Permalink
Browse files

finished version 0.1.0

  • Loading branch information...
1 parent 8e5e169 commit 9d79e032060fb3fabf9015a33f81d3fec6e12a20 Dave Kiger committed Apr 23, 2012
Showing with 1,893 additions and 12 deletions.
  1. +5 −0 CHANGELOG.md
  2. +56 −0 lib/generators/restful_api_authentication/install/install_generator.rb
  3. +12 −0 lib/generators/restful_api_authentication/install/templates/create_rest_client.rb
  4. +36 −0 lib/generators/restful_api_authentication/install/templates/rest_client.rb
  5. +18 −0 lib/generators/restful_api_authentication/install/templates/restful_api_authentication.yml
  6. +55 −1 lib/restful_api_authentication.rb
  7. +83 −0 lib/restful_api_authentication/checker.rb
  8. +41 −0 lib/restful_api_authentication/railtie.rb
  9. +25 −2 lib/restful_api_authentication/version.rb
  10. +3 −9 restful_api_authentication.gemspec
  11. +15 −0 test/dummy/.gitignore
  12. +1 −0 test/dummy/.rspec
  13. +26 −0 test/dummy/Gemfile
  14. +261 −0 test/dummy/README.rdoc
  15. +7 −0 test/dummy/Rakefile
  16. BIN test/dummy/app/assets/images/rails.png
  17. +15 −0 test/dummy/app/assets/javascripts/application.js
  18. +13 −0 test/dummy/app/assets/stylesheets/application.css
  19. +10 −0 test/dummy/app/controllers/application_controller.rb
  20. +5 −0 test/dummy/app/controllers/help_controller.rb
  21. +2 −0 test/dummy/app/helpers/application_helper.rb
  22. 0 test/dummy/app/mailers/.gitkeep
  23. 0 test/dummy/app/models/.gitkeep
  24. +36 −0 test/dummy/app/models/rest_client.rb
  25. +14 −0 test/dummy/app/views/layouts/application.html.erb
  26. +4 −0 test/dummy/config.ru
  27. +64 −0 test/dummy/config/application.rb
  28. +6 −0 test/dummy/config/boot.rb
  29. +9 −0 test/dummy/config/cucumber.yml
  30. +28 −0 test/dummy/config/database.yml
  31. +5 −0 test/dummy/config/environment.rb
  32. +37 −0 test/dummy/config/environments/development.rb
  33. +67 −0 test/dummy/config/environments/production.rb
  34. +37 −0 test/dummy/config/environments/test.rb
  35. +7 −0 test/dummy/config/initializers/backtrace_silencers.rb
  36. +15 −0 test/dummy/config/initializers/inflections.rb
  37. +5 −0 test/dummy/config/initializers/mime_types.rb
  38. +7 −0 test/dummy/config/initializers/secret_token.rb
  39. +8 −0 test/dummy/config/initializers/session_store.rb
  40. +14 −0 test/dummy/config/initializers/wrap_parameters.rb
  41. +5 −0 test/dummy/config/locales/en.yml
  42. +18 −0 test/dummy/config/restful_api_authentication.yml
  43. +7 −0 test/dummy/config/routes.rb
  44. +12 −0 test/dummy/db/migrate/20120423195432_create_rest_client.rb
  45. +26 −0 test/dummy/db/schema.rb
  46. +7 −0 test/dummy/db/seeds.rb
  47. +45 −0 test/dummy/features/api/authentication.feature
  48. +141 −0 test/dummy/features/step_definitions/api_base_steps.rb
  49. +48 −0 test/dummy/features/step_definitions/hooks.rb
  50. +4 −0 test/dummy/features/support/database_cleaner.rb
  51. +25 −0 test/dummy/features/support/env.rb
  52. 0 test/dummy/lib/assets/.gitkeep
  53. 0 test/dummy/lib/tasks/.gitkeep
  54. +65 −0 test/dummy/lib/tasks/cucumber.rake
  55. 0 test/dummy/log/.gitkeep
  56. +26 −0 test/dummy/public/404.html
  57. +26 −0 test/dummy/public/422.html
  58. +25 −0 test/dummy/public/500.html
  59. 0 test/dummy/public/favicon.ico
  60. +241 −0 test/dummy/public/index.html
  61. +5 −0 test/dummy/public/robots.txt
  62. +10 −0 test/dummy/script/cucumber
  63. +6 −0 test/dummy/script/rails
  64. +20 −0 test/dummy/spec/factories/rest_clients.rb
  65. +49 −0 test/dummy/spec/models/rest_client_spec.rb
  66. +30 −0 test/dummy/spec/spec_helper.rb
  67. 0 test/dummy/vendor/assets/javascripts/.gitkeep
  68. 0 test/dummy/vendor/assets/stylesheets/.gitkeep
  69. 0 test/dummy/vendor/plugins/.gitkeep
View
5 CHANGELOG.md
@@ -0,0 +1,5 @@
+# Change History / Release Notes
+
+## Version 0.1.0
+
+Initial release. See README.md for details.
View
56 lib/generators/restful_api_authentication/install/install_generator.rb
@@ -0,0 +1,56 @@
+# encoding: utf-8
+
+# Copyright (c) 2012 David Kiger
+#
+# Permission is hereby granted, free of charge, to any person obtaining
+# a copy of this software and associated documentation files (the
+# "Software"), to deal in the Software without restriction, including
+# without limitation the rights to use, copy, modify, merge, publish,
+# distribute, sublicense, and/or sell copies of the Software, and to
+# permit persons to whom the Software is furnished to do so, subject to
+# the following conditions:
+#
+# The above copyright notice and this permission notice shall be
+# included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+require 'rails/generators/migration'
+
+module RestfulApiAuthentication
+ module Generators
+ class InstallGenerator < ::Rails::Generators::Base
+ include Rails::Generators::Migration
+ source_root File.expand_path('../templates', __FILE__)
+ desc "This generator installs a restful_api_authentication.yml file, creates a RestClient model, and generates migrations for the RestfulApiAuthentication gem."
+
+ def self.next_migration_number(path)
+ unless @prev_migration_nr
+ @prev_migration_nr = Time.now.utc.strftime("%Y%m%d%H%M%S").to_i
+ else
+ @prev_migration_nr += 1
+ end
+ @prev_migration_nr.to_s
+ end
+
+ def copy_migrations
+ migration_template "create_rest_client.rb", "db/migrate/create_rest_client.rb"
+ end
+
+ def copy_the_config_file
+ copy_file "restful_api_authentication.yml", "config/restful_api_authentication.yml"
+ end
+
+ def copy_the_rest_client_model
+ copy_file "rest_client.rb", "app/models/rest_client.rb"
+ end
+
+ end
+ end
+end
View
12 lib/generators/restful_api_authentication/install/templates/create_rest_client.rb
@@ -0,0 +1,12 @@
+class CreateRestClient < ActiveRecord::Migration
+ def change
+ create_table :rest_clients do |t|
+ t.string :name
+ t.text :description
+ t.string :api_key
+ t.string :secret
+ t.boolean :is_master
+ t.timestamps
+ end
+ end
+end
View
36 lib/generators/restful_api_authentication/install/templates/rest_client.rb
@@ -0,0 +1,36 @@
+class RestClient < ActiveRecord::Base
+
+ validates :name, :presence => true
+ validates :description, :presence => true
+ validates :api_key, :presence => true, :uniqueness => true
+ validates :secret, :presence => true
+
+ # white list fields for mass assignment
+ attr_accessible :name, :description
+
+ # set default values on save
+ before_validation :set_defaults
+
+ # generates a new API key
+ def gen_api_key
+ u = UUID.new
+ self.api_key = u.generate
+ end
+
+ # generates a new secret
+ def gen_secret
+ u = UUID.new
+ d = Digest::SHA256.new << u.generate
+ self.secret = d.to_s
+ end
+
+ private
+
+ def set_defaults
+ self.gen_api_key if self.api_key.nil? || self.api_key == ""
+ self.gen_secret if self.secret.nil? || self.secret == ""
+ self.is_master = false if self.is_master.nil?
+ return true
+ end
+
+end
View
18 lib/generators/restful_api_authentication/install/templates/restful_api_authentication.yml
@@ -0,0 +1,18 @@
+defaults: &DEFAULTS
+ request_window: 10 # request window in minutes - between 5 and 10 is usually best; must be at least 2
+ header_names: # names of HTTP headers that must be sent on all requests requiring authentication
+ timestamp: "x-timestamp"
+ signature: "x-signature"
+ api_key: "x-api-key"
+
+test:
+ <<: *DEFAULTS
+
+cucumber:
+ <<: *DEFAULTS
+
+development:
+ <<: *DEFAULTS
+
+production:
+ <<: *DEFAULTS
View
56 lib/restful_api_authentication.rb
@@ -1,2 +1,56 @@
+# encoding: utf-8
+
+# Copyright (c) 2012 David Kiger
+#
+# Permission is hereby granted, free of charge, to any person obtaining
+# a copy of this software and associated documentation files (the
+# "Software"), to deal in the Software without restriction, including
+# without limitation the rights to use, copy, modify, merge, publish,
+# distribute, sublicense, and/or sell copies of the Software, and to
+# permit persons to whom the Software is furnished to do so, subject to
+# the following conditions:
+#
+# The above copyright notice and this permission notice shall be
+# included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
require 'digest'
-require 'restful_api_authentication/version'
+require 'chronic'
+require 'rails'
+require File.expand_path('../restful_api_authentication/version.rb', __FILE__)
+require File.expand_path('../restful_api_authentication/checker.rb', __FILE__)
+require File.expand_path('../restful_api_authentication/railtie.rb', __FILE__)
+
+module RestfulApiAuthentication
+
+ # before filter to ensure the request has valid client authentication headers
+ # returns a 401 not authorized if the authentication headers are missing or invalid
+ def authenticated?
+ checker = RestfulApiAuthentication::Checker.new(request.headers, request.fullpath)
+ if checker.authorized?
+ return true
+ else
+ respond_with(["not authorized"], :status => 401, :location => nil)
+ end
+ end
+
+ # before filter to ensure the request has valid client authentication headers
+ # client must have is_master flag set to true to pass authentication
+ # returns a 401 not authorized if the authentication headers are missing or invalid
+ def authenticated_master?
+ checker = RestfulApiAuthentication::Checker.new(request.headers, request.fullpath, :require_master => true)
+ if checker.authorized?
+ return true
+ else
+ respond_with(["not authorized"], :status => 401, :location => nil)
+ end
+ end
+
+end
View
83 lib/restful_api_authentication/checker.rb
@@ -0,0 +1,83 @@
+# encoding: utf-8
+
+# Copyright (c) 2012 David Kiger
+#
+# Permission is hereby granted, free of charge, to any person obtaining
+# a copy of this software and associated documentation files (the
+# "Software"), to deal in the Software without restriction, including
+# without limitation the rights to use, copy, modify, merge, publish,
+# distribute, sublicense, and/or sell copies of the Software, and to
+# permit persons to whom the Software is furnished to do so, subject to
+# the following conditions:
+#
+# The above copyright notice and this permission notice shall be
+# included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+module RestfulApiAuthentication
+ class Checker
+ cattr_accessor :header_timestamp, :header_signature, :header_api_key, :time_window
+ attr_accessor :http_headers, :request_uri
+
+ def initialize(http_headers, request_uri)
+ @http_headers = http_headers
+ @request_uri = request_uri
+ end
+
+ # Checks if the current request passes authorization
+ def authorized?(options = {})
+ raise "Configuration values not found. Please run rails g restful_api_authentication:install to generate a config file." if @@header_timestamp.nil? || @@header_signature.nil? || @@header_api_key.nil? || @@time_window.nil?
+ return_val = false
+ if headers_have_values? && in_time_window?
+ if (options[:require_master] == true)
+ return_val = true if test_hash == @http_headers[@@header_signature] && is_master?
+ else
+ return_val = true if test_hash == @http_headers[@@header_signature]
+ end
+ end
+ return_val
+ end
+
+ private
+
+ # determines if a RestClient has master privileges or not
+ def is_master?
+ client = RestClient.where(:api_key => @http_headers[@@header_api_key]).first
+ client.is_master
+ end
+
+ # determines if given timestamp is within a specific window of minutes
+ def in_time_window?
+ @@time_window = 4 if @@time_window < 4
+ minutes = (@@time_window / 2).floor
+ ts = Chronic.parse @http_headers[@@header_timestamp]
+ before = Time.now.utc - 60*minutes
+ after = Time.now.utc + 60*minutes
+ ts > before && ts < after
+ end
+
+ # checks that incoming parameters have the keys we expect
+ def headers_have_values?
+ !@http_headers[@@header_api_key].nil? && !@http_headers[@@header_signature].nil? && !@http_headers[@@header_timestamp].nil?
+ end
+
+ # generates the string that is hashed to produce the signature
+ def str_to_hash
+ client = RestClient.where(:api_key => @http_headers[@@header_api_key]).first
+ client.nil? ? "" : client.secret + @request_uri.gsub( /\?.*/, "" ) + @http_headers[@@header_timestamp]
+ end
+
+ # generates the hash that is compared to the incoming signature
+ def test_hash
+ (Digest::SHA256.new << str_to_hash).to_s
+ end
+
+ end
+end
View
41 lib/restful_api_authentication/railtie.rb
@@ -0,0 +1,41 @@
+# encoding: utf-8
+
+# Copyright (c) 2012 David Kiger
+#
+# Permission is hereby granted, free of charge, to any person obtaining
+# a copy of this software and associated documentation files (the
+# "Software"), to deal in the Software without restriction, including
+# without limitation the rights to use, copy, modify, merge, publish,
+# distribute, sublicense, and/or sell copies of the Software, and to
+# permit persons to whom the Software is furnished to do so, subject to
+# the following conditions:
+#
+# The above copyright notice and this permission notice shall be
+# included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+module RestfulApiAuthentication
+ class Railtie < Rails::Railtie
+ initializer "restful_api_authentication_railtie.config_initializer" do
+ if File.exists? Rails.root.join('config', 'restful_api_authentication.yml')
+ config_data = YAML::load_file(Rails.root.join('config', 'restful_api_authentication.yml'))[Rails.env]
+ RestfulApiAuthentication::Checker.time_window = config_data['request_window']
+ RestfulApiAuthentication::Checker.header_timestamp = config_data['header_names']['timestamp']
+ RestfulApiAuthentication::Checker.header_signature = config_data['header_names']['signature']
+ RestfulApiAuthentication::Checker.header_api_key = config_data['header_names']['api_key']
+ else
+ RestfulApiAuthentication::Checker.time_window = nil
+ RestfulApiAuthentication::Checker.header_timestamp = nil
+ RestfulApiAuthentication::Checker.header_signature = nil
+ RestfulApiAuthentication::Checker.header_api_key = nil
+ end
+ end
+ end
+end
View
27 lib/restful_api_authentication/version.rb
@@ -1,3 +1,26 @@
+# encoding: utf-8
+
+# Copyright (c) 2012 David Kiger
+#
+# Permission is hereby granted, free of charge, to any person obtaining
+# a copy of this software and associated documentation files (the
+# "Software"), to deal in the Software without restriction, including
+# without limitation the rights to use, copy, modify, merge, publish,
+# distribute, sublicense, and/or sell copies of the Software, and to
+# permit persons to whom the Software is furnished to do so, subject to
+# the following conditions:
+#
+# The above copyright notice and this permission notice shall be
+# included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
module RestfulApiAuthentication
- VERSION = "0.0.1"
-end
+ VERSION = "0.1.0"
+end
View
12 restful_api_authentication.gemspec
@@ -1,5 +1,5 @@
# -*- encoding: utf-8 -*-
-require File.expand_path('../lib/restful_api_authentication/version', __FILE__)
+require File.expand_path('../lib/restful_api_authentication/version.rb', __FILE__)
Gem::Specification.new do |gem|
gem.required_rubygems_version = Gem::Requirement.new(">= 0") if gem.respond_to? :required_rubygems_version=
@@ -9,7 +9,8 @@ Gem::Specification.new do |gem|
gem.summary = %q{With most RESTful Web API's, it is important to know which app is using your resources and that only the apps you allow access those resources. This gem allows you to easily add this layer of authentication to any Rails RESTful resource you want, and it even includes protection against various forms of attack.}
gem.homepage = "https://github.com/davejkiger/restful_api_authentication"
- gem.files = `git ls-files`.split($\)
+ #gem.files = `git ls-files`.split($\)
+ gem.files = Dir.glob("{bin,lib}/**/*") + %w(CHANGELOG.md Gemfile LICENSE Rakefile README.md restful_api_authentication.gemspec)
gem.executables = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
gem.test_files = gem.files.grep(%r{^(test|spec|features)/})
gem.name = "restful_api_authentication"
@@ -19,11 +20,4 @@ Gem::Specification.new do |gem|
gem.add_runtime_dependency(%q<rails>, [">= 3.2.0"])
gem.add_runtime_dependency(%q<uuid>, [">= 2.3.5"])
gem.add_runtime_dependency(%q<chronic>, [">= 0.6.7"])
- gem.add_development_dependency(%q<rspec>, [">= 2.9.0"])
-
-
- gem 'uuid'
- gem 'chronic'
-
-
end
View
15 test/dummy/.gitignore
@@ -0,0 +1,15 @@
+# See http://help.github.com/ignore-files/ for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+# git config --global core.excludesfile ~/.gitignore_global
+
+# Ignore bundler config
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+
+# Ignore all logfiles and tempfiles.
+/log/*.log
+/tmp
View
1 test/dummy/.rspec
@@ -0,0 +1 @@
+--colour
View
26 test/dummy/Gemfile
@@ -0,0 +1,26 @@
+source 'https://rubygems.org'
+
+gem 'rails', '3.2.0'
+gem 'jquery-rails'
+gem 'uuid', '2.3.5'
+gem 'chronic', '0.6.7'
+gem 'sqlite3'
+gem 'restful_api_authentication', '0.1.0', :path => '/Users/dkiger/git_repos/restful_api_authentication'
+
+group :assets do
+ gem 'sass-rails', '~> 3.2.3'
+ gem 'coffee-rails', '~> 3.2.1'
+ gem 'therubyracer'
+ gem 'uglifier', '>= 1.0.3'
+end
+
+group :development, :test do
+ gem 'factory_girl_rails' # use factories instead of fixtures
+ gem 'faker' # easily create fake data for tests
+ gem 'rspec-rails' # test framework
+ gem "cucumber-rails", "~> 1.0", require: false # integration test framework
+ gem 'simplecov' # test coverage report
+ gem 'json_spec' # easier testing of JSON
+ gem 'database_cleaner' # manage DB between tests
+ gem 'random_data'
+end
View
261 test/dummy/README.rdoc
@@ -0,0 +1,261 @@
+== Welcome to Rails
+
+Rails is a web-application framework that includes everything needed to create
+database-backed web applications according to the Model-View-Control pattern.
+
+This pattern splits the view (also called the presentation) into "dumb"
+templates that are primarily responsible for inserting pre-built data in between
+HTML tags. The model contains the "smart" domain objects (such as Account,
+Product, Person, Post) that holds all the business logic and knows how to
+persist themselves to a database. The controller handles the incoming requests
+(such as Save New Account, Update Product, Show Post) by manipulating the model
+and directing data to the view.
+
+In Rails, the model is handled by what's called an object-relational mapping
+layer entitled Active Record. This layer allows you to present the data from
+database rows as objects and embellish these data objects with business logic
+methods. You can read more about Active Record in
+link:files/vendor/rails/activerecord/README.html.
+
+The controller and view are handled by the Action Pack, which handles both
+layers by its two parts: Action View and Action Controller. These two layers
+are bundled in a single package due to their heavy interdependence. This is
+unlike the relationship between the Active Record and Action Pack that is much
+more separate. Each of these packages can be used independently outside of
+Rails. You can read more about Action Pack in
+link:files/vendor/rails/actionpack/README.html.
+
+
+== Getting Started
+
+1. At the command prompt, create a new Rails application:
+ <tt>rails new myapp</tt> (where <tt>myapp</tt> is the application name)
+
+2. Change directory to <tt>myapp</tt> and start the web server:
+ <tt>cd myapp; rails server</tt> (run with --help for options)
+
+3. Go to http://localhost:3000/ and you'll see:
+ "Welcome aboard: You're riding Ruby on Rails!"
+
+4. Follow the guidelines to start developing your application. You can find
+the following resources handy:
+
+* The Getting Started Guide: http://guides.rubyonrails.org/getting_started.html
+* Ruby on Rails Tutorial Book: http://www.railstutorial.org/
+
+
+== Debugging Rails
+
+Sometimes your application goes wrong. Fortunately there are a lot of tools that
+will help you debug it and get it back on the rails.
+
+First area to check is the application log files. Have "tail -f" commands
+running on the server.log and development.log. Rails will automatically display
+debugging and runtime information to these files. Debugging info will also be
+shown in the browser on requests from 127.0.0.1.
+
+You can also log your own messages directly into the log file from your code
+using the Ruby logger class from inside your controllers. Example:
+
+ class WeblogController < ActionController::Base
+ def destroy
+ @weblog = Weblog.find(params[:id])
+ @weblog.destroy
+ logger.info("#{Time.now} Destroyed Weblog ID ##{@weblog.id}!")
+ end
+ end
+
+The result will be a message in your log file along the lines of:
+
+ Mon Oct 08 14:22:29 +1000 2007 Destroyed Weblog ID #1!
+
+More information on how to use the logger is at http://www.ruby-doc.org/core/
+
+Also, Ruby documentation can be found at http://www.ruby-lang.org/. There are
+several books available online as well:
+
+* Programming Ruby: http://www.ruby-doc.org/docs/ProgrammingRuby/ (Pickaxe)
+* Learn to Program: http://pine.fm/LearnToProgram/ (a beginners guide)
+
+These two books will bring you up to speed on the Ruby language and also on
+programming in general.
+
+
+== Debugger
+
+Debugger support is available through the debugger command when you start your
+Mongrel or WEBrick server with --debugger. This means that you can break out of
+execution at any point in the code, investigate and change the model, and then,
+resume execution! You need to install ruby-debug to run the server in debugging
+mode. With gems, use <tt>sudo gem install ruby-debug</tt>. Example:
+
+ class WeblogController < ActionController::Base
+ def index
+ @posts = Post.all
+ debugger
+ end
+ end
+
+So the controller will accept the action, run the first line, then present you
+with a IRB prompt in the server window. Here you can do things like:
+
+ >> @posts.inspect
+ => "[#<Post:0x14a6be8
+ @attributes={"title"=>nil, "body"=>nil, "id"=>"1"}>,
+ #<Post:0x14a6620
+ @attributes={"title"=>"Rails", "body"=>"Only ten..", "id"=>"2"}>]"
+ >> @posts.first.title = "hello from a debugger"
+ => "hello from a debugger"
+
+...and even better, you can examine how your runtime objects actually work:
+
+ >> f = @posts.first
+ => #<Post:0x13630c4 @attributes={"title"=>nil, "body"=>nil, "id"=>"1"}>
+ >> f.
+ Display all 152 possibilities? (y or n)
+
+Finally, when you're ready to resume execution, you can enter "cont".
+
+
+== Console
+
+The console is a Ruby shell, which allows you to interact with your
+application's domain model. Here you'll have all parts of the application
+configured, just like it is when the application is running. You can inspect
+domain models, change values, and save to the database. Starting the script
+without arguments will launch it in the development environment.
+
+To start the console, run <tt>rails console</tt> from the application
+directory.
+
+Options:
+
+* Passing the <tt>-s, --sandbox</tt> argument will rollback any modifications
+ made to the database.
+* Passing an environment name as an argument will load the corresponding
+ environment. Example: <tt>rails console production</tt>.
+
+To reload your controllers and models after launching the console run
+<tt>reload!</tt>
+
+More information about irb can be found at:
+link:http://www.rubycentral.org/pickaxe/irb.html
+
+
+== dbconsole
+
+You can go to the command line of your database directly through <tt>rails
+dbconsole</tt>. You would be connected to the database with the credentials
+defined in database.yml. Starting the script without arguments will connect you
+to the development database. Passing an argument will connect you to a different
+database, like <tt>rails dbconsole production</tt>. Currently works for MySQL,
+PostgreSQL and SQLite 3.
+
+== Description of Contents
+
+The default directory structure of a generated Ruby on Rails application:
+
+ |-- app
+ | |-- assets
+ | |-- images
+ | |-- javascripts
+ | `-- stylesheets
+ | |-- controllers
+ | |-- helpers
+ | |-- mailers
+ | |-- models
+ | `-- views
+ | `-- layouts
+ |-- config
+ | |-- environments
+ | |-- initializers
+ | `-- locales
+ |-- db
+ |-- doc
+ |-- lib
+ | `-- tasks
+ |-- log
+ |-- public
+ |-- script
+ |-- test
+ | |-- fixtures
+ | |-- functional
+ | |-- integration
+ | |-- performance
+ | `-- unit
+ |-- tmp
+ | |-- cache
+ | |-- pids
+ | |-- sessions
+ | `-- sockets
+ `-- vendor
+ |-- assets
+ `-- stylesheets
+ `-- plugins
+
+app
+ Holds all the code that's specific to this particular application.
+
+app/assets
+ Contains subdirectories for images, stylesheets, and JavaScript files.
+
+app/controllers
+ Holds controllers that should be named like weblogs_controller.rb for
+ automated URL mapping. All controllers should descend from
+ ApplicationController which itself descends from ActionController::Base.
+
+app/models
+ Holds models that should be named like post.rb. Models descend from
+ ActiveRecord::Base by default.
+
+app/views
+ Holds the template files for the view that should be named like
+ weblogs/index.html.erb for the WeblogsController#index action. All views use
+ eRuby syntax by default.
+
+app/views/layouts
+ Holds the template files for layouts to be used with views. This models the
+ common header/footer method of wrapping views. In your views, define a layout
+ using the <tt>layout :default</tt> and create a file named default.html.erb.
+ Inside default.html.erb, call <% yield %> to render the view using this
+ layout.
+
+app/helpers
+ Holds view helpers that should be named like weblogs_helper.rb. These are
+ generated for you automatically when using generators for controllers.
+ Helpers can be used to wrap functionality for your views into methods.
+
+config
+ Configuration files for the Rails environment, the routing map, the database,
+ and other dependencies.
+
+db
+ Contains the database schema in schema.rb. db/migrate contains all the
+ sequence of Migrations for your schema.
+
+doc
+ This directory is where your application documentation will be stored when
+ generated using <tt>rake doc:app</tt>
+
+lib
+ Application specific libraries. Basically, any kind of custom code that
+ doesn't belong under controllers, models, or helpers. This directory is in
+ the load path.
+
+public
+ The directory available for the web server. Also contains the dispatchers and the
+ default HTML files. This should be set as the DOCUMENT_ROOT of your web
+ server.
+
+script
+ Helper scripts for automation and generation.
+
+test
+ Unit and functional tests along with fixtures. When using the rails generate
+ command, template test files will be generated for you and placed in this
+ directory.
+
+vendor
+ External libraries that the application depends on. Also includes the plugins
+ subdirectory. If the app has frozen rails, those gems also go here, under
+ vendor/rails/. This directory is in the load path.
View
7 test/dummy/Rakefile
@@ -0,0 +1,7 @@
+#!/usr/bin/env rake
+# Add your own tasks in files placed in lib/tasks ending in .rake,
+# for example lib/tasks/capistrano.rake, and they will automatically be available to Rake.
+
+require File.expand_path('../config/application', __FILE__)
+
+Dummy::Application.load_tasks
View
BIN test/dummy/app/assets/images/rails.png
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
View
15 test/dummy/app/assets/javascripts/application.js
@@ -0,0 +1,15 @@
+// This is a manifest file that'll be compiled into application.js, which will include all the files
+// listed below.
+//
+// Any JavaScript/Coffee file within this directory, lib/assets/javascripts, vendor/assets/javascripts,
+// or vendor/assets/javascripts of plugins, if any, can be referenced here using a relative path.
+//
+// It's not advisable to add code directly here, but if you do, it'll appear at the bottom of the
+// the compiled file.
+//
+// WARNING: THE FIRST BLANK LINE MARKS THE END OF WHAT'S TO BE PROCESSED, ANY BLANK LINE SHOULD
+// GO AFTER THE REQUIRES BELOW.
+//
+//= require jquery
+//= require jquery_ujs
+//= require_tree .
View
13 test/dummy/app/assets/stylesheets/application.css
@@ -0,0 +1,13 @@
+/*
+ * This is a manifest file that'll be compiled into application.css, which will include all the files
+ * listed below.
+ *
+ * Any CSS and SCSS file within this directory, lib/assets/stylesheets, vendor/assets/stylesheets,
+ * or vendor/assets/stylesheets of plugins, if any, can be referenced here using a relative path.
+ *
+ * You're free to add application-wide styles to this file and they'll appear at the top of the
+ * compiled file, but it's generally better to create a new file per style scope.
+ *
+ *= require_self
+ *= require_tree .
+*/
View
10 test/dummy/app/controllers/application_controller.rb
@@ -0,0 +1,10 @@
+class ApplicationController < ActionController::Base
+ include RestfulApiAuthentication
+ respond_to :json, :xml
+ before_filter :set_default_format, :authenticated?
+
+ def set_default_format
+ request.format = :json unless request.format.xml?
+ end
+
+end
View
5 test/dummy/app/controllers/help_controller.rb
@@ -0,0 +1,5 @@
+class HelpController < ApplicationController
+ def authentication
+ respond_with(["authorized"], :status => 200, :location => nil)
+ end
+end
View
2 test/dummy/app/helpers/application_helper.rb
@@ -0,0 +1,2 @@
+module ApplicationHelper
+end
View
0 test/dummy/app/mailers/.gitkeep
No changes.
View
0 test/dummy/app/models/.gitkeep
No changes.
View
36 test/dummy/app/models/rest_client.rb
@@ -0,0 +1,36 @@
+class RestClient < ActiveRecord::Base
+
+ validates :name, :presence => true
+ validates :description, :presence => true
+ validates :api_key, :presence => true, :uniqueness => true
+ validates :secret, :presence => true
+
+ # white list fields for mass assignment
+ attr_accessible :name, :description
+
+ # set default values on save
+ before_validation :set_defaults
+
+ # generates a new API key
+ def gen_api_key
+ u = UUID.new
+ self.api_key = u.generate
+ end
+
+ # generates a new secret
+ def gen_secret
+ u = UUID.new
+ d = Digest::SHA256.new << u.generate
+ self.secret = d.to_s
+ end
+
+ private
+
+ def set_defaults
+ self.gen_api_key if self.api_key.nil? || self.api_key == ""
+ self.gen_secret if self.secret.nil? || self.secret == ""
+ self.is_master = false if self.is_master.nil?
+ return true
+ end
+
+end
View
14 test/dummy/app/views/layouts/application.html.erb
@@ -0,0 +1,14 @@
+<!DOCTYPE html>
+<html>
+<head>
+ <title>Dummy</title>
+ <%= stylesheet_link_tag "application", :media => "all" %>
+ <%= javascript_include_tag "application" %>
+ <%= csrf_meta_tags %>
+</head>
+<body>
+
+<%= yield %>
+
+</body>
+</html>
View
4 test/dummy/config.ru
@@ -0,0 +1,4 @@
+# This file is used by Rack-based servers to start the application.
+
+require ::File.expand_path('../config/environment', __FILE__)
+run Dummy::Application
View
64 test/dummy/config/application.rb
@@ -0,0 +1,64 @@
+require File.expand_path('../boot', __FILE__)
+
+# Pick the frameworks you want:
+require "active_record/railtie"
+require "action_controller/railtie"
+require "action_mailer/railtie"
+require "active_resource/railtie"
+require "sprockets/railtie"
+
+if defined?(Bundler)
+ # If you precompile assets before deploying to production, use this line
+ Bundler.require(*Rails.groups(:assets => %w(development test)))
+ # If you want your assets lazily compiled in production, use this line
+ # Bundler.require(:default, :assets, Rails.env)
+end
+
+module Dummy
+ class Application < Rails::Application
+ # Settings in config/environments/* take precedence over those specified here.
+ # Application configuration should go into files in config/initializers
+ # -- all .rb files in that directory are automatically loaded.
+
+ # Custom directories with classes and modules you want to be autoloadable.
+ # config.autoload_paths += %W(#{config.root}/extras)
+
+ # Only load the plugins named here, in the order given (default is alphabetical).
+ # :all can be used as a placeholder for all plugins not explicitly named.
+ # config.plugins = [ :exception_notification, :ssl_requirement, :all ]
+
+ # Activate observers that should always be running.
+ # config.active_record.observers = :cacher, :garbage_collector, :forum_observer
+
+ # Set Time.zone default to the specified zone and make Active Record auto-convert to this zone.
+ # Run "rake -D time" for a list of tasks for finding time zone names. Default is UTC.
+ # config.time_zone = 'Central Time (US & Canada)'
+
+ # The default locale is :en and all translations from config/locales/*.rb,yml are auto loaded.
+ # config.i18n.load_path += Dir[Rails.root.join('my', 'locales', '*.{rb,yml}').to_s]
+ # config.i18n.default_locale = :de
+
+ # Configure the default encoding used in templates for Ruby 1.9.
+ config.encoding = "utf-8"
+
+ # Configure sensitive parameters which will be filtered from the log file.
+ config.filter_parameters += [:password]
+
+ # Use SQL instead of Active Record's schema dumper when creating the database.
+ # This is necessary if your schema can't be completely dumped by the schema dumper,
+ # like if you have constraints or database-specific column types
+ # config.active_record.schema_format = :sql
+
+ # Enforce whitelist mode for mass assignment.
+ # This will create an empty whitelist of attributes available for mass-assignment for all models
+ # in your app. As such, your models will need to explicitly whitelist or blacklist accessible
+ # parameters by using an attr_accessible or attr_protected declaration.
+ # config.active_record.whitelist_attributes = true
+
+ # Enable the asset pipeline
+ config.assets.enabled = true
+
+ # Version of your assets, change this if you want to expire all your assets
+ config.assets.version = '1.0'
+ end
+end
View
6 test/dummy/config/boot.rb
@@ -0,0 +1,6 @@
+require 'rubygems'
+
+# Set up gems listed in the Gemfile.
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile', __FILE__)
+
+require 'bundler/setup' if File.exists?(ENV['BUNDLE_GEMFILE'])
View
9 test/dummy/config/cucumber.yml
@@ -0,0 +1,9 @@
+<%
+rerun = File.file?('rerun.txt') ? IO.read('rerun.txt') : ""
+rerun_opts = rerun.to_s.strip.empty? ? "--format #{ENV['CUCUMBER_FORMAT'] || 'progress'} features" : "--format #{ENV['CUCUMBER_FORMAT'] || 'pretty'} #{rerun}"
+std_opts = "--format #{ENV['CUCUMBER_FORMAT'] || 'pretty'} --strict --tags ~@wip"
+%>
+default: --format progress --strict features --tags ~@wip
+wordy: <%= std_opts %> features
+wip: --tags @wip:3 --wip features
+rerun: <%= rerun_opts %> --format rerun --out rerun.txt --strict --tags ~@wip
View
28 test/dummy/config/database.yml
@@ -0,0 +1,28 @@
+# SQLite version 3.x
+# gem install sqlite3
+#
+# Ensure the SQLite 3 gem is defined in your Gemfile
+# gem 'sqlite3'
+development:
+ adapter: sqlite3
+ database: db/development.sqlite3
+ pool: 5
+ timeout: 5000
+
+# Warning: The database defined as "test" will be erased and
+# re-generated from your development database when you run "rake".
+# Do not set this db to the same as development or production.
+test: &test
+ adapter: sqlite3
+ database: db/test.sqlite3
+ pool: 5
+ timeout: 5000
+
+production:
+ adapter: sqlite3
+ database: db/production.sqlite3
+ pool: 5
+ timeout: 5000
+
+cucumber:
+ <<: *test
View
5 test/dummy/config/environment.rb
@@ -0,0 +1,5 @@
+# Load the rails application
+require File.expand_path('../application', __FILE__)
+
+# Initialize the rails application
+Dummy::Application.initialize!
View
37 test/dummy/config/environments/development.rb
@@ -0,0 +1,37 @@
+Dummy::Application.configure do
+ # Settings specified here will take precedence over those in config/application.rb
+
+ # In the development environment your application's code is reloaded on
+ # every request. This slows down response time but is perfect for development
+ # since you don't have to restart the web server when you make code changes.
+ config.cache_classes = false
+
+ # Log error messages when you accidentally call methods on nil.
+ config.whiny_nils = true
+
+ # Show full error reports and disable caching
+ config.consider_all_requests_local = true
+ config.action_controller.perform_caching = false
+
+ # Don't care if the mailer can't send
+ config.action_mailer.raise_delivery_errors = false
+
+ # Print deprecation notices to the Rails logger
+ config.active_support.deprecation = :log
+
+ # Only use best-standards-support built into browsers
+ config.action_dispatch.best_standards_support = :builtin
+
+ # Raise exception on mass assignment protection for Active Record models
+ config.active_record.mass_assignment_sanitizer = :strict
+
+ # Log the query plan for queries taking more than this (works
+ # with SQLite, MySQL, and PostgreSQL)
+ config.active_record.auto_explain_threshold_in_seconds = 0.5
+
+ # Do not compress assets
+ config.assets.compress = false
+
+ # Expands the lines which load the assets
+ config.assets.debug = true
+end
View
67 test/dummy/config/environments/production.rb
@@ -0,0 +1,67 @@
+Dummy::Application.configure do
+ # Settings specified here will take precedence over those in config/application.rb
+
+ # Code is not reloaded between requests
+ config.cache_classes = true
+
+ # Full error reports are disabled and caching is turned on
+ config.consider_all_requests_local = false
+ config.action_controller.perform_caching = true
+
+ # Disable Rails's static asset server (Apache or nginx will already do this)
+ config.serve_static_assets = false
+
+ # Compress JavaScripts and CSS
+ config.assets.compress = true
+
+ # Don't fallback to assets pipeline if a precompiled asset is missed
+ config.assets.compile = false
+
+ # Generate digests for assets URLs
+ config.assets.digest = true
+
+ # Defaults to Rails.root.join("public/assets")
+ # config.assets.manifest = YOUR_PATH
+
+ # Specifies the header that your server uses for sending files
+ # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for apache
+ # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for nginx
+
+ # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
+ # config.force_ssl = true
+
+ # See everything in the log (default is :info)
+ # config.log_level = :debug
+
+ # Prepend all log lines with the following tags
+ # config.log_tags = [ :subdomain, :uuid ]
+
+ # Use a different logger for distributed setups
+ # config.logger = ActiveSupport::TaggedLogging.new(SyslogLogger.new)
+
+ # Use a different cache store in production
+ # config.cache_store = :mem_cache_store
+
+ # Enable serving of images, stylesheets, and JavaScripts from an asset server
+ # config.action_controller.asset_host = "http://assets.example.com"
+
+ # Precompile additional assets (application.js, application.css, and all non-JS/CSS are already added)
+ # config.assets.precompile += %w( search.js )
+
+ # Disable delivery errors, bad email addresses will be ignored
+ # config.action_mailer.raise_delivery_errors = false
+
+ # Enable threaded mode
+ # config.threadsafe!
+
+ # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
+ # the I18n.default_locale when a translation can not be found)
+ config.i18n.fallbacks = true
+
+ # Send deprecation notices to registered listeners
+ config.active_support.deprecation = :notify
+
+ # Log the query plan for queries taking more than this (works
+ # with SQLite, MySQL, and PostgreSQL)
+ # config.active_record.auto_explain_threshold_in_seconds = 0.5
+end
View
37 test/dummy/config/environments/test.rb
@@ -0,0 +1,37 @@
+Dummy::Application.configure do
+ # Settings specified here will take precedence over those in config/application.rb
+
+ # The test environment is used exclusively to run your application's
+ # test suite. You never need to work with it otherwise. Remember that
+ # your test database is "scratch space" for the test suite and is wiped
+ # and recreated between test runs. Don't rely on the data there!
+ config.cache_classes = true
+
+ # Configure static asset server for tests with Cache-Control for performance
+ config.serve_static_assets = true
+ config.static_cache_control = "public, max-age=3600"
+
+ # Log error messages when you accidentally call methods on nil
+ config.whiny_nils = true
+
+ # Show full error reports and disable caching
+ config.consider_all_requests_local = true
+ config.action_controller.perform_caching = false
+
+ # Raise exceptions instead of rendering exception templates
+ config.action_dispatch.show_exceptions = false
+
+ # Disable request forgery protection in test environment
+ config.action_controller.allow_forgery_protection = false
+
+ # Tell Action Mailer not to deliver emails to the real world.
+ # The :test delivery method accumulates sent emails in the
+ # ActionMailer::Base.deliveries array.
+ config.action_mailer.delivery_method = :test
+
+ # Raise exception on mass assignment protection for Active Record models
+ config.active_record.mass_assignment_sanitizer = :strict
+
+ # Print deprecation notices to the stderr
+ config.active_support.deprecation = :stderr
+end
View
7 test/dummy/config/initializers/backtrace_silencers.rb
@@ -0,0 +1,7 @@
+# Be sure to restart your server when you modify this file.
+
+# You can add backtrace silencers for libraries that you're using but don't wish to see in your backtraces.
+# Rails.backtrace_cleaner.add_silencer { |line| line =~ /my_noisy_library/ }
+
+# You can also remove all the silencers if you're trying to debug a problem that might stem from framework code.
+# Rails.backtrace_cleaner.remove_silencers!
View
15 test/dummy/config/initializers/inflections.rb
@@ -0,0 +1,15 @@
+# Be sure to restart your server when you modify this file.
+
+# Add new inflection rules using the following format
+# (all these examples are active by default):
+# ActiveSupport::Inflector.inflections do |inflect|
+# inflect.plural /^(ox)$/i, '\1en'
+# inflect.singular /^(ox)en/i, '\1'
+# inflect.irregular 'person', 'people'
+# inflect.uncountable %w( fish sheep )
+# end
+#
+# These inflection rules are supported but not enabled by default:
+# ActiveSupport::Inflector.inflections do |inflect|
+# inflect.acronym 'RESTful'
+# end
View
5 test/dummy/config/initializers/mime_types.rb
@@ -0,0 +1,5 @@
+# Be sure to restart your server when you modify this file.
+
+# Add new mime types for use in respond_to blocks:
+# Mime::Type.register "text/richtext", :rtf
+# Mime::Type.register_alias "text/html", :iphone
View
7 test/dummy/config/initializers/secret_token.rb
@@ -0,0 +1,7 @@
+# Be sure to restart your server when you modify this file.
+
+# Your secret key for verifying the integrity of signed cookies.
+# If you change this key, all old signed cookies will become invalid!
+# Make sure the secret is at least 30 characters and all random,
+# no regular words or you'll be exposed to dictionary attacks.
+Dummy::Application.config.secret_token = '71d72bc7744107dd7f9b433c884ea2dfdffd8c5afae8c4616e766e6a59bdcf8fd17aaebe2046577ad67a9e80ec5820010c030f61768856377f0727bc55418f2c'
View
8 test/dummy/config/initializers/session_store.rb
@@ -0,0 +1,8 @@
+# Be sure to restart your server when you modify this file.
+
+Dummy::Application.config.session_store :cookie_store, key: '_dummy_session'
+
+# Use the database for sessions instead of the cookie-based default,
+# which shouldn't be used to store highly confidential information
+# (create the session table with "rails generate session_migration")
+# Dummy::Application.config.session_store :active_record_store
View
14 test/dummy/config/initializers/wrap_parameters.rb
@@ -0,0 +1,14 @@
+# Be sure to restart your server when you modify this file.
+#
+# This file contains settings for ActionController::ParamsWrapper which
+# is enabled by default.
+
+# Enable parameter wrapping for JSON. You can disable this by setting :format to an empty array.
+ActiveSupport.on_load(:action_controller) do
+ wrap_parameters format: [:json]
+end
+
+# Disable root element in JSON by default.
+ActiveSupport.on_load(:active_record) do
+ self.include_root_in_json = false
+end
View
5 test/dummy/config/locales/en.yml
@@ -0,0 +1,5 @@
+# Sample localization file for English. Add more files in this directory for other locales.
+# See https://github.com/svenfuchs/rails-i18n/tree/master/rails%2Flocale for starting points.
+
+en:
+ hello: "Hello world"
View
18 test/dummy/config/restful_api_authentication.yml
@@ -0,0 +1,18 @@
+defaults: &DEFAULTS
+ request_window: 10 # request window in minutes - between 5 and 10 is usually best; must be at least 2
+ header_names: # names of HTTP headers that must be sent on all requests requiring authentication
+ timestamp: "x-timestamp"
+ signature: "x-signature"
+ api_key: "x-api-key"
+
+test:
+ <<: *DEFAULTS
+
+cucumber:
+ <<: *DEFAULTS
+
+development:
+ <<: *DEFAULTS
+
+production:
+ <<: *DEFAULTS
View
7 test/dummy/config/routes.rb
@@ -0,0 +1,7 @@
+Dummy::Application.routes.draw do
+ resources :help, :only => [] do
+ collection do
+ get "authentication"
+ end
+ end
+end
View
12 test/dummy/db/migrate/20120423195432_create_rest_client.rb
@@ -0,0 +1,12 @@
+class CreateRestClient < ActiveRecord::Migration
+ def change
+ create_table :rest_clients do |t|
+ t.string :name
+ t.text :description
+ t.string :api_key
+ t.string :secret
+ t.boolean :is_master
+ t.timestamps
+ end
+ end
+end
View
26 test/dummy/db/schema.rb
@@ -0,0 +1,26 @@
+# encoding: UTF-8
+# This file is auto-generated from the current state of the database. Instead
+# of editing this file, please use the migrations feature of Active Record to
+# incrementally modify your database, and then regenerate this schema definition.
+#
+# Note that this schema.rb definition is the authoritative source for your
+# database schema. If you need to create the application database on another
+# system, you should be using db:schema:load, not running all the migrations
+# from scratch. The latter is a flawed and unsustainable approach (the more migrations
+# you'll amass, the slower it'll run and the greater likelihood for issues).
+#
+# It's strongly recommended to check this file into your version control system.
+
+ActiveRecord::Schema.define(:version => 20120423195432) do
+
+ create_table "rest_clients", :force => true do |t|
+ t.string "name"
+ t.text "description"
+ t.string "api_key"
+ t.string "secret"
+ t.boolean "is_master"
+ t.datetime "created_at", :null => false
+ t.datetime "updated_at", :null => false
+ end
+
+end
View
7 test/dummy/db/seeds.rb
@@ -0,0 +1,7 @@
+# This file should contain all the record creation needed to seed the database with its default values.
+# The data can then be loaded with the rake db:seed (or created alongside the db with db:setup).
+#
+# Examples:
+#
+# cities = City.create([{ name: 'Chicago' }, { name: 'Copenhagen' }])
+# Mayor.create(name: 'Emanuel', city: cities.first)
View
45 test/dummy/features/api/authentication.feature
@@ -0,0 +1,45 @@
+Feature: Authentication Testing
+ The web service provides a way to test authentication.
+
+ Scenario: When I post a request as JSON with valid authentication credentials, then the app will say I am authorized.
+ Given I am authenticated
+ When I perform a GET to "/help/authentication" as JSON
+ Then the HTTP status code should be "200"
+ And the response at index 0 of the JSON response data should be "authorized"
+
+ Scenario: When I post a request as XML with valid authentication credentials, then the app will say I am authorized.
+ Given I am authenticated
+ When I perform a GET to "/help/authentication" as XML
+ Then the HTTP status code should be "200"
+ And the response at index 0 of the XML response data should be "authorized"
+
+ Scenario: When I post a request as HTTP with valid authentication credentials, then the app will say I am authorized.
+ Given I am authenticated
+ When I perform a GET to "/help/authentication" as HTTP
+ Then the HTTP status code should be "200"
+ And the response at index 0 of the JSON response data should be "authorized"
+
+ Scenario: When I post a request with a timestamp that is too far in the past, then the app will say I am not authorized.
+ Given a "rest_client" exists
+ When I perform an authentication test with "old authentication data"
+ Then the HTTP status code should be "401"
+
+ Scenario: When I post a request with a timestamp that is too far in the future, then the app will say I am not authorized.
+ Given a "rest_client" exists
+ When I perform an authentication test with "future authentication data"
+ Then the HTTP status code should be "401"
+
+ Scenario: When I post a request with an unknown api key, then the app will say I am not authorized.
+ Given a "rest_client" exists
+ When I perform an authentication test with "unknown api key data"
+ Then the HTTP status code should be "401"
+
+ Scenario: When I post a request with an invalid secret, then the app will say I am not authorized.
+ Given a "rest_client" exists
+ When I perform an authentication test with "invalid secret data"
+ Then the HTTP status code should be "401"
+
+ Scenario: When I post a request with an invalid request URI, then the app will say I am not authorized.
+ Given a "rest_client" exists
+ When I perform an authentication test with "invalid request uri data"
+ Then the HTTP status code should be "401"
View
141 test/dummy/features/step_definitions/api_base_steps.rb
@@ -0,0 +1,141 @@
+World(Rack::Test::Methods)
+
+Given /^I am authenticated$/ do
+ @rest_client = FactoryGirl.build(:rest_client)
+ @rest_client.is_master = false
+ header 'x-api-key', @rest_client.api_key
+end
+
+Given /^I have master permissions$/ do
+ @rest_client.is_master = true
+end
+
+Given /^an? "([^"]*)" exists$/ do |factory_name|
+ create_factory_object(factory_name)
+end
+
+# used to test authentication system
+When /^I perform an authentication test with "([^"]*)"$/ do |payload_type|
+ client = FactoryGirl.build(:rest_client)
+ ts = Time.now.utc
+ request_uri = '/help/authentication'
+ if payload_type == "old authentication data"
+ ts = Time.now.utc - 11.minutes
+ elsif payload_type == "future authentication data"
+ ts = Time.now.utc + 11.minutes
+ elsif payload_type == "unknown api key data"
+ client.api_key = '69704d90-4b77-012f-c334-68a86d3dfd00'
+ elsif payload_type == "invalid secret data"
+ client.secret = '1e5483d9c6ddbe2f26eecf444ec7a976b2836ab17a209a0940f4dfdee1b3bc99'
+ elsif payload_type == "invalid request uri data"
+ request_uri = '/clients/delete'
+ end
+ timestamp = ts.to_s
+ str_to_hash = client.secret + request_uri + timestamp
+ d = Digest::SHA256.new << str_to_hash
+ signature = d.to_s
+ add_headers({ "x-api-key" => client.api_key, "x-timestamp" => timestamp, "x-signature" => signature })
+ url = "/help/authentication"
+ get(url)
+end
+
+## Methods with parameters
+When /^I perform a ([^"]*) to "([^\"]*)" with an? "([^\"]*)" as ([^"]*)$/ do |method, path, factory_name, format|
+ @rest_client.save unless @rest_client.nil?
+ replace_attributes path, factory_name
+ add_authentication_headers path
+ params = nil
+ case format
+ when "JSON"
+ header 'Accept', 'application/json'
+ header 'Content-Type', 'application/json'
+ params = FactoryGirl.attributes_for(factory_name).to_json(:except => [:_id, :created_at, :updated_at ]) unless factory_name == ""
+ when "XML"
+ header 'Accept', 'application/xml'
+ header 'Content-Type', 'application/xml'
+ params = FactoryGirl.build(factory_name).to_xml(:except => [:_id, :created_at, :updated_at ]) unless factory_name == ""
+ when "HTTP"
+ obj = FactoryGirl.build(factory_name).attributes.except([:_id, :created_at, :updated_at ]) unless factory_name == ""
+ params = obj.to_query(FactoryGirl.build(factory_name).class.name.underscore) unless factory_name == ""
+ else
+ raise "Invalid format. Must be JSON, XML, or HTTP"
+ end
+ case method
+ when "POST"
+ post path, params
+ else
+ raise "Invalid method. Method must be POST"
+ end
+end
+
+## Methods with parameters
+When /^I perform a GET to "([^\"]*)" as ([^"]*)$/ do |path, format|
+ @rest_client.save unless @rest_client.nil?
+ replace_attributes path, nil
+ add_authentication_headers path
+ params = nil
+ case format
+ when "JSON"
+ header 'Accept', 'application/json'
+ header 'Content-Type', 'application/json'
+ when "XML"
+ header 'Accept', 'application/xml'
+ header 'Content-Type', 'application/xml'
+ when "HTTP"
+ else
+ raise "Invalid format. Must be JSON, XML, or HTTP"
+ end
+ get path
+end
+
+## Post Methods with query string parameters
+When /^I perform a POST to "([^\"]*)" $/ do |path|
+ post path
+end
+
+# Http Response validation
+Then /^the HTTP status code should be "([^\"]*)"$/ do |status|
+ last_response.status.should == status.to_i
+end
+
+# Response validation
+
+Then /^the response at index (\d+) of the ([^"]*) response data should be "([^"]*)"$/ do |index, format, response_text|
+ if format == 'XML'
+ response = Hash.from_xml(last_response.body)
+ response["strings"][index.to_i].should == response_text
+ elsif format == 'JSON'
+ response = JSON.parse(last_response.body)
+ response[index.to_i].should == response_text
+ else
+ raise "Invalid format. Must be JSON or XML."
+ end
+end
+
+# JSON
+Then /^the response JSON should have 1 "([^\"]*)" element$/ do |name|
+ response = JSON.parse(last_response.body)
+ response[name].should be
+end
+
+Then /^the response JSON should have (\d+) records?$/ do |index|
+ response = JSON.parse(last_response.body)
+ response.count.should == index.to_i
+end
+
+# XML
+Then /^the response XML should have a root element of "([^\"]*)"$/ do |name|
+ response = Hash.from_xml(last_response.body)
+ response[name].should be
+ @xml_root_element = name
+end
+
+Then /^the response XML should have (\d+) "([^\"]*)" records?$/ do |index, name|
+ response = Hash.from_xml(last_response.body)
+ response[name.pluralize].count.should == index.to_i
+end
+
+Then /^the response XML should have 1 "([^\"]*)" child element$/ do |name|
+ response = Hash.from_xml(last_response.body)
+ response[@xml_root_element][name].should be
+end
View
48 test/dummy/features/step_definitions/hooks.rb
@@ -0,0 +1,48 @@
+def add_authentication_headers(path)
+ unless @rest_client.nil?
+ time_stamp = Time.now.utc.to_s
+ header 'x-timestamp', time_stamp
+ header 'x-signature', (Digest::SHA256.new << @rest_client.secret + path + time_stamp).to_s
+ end
+end
+
+def add_headers(headers_hash)
+ headers_hash.each do |h,value|
+ header h, value
+ end
+end
+
+def create_factory_object(factory_name)
+ eval("@#{factory_name} = FactoryGirl.create(:#{factory_name})")
+end
+
+def replace_attributes(str, factory_name)
+ replace_instance_attribute_strings str
+ replace_attribute_strings str, factory_name
+ return str
+end
+
+def replace_instance_attribute_strings(str)
+ h = Hash[instance_variables.map { |name| [name, instance_variable_get(name)] }]
+ h.each do |name, val|
+ if val.respond_to? "attributes"
+ n = name.to_s
+ n.sub!("@", "")
+ vars = val.attributes
+ vars.each do |var_name, var_val|
+ str.sub!("!!#{n}.#{var_name}!!", var_val.to_s) if str.include? "!!#{n}.#{var_name}!!"
+ end
+ end
+ end
+ return str
+end
+
+def replace_attribute_strings(str, factory_name)
+ return nil if factory_name == "" || factory_name.nil?
+ h = FactoryGirl.attributes_for factory_name
+ h.each do |name, val|
+ str.sub!("!!#{factory_name}.#{name}!!", val.to_s) if str.include? "!!#{factory_name}.#{name}!!"
+ end
+ return str
+end
+
View
4 test/dummy/features/support/database_cleaner.rb
@@ -0,0 +1,4 @@
+require 'database_cleaner'
+DatabaseCleaner.strategy = :truncation
+DatabaseCleaner.orm = "mongoid"
+Before { DatabaseCleaner.clean }
View
25 test/dummy/features/support/env.rb
@@ -0,0 +1,25 @@
+# needed for SimpleCov to include cucumber tests in it's coverage report
+require 'simplecov'
+SimpleCov.start 'rails'
+
+# include cucumber
+require 'cucumber/rails'
+
+# default selector
+Capybara.default_selector = :css
+
+# don't allow a rescue so exceptions fail tests
+ActionController::Base.allow_rescue = false
+
+# for faster cleanup with javascript
+Cucumber::Rails::Database.javascript_strategy = :truncation
+
+# for easier JSON testing
+require 'json_spec/cucumber'
+
+def last_json
+ last_response.body
+end
+
+# includes some useful steps for working with factories
+require "factory_girl/step_definitions"
View
0 test/dummy/lib/assets/.gitkeep
No changes.
View
0 test/dummy/lib/tasks/.gitkeep
No changes.
View
65 test/dummy/lib/tasks/cucumber.rake
@@ -0,0 +1,65 @@
+# IMPORTANT: This file is generated by cucumber-rails - edit at your own peril.
+# It is recommended to regenerate this file in the future when you upgrade to a
+# newer version of cucumber-rails. Consider adding your own code to a new file
+# instead of editing this one. Cucumber will automatically load all features/**/*.rb
+# files.
+
+
+unless ARGV.any? {|a| a =~ /^gems/} # Don't load anything when running the gems:* tasks
+
+vendored_cucumber_bin = Dir["#{Rails.root}/vendor/{gems,plugins}/cucumber*/bin/cucumber"].first
+$LOAD_PATH.unshift(File.dirname(vendored_cucumber_bin) + '/../lib') unless vendored_cucumber_bin.nil?
+
+begin
+ require 'cucumber/rake/task'
+
+ namespace :cucumber do
+ Cucumber::Rake::Task.new({:ok => 'db:test:prepare'}, 'Run features that should pass') do |t|
+ t.binary = vendored_cucumber_bin # If nil, the gem's binary is used.
+ t.fork = true # You may get faster startup if you set this to false
+ t.profile = 'default'
+ end
+
+ Cucumber::Rake::Task.new({:wip => 'db:test:prepare'}, 'Run features that are being worked on') do |t|
+ t.binary = vendored_cucumber_bin
+ t.fork = true # You may get faster startup if you set this to false
+ t.profile = 'wip'
+ end
+
+ Cucumber::Rake::Task.new({:rerun => 'db:test:prepare'}, 'Record failing features and run only them if any exist') do |t|
+ t.binary = vendored_cucumber_bin
+ t.fork = true # You may get faster startup if you set this to false
+ t.profile = 'rerun'
+ end
+
+ desc 'Run all features'
+ task :all => [:ok, :wip]
+
+ task :statsetup do
+ require 'rails/code_statistics'
+ ::STATS_DIRECTORIES << %w(Cucumber\ features features) if File.exist?('features')
+ ::CodeStatistics::TEST_TYPES << "Cucumber features" if File.exist?('features')
+ end
+ end
+ desc 'Alias for cucumber:ok'
+ task :cucumber => 'cucumber:ok'
+
+ task :default => :cucumber
+
+ task :features => :cucumber do
+ STDERR.puts "*** The 'features' task is deprecated. See rake -T cucumber ***"
+ end
+
+ # In case we don't have ActiveRecord, append a no-op task that we can depend upon.
+ task 'db:test:prepare' do
+ end
+
+ task :stats => 'cucumber:statsetup'
+rescue LoadError
+ desc 'cucumber rake task not available (cucumber not installed)'
+ task :cucumber do
+ abort 'Cucumber rake task is not available. Be sure to install cucumber as a gem or plugin'
+ end
+end
+
+end
View
0 test/dummy/log/.gitkeep
No changes.
View
26 test/dummy/public/404.html
@@ -0,0 +1,26 @@
+<!DOCTYPE html>
+<html>
+<head>
+ <title>The page you were looking for doesn't exist (404)</title>
+ <style type="text/css">
+ body { background-color: #fff; color: #666; text-align: center; font-family: arial, sans-serif; }
+ div.dialog {
+ width: 25em;
+ padding: 0 4em;
+ margin: 4em auto 0 auto;
+ border: 1px solid #ccc;
+ border-right-color: #999;
+ border-bottom-color: #999;
+ }
+ h1 { font-size: 100%; color: #f00; line-height: 1.5em; }
+ </style>
+</head>
+
+<body>
+ <!-- This file lives in public/404.html -->
+ <div class="dialog">
+ <h1>The page you were looking for doesn't exist.</h1>
+ <p>You may have mistyped the address or the page may have moved.</p>
+ </div>
+</body>
+</html>
View
26 test/dummy/public/422.html
@@ -0,0 +1,26 @@
+<!DOCTYPE html>
+<html>
+<head>
+ <title>The change you wanted was rejected (422)</title>
+ <style type="text/css">
+ body { background-color: #fff; color: #666; text-align: center; font-family: arial, sans-serif; }
+ div.dialog {
+ width: 25em;
+ padding: 0 4em;
+ margin: 4em auto 0 auto;
+ border: 1px solid #ccc;
+ border-right-color: #999;
+ border-bottom-color: #999;
+ }
+ h1 { font-size: 100%; color: #f00; line-height: 1.5em; }
+ </style>
+</head>
+
+<body>
+ <!-- This file lives in public/422.html -->
+ <div class="dialog">
+ <h1>The change you wanted was rejected.</h1>
+ <p>Maybe you tried to change something you didn't have access to.</p>
+ </div>
+</body>
+</html>
View
25 test/dummy/public/500.html
@@ -0,0 +1,25 @@
+<!DOCTYPE html>
+<html>
+<head>
+ <title>We're sorry, but something went wrong (500)</title>
+ <style type="text/css">
+ body { background-color: #fff; color: #666; text-align: center; font-family: arial, sans-serif; }
+ div.dialog {
+ width: 25em;
+ padding: 0 4em;
+ margin: 4em auto 0 auto;
+ border: 1px solid #ccc;
+ border-right-color: #999;
+ border-bottom-color: #999;
+ }
+ h1 { font-size: 100%; color: #f00; line-height: 1.5em; }
+ </style>
+</head>
+
+<body>
+ <!-- This file lives in public/500.html -->
+ <div class="dialog">
+ <h1>We're sorry, but something went wrong.</h1>
+ </div>
+</body>
+</html>
View
0 test/dummy/public/favicon.ico
No changes.
View
241 test/dummy/public/index.html
@@ -0,0 +1,241 @@
+<!DOCTYPE html>
+<html>
+ <head>
+ <title>Ruby on Rails: Welcome aboard</title>
+ <style type="text/css" media="screen">
+ body {
+ margin: 0;
+ margin-bottom: 25px;
+ padding: 0;
+ background-color: #f0f0f0;
+ font-family: "Lucida Grande", "Bitstream Vera Sans", "Verdana";
+ font-size: 13px;
+ color: #333;
+ }
+
+ h1 {
+ font-size: 28px;
+ color: #000;
+ }
+
+ a {color: #03c}
+ a:hover {
+ background-color: #03c;
+ color: white;
+ text-decoration: none;
+ }
+
+
+ #page {
+ background-color: #f0f0f0;
+ width: 750px;
+ margin: 0;
+ margin-left: auto;
+ margin-right: auto;
+ }
+
+ #content {
+ float: left;
+ background-color: white;
+ border: 3px solid #aaa;
+ border-top: none;
+ padding: 25px;
+ width: 500px;
+ }
+
+ #sidebar {
+ float: right;
+ width: 175px;
+ }
+
+ #footer {
+ clear: both;
+ }
+
+ #header, #about, #getting-started {
+ padding-left: 75px;
+ padding-right: 30px;
+ }
+
+
+ #header {
+ background-image: url("assets/rails.png");
+ background-repeat: no-repeat;
+ background-position: top left;
+ height: 64px;
+ }
+ #header h1, #header h2 {margin: 0}
+ #header h2 {
+ color: #888;
+ font-weight: normal;
+ font-size: 16px;
+ }
+
+
+ #about h3 {
+ margin: 0;
+ margin-bottom: 10px;
+ font-size: 14px;
+ }
+
+ #about-content {
+ background-color: #ffd;
+ border: 1px solid #fc0;
+ margin-left: -55px;
+ margin-right: -10px;
+ }
+ #about-content table {
+ margin-top: 10px;
+ margin-bottom: 10px;
+ font-size: 11px;
+ border-collapse: collapse;
+ }
+ #about-content td {
+ padding: 10px;
+ padding-top: 3px;
+ padding-bottom: 3px;
+ }
+ #about-content td.name {color: #555}
+ #about-content td.value {color: #000}
+
+ #about-content ul {
+ padding: 0;
+ list-style-type: none;
+ }
+
+ #about-content.failure {
+ background-color: #fcc;
+ border: 1px solid #f00;
+ }
+ #about-content.failure p {
+ margin: 0;
+ padding: 10px;
+ }
+
+
+ #getting-started {
+ border-top: 1px solid #ccc;
+ margin-top: 25px;
+ padding-top: 15px;
+ }
+ #getting-started h1 {
+ margin: 0;
+ font-size: 20px;
+ }
+ #getting-started h2 {
+ margin: 0;
+ font-size: 14px;
+ font-weight: normal;
+ color: #333;
+ margin-bottom: 25px;
+ }
+ #getting-started ol {
+ margin-left: 0;
+ padding-left: 0;
+ }
+ #getting-started li {
+ font-size: 18px;
+ color: #888;
+ margin-bottom: 25px;
+ }
+ #getting-started li h2 {
+ margin: 0;
+ font-weight: normal;
+ font-size: 18px;
+ color: #333;
+ }
+ #getting-started li p {
+ color: #555;
+ font-size: 13px;
+ }
+
+
+ #sidebar ul {
+ margin-left: 0;
+ padding-left: 0;
+ }
+ #sidebar ul h3 {
+ margin-top: 25px;
+ font-size: 16px;
+ padding-bottom: 10px;
+ border-bottom: 1px solid #ccc;
+ }
+ #sidebar li {
+ list-style-type: none;
+ }
+ #sidebar ul.links li {
+ margin-bottom: 5px;
+ }
+
+ .filename {
+ font-style: italic;
+ }
+ </style>
+ <script type="text/javascript">
+ function about() {
+ info = document.getElementById('about-content');
+ if (window.XMLHttpRequest)
+ { xhr = new XMLHttpRequest(); }
+ else
+ { xhr = new ActiveXObject("Microsoft.XMLHTTP"); }
+ xhr.open("GET","rails/info/properties",false);
+ xhr.send("");
+ info.innerHTML = xhr.responseText;
+ info.style.display = 'block'
+ }
+ </script>
+ </head>
+ <body>
+ <div id="page">
+ <div id="sidebar">
+ <ul id="sidebar-items">
+ <li>
+ <h3>Browse the documentation</h3>
+ <ul class="links">
+ <li><a href="http://guides.rubyonrails.org/">Rails Guides</a></li>
+ <li><a href="http://api.rubyonrails.org/">Rails API</a></li>
+ <li><a href="http://www.ruby-doc.org/core/">Ruby core</a></li>
+ <li><a href="http://www.ruby-doc.org/stdlib/">Ruby standard library</a></li>
+ </ul>
+ </li>
+ </ul>
+ </div>
+
+ <div id="content">
+ <div id="header">
+ <h1>Welcome aboard</h1>
+ <h2>You&rsquo;re riding Ruby on Rails!</h2>
+ </div>
+
+ <div id="about">
+ <h3><a href="rails/info/properties" onclick="about(); return false">About your application&rsquo;s environment</a></h3>
+ <div id="about-content" style="display: none"></div>
+ </div>
+
+ <div id="getting-started">
+ <h1>Getting started</h1>
+ <h2>Here&rsquo;s how to get rolling:</h2>
+
+ <ol>
+ <li>
+ <h2>Use <code>rails generate</code> to create your models and controllers</h2>
+ <p>To see all available options, run it without parameters.</p>
+ </li>
+
+ <li>
+ <h2>Set up a default route and remove <span class="filename">public/index.html</span></h2>
+ <p>Routes are set up in <span class="filename">config/routes.rb</span>.</p>
+ </li>
+
+ <li>
+ <h2>Create your database</h2>
+ <p>Run <code>rake db:create</code> to create your database. If you're not using SQLite (the default), edit <span class="filename">config/database.yml</span> with your username and password.</p>
+ </li>
+ </ol>
+ </div>
+ </div>
+
+ <div id="footer">&nbsp;</div>
+ </div>
+ </body>
+</html>
View
5 test/dummy/public/robots.txt
@@ -0,0 +1,5 @@
+# See http://www.robotstxt.org/wc/norobots.html for documentation on how to use the robots.txt file
+#
+# To ban all spiders from the entire site uncomment the next two lines:
+# User-Agent: *
+# Disallow: /
View
10 test/dummy/script/cucumber
@@ -0,0 +1,10 @@
+#!/usr/bin/env ruby
+
+vendored_cucumber_bin = Dir["#{File.dirname(__FILE__)}/../vendor/{gems,plugins}/cucumber*/bin/cucumber"].first
+if vendored_cucumber_bin
+ load File.expand_path(vendored_cucumber_bin)
+else
+ require 'rubygems' unless ENV['NO_RUBYGEMS']
+ require 'cucumber'
+ load Cucumber::BINARY
+end
View
6 test/dummy/script/rails
@@ -0,0 +1,6 @@
+#!/usr/bin/env ruby
+# This command will automatically be run when you run "rails" with Rails 3 gems installed from the root of your application.
+
+APP_PATH = File.expand_path('../../config/application', __FILE__)
+require File.expand_path('../../config/boot', __FILE__)
+require 'rails/commands'
View
20 test/dummy/spec/factories/rest_clients.rb
@@ -0,0 +1,20 @@
+FactoryGirl.define do
+ factory :rest_client, :class => RestClient do
+ name Random.alphanumeric
+ description Random.paragraphs(1)
+ api_key "69704d90-4b77-012f-c334-68a86d3dfd02"
+ secret "1e5483d9c6ddbe2f26eecf444ec7a976b2836ab17a209a0940f4dfdee1b3bc93"
+ is_master true
+ end
+ factory :alternative_rest_client, :class => RestClient do
+ name Random.alphanumeric
+ description Random.paragraphs(1)
+ end
+ factory :rest_client_without_name, :class => RestClient do
+ name nil
+ description Random.paragraphs(1)
+ end
+ factory :rest_client_without_description, :class => RestClient do
+ name Random.alphanumeric
+ end
+end
View
49 test/dummy/spec/models/rest_client_spec.rb
@@ -0,0 +1,49 @@
+require 'spec_helper'
+
+describe RestClient do
+
+ it "should be able to generate a new api key upon request" do
+ rest_client = RestClient.new
+ rest_client.gen_api_key
+ rest_client.api_key.should_not be_nil
+ end
+
+ it "should be able to generate a new secret upon request" do
+ rest_client = RestClient.new
+ rest_client.gen_secret
+ rest_client.secret.should_not be_nil
+ end
+
+ it "should save a valid client" do
+ RestClient.should have(0).records
+ rest_client = FactoryGirl.build :rest_client
+ rest_client.save
+ RestClient.should have(1).record
+ end
+
+ it "should not allow an empty name on create" do
+ rest_client = FactoryGirl.build :rest_client
+ rest_client.name = nil
+ rest_client.should_not be_valid
+ end
+
+ it "should not allow an empty description on create" do
+ rest_client = FactoryGirl.build :rest_client
+ rest_client.description = nil
+ rest_client.should_not be_valid
+ end
+
+ it "should enforce unique api keys" do
+ rest_client1 = FactoryGirl.build :rest_client
+ rest_client1.save
+ rest_client2 = FactoryGirl.build :rest_client
+ rest_client2.should_not be_valid
+ end
+
+ it "should set is_master to false if not explicitly set" do
+ rest_client = RestClient.new(:name => "Test", :description => "Test")
+ rest_client.should be_valid
+ rest_client.is_master.should == false
+ end
+
+end
View
30 test/dummy/spec/spec_helper.rb
@@ -0,0 +1,30 @@
+# These lines are needed for SimpleCov to generate a complete coverage report
+require 'simplecov'
+SimpleCov.start 'rails'
+
+# Sets Rails environment to test and includes rspec
+ENV["RAILS_ENV"] ||= 'test'
+require File.expand_path("../../config/environment", __FILE__)
+require 'rspec/rails'
+require 'rspec/autorun'
+
+# Requires supporting ruby files with custom matchers and macros, etc,
+# in spec/support/ and its subdirectories.
+Dir[Rails.root.join("spec/support/**/*.rb")].each {|f| require f}
+
+RSpec.configure do |config|
+ config.infer_base_class_for_anonymous_controllers = false
+ config.mock_with :rspec # use rspec's built-in mock objects
+ config.use_transactional_fixtures = true
+
+ # keep our mongo DB all shiney and new between tests
+ require 'database_cleaner'
+
+ config.before(:suite) do
+ DatabaseCleaner.strategy = :truncation
+ end
+
+ config.before(:each) do
+ DatabaseCleaner.clean
+ end
+end
View
0 test/dummy/vendor/assets/javascripts/.gitkeep
No changes.
View
0 test/dummy/vendor/assets/stylesheets/.gitkeep
No changes.
View
0 test/dummy/vendor/plugins/.gitkeep
No changes.

0 comments on commit 9d79e03

Please sign in to comment.