {'Content-Type' => file.content_type}, file.read]
+
+          # Two things can go wrong, and they'll both raise an error:
+          #   * the specified ID is not a valid object ID
+          #   * there is no file corresponding to the ID in the FS
+          rescue BSON::InvalidObjectId, Useless::FS::FileNotFound
+            [404, {'Content-Type' => 'text/plain'}, "File not found: #{id}"]
+          end
+        else
+          @app.call(env)
+        end
+      end
+
+    end
+  end
+end

data/lib/useless/rack/fs.rb

@@ -0,0 +1,17 @@
+require 'useless'
+
+module Useless
+  class Rack
+    # `Rack::FS` adds the Useless.fs instance to the env as 'useless.fs'.
+    class FS
+      def initialize(app)
+        @app = app
+      end
+
+      def call(env)
+        env['useless.fs'] = Useless.fs
+        @app.call(env)
+      end
+    end
+  end
+end

data/lib/useless/rack/mongo.rb

@@ -0,0 +1,16 @@
+module Useless
+  class Rack
+    # `Rack::Mongo` adds the Useless.mongo instance to the env as
+    # 'useless.mongo'.
+    class Mongo
+      def initialize(app)
+        @app = app
+      end
+
+      def call(env)
+        env['useless.mongo'] = Useless.mongo
+        @app.call(env)
+      end
+    end
+  end
+end

data/lib/useless/version.rb

@@ -1,3 +1,3 @@
 module Useless
-  VERSION = '0.1.2'
+  VERSION = '0.2.0'
 end

data/spec/spec_helper.rb

@@ -1,5 +1,6 @@
 ENV['RACK_ENV'] = 'test'
-require File.dirname(__FILE__) + '/../lib/useless/rack'
+
+require File.dirname(__FILE__) + '/../lib/useless'
 
 require 'rack/mock'
 require 'rack/test'
@@ -8,7 +9,7 @@ RSpec.configure do |config|
   config.order = :rand
 
   def clean_database
-    Useless::Rack.mongo.db.collections.each do |collection|
+    Useless.mongo.db.collections.each do |collection|
       if !(collection.name =~ /^system\./)
         collection.drop
       end
@@ -22,7 +23,7 @@ RSpec.configure do |config|
 
     # After dropping collections, we need to force a new connection on the
     # next request.
-    Useless::Rack.mongo.reset_connection!
+    Useless.mongo.reset_connection!
   end
 
   def asset_path(path)

data/spec/useless/fs_spec.rb

@@ -1,4 +1,5 @@
 require File.dirname(__FILE__) + '/../spec_helper'
+
 require 'useless/fs'
 
 describe Useless::FS do

data/spec/useless/mongo_spec.rb

@@ -1,4 +1,5 @@
 require File.dirname(__FILE__) + '/../spec_helper'
+
 require 'useless/mongo'
 
 describe Useless::Mongo do

data/spec/useless/rack/{middleware/authentication → authentication}/query_string_spec.rb

@@ -1,7 +1,8 @@
-require File.dirname(__FILE__) + '/../../../../spec_helper'
-require 'useless/rack/middleware/authentication/query_string'
+require File.dirname(__FILE__) + '/../../../spec_helper'
 
-describe Useless::Rack::Middleware::Authentication::QueryString do
+require 'useless/rack/authentication/query_string'
+
+describe Useless::Rack::Authentication::QueryString do
   def authenticated_app
     app = lambda do |env|
       body = env['useless.user'] ?
@@ -11,12 +12,12 @@ describe Useless::Rack::Middleware::Authentication::QueryString do
       [200, {'Content-Type' => 'text/plain'}, [body]]
     end
 
-    query_string_app = Useless::Rack::Middleware::Authentication::QueryString.new(app)
-    Useless::Rack::Middleware::Mongo.new(query_string_app)
+    query_string_app = Useless::Rack::Authentication::QueryString.new(app)
+    Useless::Rack::Mongo.new(query_string_app)
   end
 
   it 'should do nothing if `useless.user` is already set' do
-    Useless::Rack.mongo['users'].insert({'handle' => 'dph', 'access_token' => 'def456'})
+    Useless.mongo['users'].insert({'handle' => 'dph', 'access_token' => 'def456'})
     res = Rack::MockRequest.new(authenticated_app).get('/resource?access_token=def456',
       'useless.user' => {'handle' => 'khy', 'access_token' => 'abc123'})
     res.should be_ok
@@ -38,7 +39,7 @@ describe Useless::Rack::Middleware::Authentication::QueryString do
 
   it 'should set `useless.user` in the environment if a user can be found for
       the specified access token' do
-    Useless::Rack.mongo['users'].insert({'handle' => 'khy', 'access_token' => 'abc123'})
+    Useless.mongo['users'].insert({'handle' => 'khy', 'access_token' => 'abc123'})
     res = Rack::MockRequest.new(authenticated_app).get('/resource?access_token=abc123')
     res.should be_ok
     res.body.should == 'user authenticated: khy'

data/spec/useless/rack/{middleware/authentication → authentication}/request_header_spec.rb

@@ -1,7 +1,8 @@
-require File.dirname(__FILE__) + '/../../../../spec_helper'
-require 'useless/rack/middleware/authentication/request_header'
+require File.dirname(__FILE__) + '/../../../spec_helper'
 
-describe Useless::Rack::Middleware::Authentication::RequestHeader do
+require 'useless/rack/authentication/request_header'
+
+describe Useless::Rack::Authentication::RequestHeader do
   def authenticated_app
     app = lambda do |env|
       body = env['useless.user'] ?
@@ -11,12 +12,12 @@ describe Useless::Rack::Middleware::Authentication::RequestHeader do
       [200, {'Content-Type' => 'text/plain'}, [body]]
     end
 
-    request_header_app = Useless::Rack::Middleware::Authentication::RequestHeader.new(app)
-    Useless::Rack::Middleware::Mongo.new(request_header_app)
+    request_header_app = Useless::Rack::Authentication::RequestHeader.new(app)
+    Useless::Rack::Mongo.new(request_header_app)
   end
 
   it 'should do nothing if `useless.user` is already set' do
-    Useless::Rack.mongo['users'].insert({'handle' => 'dph', 'access_token' => 'def456'})
+    Useless.mongo['users'].insert({'handle' => 'dph', 'access_token' => 'def456'})
     res = Rack::MockRequest.new(authenticated_app).get('/resource',
       'Authorization' => 'def456',
       'useless.user' => {'handle' => 'khy', 'access_token' => 'abc123'})
@@ -39,7 +40,7 @@ describe Useless::Rack::Middleware::Authentication::RequestHeader do
 
   it 'should set `useless.user` in the environment if a user can be found for
       the specified access token' do
-    Useless::Rack.mongo['users'].insert({'handle' => 'khy', 'access_token' => 'abc123'})
+    Useless.mongo['users'].insert({'handle' => 'khy', 'access_token' => 'abc123'})
     res = Rack::MockRequest.new(authenticated_app).get('/resource', 'HTTP_AUTHORIZATION' => 'abc123')
     res.should be_ok
     res.body.should == 'user authenticated: khy'

data/spec/useless/rack/exceptions_spec.rb

@@ -0,0 +1,31 @@
+require File.dirname(__FILE__) + '/../../spec_helper'
+
+require 'useless/rack/exceptions'
+
+describe Useless::Rack::Exceptions do
+
+  def app
+    base = lambda do |env|
+      [200, {'Content-Type' => 'text/plain'}, [env['low.show_exceptions']]]
+    end
+
+    Useless::Rack::Exceptions.new(base)
+  end
+
+  it 'should set low.show_exceptions to false if the request is not authenticated' do
+    res = Rack::MockRequest.new(app).get('http://useless.info')
+    res.body.should == 'false'
+  end
+
+  it 'should set low.show_exceptions to true if the request is authenticated by an admin user' do
+    res = Rack::MockRequest.new(app).get('http://useless.info',
+      'useless.user' => {'handle' => 'khy', 'admin' => true})
+    res.body.should == 'true'
+  end
+
+  it 'should set low.show_exceptions to false if request is authenticated by an non-admin user' do
+    res = Rack::MockRequest.new(app).get('http://useless.info',
+      'useless.user' => {'handle' => 'khy'})
+    res.body.should == 'false'
+  end
+end

data/spec/useless/rack/files_spec.rb

@@ -0,0 +1,49 @@
+require File.dirname(__FILE__) + '/../../spec_helper'
+
+require 'useless/rack'
+require 'useless/rack/files'
+
+describe Useless::Rack::Files do
+  include Rack::Test::Methods
+
+  def app
+    @app ||= begin
+      base = -> env { [200, {'Content-Type' => 'text/plain'}, ['base']] }
+
+      subdomain = ::Rack::Builder.app do
+        use Useless::Rack::Files
+
+        run -> env do
+          [200, { 'Content-Type' => 'text/plain' }, ['whatever']]
+        end
+      end
+
+      Useless::Rack.new base do
+        map 'subdomain' => subdomain
+      end
+    end
+  end
+
+  it 'should return a file if one exists for the specified ID' do
+    file = File.open(asset_path('muffin-milk.jpg'))
+    id = Useless.fs.put(file)
+
+    get "http://subdomain.useless.io/files/#{id}"
+    last_response.should be_ok
+
+    file.rewind
+    blob = file.read
+    blob.force_encoding('BINARY')
+    blob.should == last_response.body
+  end
+
+  it 'should return a 404 if the file does not exits' do
+    get "http://subdomain.useless.io/files/#{BSON::ObjectId.new}"
+    last_response.should be_not_found
+  end
+
+  it 'should return a 404 if the specified ID is invalid' do
+    get 'http://subdomain.useless.io/files/invalid-id'
+    last_response.should be_not_found
+  end
+end