@toa.io/extensions.exposition 1.0.0-alpha.9 → 1.0.0-alpha.90

package/features/methods.feature

@@ -0,0 +1,47 @@
+Feature: Supported methods
+
+  Scenario Outline: <method> is supported
+    Given the annotation:
+      """yaml
+      /:
+        <method>:
+          dev:stub:
+            hello: world
+      """
+    And the `greeter` is running with the following manifest:
+      """yaml
+      exposition:
+        /:
+          <method>:
+            dev:stub:
+              hello: world
+      """
+    Examples:
+      | method |
+      | GET    |
+      | POST   |
+      | PUT    |
+      | DELETE |
+      | PATCH  |
+      | LOCK   |
+      | UNLOCK |
+
+  Scenario: CORS allowed methods
+    Given the annotation:
+      """yaml
+      /:
+        GET:
+          dev:stub:
+            hello: world
+      """
+    When the following request is received:
+      """
+      OPTIONS / HTTP/1.1
+      host: nex.toa.io
+      origin: https://hello.world
+      """
+    Then the following reply is sent:
+      """
+      204 No Content
+      access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, LOCK, UNLOCK
+      """

package/features/{octets.meta.feature → octets.attributes.feature}

@@ -1,6 +1,6 @@
-Feature: Octets `content-meta` header
+Feature: Octets `content-attributes` header
 
-  Scenario: Sending `content-meta` header
+  Scenario: Sending `content-attributes` header
     Given the `octets.tester` is running
     And the annotation:
       """yaml
@@ -10,18 +10,19 @@ Feature: Octets `content-meta` header
         octets:context: octets
         /*:
           POST:
-            octets:store: ~
+            octets:put: ~
           /*:
             GET:
-              octets:fetch:
+              octets:get:
                 meta: true
       """
     When the stream of `lenna.ascii` is received with the following headers:
       """
-      POST /meta-header/ HTTP/1.1
+      POST /attributes-header/ HTTP/1.1
+      host: nex.toa.io
       content-type: application/octet-stream
-      content-meta: foo, bar=baz=1
-      content-meta: baz=1
+      content-attributes: foo, bar=baz=1
+      content-attributes: baz=1
       """
     Then the following reply is sent:
       """
@@ -29,7 +30,8 @@ Feature: Octets `content-meta` header
       """
     When the following request is received:
       """
-      GET /meta-header/10cf16b458f759e0d617f2f3d83599ff HTTP/1.1
+      GET /attributes-header/10cf16b458f759e0d617f2f3d83599ff HTTP/1.1
+      host: nex.toa.io
       accept: application/vnd.toa.octets.entry+yaml
       """
     Then the following reply is sent:
@@ -39,28 +41,30 @@ Feature: Octets `content-meta` header
       id: 10cf16b458f759e0d617f2f3d83599ff
       type: application/octet-stream
       size: 8169
-      meta:
+      checksum: 10cf16b458f759e0d617f2f3d83599ff
+      attributes:
         foo: 'true'
         bar: baz=1
         baz: '1'
       """
 
-  Scenario: CORS allows `content-meta` header
+  Scenario: CORS allows `content-attributes` header
     Given the annotation:
       """yaml
       /:
         octets:context: octets
         POST:
-          octets:store: ~
+          octets:put: ~
       """
     When the following request is received:
       """
       OPTIONS / HTTP/1.1
+      host: nex.toa.io
       origin: https://example.com
       """
     Then the following reply is sent:
       """
       204 No Content
       access-control-allow-origin: https://example.com
-      access-control-allow-headers: accept, authorization, content-type, etag, if-match, if-none-match, content-meta
+      access-control-allow-headers: accept, authorization, content-type, etag, if-match, if-none-match, content-attributes
       """

package/features/octets.cloudinary.feature

@@ -0,0 +1,68 @@
+Feature: Octets with Cloudinary storage
+
+  Background:
+    Given the annotation:
+      """yaml
+      /:
+        io:output: true
+        auth:anonymous: true
+        octets:context: cloudinary
+        POST:
+          octets:put: ~
+        /*:
+          GET:
+            octets:get: ~
+          DELETE:
+            octets:delete: ~
+      """
+
+  Scenario: Upload an image
+    When the stream of `lenna.png` is received with the following headers:
+      """
+      POST / HTTP/1.1
+      host: nex.toa.io
+      accept: application/yaml
+      content-type: application/octet-stream
+      """
+    Then the following reply is sent:
+      """
+      201 Created
+      content-type: application/yaml
+
+      id: 814a0034f5549e957ee61360d87457e5
+      type: image/png
+      size: 473831
+      """
+    When the following request is received:
+      """
+      GET /814a0034f5549e957ee61360d87457e5 HTTP/1.1
+      host: nex.toa.io
+      """
+    Then the stream equals to `lenna.png` is sent with the following headers:
+      """
+      200 OK
+      content-type: image/png
+      content-length: 473831
+      """
+
+  Scenario: Image transformations
+    When the stream of `lenna.png` is received with the following headers:
+      """
+      POST / HTTP/1.1
+      host: nex.toa.io
+      content-type: image/png
+      """
+    Then the following reply is sent:
+      """
+      201 Created
+      """
+    When the following request is received:
+      """
+      GET /814a0034f5549e957ee61360d87457e5.48x48.jpeg HTTP/1.1
+      host: nex.toa.io
+      """
+    Then the stream equals to `lenna.48x48.jpeg` is sent with the following headers:
+      """
+      200 OK
+      content-type: image/jpeg
+      """

package/features/octets.download.feature

@@ -0,0 +1,189 @@
+Feature: Download external resources
+
+  Scenario Outline: Download from trusted location defined as <type>
+    Given the annotation:
+      """yaml
+      /:
+        io:output: true
+        auth:anonymous: true
+        octets:context: octets
+        POST:
+          octets:put:
+            trust:
+              - <location> # <type>
+              - https://github.com
+        /*:
+          GET:
+            octets:get:
+              meta: true
+      """
+
+    When the following request is received:
+      """
+      POST / HTTP/1.1
+      host: nex.toa.io
+      content-location: https://avatars.githubusercontent.com/u/92763022?s=48&v=4
+      content-length: 0
+      accept: application/yaml
+      """
+    Then the following reply is sent:
+      """
+      201 Created
+
+      id: ${{ id }}
+      type: image/png
+      """
+
+    When the following request is received:
+      """
+      GET /${{ id }} HTTP/1.1
+      host: nex.toa.io
+      """
+    Then the following reply is sent:
+      """
+      200 OK
+      content-type: image/png
+      content-length: 1288
+      etag: "${{ id }}"
+      """
+
+    # origin is stored in the entry
+    When the following request is received:
+      """
+      GET /${{ id }} HTTP/1.1
+      host: nex.toa.io
+      accept: application/vnd.toa.octets.entry+yaml
+      """
+    Then the following reply is sent:
+      """
+      200 OK
+      content-type: application/yaml
+
+      id: ${{ id }}
+      type: image/png
+      origin: https://avatars.githubusercontent.com/u/92763022?s=48&v=4
+      """
+
+    # untrusted location
+    When the following request is received:
+      """
+      POST / HTTP/1.1
+      host: nex.toa.io
+      content-location: https://github.githubassets.com/assets/yolo-default-be0bbff04951.png
+      content-length: 0
+      accept: application/yaml
+      """
+    Then the following reply is sent:
+      """
+      403 Forbidden
+
+      Location is not trusted
+      """
+
+    # content-length must be 0
+    When the following request is received:
+      """
+      POST / HTTP/1.1
+      host: nex.toa.io
+      content-location: https://avatars.githubusercontent.com/u/92763022?s=48&v=4
+      content-length: 1
+      accept: application/yaml
+
+      1
+      """
+    Then the following reply is sent:
+      """
+      400 Bad Request
+
+      Content-Length must be 0 when Content-Location is used
+      """
+
+    # invalid content-location
+    When the following request is received:
+      """
+      POST / HTTP/1.1
+      host: nex.toa.io
+      content-location: Hello there!
+      content-length: 0
+      accept: application/yaml
+      """
+    Then the following reply is sent:
+      """
+      403 Forbidden
+
+      Location is not trusted
+      """
+
+    # unavailable location
+    When the following request is received:
+      """
+      POST / HTTP/1.1
+      host: nex.toa.io
+      content-location: https://github.com/toa-io/no
+      content-length: 0
+      accept: application/yaml
+      """
+    Then the following reply is sent:
+      """
+      404 Not Found
+
+      Location is not available
+      """
+
+    Examples:
+      | type       | location                                   |
+      | origin     | https://avatars.githubusercontent.com      |
+      | expression | /^https://avatars\.githubusercontent\.com/ |
+
+  Scenario: Download size limit
+    Given the annotation:
+      """yaml
+      /:
+        io:output: true
+        auth:anonymous: true
+        octets:context: octets
+        POST:
+          octets:put:
+            limit: 1kb
+            trust:
+              - https://avatars.githubusercontent.com
+      """
+    When the following request is received:
+      """
+      POST / HTTP/1.1
+      host: nex.toa.io
+      content-location: https://avatars.githubusercontent.com/u/92763022?s=48&v=4
+      content-length: 0
+      accept: text/plain
+      """
+    Then the following reply is sent:
+      """
+      413 Request Entity Too Large
+
+      Size limit is 1kb
+      """
+
+  Scenario: Allow `content-location` request header
+    Given the annotation:
+      """yaml
+      /:
+        io:output: true
+        auth:anonymous: true
+        octets:context: octets
+        POST:
+          octets:put:
+            limit: 1kb
+            trust:
+              - https://avatars.githubusercontent.com
+      """
+    When the following request is received:
+      """
+      OPTIONS / HTTP/1.1
+      host: nex.toa.io
+      origin: https://hello.world
+      """
+    Then the following reply is sent:
+      """
+      204 No Content
+      access-control-allow-headers: accept, authorization, content-type, etag, if-match, if-none-match, content-attributes, content-location
+      """

package/features/octets.entries.feature

@@ -1,6 +1,6 @@
-Feature: Accessing entries
+Feature: Accessing metadata
 
-  Scenario: Entries are not accessible by default
+  Scenario: Metadata is not accessible by default
     Given the annotation:
       """yaml
       /:
@@ -8,46 +8,35 @@ Feature: Accessing entries
         auth:anonymous: true
         octets:context: octets
         POST:
-          octets:store: ~
-        GET:
-          octets:list: ~
+          octets:put: ~
         /*:
           GET:
-            octets:fetch: ~
+            octets:get: ~
       """
     When the stream of `lenna.ascii` is received with the following headers:
       """
       POST / HTTP/1.1
+      host: nex.toa.io
       content-type: application/octet-stream
       """
     Then the following reply is sent:
       """
       201 Created
       """
-    When the following request is received:
-      """
-      GET / HTTP/1.1
-      accept: application/vnd.toa.octets.entries+yaml
-      """
-    Then the following reply is sent:
-      """
-      403 Forbidden
-
-      Metadata is not accessible.
-      """
     When the following request is received:
       """
       GET /10cf16b458f759e0d617f2f3d83599ff HTTP/1.1
+      host: nex.toa.io
       accept: text/vnd.toa.octets.entry+plain
       """
     Then the following reply is sent:
       """
       403 Forbidden
 
-      Metadata is not accessible.
+      Metadata is not accessible
       """
 
-  Scenario: Accessing entries
+  Scenario: Accessing metadata
     Given the annotation:
       """yaml
       /:
@@ -55,67 +44,36 @@ Feature: Accessing entries
         auth:anonymous: true
         octets:context: octets
         POST:
-          octets:store: ~
-        GET:
-          octets:list:
-            meta: true
+          octets:put: ~
         /*:
           GET:
-            octets:fetch:
+            octets:get:
               meta: true
       """
     When the stream of `lenna.ascii` is received with the following headers:
       """
       POST / HTTP/1.1
+      host: nex.toa.io
       accept: application/yaml
       content-type: application/octet-stream
       """
     And the stream of `lenna.png` is received with the following headers:
       """
       POST / HTTP/1.1
+      host: nex.toa.io
       accept: application/yaml
       content-type: application/octet-stream
       """
-    When the following request is received:
-      """
-      GET / HTTP/1.1
-      accept: application/yaml
-      """
-    Then the following reply is sent:
-      """
-      200 OK
-      content-type: application/yaml
-
-      - 10cf16b458f759e0d617f2f3d83599ff
-      - 814a0034f5549e957ee61360d87457e5
-      """
-    When the following request is received:
-      """
-      GET / HTTP/1.1
-      accept: application/vnd.toa.octets.entries+yaml
-      """
-    Then the following reply is sent:
-      """
-      200 OK
-      content-type: application/yaml
-
-      - id: 10cf16b458f759e0d617f2f3d83599ff
-        size: 8169
-        type: application/octet-stream
-      - id: 814a0034f5549e957ee61360d87457e5
-        size: 473831
-        type: image/png
-      """
     When the following request is received:
       """
       GET /10cf16b458f759e0d617f2f3d83599ff HTTP/1.1
+      host: nex.toa.io
       accept: application/vnd.toa.octets.entry+yaml
       """
     Then the following reply is sent:
       """
       200 OK
       content-type: application/yaml
-      content-length: 124
 
       id: 10cf16b458f759e0d617f2f3d83599ff
       type: application/octet-stream