summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorelijah <elijah@riseup.net>2014-11-11 13:06:42 -0800
committerelijah <elijah@riseup.net>2014-11-11 13:06:42 -0800
commitc3305f1c29a1a37913bfb05cd11d547e9d7f16a0 (patch)
treecbe7844b1cf7c3b0370080af27f76702564e1c18
parentc8b9e7ac72d27997603dbede8001fca7d3f40e1a (diff)
parentcbf73046f42aeafb760e378d872f8c06f8bdfe86 (diff)
Merge branch 'test/feature-for-service-endpoint' of https://github.com/azul/leap_web into develop
-rw-r--r--app/controllers/api_controller.rb6
-rw-r--r--app/controllers/v1/certs_controller.rb6
-rw-r--r--app/controllers/v1/configs_controller.rb35
-rw-r--r--app/controllers/v1/services_controller.rb2
-rw-r--r--config/defaults.yml4
-rw-r--r--features/anonymous.feature34
-rw-r--r--features/config.feature26
-rw-r--r--features/service.feature33
-rw-r--r--features/step_definitions/config_steps.rb22
-rw-r--r--features/support/hooks.rb6
-rw-r--r--features/unauthenticated.feature17
-rw-r--r--test/functional/v1/services_controller_test.rb5
12 files changed, 140 insertions, 56 deletions
diff --git a/app/controllers/api_controller.rb b/app/controllers/api_controller.rb
index 0aa9507..70b3cac 100644
--- a/app/controllers/api_controller.rb
+++ b/app/controllers/api_controller.rb
@@ -3,9 +3,15 @@ class ApiController < ApplicationController
skip_before_filter :verify_authenticity_token
respond_to :json
+ protected
+
def require_login
require_token
end
+ def anonymous_access_allowed?
+ APP_CONFIG[:allow_anonymous_certs]
+ end
+
end
diff --git a/app/controllers/v1/certs_controller.rb b/app/controllers/v1/certs_controller.rb
index 68d6586..99aec16 100644
--- a/app/controllers/v1/certs_controller.rb
+++ b/app/controllers/v1/certs_controller.rb
@@ -1,6 +1,6 @@
class V1::CertsController < ApiController
- before_filter :require_login, :unless => :anonymous_certs_allowed?
+ before_filter :require_login, :unless => :anonymous_access_allowed?
# GET /cert
# deprecated - we actually create a new cert and that can
@@ -18,10 +18,6 @@ class V1::CertsController < ApiController
protected
- def anonymous_certs_allowed?
- APP_CONFIG[:allow_anonymous_certs]
- end
-
def service_level
current_user.effective_service_level
end
diff --git a/app/controllers/v1/configs_controller.rb b/app/controllers/v1/configs_controller.rb
index 0af21d2..4a6f455 100644
--- a/app/controllers/v1/configs_controller.rb
+++ b/app/controllers/v1/configs_controller.rb
@@ -1,8 +1,9 @@
class V1::ConfigsController < ApiController
include ControllerExtension::JsonFile
- before_filter :require_login, :unless => :anonymous_certs_allowed?
- before_filter :sanitize_filename, only: :show
+ before_filter :require_login, :unless => :anonymous_access_allowed?
+ before_filter :sanitize_id, only: :show
+ before_filter :lookup_file, only: :show
before_filter :fetch_file, only: :show
def index
@@ -13,26 +14,26 @@ class V1::ConfigsController < ApiController
send_file
end
- SERVICES = {
- soledad: "soledad-service.json",
- eip: "eip-service.json",
- smtp: "smtp-service.json"
- }
-
protected
- def anonymous_certs_allowed?
- APP_CONFIG[:allow_anonymous_certs]
- end
+ SERVICE_IDS = {
+ soledad: "soledad-service",
+ eip: "eip-service",
+ smtp: "smtp-service"
+ }
def service_paths
- Hash[SERVICES.map{|k,v| [k,"/1/configs/#{v}"] } ]
+ Hash[SERVICE_IDS.map{|k,v| [k,"/1/configs/#{v}.json"] } ]
+ end
+
+ def sanitize_id
+ @id = params[:id].downcase
+ access_denied unless SERVICE_IDS.values.include? @id
end
- def sanitize_filename
- @filename = params[:id].downcase
- @filename += '.json' unless @filename.ends_with?('.json')
- access_denied unless SERVICES.values.include? @filename
- @filename = Rails.root.join('public', '1', 'config', @filename)
+ def lookup_file
+ path = APP_CONFIG[:config_file_paths][@id]
+ not_found if path.blank?
+ @filename = Rails.root.join path
end
end
diff --git a/app/controllers/v1/services_controller.rb b/app/controllers/v1/services_controller.rb
index 114870f..523eb44 100644
--- a/app/controllers/v1/services_controller.rb
+++ b/app/controllers/v1/services_controller.rb
@@ -1,5 +1,7 @@
class V1::ServicesController < ApiController
+ before_filter :require_login, :unless => :anonymous_access_allowed?
+
def show
respond_with current_user.effective_service_level
end
diff --git a/config/defaults.yml b/config/defaults.yml
index 5d38270..9eccb5e 100644
--- a/config/defaults.yml
+++ b/config/defaults.yml
@@ -50,6 +50,10 @@ common: &common
- support
- billing
allow_registration: true
+ config_file_paths:
+ soledad-service: 'public/1/config/soledad-service.json'
+ eip-service: 'public/1/config/eip-service.json'
+ smtp-service: 'public/1/config/smtp-service.json'
service_levels: &service_levels
service_levels:
diff --git a/features/anonymous.feature b/features/anonymous.feature
new file mode 100644
index 0000000..73a6d3f
--- /dev/null
+++ b/features/anonymous.feature
@@ -0,0 +1,34 @@
+@config
+Feature: Anonymous access to EIP
+
+ A provider may choose to allow anonymous access to EIP.
+ In this case some endpoints that would normally require authentication
+ will be available without authentication.
+
+ Background:
+ Given "allow_anonymous_certs" is enabled in the config
+ And I set headers:
+ | Accept | application/json |
+ | Content-Type | application/json |
+
+ Scenario: Fetch configs when anonymous certs are allowed
+ When I send a GET request to "/1/configs.json"
+ Then the response status should be "200"
+
+ Scenario: Fetch EIP config when anonymous certs are allowed
+ Given there is a config for the eip
+ When I send a GET request to "/1/configs/eip-service.json"
+ Then the response status should be "200"
+
+ Scenario: Fetch service description
+ When I send a GET request to "/1/service.json"
+ Then the response status should be "200"
+ And the response should be:
+ """
+ {
+ "name": "anonymous",
+ "description": "anonymous access to the VPN",
+ "eip_rate_limit": false
+ }
+ """
+
diff --git a/features/config.feature b/features/config.feature
index 6adaed9..0b2ee70 100644
--- a/features/config.feature
+++ b/features/config.feature
@@ -15,16 +15,10 @@ Feature: Download Provider Configuration
@tempfile
Scenario: Fetch provider config
- Given the provider config is:
- """
- {"config": "me"}
- """
+ Given there is a config for the provider
When I send a GET request to "/provider.json"
Then the response status should be "200"
- And the response should be:
- """
- {"config": "me"}
- """
+ And the response should be that config
Scenario: Missing provider config
When I send a GET request to "/provider.json"
@@ -44,3 +38,19 @@ Feature: Download Provider Configuration
}
}
"""
+
+ Scenario: Attempt to fetch an invalid config
+ When I send a GET request to "/1/configs/non-existing.json"
+ Then the response status should be "403"
+
+ Scenario: Attempt to fetch a config that is missing on the server
+ When I send a GET request to "/1/configs/eip-service.json"
+ Then the response status should be "404"
+
+ @tempfile, @config
+ Scenario: Attempt to fetch the EIP config
+ Given there is a config for the eip
+ When I send a GET request to "/1/configs/eip-service.json"
+ Then the response status should be "200"
+ And the response should be that config
+
diff --git a/features/service.feature b/features/service.feature
new file mode 100644
index 0000000..ea49c74
--- /dev/null
+++ b/features/service.feature
@@ -0,0 +1,33 @@
+Feature: Get service description for current user
+
+ The LEAP provider can offer different services and their availability may
+ depend upon a users service level - so wether they are paying or not.
+
+ The /1/service endpoint allows the client to find out about the services
+ available to the authenticated user.
+
+ Background:
+ Given I authenticated
+ Given I set headers:
+ | Accept | application/json |
+ | Content-Type | application/json |
+ | Authorization | Token token="MY_AUTH_TOKEN" |
+
+ Scenario: Get service settings
+ When I send a GET request to "/1/service"
+ Then the response status should be "200"
+ And the response should be:
+ """
+ {
+ "name": "free",
+ "description": "free account, with rate limited VPN",
+ "eip_rate_limit": true,
+ "storage": 100,
+ "services": [
+ "eip"
+ ]
+ }
+ """
+
+
+
diff --git a/features/step_definitions/config_steps.rb b/features/step_definitions/config_steps.rb
index 70ff1aa..1fc67f5 100644
--- a/features/step_definitions/config_steps.rb
+++ b/features/step_definitions/config_steps.rb
@@ -1,12 +1,20 @@
-Given /the provider config is:$/ do |config|
- @tempfile = Tempfile.new('provider.json')
- @tempfile.write config
+# use with @tempfile, @config
+Given /there is a config for the (.*)$/ do |config|
+ @dummy_config = {dummy_config_for: config}.to_json
+ @tempfile = Tempfile.new("#{config}.json")
+ @tempfile.write @dummy_config
@tempfile.close
- StaticConfigController::PROVIDER_JSON = @tempfile.path
+ if config == 'provider'
+ StaticConfigController::PROVIDER_JSON = @tempfile.path
+ else
+ @orig_config ||= APP_CONFIG.dup
+ APP_CONFIG[:config_file_paths].merge! "#{config}-service" => @tempfile.path
+ end
end
-# use with @config tag so the config changes are reverted after the scenario
+# use with @config
Given /^"([^"]*)" is (enabled|disabled|"[^"]") in the config$/ do |key, value|
+ @orig_config ||= APP_CONFIG.dup
value = case value
when 'disabled' then false
when 'enabled' then true
@@ -14,3 +22,7 @@ Given /^"([^"]*)" is (enabled|disabled|"[^"]") in the config$/ do |key, value|
end
APP_CONFIG.merge! key => value
end
+
+Then /^the response should be that config$/ do
+ assert_equal @dummy_config, last_response.body
+end
diff --git a/features/support/hooks.rb b/features/support/hooks.rb
index f2e3b41..256e5d8 100644
--- a/features/support/hooks.rb
+++ b/features/support/hooks.rb
@@ -5,10 +5,8 @@ After '@tempfile' do
end
end
-Around '@config' do |scenario, block|
- old_config = APP_CONFIG.dup
- block.call
- APP_CONFIG.replace old_config
+After '@config' do |scenario, block|
+ APP_CONFIG.replace @orig_config if @orig_config
end
# store end of server log for failing scenarios
diff --git a/features/unauthenticated.feature b/features/unauthenticated.feature
index 870adb1..aea7117 100644
--- a/features/unauthenticated.feature
+++ b/features/unauthenticated.feature
@@ -10,22 +10,10 @@ Feature: Unauthenticated API endpoints
@tempfile
Scenario: Fetch provider config
- Given the provider config is:
- """
- {"config": "me"}
- """
+ Given there is a config for the provider
When I send a GET request to "/provider.json"
Then the response status should be "200"
- And the response should be:
- """
- {"config": "me"}
- """
-
- @config
- Scenario: Fetch configs when anonymous certs are allowed
- Given "allow_anonymous_certs" is enabled in the config
- When I send a GET request to "/1/configs.json"
- Then the response status should be "200"
+ And the response should be that config
Scenario: Authentication required response
When I send a GET request to "/1/configs"
@@ -38,5 +26,6 @@ Feature: Unauthenticated API endpoints
When I send requests to these endpoints:
| GET | /1/configs |
| GET | /1/configs/config_id.json |
+ | GET | /1/service |
| DELETE | /1/logout |
Then they should require authentication
diff --git a/test/functional/v1/services_controller_test.rb b/test/functional/v1/services_controller_test.rb
index cde7d9f..039eb27 100644
--- a/test/functional/v1/services_controller_test.rb
+++ b/test/functional/v1/services_controller_test.rb
@@ -4,9 +4,8 @@ class V1::ServicesControllerTest < ActionController::TestCase
test "anonymous user gets login required service info" do
get :show, format: :json
- assert_json_response name: 'anonymous',
- eip_rate_limit: false,
- description: 'please login to access our services'
+ assert_json_response error: 'not_authorized_login',
+ message: 'Please log in to perform that action.'
end
test "anonymous user gets vpn service info" do