Merge branch 'test/feature-for-service-endpoint' of https://github.com/azul/leap_web into develop

12 files changed, 140 insertions, 56 deletions

diff --git a/app/controllers/api_controller.rb b/app/controllers/api_controller.rb
index 0aa9507..70b3cac 100644
--- a/app/controllers/api_controller.rb
+++ b/app/controllers/api_controller.rb
@@ -3,9 +3,15 @@ class ApiController < ApplicationController
   skip_before_filter :verify_authenticity_token
   respond_to :json
 
+  protected
+
   def require_login
     require_token
   end
 
+  def anonymous_access_allowed?
+    APP_CONFIG[:allow_anonymous_certs]
+  end
+
 end
 
diff --git a/app/controllers/v1/certs_controller.rb b/app/controllers/v1/certs_controller.rb
index 68d6586..99aec16 100644
--- a/app/controllers/v1/certs_controller.rb
+++ b/app/controllers/v1/certs_controller.rb
@@ -1,6 +1,6 @@
 class V1::CertsController < ApiController
 
-  before_filter :require_login, :unless => :anonymous_certs_allowed?
+  before_filter :require_login, :unless => :anonymous_access_allowed?
 
   # GET /cert
   # deprecated - we actually create a new cert and that can
@@ -18,10 +18,6 @@ class V1::CertsController < ApiController
 
   protected
 
-  def anonymous_certs_allowed?
-    APP_CONFIG[:allow_anonymous_certs]
-  end
-
   def service_level
     current_user.effective_service_level
   end
diff --git a/app/controllers/v1/configs_controller.rb b/app/controllers/v1/configs_controller.rb
index 0af21d2..4a6f455 100644
--- a/app/controllers/v1/configs_controller.rb
+++ b/app/controllers/v1/configs_controller.rb
@@ -1,8 +1,9 @@
 class V1::ConfigsController < ApiController
   include ControllerExtension::JsonFile
 
-  before_filter :require_login, :unless => :anonymous_certs_allowed?
-  before_filter :sanitize_filename, only: :show
+  before_filter :require_login, :unless => :anonymous_access_allowed?
+  before_filter :sanitize_id, only: :show
+  before_filter :lookup_file, only: :show
   before_filter :fetch_file, only: :show
 
   def index
@@ -13,26 +14,26 @@ class V1::ConfigsController < ApiController
     send_file
   end
 
-  SERVICES = {
-    soledad: "soledad-service.json",
-    eip: "eip-service.json",
-    smtp: "smtp-service.json"
-  }
-
   protected
 
-  def anonymous_certs_allowed?
-    APP_CONFIG[:allow_anonymous_certs]
-  end
+  SERVICE_IDS = {
+    soledad: "soledad-service",
+    eip: "eip-service",
+    smtp: "smtp-service"
+  }
 
   def service_paths
-    Hash[SERVICES.map{|k,v| [k,"/1/configs/#{v}"] } ]
+    Hash[SERVICE_IDS.map{|k,v| [k,"/1/configs/#{v}.json"] } ]
+  end
+
+  def sanitize_id
+    @id = params[:id].downcase
+    access_denied unless SERVICE_IDS.values.include? @id
   end
 
-  def sanitize_filename
-    @filename = params[:id].downcase
-    @filename += '.json' unless @filename.ends_with?('.json')
-    access_denied unless SERVICES.values.include? @filename
-    @filename = Rails.root.join('public', '1', 'config', @filename)
+  def lookup_file
+    path = APP_CONFIG[:config_file_paths][@id]
+    not_found if path.blank?
+    @filename = Rails.root.join path
   end
 end
diff --git a/app/controllers/v1/services_controller.rb b/app/controllers/v1/services_controller.rb
index 114870f..523eb44 100644
--- a/app/controllers/v1/services_controller.rb
+++ b/app/controllers/v1/services_controller.rb
@@ -1,5 +1,7 @@
 class V1::ServicesController < ApiController
 
+  before_filter :require_login, :unless => :anonymous_access_allowed?
+
   def show
     respond_with current_user.effective_service_level
   end
diff --git a/config/defaults.yml b/config/defaults.yml
index 5d38270..9eccb5e 100644
--- a/config/defaults.yml
+++ b/config/defaults.yml
@@ -50,6 +50,10 @@ common: &common
     - support
     - billing
   allow_registration: true
+  config_file_paths:
+    soledad-service: 'public/1/config/soledad-service.json'
+    eip-service: 'public/1/config/eip-service.json'
+    smtp-service: 'public/1/config/smtp-service.json'
 
 service_levels: &service_levels
   service_levels:
diff --git a/features/anonymous.feature b/features/anonymous.feature
new file mode 100644
index 0000000..73a6d3f
--- /dev/null
+++ b/features/anonymous.feature
@@ -0,0 +1,34 @@
+@config
+Feature: Anonymous access to EIP
+
+  A provider may choose to allow anonymous access to EIP.
+  In this case some endpoints that would normally require authentication
+  will be available without authentication.
+
+  Background: 
+    Given "allow_anonymous_certs" is enabled in the config
+    And I set headers:
+      | Accept       | application/json |
+      | Content-Type | application/json |
+
+  Scenario: Fetch configs when anonymous certs are allowed
+    When I send a GET request to "/1/configs.json"
+    Then the response status should be "200"
+
+  Scenario: Fetch EIP config when anonymous certs are allowed
+    Given there is a config for the eip
+    When I send a GET request to "/1/configs/eip-service.json"
+    Then the response status should be "200"
+
+  Scenario: Fetch service description
+    When I send a GET request to "/1/service.json"
+    Then the response status should be "200"
+    And the response should be:
+    """
+      {
+        "name": "anonymous",
+        "description": "anonymous access to the VPN",
+        "eip_rate_limit": false
+      }
+    """
+
diff --git a/features/config.feature b/features/config.feature
index 6adaed9..0b2ee70 100644
--- a/features/config.feature
+++ b/features/config.feature
@@ -15,16 +15,10 @@ Feature: Download Provider Configuration
 
   @tempfile
   Scenario: Fetch provider config
-    Given the provider config is:
-      """
-      {"config": "me"}
-      """
+    Given there is a config for the provider
     When I send a GET request to "/provider.json"
     Then the response status should be "200"
-    And the response should be:
-      """
-      {"config": "me"}
-      """
+    And the response should be that config
 
   Scenario: Missing provider config
     When I send a GET request to "/provider.json"
@@ -44,3 +38,19 @@ Feature: Download Provider Configuration
         }
       }
       """
+  
+  Scenario: Attempt to fetch an invalid config
+    When I send a GET request to "/1/configs/non-existing.json"
+    Then the response status should be "403"
+
+  Scenario: Attempt to fetch a config that is missing on the server
+    When I send a GET request to "/1/configs/eip-service.json"
+    Then the response status should be "404"
+
+  @tempfile, @config
+  Scenario: Attempt to fetch the EIP config
+    Given there is a config for the eip
+    When I send a GET request to "/1/configs/eip-service.json"
+    Then the response status should be "200"
+    And the response should be that config
+
diff --git a/features/service.feature b/features/service.feature
new file mode 100644
index 0000000..ea49c74
--- /dev/null
+++ b/features/service.feature
@@ -0,0 +1,33 @@
+Feature: Get service description for current user
+
+  The LEAP provider can offer different services and their availability may
+  depend upon a users service level - so wether they are paying or not.
+
+  The /1/service endpoint allows the client to find out about the services
+  available to the authenticated user.
+
+  Background:
+    Given I authenticated
+    Given I set headers:
+      | Accept       | application/json |
+      | Content-Type | application/json |
+      | Authorization | Token token="MY_AUTH_TOKEN" |
+
+  Scenario: Get service settings
+    When I send a GET request to "/1/service"
+    Then the response status should be "200"
+    And the response should be:
+    """
+      {
+        "name": "free",
+        "description": "free account, with rate limited VPN",
+        "eip_rate_limit": true,
+        "storage": 100,
+        "services": [
+          "eip"
+        ]
+      }
+   """
+
+
+
diff --git a/features/step_definitions/config_steps.rb b/features/step_definitions/config_steps.rb
index 70ff1aa..1fc67f5 100644
--- a/features/step_definitions/config_steps.rb
+++ b/features/step_definitions/config_steps.rb
@@ -1,12 +1,20 @@
-Given /the provider config is:$/ do |config|
-  @tempfile = Tempfile.new('provider.json')
-  @tempfile.write config
+# use with @tempfile, @config
+Given /there is a config for the (.*)$/ do |config|
+  @dummy_config = {dummy_config_for: config}.to_json
+  @tempfile = Tempfile.new("#{config}.json")
+  @tempfile.write @dummy_config
   @tempfile.close
-  StaticConfigController::PROVIDER_JSON = @tempfile.path
+  if config == 'provider'
+    StaticConfigController::PROVIDER_JSON = @tempfile.path
+  else
+    @orig_config ||= APP_CONFIG.dup
+    APP_CONFIG[:config_file_paths].merge! "#{config}-service" => @tempfile.path
+  end
 end
 
-# use with @config tag so the config changes are reverted after the scenario
+# use with @config
 Given /^"([^"]*)" is (enabled|disabled|"[^"]") in the config$/ do |key, value|
+  @orig_config ||= APP_CONFIG.dup
   value = case value
           when 'disabled' then false
           when 'enabled' then true
@@ -14,3 +22,7 @@ Given /^"([^"]*)" is (enabled|disabled|"[^"]") in the config$/ do |key, value|
           end
   APP_CONFIG.merge! key => value
 end
+
+Then /^the response should be that config$/ do
+  assert_equal @dummy_config, last_response.body
+end
diff --git a/features/support/hooks.rb b/features/support/hooks.rb
index f2e3b41..256e5d8 100644
--- a/features/support/hooks.rb
+++ b/features/support/hooks.rb
@@ -5,10 +5,8 @@ After '@tempfile' do
   end
 end
 
-Around '@config' do |scenario, block|
-  old_config = APP_CONFIG.dup
-  block.call
-  APP_CONFIG.replace old_config
+After '@config' do |scenario, block|
+  APP_CONFIG.replace @orig_config if @orig_config
 end
 
 # store end of server log for failing scenarios
diff --git a/features/unauthenticated.feature b/features/unauthenticated.feature
index 870adb1..aea7117 100644
--- a/features/unauthenticated.feature
+++ b/features/unauthenticated.feature
@@ -10,22 +10,10 @@ Feature: Unauthenticated API endpoints
 
   @tempfile
   Scenario: Fetch provider config
-    Given the provider config is:
-      """
-      {"config": "me"}
-      """
+    Given there is a config for the provider
     When I send a GET request to "/provider.json"
     Then the response status should be "200"
-    And the response should be:
-      """
-      {"config": "me"}
-      """
-
-  @config
-  Scenario: Fetch configs when anonymous certs are allowed
-    Given "allow_anonymous_certs" is enabled in the config
-    When I send a GET request to "/1/configs.json"
-    Then the response status should be "200"
+    And the response should be that config
 
   Scenario: Authentication required response
     When I send a GET request to "/1/configs"
@@ -38,5 +26,6 @@ Feature: Unauthenticated API endpoints
     When I send requests to these endpoints:
       |  GET   | /1/configs                |
       |  GET   | /1/configs/config_id.json |
+      |  GET   | /1/service                |
       | DELETE | /1/logout                 |
     Then they should require authentication
diff --git a/test/functional/v1/services_controller_test.rb b/test/functional/v1/services_controller_test.rb
index cde7d9f..039eb27 100644
--- a/test/functional/v1/services_controller_test.rb
+++ b/test/functional/v1/services_controller_test.rb
@@ -4,9 +4,8 @@ class V1::ServicesControllerTest < ActionController::TestCase
 
   test "anonymous user gets login required service info" do
     get :show, format: :json
-    assert_json_response name: 'anonymous',
-      eip_rate_limit: false,
-      description: 'please login to access our services'
+    assert_json_response error: 'not_authorized_login',
+      message: 'Please log in to perform that action.'
   end
 
   test "anonymous user gets vpn service info" do