summaryrefslogtreecommitdiff
path: root/tests/helpers/bonafide_helper.rb
blob: c84ea1428efa865475039909de5142b305bfbaa3 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
#
# helper for the communication with the provider API for creating, authenticating, and deleting accounts.
#

class LeapTest

  def assert_tmp_user
    user = assert_create_user
    assert_authenticate_user(user)
    yield user if block_given?
  rescue
    # ^^ ensure here would eat any failed assertions
    assert_delete_user(user)
    raise
  end

  def api_url(path)
    api = property('api')
    "https://%{domain}:%{port}#{path}" % {
      :domain   => api['domain'],
      :port     => api['port']
    }
  end

  #
  # attempts to create a user account via the API,
  # returning the user object if successful.
  #
  def assert_create_user
    user = SRP::User.new
    url = api_url("/1/users.json")
    assert_post(url, user.to_params) do |body|
      assert response = JSON.parse(body), 'response should be JSON'
      assert response['ok'], 'creating a user should be successful'
    end
    user.ok = true
    return user
  end

  #
  # attempts to authenticate user. if successful,
  # user object is updated with id and session token.
  #
  def assert_authenticate_user(user)
    url = api_url("/1/sessions.json")
    session = SRP::Session.new(user)
    params = {'login' => user.username, 'A' => session.aa}
    assert_post(url, params) do |response, body|
      cookie = response['Set-Cookie'].split(';').first
      assert(response = JSON.parse(body), 'response should be JSON')
      assert(session.bb = response["B"], 'response should include "B"')
      url = api_url("/1/sessions/login.json")
      params = {'client_auth' => session.m, 'A' => session.aa}
      options = {:headers => {'Cookie' => cookie}}
      assert_put(url, params, options) do |body|
        assert(response = JSON.parse(body), 'response should be JSON')
        assert(response['M2'], 'response should include M2')
        user.session_token = response['token']
        user.id = response['id']
        assert(user.session_token, 'response should include token')
        assert(user.id, 'response should include user id')
      end
    end
  end

  #
  # attempts to destroy a user account via the API.
  #
  def assert_delete_user(user)
    if user && user.ok && user.id && user.session_token
      url = api_url("/1/users/#{user.id}.json")
      options = {:headers => {
        "Authorization" => "Token token=\"#{user.session_token}\""
      }}
      delete(url, {}, options) do |body, response, error|
        if response.code.to_i != 200
          skip "It appears the web api is too old to support deleting users"
        else
          assert(response = JSON.parse(body), 'response should be JSON')
          assert(response["success"], 'delete should be a success')
          pass
        end
      end
    end
  end

end