diff --git a/.gitignore b/.gitignore index d93dd81..5d807b4 100644 --- a/.gitignore +++ b/.gitignore @@ -1,5 +1,6 @@ pkg spec/reports +spec/fake_app/log/ .vimrc *.sw? .idea/ diff --git a/README.md b/README.md index 040943d..785745a 100644 --- a/README.md +++ b/README.md @@ -35,7 +35,7 @@ Then, set it up: ### Upgrading from an older version -- When upgrading to version 4.0.0 you may now take advantage of an in-memory cache +- When upgrading to version 4.0.0 and above you may now take advantage of an in-memory cache You can enabled it like so @@ -46,18 +46,46 @@ Stitches.configure do |config| end ``` -- If you have a version lower than 3.3.0, you need to run two generators, one of which creates a new database migration on your - `api_clients` table: +You can also set a leniency for disabled API keys, which will allow old API keys to continue to be used if they have a +`disabled_at` field set as long as the leniency is not exceeded. Note that if the `disabled_at` field is not populated +the behavior will remain the same as it always was, and the request will be denied when the `enabled` field is set to +`true`. If Stitches allows a call due to leniency settings, a log message will be generated with a severity depending on +how long ago the API key was disabled. + +```ruby +Stitches.configure do |config| + config.disabled_key_leniency_in_seconds = 3 * 24 * 60 * 60 # Time in seconds, defaults to three days + config.disabled_key_leniency_error_log_threshold_in_seconds = 2 * 24 * 60 * 60 # Time in seconds, defaults to two days +end +``` + +If a disabled key is used within the `disabled_key_leniency_in_seconds`, it will be allowed. + +Anytime a disabled key is used a log will be generated. If it is before the +`disabled_key_leniency_error_log_threshold_in_seconds` it will be a warning log message, if it is after that, it will be +an error message. `disabled_key_leniency_error_log_threshold_in_seconds` should never be a greater number than +`disabled_key_leniency_in_seconds`, as this provides an escallating series of warnings before finally disabling access. + +- If you are upgrading from a version older than 3.3.0 you need to run three generators, two of which create database + migrations on your `api_clients` table: ``` > bin/rails generate stitches:add_enabled_to_api_clients > bin/rails generate stitches:add_deprecation + > bin/rails generate stitches:add_disabled_at_to_api_clients ``` -- If you have a version lower than 3.6.0, you need to run one generator: +- If you are upgrading from a version between 3.3.0 and 3.5.0 you need to run two generators: ``` > bin/rails generate stitches:add_deprecation + > bin/rails generate stitches:add_disabled_at_to_api_clients + ``` + +- If you are upgrading from a version between 3.6.0 and 4.0.2 you need to run one generator: + + ``` + > bin/rails generate stitches:add_disabled_at_to_api_clients ``` ## Example Microservice Endpoint diff --git a/lib/stitches/add_disabled_at_to_api_clients_generator.rb b/lib/stitches/add_disabled_at_to_api_clients_generator.rb new file mode 100644 index 0000000..2fd46d5 --- /dev/null +++ b/lib/stitches/add_disabled_at_to_api_clients_generator.rb @@ -0,0 +1,18 @@ +require 'rails/generators' + +module Stitches + class AddDisabledAtToApiClientsGenerator < Rails::Generators::Base + include Rails::Generators::Migration + + source_root(File.expand_path(File.join(File.dirname(__FILE__),"generator_files"))) + + def self.next_migration_number(path) + Time.now.utc.strftime("%Y%m%d%H%M%S") + end + + desc "Upgrade your api_clients table so it includes the `disabled_at` field" + def update_api_clients_table + migration_template "db/migrate/add_disabled_at_to_api_clients.rb", "db/migrate/add_disabled_at_to_api_clients.rb" + end + end +end diff --git a/lib/stitches/allowlist_middleware.rb b/lib/stitches/allowlist_middleware.rb index 99d60b6..6632783 100644 --- a/lib/stitches/allowlist_middleware.rb +++ b/lib/stitches/allowlist_middleware.rb @@ -3,15 +3,14 @@ module Stitches class AllowlistMiddleware def initialize(app, options={}) @app = app - @configuration = options[:configuration] || Stitches.configuration - @except = options[:except] || @configuration.allowlist_regexp + @configuration = options[:configuration] + @except = options[:except] - unless @except.nil? || @except.is_a?(Regexp) - raise ":except must be a Regexp" - end + allowlist_regex end + def call(env) - if @except && @except.match(env["PATH_INFO"]) + if allowlist_regex && allowlist_regex.match(env["PATH_INFO"]) @app.call(env) else do_call(env) @@ -24,5 +23,20 @@ def do_call(env) raise 'subclass must implement' end + def configuration + @configuration || Stitches.configuration + end + + private + + def allowlist_regex + regex = @except || configuration.allowlist_regexp + + if !regex.nil? && !regex.is_a?(Regexp) + raise ":except must be a Regexp" + end + + regex + end end end diff --git a/lib/stitches/api_client_access_wrapper.rb b/lib/stitches/api_client_access_wrapper.rb index a5116d1..f6caf19 100644 --- a/lib/stitches/api_client_access_wrapper.rb +++ b/lib/stitches/api_client_access_wrapper.rb @@ -2,26 +2,57 @@ module Stitches::ApiClientAccessWrapper - def self.fetch_for_key(key) + def self.fetch_for_key(key, configuration) if cache_enabled - fetch_for_key_from_cache(key) + fetch_for_key_from_cache(key, configuration) else - fetch_for_key_from_db(key) + fetch_for_key_from_db(key, configuration) end end - def self.fetch_for_key_from_cache(key) + def self.fetch_for_key_from_cache(key, configuration) api_key_cache.getset(key) do - fetch_for_key_from_db(key) + fetch_for_key_from_db(key, configuration) end end - def self.fetch_for_key_from_db(key) - if ::ApiClient.column_names.include?("enabled") - ::ApiClient.find_by(key: key, enabled: true) + def self.fetch_for_key_from_db(key, configuration) + api_client = ::ApiClient.find_by(key: key) + return unless api_client + + unless api_client.respond_to?(:enabled?) + logger.warn('api_keys is missing "enabled" column. Run "rails g stitches:add_enabled_to_api_clients"') + return api_client + end + + unless api_client.respond_to?(:disabled_at) + logger.warn('api_keys is missing "disabled_at" column. Run "rails g stitches:add_disabled_at_to_api_clients"') + end + + return api_client if api_client.enabled? + + disabled_at = api_client.respond_to?(:disabled_at) ? api_client.disabled_at : nil + if disabled_at && disabled_at > configuration.disabled_key_leniency_in_seconds.seconds.ago + message = "Allowing disabled ApiClient: #{api_client.name} with key #{api_client.key} disabled at #{disabled_at}" + if disabled_at > configuration.disabled_key_leniency_error_log_threshold_in_seconds.seconds.ago + logger.warn(message) + else + logger.error(message) + end + return api_client + else + logger.error("Rejecting disabled ApiClient: #{api_client.name} with key #{api_client.key}") + end + nil + end + + def self.logger + if defined?(StitchFix::Logger::LogWriter) + StitchFix::Logger::LogWriter + elsif defined?(Rails.logger) + Rails.logger else - ActiveSupport::Deprecation.warn('api_keys is missing "enabled" column. Run "rails g stitches:add_enabled_to_api_clients"') - ::ApiClient.find_by(key: key) + ::Logger.new('/dev/null') end end @@ -39,4 +70,4 @@ def self.api_key_cache def self.cache_enabled Stitches.configuration.max_cache_ttl.positive? end -end \ No newline at end of file +end diff --git a/lib/stitches/api_key.rb b/lib/stitches/api_key.rb index 843d13d..071c18a 100644 --- a/lib/stitches/api_key.rb +++ b/lib/stitches/api_key.rb @@ -25,12 +25,12 @@ class ApiKey < Stitches::AllowlistMiddleware def do_call(env) authorization = env["HTTP_AUTHORIZATION"] if authorization - if authorization =~ /#{@configuration.custom_http_auth_scheme}\s+key=(.*)\s*$/ + if authorization =~ /#{configuration.custom_http_auth_scheme}\s+key=(.*)\s*$/ key = $1 - client = Stitches::ApiClientAccessWrapper.fetch_for_key(key) + client = Stitches::ApiClientAccessWrapper.fetch_for_key(key, configuration) if client.present? - env[@configuration.env_var_to_hold_api_client_primary_key] = client.id - env[@configuration.env_var_to_hold_api_client] = client + env[configuration.env_var_to_hold_api_client_primary_key] = client.id + env[configuration.env_var_to_hold_api_client] = client @app.call(env) else unauthorized_response("key invalid") @@ -59,7 +59,7 @@ def rails_app_module def unauthorized_response(reason) status = 401 body = "Unauthorized - #{reason}" - header = { "WWW-Authenticate" => "#{@configuration.custom_http_auth_scheme} realm=#{rails_app_module}" } + header = { "WWW-Authenticate" => "#{configuration.custom_http_auth_scheme} realm=#{rails_app_module}" } Rack::Response.new(body, status, header).finish end diff --git a/lib/stitches/configuration.rb b/lib/stitches/configuration.rb index 5e8603d..2669caf 100644 --- a/lib/stitches/configuration.rb +++ b/lib/stitches/configuration.rb @@ -15,8 +15,12 @@ def reset_to_defaults! @env_var_to_hold_api_client= NonNullString.new("env_var_to_hold_api_client","STITCHES_API_CLIENT") @max_cache_ttl = NonNullInteger.new("max_cache_ttl", 0) @max_cache_size = NonNullInteger.new("max_cache_size", 0) + @disabled_key_leniency_in_seconds = ActiveSupport::Duration.days(3) + @disabled_key_leniency_error_log_threshold_in_seconds = ActiveSupport::Duration.days(2) end + attr_accessor :disabled_key_leniency_in_seconds, :disabled_key_leniency_error_log_threshold_in_seconds + # A RegExp that allows URLS around the mime type and api key requirements. # nil means that ever request must have a proper mime type and api key. attr_reader :allowlist_regexp diff --git a/lib/stitches/generator_files/db/migrate/add_disabled_at_to_api_clients.rb b/lib/stitches/generator_files/db/migrate/add_disabled_at_to_api_clients.rb new file mode 100644 index 0000000..f9a691d --- /dev/null +++ b/lib/stitches/generator_files/db/migrate/add_disabled_at_to_api_clients.rb @@ -0,0 +1,5 @@ +class AddDisabledAtToApiClients < ActiveRecord::Migration<% if Rails::VERSION::MAJOR >= 5 %>[<%= Rails::VERSION::MAJOR %>.<%= Rails::VERSION::MINOR %>]<% end %> + def change + add_column :api_clients, :disabled_at, "timestamp with time zone", null: true + end +end diff --git a/lib/stitches/generator_files/db/migrate/add_enabled_to_api_clients.rb b/lib/stitches/generator_files/db/migrate/add_enabled_to_api_clients.rb index b1a323b..0f363a6 100644 --- a/lib/stitches/generator_files/db/migrate/add_enabled_to_api_clients.rb +++ b/lib/stitches/generator_files/db/migrate/add_enabled_to_api_clients.rb @@ -1,8 +1,4 @@ -<% if Rails::VERSION::MAJOR >= 5 %> -class AddEnabledToApiClients < ActiveRecord::Migration[<%= Rails::VERSION::MAJOR %>.<%= Rails::VERSION::MINOR %>] -<% else %> -class AddEnabledToApiClients < ActiveRecord::Migration -<% end %> +class AddEnabledToApiClients < ActiveRecord::Migration<% if Rails::VERSION::MAJOR >= 5 %>[<%= Rails::VERSION::MAJOR %>.<%= Rails::VERSION::MINOR %>]<% end %> def change add_column :api_clients, :enabled, :bool, null: false, default: true remove_index :api_clients, [:name ] # existing one would be unique diff --git a/lib/stitches/generator_files/db/migrate/create_api_clients.rb b/lib/stitches/generator_files/db/migrate/create_api_clients.rb index 7756103..bcceded 100644 --- a/lib/stitches/generator_files/db/migrate/create_api_clients.rb +++ b/lib/stitches/generator_files/db/migrate/create_api_clients.rb @@ -1,14 +1,11 @@ -<% if Rails::VERSION::MAJOR >= 5 %> -class CreateApiClients < ActiveRecord::Migration[<%= Rails::VERSION::MAJOR %>.<%= Rails::VERSION::MINOR %>] -<% else %> -class CreateApiClients < ActiveRecord::Migration -<% end %> +class CreateApiClients < ActiveRecord::Migration<% if Rails::VERSION::MAJOR >= 5 %>[<%= Rails::VERSION::MAJOR %>.<%= Rails::VERSION::MINOR %>]<% end %> def change create_table :api_clients do |t| t.string :name, null: false t.column :key, "uuid default uuid_generate_v4()", null: false t.column :enabled, :bool, null: false, default: true t.column :created_at, "timestamp with time zone default now()", null: false + t.column :disabled_at, "timestamp with time zone", null: true end add_index :api_clients, [:name] add_index :api_clients, [:key], unique: true diff --git a/lib/stitches/generator_files/db/migrate/enable_uuid_ossp_extension.rb b/lib/stitches/generator_files/db/migrate/enable_uuid_ossp_extension.rb index 4f8d922..715fd86 100644 --- a/lib/stitches/generator_files/db/migrate/enable_uuid_ossp_extension.rb +++ b/lib/stitches/generator_files/db/migrate/enable_uuid_ossp_extension.rb @@ -1,8 +1,4 @@ -<% if Rails::VERSION::MAJOR >= 5 %> -class EnableUuidOsspExtension < ActiveRecord::Migration[<%= Rails::VERSION::MAJOR %>.<%= Rails::VERSION::MINOR %>] -<% else %> -class EnableUuidOsspExtension < ActiveRecord::Migration -<% end %> +class EnableUuidOsspExtension < ActiveRecord::Migration<% if Rails::VERSION::MAJOR >= 5 %>[<%= Rails::VERSION::MAJOR %>.<%= Rails::VERSION::MINOR %>]<% end %> def change enable_extension 'uuid-ossp' end diff --git a/lib/stitches/version.rb b/lib/stitches/version.rb index 7286c0a..a4067d5 100644 --- a/lib/stitches/version.rb +++ b/lib/stitches/version.rb @@ -1,5 +1,5 @@ # frozen_string_literal: true module Stitches - VERSION = '4.0.2' + VERSION = '4.2.0' end diff --git a/lib/stitches_norailtie.rb b/lib/stitches_norailtie.rb index 5bb8174..b4891ed 100644 --- a/lib/stitches_norailtie.rb +++ b/lib/stitches_norailtie.rb @@ -14,6 +14,7 @@ def self.configuration require 'stitches/api_generator' require 'stitches/add_deprecation_generator' require 'stitches/add_enabled_to_api_clients_generator' +require 'stitches/add_disabled_at_to_api_clients_generator' require 'stitches/api_version_constraint' require 'stitches/api_key' require 'stitches/deprecation' diff --git a/spec/api_client_access_wrapper_spec.rb b/spec/api_client_access_wrapper_spec.rb deleted file mode 100644 index a8218d6..0000000 --- a/spec/api_client_access_wrapper_spec.rb +++ /dev/null @@ -1,52 +0,0 @@ -require 'spec_helper.rb' - -module MyApp - class Application - end -end - -unless defined? ApiClient - class ApiClient - def self.column_names - ["enabled"] - end - end -end - -describe Stitches::ApiClientAccessWrapper do - let(:api_client) { - double(ApiClient, id: 42) - } - before do - Stitches.configuration.reset_to_defaults! - end - describe '#fetch_by_key' do - context "cache is disabled" do - before do - expect(ApiClient).to receive(:find_by).and_return(api_client).twice - end - - it "fetchs object from db twice" do - expect(described_class.fetch_for_key("123").id).to eq(42) - expect(described_class.fetch_for_key("123").id).to eq(42) - end - end - - context "cache is configured" do - before do - Stitches.configure do |config| - config.max_cache_ttl = 5 - config.max_cache_size = 10 - end - - expect(ApiClient).to receive(:find_by).and_return(api_client).once - end - - it "fetchs object from cache" do - expect(described_class.fetch_for_key("123").id).to eq(42) - # This should hit the cache - expect(described_class.fetch_for_key("123").id).to eq(42) - end - end - end -end diff --git a/spec/api_key_middleware_spec.rb b/spec/api_key_middleware_spec.rb new file mode 100644 index 0000000..bd360a9 --- /dev/null +++ b/spec/api_key_middleware_spec.rb @@ -0,0 +1,368 @@ +require 'rails_helper' +require 'securerandom' + +class FakeLogger + # This shouldn't be needed but there's a weird mocking conflict with kernal warn method otherwise + def warn(message) + end +end + +RSpec.describe "/api/hellos", type: :request do + let(:uuid) { api_client.key } + let(:auth_header) { "MyAwesomeInternalScheme key=#{uuid}" } + let(:allowlist) { nil } + + before do + Stitches.configuration.reset_to_defaults! + Stitches.configuration.custom_http_auth_scheme = 'MyAwesomeInternalScheme' + Stitches.configuration.allowlist_regexp = allowlist if allowlist + Stitches::ApiClientAccessWrapper.clear_api_cache + end + + def execute_call(auth: auth_header) + headers = { + "Accept" => "application/json; version=1" + } + headers["Authorization"] = auth if auth + + get "/api/hellos", headers: headers + end + + def expect_unauthorized + expect(response.body).to include "Unauthorized" + expect(response.status).to eq 401 + expect(response.headers["WWW-Authenticate"]).to eq("MyAwesomeInternalScheme realm=FakeApp") + end + + context "with modern schema" do + let(:api_client_enabled) { true } + let(:disabled_at) { nil } + let!(:api_client) { + uuid = SecureRandom.uuid + ApiClient.create(name: "MyApiClient", key: SecureRandom.uuid, enabled: false, created_at: 20.days.ago, disabled_at: 15.days.ago) + ApiClient.create(name: "MyApiClient", key: uuid, enabled: api_client_enabled, created_at: 10.days.ago, disabled_at: disabled_at) + } + + context "when path is not on allowlist" do + context "when api_client is valid" do + it "executes the correct controller" do + execute_call + + expect(response.body).to include "Hello" + end + + it "saves the api_client information used" do + execute_call + + expect(response.body).to include "MyApiClient" + expect(response.body).to include "#{api_client.id}" + end + + context "caching is enabled" do + before do + allow(ApiClient).to receive(:find_by).and_call_original + + Stitches.configure do |config| + config.max_cache_ttl = 5 + config.max_cache_size = 10 + end + end + + it "only gets the the api_client information once" do + execute_call + execute_call + + expect(response.body).to include "#{api_client.id}" + expect(ApiClient).to have_received(:find_by).once + end + end + end + + context "when api client key does not match" do + let(:uuid) { SecureRandom.uuid } # random uuid + + it "rejects request" do + execute_call + + expect_unauthorized + end + end + + context "when api client key not enabled" do + let(:api_client_enabled) { false } + + context "when disabled_at is not set" do + it "rejects request" do + execute_call + + expect_unauthorized + end + end + + context "when disabled_at is set to a time older than three days ago" do + let(:disabled_at) { 4.day.ago } + + it "allows the call" do + execute_call + + expect_unauthorized + end + end + + context "when disabled_at is set to a recent time" do + let(:disabled_at) { 1.day.ago } + + it "allows the call" do + execute_call + + expect(response.body).to include "Hello" + expect(response.body).to include "MyApiClient" + expect(response.body).to include "#{api_client.id}" + end + + it "warns about the disabled key to log writer when available" do + stub_const("StitchFix::Logger::LogWriter", FakeLogger.new) + allow(StitchFix::Logger::LogWriter).to receive(:warn) + + execute_call + + expect(StitchFix::Logger::LogWriter).to have_received(:warn).once + end + + it "warns about the disabled key to the Rails.logger" do + allow(Rails.logger).to receive(:warn) + allow(Rails.logger).to receive(:error) + + execute_call + + expect(Rails.logger).to have_received(:warn).once + expect(Rails.logger).not_to have_received(:error) + end + end + + context "when disabled_at is set to a dangerously long time" do + let(:disabled_at) { 52.hours.ago } + + it "allows the call" do + execute_call + + expect(response.body).to include "Hello" + expect(response.body).to include "MyApiClient" + expect(response.body).to include "#{api_client.id}" + end + + it "logs error about the disabled key to log writer when available" do + stub_const("StitchFix::Logger::LogWriter", FakeLogger.new) + allow(StitchFix::Logger::LogWriter).to receive(:error) + + execute_call + + expect(StitchFix::Logger::LogWriter).to have_received(:error).once + end + + it "logs error about the disabled key to the Rails.logger" do + allow(Rails.logger).to receive(:warn) + allow(Rails.logger).to receive(:error) + + execute_call + + expect(Rails.logger).to have_received(:error).once + expect(Rails.logger).not_to have_received(:warn) + end + end + + context "when disabled_at is set to an unacceptably long time" do + let(:disabled_at) { 5.days.ago } + + it "forbids the call" do + execute_call + + expect_unauthorized + end + + it "logs error about the disabled key to log writer when available" do + stub_const("StitchFix::Logger::LogWriter", FakeLogger.new) + allow(StitchFix::Logger::LogWriter).to receive(:error) + + execute_call + + expect(StitchFix::Logger::LogWriter).to have_received(:error).once + end + + it "logs error about the disabled key to the Rails.logger" do + allow(Rails.logger).to receive(:warn) + allow(Rails.logger).to receive(:error) + + execute_call + + expect(Rails.logger).to have_received(:error).once + expect(Rails.logger).not_to have_received(:warn) + end + end + + context "custom leniency is set" do + before do + Stitches.configuration.disabled_key_leniency_in_seconds = 100 + Stitches.configuration.disabled_key_leniency_error_log_threshold_in_seconds = 50 + end + + context "when disabled_at is set to an unacceptably long time" do + let(:disabled_at) { 101.seconds.ago } + + it "forbids the call" do + allow(Rails.logger).to receive(:error) + execute_call + + expect_unauthorized + expect(Rails.logger).to have_received(:error).once + end + end + + context "when disabled_at is set to a dangerously long time" do + let(:disabled_at) { 75.seconds.ago } + + it "allows the call" do + allow(Rails.logger).to receive(:error) + + execute_call + + expect(response.body).to include "Hello" + expect(Rails.logger).to have_received(:error).once + end + end + + context "when disabled_at is set to a short time ago" do + let(:disabled_at) { 25.seconds.ago } + + it "allows the call" do + allow(Rails.logger).to receive(:warn) + + execute_call + + expect(response.body).to include "Hello" + expect(Rails.logger).to have_received(:warn).once + end + end + end + end + + context "when authorization header is missing" do + it "rejects request" do + execute_call(auth: nil) + + expect_unauthorized + end + end + + context "when scheme does not match" do + it "rejects request" do + execute_call(auth: "OtherScheme key=#{uuid}") + + expect_unauthorized + end + end + end + + context "when path is on allowlist" do + let(:allowlist) { /.*hello.*/ } + + context "when api_client is valid" do + it "executes the correct controller" do + execute_call + + expect(response.body).to include "Hello" + end + + it "does not save the api_client information used" do + execute_call + + expect(response.body).to include "NameNotFound" + expect(response.body).to include "IdNotFound" + end + end + + context "when api client key does not match" do + let(:uuid) { SecureRandom.uuid } # random uuid + + it "executes the correct controller" do + execute_call + + expect(response.body).to include "Hello" + end + end + end + end + + context "when schema is old and missing disabled_at field" do + around(:each) do |example| + load 'fake_app/db/schema_missing_disabled_at.rb' + ApiClient.reset_column_information + example.run + load 'fake_app/db/schema_modern.rb' + ApiClient.reset_column_information + end + + context "when api_client is valid" do + let!(:api_client) { + uuid = SecureRandom.uuid + ApiClient.create(name: "MyApiClient", key: uuid, created_at: Time.now(), enabled: true) + } + + it "executes the correct controller" do + execute_call + + expect(response.body).to include "Hello" + end + + it "saves the api_client information used" do + execute_call + + expect(response.body).to include "MyApiClient" + expect(response.body).to include "#{api_client.id}" + end + end + + context "when api_client is not enabled" do + let!(:api_client) { + uuid = SecureRandom.uuid + ApiClient.create(name: "MyApiClient", key: uuid, created_at: Time.now(), enabled: false) + } + + it "rejects request" do + execute_call + + expect_unauthorized + end + end + end + + context "when schema is old and missing enabled field" do + around(:each) do |example| + load 'fake_app/db/schema_missing_enabled.rb' + ApiClient.reset_column_information + example.run + load 'fake_app/db/schema_modern.rb' + ApiClient.reset_column_information + end + + let!(:api_client) { + uuid = SecureRandom.uuid + ApiClient.create(name: "MyApiClient", key: uuid, created_at: Time.now()) + } + + context "when api_client is valid" do + it "executes the correct controller" do + execute_call + + expect(response.body).to include "Hello" + end + + it "saves the api_client information used" do + execute_call + + expect(response.body).to include "MyApiClient" + expect(response.body).to include "#{api_client.id}" + end + end + end +end diff --git a/spec/api_key_spec.rb b/spec/api_key_spec.rb deleted file mode 100644 index 652557f..0000000 --- a/spec/api_key_spec.rb +++ /dev/null @@ -1,208 +0,0 @@ -require 'spec_helper.rb' - -module MyApp - class Application - end -end - -unless defined? ApiClient - class ApiClient - def self.column_names - ["enabled"] - end - end -end - -describe Stitches::ApiKey do - let(:app) { double("rack app") } - let(:api_client) { - double(ApiClient, id: 42) - } - - before do - Stitches.configuration.reset_to_defaults! - Stitches.configuration.custom_http_auth_scheme = 'MyAwesomeInternalScheme' - fake_rails_app = MyApp::Application.new - allow(Rails).to receive(:application).and_return(fake_rails_app) - allow(app).to receive(:call).with(env) - allow(ApiClient).to receive(:find_by).and_return(api_client) - Stitches::ApiClientAccessWrapper.clear_api_cache - end - - subject(:middleware) { described_class.new(app, namespace: "/api") } - - shared_examples "an unauthorized response" do - it "returns a 401" do - status, _headers, _body = @response - expect(status).to eq(401) - end - it "sets the proper header" do - _status, headers, _body = @response - expect(headers["WWW-Authenticate"]).to eq("MyAwesomeInternalScheme realm=MyApp") - end - it "stops the call chain preventing anything from happening" do - expect(app).not_to have_received(:call) - end - it "sends a reasonable message" do - _status, _headers, body = @response - expect(body).to eq([expected_body]) - end - end - - describe "#call" do - context "not in namespace" do - context "not allowlisted" do - let(:env) { - { - "PATH_INFO" => "/index/apifoolingyou/home", - } - } - - before do - @response = middleware.call(env) - end - - it_behaves_like "an unauthorized response" do - let(:expected_body) { "Unauthorized - no authorization header" } - end - end - context "allowlisting" do - context "allowlist is explicit in middleware usage" do - before do - @response = middleware.call(env) - end - context "passes the allowlist" do - subject(:middleware) { described_class.new(app, except: %r{\A/resque\/.*\Z}) } - let(:env) { - { - "PATH_INFO" => "/resque/overview" - } - } - it "calls through to the rest of the chain" do - expect(app).to have_received(:call).with(env) - end - end - - context "fails the allowlist" do - subject(:middleware) { described_class.new(app, except: %r{\A/resque\/.*\Z}) } - let(:env) { - { - "PATH_INFO" => "//resque/overview" # subtle - } - } - it_behaves_like "an unauthorized response" do - let(:expected_body) { "Unauthorized - no authorization header" } - end - end - context "except: is not given a regexp" do - let(:env) { - { - "PATH_INFO" => "//resque/overview" # subtle - } - } - it "blows up" do - expect { - described_class.new(app, except: "/resque") - }.to raise_error(/must be a Regexp/i) - end - end - end - context "allowlist is implicit from the configuration" do - - before do - Stitches.configuration.allowlist_regexp = %r{\A/resque/.*\Z} - @response = middleware.call(env) - end - - context "passes the allowlist" do - subject(:middleware) { described_class.new(app) } - let(:env) { - { - "PATH_INFO" => "/resque/overview" - } - } - it "calls through to the rest of the chain" do - expect(app).to have_received(:call).with(env) - end - end - - context "fails the allowlist" do - subject(:middleware) { described_class.new(app) } - let(:env) { - { - "PATH_INFO" => "//resque/overview" # subtle - } - } - it_behaves_like "an unauthorized response" do - let(:expected_body) { "Unauthorized - no authorization header" } - end - end - end - end - end - - context "valid key" do - let(:env) { - { - "PATH_INFO" => "/api/ping", - "HTTP_AUTHORIZATION" => "MyAwesomeInternalScheme key=foobar", - } - } - - before do - @response = middleware.call(env) - end - it "calls through to the rest of the chain" do - expect(app).to have_received(:call).with(env) - end - - it "sets the api_client's ID in the environment" do - expect(env[Stitches.configuration.env_var_to_hold_api_client_primary_key]).to eq(api_client.id) - end - - it "sets the api_client itself in the environment" do - expect(env[Stitches.configuration.env_var_to_hold_api_client]).to eq(api_client) - end - end - - context "unauthorized responses" do - before do - @response = middleware.call(env) - end - context "invalid key" do - let(:env) { - { - "PATH_INFO" => "/api/ping", - "HTTP_AUTHORIZATION" => "MyAwesomeInternalScheme key=foobar", - } - } - let(:api_client) { nil } - - it_behaves_like "an unauthorized response" do - let(:expected_body) { "Unauthorized - key invalid" } - end - end - context "bad authorization type" do - let(:env) { - { - "PATH_INFO" => "/api/ping", - "HTTP_AUTHORIZATION" => "foobar", - } - } - it_behaves_like "an unauthorized response" do - let(:expected_body) { "Unauthorized - bad authorization type" } - end - end - context "no auth header" do - let(:env) { - { - "PATH_INFO" => "/api/ping", - } - } - it_behaves_like "an unauthorized response" do - let(:expected_body) { "Unauthorized - no authorization header" } - end - end - end - end -end diff --git a/spec/api_version_constraint_middleware_spec.rb b/spec/api_version_constraint_middleware_spec.rb new file mode 100644 index 0000000..c2ebd04 --- /dev/null +++ b/spec/api_version_constraint_middleware_spec.rb @@ -0,0 +1,58 @@ +require 'rails_helper' +require 'securerandom' + +RSpec.describe "/api/hellos", type: :request do + let(:version) { 8 } + let(:accept_header) { "application/json; version=#{version}" } + let(:headers) { + h = {} + h["Accept"] = accept_header if accept_header + h + } + + before do + Stitches.configuration.reset_to_defaults! + Stitches.configuration.allowlist_regexp = /.*hello.*/ + Stitches::ApiClientAccessWrapper.clear_api_cache + end + + context "when correctly configured for version 1" do + let(:version) { 1 } + + it "executes the correct controller" do + get "/api/hellos", headers: headers + + expect(response.body).to include "Hello" + end + end + + context "when correctly configured for version 2" do + let(:version) { 2 } + + it "executes the correct controller" do + get "/api/hellos", headers: headers + + expect(response.body).to include "Greetings" + end + end + + context "when correctly configured for a version that does not exist" do + let(:version) { 6 } + + it "fails to map to a controller" do + expect { + get "/api/hellos", headers: headers + }.to raise_error(ActionController::RoutingError) + end + end + + context "when accept header is missing version" do + let(:accept_header) { "application/json" } + + it "fails to map to a controller" do + expect { + get "/api/hellos", headers: headers + }.to raise_error(ActionController::RoutingError) + end + end +end diff --git a/spec/api_version_constraint_spec.rb b/spec/api_version_constraint_spec.rb deleted file mode 100644 index 5759938..0000000 --- a/spec/api_version_constraint_spec.rb +++ /dev/null @@ -1,33 +0,0 @@ -require 'spec_helper.rb' - -describe Stitches::ApiVersionConstraint do - let(:version) { 2 } - let(:request) { double("request", headers: headers) } - - subject(:constraint) { described_class.new(version) } - - context "no accept header" do - let(:headers) { {} } - it "doesn't match" do - expect(constraint.matches?(request)).to eq(false) - end - end - context "accept header missing version" do - let(:headers) { { accept: "application/json" } } - it "doesn't match" do - expect(constraint.matches?(request)).to eq(false) - end - end - context "accept header has wrong version" do - let(:headers) { { accept: "application/json; version=1" } } - it "doesn't match" do - expect(constraint.matches?(request)).to eq(false) - end - end - context "accept header has correct version" do - let(:headers) { { accept: "application/json; version=2" } } - it "matcheds" do - expect(constraint.matches?(request)).to eq(true) - end - end -end diff --git a/spec/configuration_spec.rb b/spec/configuration_spec.rb index d5c4368..951fdb5 100644 --- a/spec/configuration_spec.rb +++ b/spec/configuration_spec.rb @@ -1,4 +1,4 @@ -require 'spec_helper.rb' +require 'rails_helper' describe Stitches::Configuration do before do diff --git a/spec/deprecation_spec.rb b/spec/deprecation_spec.rb index b9918ac..41c000c 100644 --- a/spec/deprecation_spec.rb +++ b/spec/deprecation_spec.rb @@ -1,4 +1,4 @@ -require 'spec_helper.rb' +require 'rails_helper' describe Stitches::Deprecation do let(:response) { diff --git a/spec/error_spec.rb b/spec/error_spec.rb index 7c22de7..71bfd02 100644 --- a/spec/error_spec.rb +++ b/spec/error_spec.rb @@ -1,4 +1,4 @@ -require 'spec_helper' +require 'rails_helper' module Stitches describe Error do diff --git a/spec/errors_spec.rb b/spec/errors_spec.rb index 78a7f01..050e3c2 100644 --- a/spec/errors_spec.rb +++ b/spec/errors_spec.rb @@ -1,4 +1,4 @@ -require 'spec_helper.rb' +require 'rails_helper' class MyFakeError < StandardError end @@ -10,9 +10,9 @@ class FakePersonHolder validates_presence_of :name def valid? - # doing this because we can't use validates_associated on a non-AR object, and + # doing this because we can't use validates_associated on a non-AR object, and # our logic doesn't depend on validates_associated, per se - super.tap { + super.tap { unless person.valid? errors.add(:person,"is not valid") end diff --git a/spec/fake_app/.rspec b/spec/fake_app/.rspec new file mode 100644 index 0000000..c99d2e7 --- /dev/null +++ b/spec/fake_app/.rspec @@ -0,0 +1 @@ +--require spec_helper diff --git a/spec/fake_app/.ruby-version b/spec/fake_app/.ruby-version new file mode 100644 index 0000000..c0013a8 --- /dev/null +++ b/spec/fake_app/.ruby-version @@ -0,0 +1 @@ +ruby-2.7.3 diff --git a/spec/fake_app/Gemfile b/spec/fake_app/Gemfile new file mode 100644 index 0000000..8ffafec --- /dev/null +++ b/spec/fake_app/Gemfile @@ -0,0 +1,53 @@ +source 'https://rubygems.org' +git_source(:github) { |repo| "https://github.com/#{repo}.git" } + +ruby '2.7.3' + +# Bundle edge Rails instead: gem 'rails', github: 'rails/rails', branch: 'main' +gem 'rails', '~> 6.1.4' +# Use sqlite3 as the database for Active Record +gem 'sqlite3', '~> 1.4' +# Use Puma as the app server +gem 'puma', '~> 5.0' +# Use SCSS for stylesheets +gem 'sass-rails', '>= 6' +# Build JSON APIs with ease. Read more: https://github.com/rails/jbuilder +gem 'jbuilder', '~> 2.7' +# Use Active Model has_secure_password +# gem 'bcrypt', '~> 3.1.7' + +# Use Active Storage variant +# gem 'image_processing', '~> 1.2' + +gem 'stitches' + +group :development, :test do + # Call 'byebug' anywhere in the code to stop execution and get a debugger console + # gem 'byebug', platforms: [:mri, :mingw, :x64_mingw] +end + +group :development do + # Access an interactive console on exception pages or by calling 'console' anywhere in the code. + gem 'web-console', '>= 4.1.0' + # Display performance information such as SQL time and flame graphs for each request in your browser. + # Can be configured to work on production as well see: https://github.com/MiniProfiler/rack-mini-profiler/blob/master/README.md + gem 'rack-mini-profiler', '~> 2.0' +end + +group :test do + # Adds support for Capybara system testing and selenium driver + gem 'capybara', '>= 3.26' + gem 'selenium-webdriver' + # Easy installation and use of web drivers to run system tests with browsers + gem 'webdrivers' +end + +# Windows does not include zoneinfo files, so bundle the tzinfo-data gem +gem 'tzinfo-data', platforms: [:mingw, :mswin, :x64_mingw, :jruby] +gem 'apitome' + +group :development, :test do + gem 'rspec' + gem 'rspec-rails' + gem 'rspec_api_documentation' +end diff --git a/spec/fake_app/README.md b/spec/fake_app/README.md new file mode 100644 index 0000000..7db80e4 --- /dev/null +++ b/spec/fake_app/README.md @@ -0,0 +1,24 @@ +# README + +This README would normally document whatever steps are necessary to get the +application up and running. + +Things you may want to cover: + +* Ruby version + +* System dependencies + +* Configuration + +* Database creation + +* Database initialization + +* How to run the test suite + +* Services (job queues, cache servers, search engines, etc.) + +* Deployment instructions + +* ... diff --git a/spec/fake_app/Rakefile b/spec/fake_app/Rakefile new file mode 100644 index 0000000..9a5ea73 --- /dev/null +++ b/spec/fake_app/Rakefile @@ -0,0 +1,6 @@ +# Add your own tasks in files placed in lib/tasks ending in .rake, +# for example lib/tasks/capistrano.rake, and they will automatically be available to Rake. + +require_relative "config/application" + +Rails.application.load_tasks diff --git a/spec/fake_app/app/assets/config/manifest.js b/spec/fake_app/app/assets/config/manifest.js new file mode 100644 index 0000000..5918193 --- /dev/null +++ b/spec/fake_app/app/assets/config/manifest.js @@ -0,0 +1,2 @@ +//= link_tree ../images +//= link_directory ../stylesheets .css diff --git a/spec/fake_app/app/assets/stylesheets/application.css b/spec/fake_app/app/assets/stylesheets/application.css new file mode 100644 index 0000000..d05ea0f --- /dev/null +++ b/spec/fake_app/app/assets/stylesheets/application.css @@ -0,0 +1,15 @@ +/* + * This is a manifest file that'll be compiled into application.css, which will include all the files + * listed below. + * + * Any CSS and SCSS file within this directory, lib/assets/stylesheets, or any plugin's + * vendor/assets/stylesheets directory can be referenced here using a relative path. + * + * You're free to add application-wide styles to this file and they'll appear at the bottom of the + * compiled file so the styles you add here take precedence over styles defined in any other CSS/SCSS + * files in this directory. Styles in this file should be added after the last require_* statement. + * It is generally better to create a new file per style scope. + * + *= require_tree . + *= require_self + */ diff --git a/spec/fake_app/app/controllers/api.rb b/spec/fake_app/app/controllers/api.rb new file mode 100644 index 0000000..e6a69c3 --- /dev/null +++ b/spec/fake_app/app/controllers/api.rb @@ -0,0 +1,2 @@ +module Api +end diff --git a/spec/fake_app/app/controllers/api/api_controller.rb b/spec/fake_app/app/controllers/api/api_controller.rb new file mode 100644 index 0000000..313b406 --- /dev/null +++ b/spec/fake_app/app/controllers/api/api_controller.rb @@ -0,0 +1,31 @@ +class Api::ApiController < ActionController::API + include Stitches::Deprecation + # + # The order of the rescue_from blocks is important - ActiveRecord::RecordNotFound must come after StandardError, + # otherwise ActiveRecord::RecordNotFound exceptions will get rescued in the StandardError block. + # See the documentation for rescue_from for further explanation: + # https://apidock.com/rails/ActiveSupport/Rescuable/ClassMethods/rescue_from + # Specifically, this part: "Handlers are inherited. They are searched from right to left, from bottom to top, and up + # the hierarchy." + # + rescue_from StandardError do |exception| + render json: { errors: Stitches::Errors.from_exception(exception) }, status: :internal_server_error + end + + rescue_from ActiveRecord::RecordNotFound do |exception| + render json: { errors: Stitches::Errors.from_exception(exception) }, status: :not_found + end + + def current_user + api_client + end + +protected + + def api_client + @api_client ||= request.env[Stitches.configuration.env_var_to_hold_api_client] + # Use this if you want to look up the ApiClient instead of using the one placed into the env + # @api_client ||= ApiClient.find(request.env[Stitches.configuration.env_var_to_hold_api_client_primary_key]) + end + +end diff --git a/spec/fake_app/app/controllers/api/v1.rb b/spec/fake_app/app/controllers/api/v1.rb new file mode 100644 index 0000000..0ed19df --- /dev/null +++ b/spec/fake_app/app/controllers/api/v1.rb @@ -0,0 +1,2 @@ +module Api::V1 +end diff --git a/spec/fake_app/app/controllers/api/v1/hellos_controller.rb b/spec/fake_app/app/controllers/api/v1/hellos_controller.rb new file mode 100644 index 0000000..a5cf454 --- /dev/null +++ b/spec/fake_app/app/controllers/api/v1/hellos_controller.rb @@ -0,0 +1,7 @@ +class Api::V1::HellosController < Api::ApiController + def show + name = request.env[Stitches.configuration.env_var_to_hold_api_client]&.name || "NameNotFound" + id = request.env[Stitches.configuration.env_var_to_hold_api_client_primary_key] || "IdNotFound" + render json: { hello: "Hello #{name}, your id is #{id}" } + end +end diff --git a/spec/fake_app/app/controllers/api/v1/pings_controller.rb b/spec/fake_app/app/controllers/api/v1/pings_controller.rb new file mode 100644 index 0000000..20a1ae0 --- /dev/null +++ b/spec/fake_app/app/controllers/api/v1/pings_controller.rb @@ -0,0 +1,16 @@ +class Api::V1::PingsController < Api::ApiController + + def create + if ping_params[:error] + render json: { errors: Stitches::Errors.new([ Stitches::Error.new(code: "test", message: ping_params[:error]) ])} , status: 422 + else + render json: { ping: { status: "ok" } }, status: (ping_params[:status] || "201").to_i + end + end + +private + + def ping_params + params.permit(:error, :status) + end +end diff --git a/spec/fake_app/app/controllers/api/v2.rb b/spec/fake_app/app/controllers/api/v2.rb new file mode 100644 index 0000000..b5d21e0 --- /dev/null +++ b/spec/fake_app/app/controllers/api/v2.rb @@ -0,0 +1,2 @@ +module Api::V2 +end diff --git a/spec/fake_app/app/controllers/api/v2/hellos_controller.rb b/spec/fake_app/app/controllers/api/v2/hellos_controller.rb new file mode 100644 index 0000000..d8d62ae --- /dev/null +++ b/spec/fake_app/app/controllers/api/v2/hellos_controller.rb @@ -0,0 +1,7 @@ +class Api::V2::HellosController < Api::ApiController + def show + name = request.env[Stitches.configuration.env_var_to_hold_api_client]&.name || "NameNotFound" + id = request.env[Stitches.configuration.env_var_to_hold_api_client_primary_key] || "IdNotFound" + render json: { hello: "Greetings #{name}, your id is #{id}" } + end +end diff --git a/spec/fake_app/app/controllers/api/v2/pings_controller.rb b/spec/fake_app/app/controllers/api/v2/pings_controller.rb new file mode 100644 index 0000000..0b5c852 --- /dev/null +++ b/spec/fake_app/app/controllers/api/v2/pings_controller.rb @@ -0,0 +1,16 @@ +class Api::V2::PingsController < Api::ApiController + + def create + if ping_params[:error] + render json: { errors: Stitches::Errors.new([ Stitches::Error.new(code: "test", message: ping_params[:error]) ])} , status: 422 + else + render json: { ping: { status_v2: "ok" } }, status: (ping_params[:status] || "201").to_i + end + end + +private + + def ping_params + params.permit(:error, :status) + end +end diff --git a/spec/fake_app/app/controllers/application_controller.rb b/spec/fake_app/app/controllers/application_controller.rb new file mode 100644 index 0000000..09705d1 --- /dev/null +++ b/spec/fake_app/app/controllers/application_controller.rb @@ -0,0 +1,2 @@ +class ApplicationController < ActionController::Base +end diff --git a/spec/fake_app/app/helpers/application_helper.rb b/spec/fake_app/app/helpers/application_helper.rb new file mode 100644 index 0000000..de6be79 --- /dev/null +++ b/spec/fake_app/app/helpers/application_helper.rb @@ -0,0 +1,2 @@ +module ApplicationHelper +end diff --git a/spec/fake_app/app/models/api_client.rb b/spec/fake_app/app/models/api_client.rb new file mode 100644 index 0000000..fe89d56 --- /dev/null +++ b/spec/fake_app/app/models/api_client.rb @@ -0,0 +1,2 @@ +class ApiClient < ActiveRecord::Base +end diff --git a/spec/fake_app/app/models/application_record.rb b/spec/fake_app/app/models/application_record.rb new file mode 100644 index 0000000..10a4cba --- /dev/null +++ b/spec/fake_app/app/models/application_record.rb @@ -0,0 +1,3 @@ +class ApplicationRecord < ActiveRecord::Base + self.abstract_class = true +end diff --git a/spec/fake_app/bin/rails b/spec/fake_app/bin/rails new file mode 100755 index 0000000..6fb4e40 --- /dev/null +++ b/spec/fake_app/bin/rails @@ -0,0 +1,4 @@ +#!/usr/bin/env ruby +APP_PATH = File.expand_path('../config/application', __dir__) +require_relative "../config/boot" +require "rails/commands" diff --git a/spec/fake_app/bin/rake b/spec/fake_app/bin/rake new file mode 100755 index 0000000..4fbf10b --- /dev/null +++ b/spec/fake_app/bin/rake @@ -0,0 +1,4 @@ +#!/usr/bin/env ruby +require_relative "../config/boot" +require "rake" +Rake.application.run diff --git a/spec/fake_app/bin/setup b/spec/fake_app/bin/setup new file mode 100755 index 0000000..5792302 --- /dev/null +++ b/spec/fake_app/bin/setup @@ -0,0 +1,33 @@ +#!/usr/bin/env ruby +require "fileutils" + +# path to your application root. +APP_ROOT = File.expand_path('..', __dir__) + +def system!(*args) + system(*args) || abort("\n== Command #{args} failed ==") +end + +FileUtils.chdir APP_ROOT do + # This script is a way to set up or update your development environment automatically. + # This script is idempotent, so that you can run it at any time and get an expectable outcome. + # Add necessary setup steps to this file. + + puts '== Installing dependencies ==' + system! 'gem install bundler --conservative' + system('bundle check') || system!('bundle install') + + # puts "\n== Copying sample files ==" + # unless File.exist?('config/database.yml') + # FileUtils.cp 'config/database.yml.sample', 'config/database.yml' + # end + + puts "\n== Preparing database ==" + system! 'bin/rails db:prepare' + + puts "\n== Removing old logs and tempfiles ==" + system! 'bin/rails log:clear tmp:clear' + + puts "\n== Restarting application server ==" + system! 'bin/rails restart' +end diff --git a/spec/fake_app/config.ru b/spec/fake_app/config.ru new file mode 100644 index 0000000..4a3c09a --- /dev/null +++ b/spec/fake_app/config.ru @@ -0,0 +1,6 @@ +# This file is used by Rack-based servers to start the application. + +require_relative "config/environment" + +run Rails.application +Rails.application.load_server diff --git a/spec/fake_app/config/application.rb b/spec/fake_app/config/application.rb new file mode 100644 index 0000000..070736c --- /dev/null +++ b/spec/fake_app/config/application.rb @@ -0,0 +1,35 @@ +require_relative "boot" + +require "rails" +# Pick the frameworks you want: +require "active_model/railtie" +require "active_job/railtie" +require "active_record/railtie" +require "active_storage/engine" +require "action_controller/railtie" +# require "action_mailer/railtie" +require "action_mailbox/engine" +require "action_text/engine" +require "action_view/railtie" +# require "action_cable/engine" +require "sprockets/railtie" +require "rails/test_unit/railtie" + +# Require the gems listed in Gemfile, including any gems +# you've limited to :test, :development, or :production. +Bundler.require(*Rails.groups) + +module FakeApp + class Application < Rails::Application + # Initialize configuration defaults for originally generated Rails version. + config.load_defaults 6.0 + + # Configuration for the application, engines, and railties goes here. + # + # These settings can be overridden in specific environments using the files + # in config/environments, which are processed later. + # + # config.time_zone = "Central Time (US & Canada)" + # config.eager_load_paths << Rails.root.join("extras") + end +end diff --git a/spec/fake_app/config/boot.rb b/spec/fake_app/config/boot.rb new file mode 100644 index 0000000..d69bd27 --- /dev/null +++ b/spec/fake_app/config/boot.rb @@ -0,0 +1,3 @@ +ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../Gemfile', __dir__) + +require "bundler/setup" # Set up gems listed in the Gemfile. diff --git a/spec/fake_app/config/credentials.yml.enc b/spec/fake_app/config/credentials.yml.enc new file mode 100644 index 0000000..dbdf1ff --- /dev/null +++ b/spec/fake_app/config/credentials.yml.enc @@ -0,0 +1 @@ +1V1LD3DAIWjwHRquoRQBqr5cV/J7VMKuSfze36/aKJmPKzv5G6vQnrSpybKvTMY1Q29EEL/T3uGjj1wNuCAjh6eGWXXDDLVH85GlXw9qpHulWv36Dnr9xL9OQNvMRCKOrUuR3CJm4A4Fw9qC7zPTSHN2WhcxXNr1wVW1shJEWLW1eUzwRS3c3njC8KK3BCqktQK0MZhM0CryIxbZsi57VY8gZp0FegdOJGw2mASdYj2jGzEdNuyRMvgCOT8sXwgmMC3QV0v95w/M1AS2OqHsO7ndHfymBh8+qmEbHo74+w3aEkZ0Ct+mp49ROH2ZrZFRw9BWZ2T8gamLad3whIOzVGA4XI15hlcJGV9GWdbnHkLCHv9Rj+0Av09asKfJMnWW32yPpO79w88BAEd8I2ZhZNGcFLpYisQljXQA--HOld8JMRchEcQETs--oo5IsQMkFW/wZJKDvyInew== \ No newline at end of file diff --git a/spec/fake_app/config/database.yml b/spec/fake_app/config/database.yml new file mode 100644 index 0000000..4a8a1b2 --- /dev/null +++ b/spec/fake_app/config/database.yml @@ -0,0 +1,25 @@ +# SQLite. Versions 3.8.0 and up are supported. +# gem install sqlite3 +# +# Ensure the SQLite 3 gem is defined in your Gemfile +# gem 'sqlite3' +# +default: &default + adapter: sqlite3 + pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %> + timeout: 5000 + +development: + <<: *default + database: db/development.sqlite3 + +# Warning: The database defined as "test" will be erased and +# re-generated from your development database when you run "rake". +# Do not set this db to the same as development or production. +test: + <<: *default + database: db/test.sqlite3 + +production: + <<: *default + database: db/production.sqlite3 diff --git a/spec/fake_app/config/environment.rb b/spec/fake_app/config/environment.rb new file mode 100644 index 0000000..cac5315 --- /dev/null +++ b/spec/fake_app/config/environment.rb @@ -0,0 +1,5 @@ +# Load the Rails application. +require_relative "application" + +# Initialize the Rails application. +Rails.application.initialize! diff --git a/spec/fake_app/config/environments/development.rb b/spec/fake_app/config/environments/development.rb new file mode 100644 index 0000000..d533da7 --- /dev/null +++ b/spec/fake_app/config/environments/development.rb @@ -0,0 +1,71 @@ +require "active_support/core_ext/integer/time" + +Rails.application.configure do + # Settings specified here will take precedence over those in config/application.rb. + + # In the development environment your application's code is reloaded any time + # it changes. This slows down response time but is perfect for development + # since you don't have to restart the web server when you make code changes. + config.cache_classes = false + + # Do not eager load code on boot. + config.eager_load = false + + # Show full error reports. + config.consider_all_requests_local = true + + # Enable/disable caching. By default caching is disabled. + # Run rails dev:cache to toggle caching. + if Rails.root.join('tmp', 'caching-dev.txt').exist? + config.action_controller.perform_caching = true + config.action_controller.enable_fragment_cache_logging = true + + config.cache_store = :memory_store + config.public_file_server.headers = { + 'Cache-Control' => "public, max-age=#{2.days.to_i}" + } + else + config.action_controller.perform_caching = false + + config.cache_store = :null_store + end + + # Store uploaded files on the local file system (see config/storage.yml for options). + config.active_storage.service = :local + + # Print deprecation notices to the Rails logger. + config.active_support.deprecation = :log + + # Raise exceptions for disallowed deprecations. + config.active_support.disallowed_deprecation = :raise + + # Tell Active Support which deprecation messages to disallow. + config.active_support.disallowed_deprecation_warnings = [] + + # Raise an error on page load if there are pending migrations. + config.active_record.migration_error = :page_load + + # Highlight code that triggered database queries in logs. + config.active_record.verbose_query_logs = true + + # Debug mode disables concatenation and preprocessing of assets. + # This option may cause significant delays in view rendering with a large + # number of complex assets. + config.assets.debug = true + + # Suppress logger output for asset requests. + config.assets.quiet = true + + # Raises error for missing translations. + # config.i18n.raise_on_missing_translations = true + + # Annotate rendered view with file names. + # config.action_view.annotate_rendered_view_with_filenames = true + + # Use an evented file watcher to asynchronously detect changes in source code, + # routes, locales, etc. This feature depends on the listen gem. + # config.file_watcher = ActiveSupport::EventedFileUpdateChecker + + # Uncomment if you wish to allow Action Cable access from any origin. + # config.action_cable.disable_request_forgery_protection = true +end diff --git a/spec/fake_app/config/environments/production.rb b/spec/fake_app/config/environments/production.rb new file mode 100644 index 0000000..d4f8b83 --- /dev/null +++ b/spec/fake_app/config/environments/production.rb @@ -0,0 +1,109 @@ +require "active_support/core_ext/integer/time" + +Rails.application.configure do + # Settings specified here will take precedence over those in config/application.rb. + + # Code is not reloaded between requests. + config.cache_classes = true + + # Eager load code on boot. This eager loads most of Rails and + # your application in memory, allowing both threaded web servers + # and those relying on copy on write to perform better. + # Rake tasks automatically ignore this option for performance. + config.eager_load = true + + # Full error reports are disabled and caching is turned on. + config.consider_all_requests_local = false + config.action_controller.perform_caching = true + + # Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"] + # or in config/master.key. This key is used to decrypt credentials (and other encrypted files). + # config.require_master_key = true + + # Disable serving static files from the `/public` folder by default since + # Apache or NGINX already handles this. + config.public_file_server.enabled = ENV['RAILS_SERVE_STATIC_FILES'].present? + + # Compress CSS using a preprocessor. + # config.assets.css_compressor = :sass + + # Do not fallback to assets pipeline if a precompiled asset is missed. + config.assets.compile = false + + # Enable serving of images, stylesheets, and JavaScripts from an asset server. + # config.asset_host = 'http://assets.example.com' + + # Specifies the header that your server uses for sending files. + # config.action_dispatch.x_sendfile_header = 'X-Sendfile' # for Apache + # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for NGINX + + # Store uploaded files on the local file system (see config/storage.yml for options). + config.active_storage.service = :local + + # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies. + # config.force_ssl = true + + # Include generic and useful information about system operation, but avoid logging too much + # information to avoid inadvertent exposure of personally identifiable information (PII). + config.log_level = :info + + # Prepend all log lines with the following tags. + config.log_tags = [ :request_id ] + + # Use a different cache store in production. + # config.cache_store = :mem_cache_store + + # Use a real queuing backend for Active Job (and separate queues per environment). + # config.active_job.queue_adapter = :resque + # config.active_job.queue_name_prefix = "fake_app_production" + + # Enable locale fallbacks for I18n (makes lookups for any locale fall back to + # the I18n.default_locale when a translation cannot be found). + config.i18n.fallbacks = true + + # Send deprecation notices to registered listeners. + config.active_support.deprecation = :notify + + # Log disallowed deprecations. + config.active_support.disallowed_deprecation = :log + + # Tell Active Support which deprecation messages to disallow. + config.active_support.disallowed_deprecation_warnings = [] + + # Use default logging formatter so that PID and timestamp are not suppressed. + config.log_formatter = ::Logger::Formatter.new + + # Use a different logger for distributed setups. + # require "syslog/logger" + # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new 'app-name') + + if ENV["RAILS_LOG_TO_STDOUT"].present? + logger = ActiveSupport::Logger.new(STDOUT) + logger.formatter = config.log_formatter + config.logger = ActiveSupport::TaggedLogging.new(logger) + end + + # Do not dump schema after migrations. + config.active_record.dump_schema_after_migration = false + + # Inserts middleware to perform automatic connection switching. + # The `database_selector` hash is used to pass options to the DatabaseSelector + # middleware. The `delay` is used to determine how long to wait after a write + # to send a subsequent read to the primary. + # + # The `database_resolver` class is used by the middleware to determine which + # database is appropriate to use based on the time delay. + # + # The `database_resolver_context` class is used by the middleware to set + # timestamps for the last write to the primary. The resolver uses the context + # class timestamps to determine how long to wait before reading from the + # replica. + # + # By default Rails will store a last write timestamp in the session. The + # DatabaseSelector middleware is designed as such you can define your own + # strategy for connection switching and pass that into the middleware through + # these configuration options. + # config.active_record.database_selector = { delay: 2.seconds } + # config.active_record.database_resolver = ActiveRecord::Middleware::DatabaseSelector::Resolver + # config.active_record.database_resolver_context = ActiveRecord::Middleware::DatabaseSelector::Resolver::Session +end diff --git a/spec/fake_app/config/environments/test.rb b/spec/fake_app/config/environments/test.rb new file mode 100644 index 0000000..98af655 --- /dev/null +++ b/spec/fake_app/config/environments/test.rb @@ -0,0 +1,52 @@ +require "active_support/core_ext/integer/time" + +# The test environment is used exclusively to run your application's +# test suite. You never need to work with it otherwise. Remember that +# your test database is "scratch space" for the test suite and is wiped +# and recreated between test runs. Don't rely on the data there! + +Rails.application.configure do + # Settings specified here will take precedence over those in config/application.rb. + + config.cache_classes = true + + # Do not eager load code on boot. This avoids loading your whole application + # just for the purpose of running a single test. If you are using a tool that + # preloads Rails for running tests, you may have to set it to true. + config.eager_load = false + + # Configure public file server for tests with Cache-Control for performance. + config.public_file_server.enabled = true + config.public_file_server.headers = { + 'Cache-Control' => "public, max-age=#{1.hour.to_i}" + } + + # Show full error reports and disable caching. + config.consider_all_requests_local = true + config.action_controller.perform_caching = false + config.cache_store = :null_store + + # Raise exceptions instead of rendering exception templates. + config.action_dispatch.show_exceptions = false + + # Disable request forgery protection in test environment. + config.action_controller.allow_forgery_protection = false + + # Store uploaded files on the local file system in a temporary directory. + config.active_storage.service = :test + + # Print deprecation notices to the stderr. + config.active_support.deprecation = :stderr + + # Raise exceptions for disallowed deprecations. + config.active_support.disallowed_deprecation = :raise + + # Tell Active Support which deprecation messages to disallow. + config.active_support.disallowed_deprecation_warnings = [] + + # Raises error for missing translations. + # config.i18n.raise_on_missing_translations = true + + # Annotate rendered view with file names. + # config.action_view.annotate_rendered_view_with_filenames = true +end diff --git a/spec/fake_app/config/initializers/assets.rb b/spec/fake_app/config/initializers/assets.rb new file mode 100644 index 0000000..fe48fc3 --- /dev/null +++ b/spec/fake_app/config/initializers/assets.rb @@ -0,0 +1,12 @@ +# Be sure to restart your server when you modify this file. + +# Version of your assets, change this if you want to expire all your assets. +Rails.application.config.assets.version = '1.0' + +# Add additional assets to the asset load path. +# Rails.application.config.assets.paths << Emoji.images_path + +# Precompile additional assets. +# application.js, application.css, and all non-JS/CSS in the app/assets +# folder are already added. +# Rails.application.config.assets.precompile += %w( admin.js admin.css ) diff --git a/spec/fake_app/config/initializers/cookies_serializer.rb b/spec/fake_app/config/initializers/cookies_serializer.rb new file mode 100644 index 0000000..5a6a32d --- /dev/null +++ b/spec/fake_app/config/initializers/cookies_serializer.rb @@ -0,0 +1,5 @@ +# Be sure to restart your server when you modify this file. + +# Specify a serializer for the signed and encrypted cookie jars. +# Valid options are :json, :marshal, and :hybrid. +Rails.application.config.action_dispatch.cookies_serializer = :json diff --git a/spec/fake_app/config/initializers/filter_parameter_logging.rb b/spec/fake_app/config/initializers/filter_parameter_logging.rb new file mode 100644 index 0000000..4b34a03 --- /dev/null +++ b/spec/fake_app/config/initializers/filter_parameter_logging.rb @@ -0,0 +1,6 @@ +# Be sure to restart your server when you modify this file. + +# Configure sensitive parameters which will be filtered from the log file. +Rails.application.config.filter_parameters += [ + :passw, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn +] diff --git a/spec/fake_app/config/initializers/stitches.rb b/spec/fake_app/config/initializers/stitches.rb new file mode 100644 index 0000000..f437ea3 --- /dev/null +++ b/spec/fake_app/config/initializers/stitches.rb @@ -0,0 +1,24 @@ +require 'stitches' + +Stitches.configure do |configuration| + # Regexp of urls that do not require ApiKeys or valid, versioned mime types + configuration.allowlist_regexp = %r{\A/(resque|docs|assets)(\Z|/.*\Z)} + + # Name of the custom Authorization scheme. See http://www.ietf.org/rfc/rfc2617.txt for details, + # but generally should be a string with no spaces or special characters. + configuration.custom_http_auth_scheme = "CustomKeyAuth" + + # Env var that gets the primary key of the authenticated ApiKey + # for access in your controllers, so they don't need to re-parse the header + # configuration.env_var_to_hold_api_client_primary_key = "YOUR_ENV_VAR" + + # Configures how long to cache ApiKeys in memory (In Seconds) + # A value of 0 will disable the cache entierly + # Default is 0 + # configuration.max_cache_ttl = 5 + + # Configures how many ApiKeys to cache at one time + # This should be larger then the number of clients + # Default is 0 + # configuration.max_cache_size = 100 +end diff --git a/spec/fake_app/config/locales/en.yml b/spec/fake_app/config/locales/en.yml new file mode 100644 index 0000000..cf9b342 --- /dev/null +++ b/spec/fake_app/config/locales/en.yml @@ -0,0 +1,33 @@ +# Files in the config/locales directory are used for internationalization +# and are automatically loaded by Rails. If you want to use locales other +# than English, add the necessary files in this directory. +# +# To use the locales, use `I18n.t`: +# +# I18n.t 'hello' +# +# In views, this is aliased to just `t`: +# +# <%= t('hello') %> +# +# To use a different locale, set it with `I18n.locale`: +# +# I18n.locale = :es +# +# This would use the information in config/locales/es.yml. +# +# The following keys must be escaped otherwise they will not be retrieved by +# the default I18n backend: +# +# true, false, on, off, yes, no +# +# Instead, surround them with single quotes. +# +# en: +# 'true': 'foo' +# +# To learn more, please read the Rails Internationalization guide +# available at https://guides.rubyonrails.org/i18n.html. + +en: + hello: "Hello world" diff --git a/spec/fake_app/config/master.key b/spec/fake_app/config/master.key new file mode 100644 index 0000000..365db27 --- /dev/null +++ b/spec/fake_app/config/master.key @@ -0,0 +1 @@ +a91e4dee79a29b1b046fc275265a713d \ No newline at end of file diff --git a/spec/fake_app/config/puma.rb b/spec/fake_app/config/puma.rb new file mode 100644 index 0000000..d9b3e83 --- /dev/null +++ b/spec/fake_app/config/puma.rb @@ -0,0 +1,43 @@ +# Puma can serve each request in a thread from an internal thread pool. +# The `threads` method setting takes two numbers: a minimum and maximum. +# Any libraries that use thread pools should be configured to match +# the maximum value specified for Puma. Default is set to 5 threads for minimum +# and maximum; this matches the default thread size of Active Record. +# +max_threads_count = ENV.fetch("RAILS_MAX_THREADS") { 5 } +min_threads_count = ENV.fetch("RAILS_MIN_THREADS") { max_threads_count } +threads min_threads_count, max_threads_count + +# Specifies the `worker_timeout` threshold that Puma will use to wait before +# terminating a worker in development environments. +# +worker_timeout 3600 if ENV.fetch("RAILS_ENV", "development") == "development" + +# Specifies the `port` that Puma will listen on to receive requests; default is 3000. +# +port ENV.fetch("PORT") { 3000 } + +# Specifies the `environment` that Puma will run in. +# +environment ENV.fetch("RAILS_ENV") { "development" } + +# Specifies the `pidfile` that Puma will use. +pidfile ENV.fetch("PIDFILE") { "tmp/pids/server.pid" } + +# Specifies the number of `workers` to boot in clustered mode. +# Workers are forked web server processes. If using threads and workers together +# the concurrency of the application would be max `threads` * `workers`. +# Workers do not work on JRuby or Windows (both of which do not support +# processes). +# +# workers ENV.fetch("WEB_CONCURRENCY") { 2 } + +# Use the `preload_app!` method when specifying a `workers` number. +# This directive tells Puma to first boot the application and load code +# before forking the application. This takes advantage of Copy On Write +# process behavior so workers use less memory. +# +# preload_app! + +# Allow puma to be restarted by `rails restart` command. +plugin :tmp_restart diff --git a/spec/fake_app/config/routes.rb b/spec/fake_app/config/routes.rb new file mode 100644 index 0000000..9edabcf --- /dev/null +++ b/spec/fake_app/config/routes.rb @@ -0,0 +1,17 @@ +Rails.application.routes.draw do + # For details on the DSL available within this file, see https://guides.rubyonrails.org/routing.html +namespace :api do + scope module: :v1, constraints: Stitches::ApiVersionConstraint.new(1) do + resource 'ping', only: [ :create ] + resource 'hellos' + # Add your V1 resources here + end + scope module: :v2, constraints: Stitches::ApiVersionConstraint.new(2) do + resource 'ping', only: [ :create ] + resource 'hellos' + # This is here simply to validate that versioning is working + # as well as for your client to be able to validate this as well. + end +end + +end diff --git a/spec/fake_app/config/storage.yml b/spec/fake_app/config/storage.yml new file mode 100644 index 0000000..d32f76e --- /dev/null +++ b/spec/fake_app/config/storage.yml @@ -0,0 +1,34 @@ +test: + service: Disk + root: <%= Rails.root.join("tmp/storage") %> + +local: + service: Disk + root: <%= Rails.root.join("storage") %> + +# Use rails credentials:edit to set the AWS secrets (as aws:access_key_id|secret_access_key) +# amazon: +# service: S3 +# access_key_id: <%= Rails.application.credentials.dig(:aws, :access_key_id) %> +# secret_access_key: <%= Rails.application.credentials.dig(:aws, :secret_access_key) %> +# region: us-east-1 +# bucket: your_own_bucket + +# Remember not to checkin your GCS keyfile to a repository +# google: +# service: GCS +# project: your_project +# credentials: <%= Rails.root.join("path/to/gcs.keyfile") %> +# bucket: your_own_bucket + +# Use rails credentials:edit to set the Azure Storage secret (as azure_storage:storage_access_key) +# microsoft: +# service: AzureStorage +# storage_account_name: your_account_name +# storage_access_key: <%= Rails.application.credentials.dig(:azure_storage, :storage_access_key) %> +# container: your_container_name + +# mirror: +# service: Mirror +# primary: local +# mirrors: [ amazon, google, microsoft ] diff --git a/spec/fake_app/db/development.sqlite3 b/spec/fake_app/db/development.sqlite3 new file mode 100644 index 0000000..89201f2 Binary files /dev/null and b/spec/fake_app/db/development.sqlite3 differ diff --git a/spec/fake_app/db/migrate/20210802153118_enable_uuid_ossp_extension.rb b/spec/fake_app/db/migrate/20210802153118_enable_uuid_ossp_extension.rb new file mode 100644 index 0000000..4603789 --- /dev/null +++ b/spec/fake_app/db/migrate/20210802153118_enable_uuid_ossp_extension.rb @@ -0,0 +1,7 @@ + +class EnableUuidOsspExtension < ActiveRecord::Migration[6.1] + + def change + enable_extension 'uuid-ossp' + end +end diff --git a/spec/fake_app/db/migrate/20210802153119_create_api_clients.rb b/spec/fake_app/db/migrate/20210802153119_create_api_clients.rb new file mode 100644 index 0000000..f672682 --- /dev/null +++ b/spec/fake_app/db/migrate/20210802153119_create_api_clients.rb @@ -0,0 +1,14 @@ + +class CreateApiClients < ActiveRecord::Migration[6.1] + + def change + create_table :api_clients do |t| + t.string :name, null: false + t.column :key, "uuid default uuid_generate_v4()", null: false + t.column :enabled, :bool, null: false, default: true + t.column :created_at, "timestamp with time zone default now()", null: false + end + add_index :api_clients, [:name] + add_index :api_clients, [:key], unique: true + end +end diff --git a/spec/fake_app/db/schema_missing_disabled_at.rb b/spec/fake_app/db/schema_missing_disabled_at.rb new file mode 100644 index 0000000..7eaf60d --- /dev/null +++ b/spec/fake_app/db/schema_missing_disabled_at.rb @@ -0,0 +1,12 @@ +ActiveRecord::Schema.define do + self.verbose = false + + create_table :api_clients, :force => true do |t| + t.string :name, null: false + t.column :key, "uuid", null: false + t.column :enabled, :bool, null: false, default: true + t.column :created_at, "timestamp with time zone", null: false + end + add_index :api_clients, [:name] + add_index :api_clients, [:key], unique: true +end diff --git a/spec/fake_app/db/schema_missing_enabled.rb b/spec/fake_app/db/schema_missing_enabled.rb new file mode 100644 index 0000000..9814442 --- /dev/null +++ b/spec/fake_app/db/schema_missing_enabled.rb @@ -0,0 +1,11 @@ +ActiveRecord::Schema.define do + self.verbose = false + + create_table :api_clients, :force => true do |t| + t.string :name, null: false + t.column :key, "uuid", null: false + t.column :created_at, "timestamp with time zone", null: false + end + add_index :api_clients, [:name], unique: true + add_index :api_clients, [:key], unique: true +end diff --git a/spec/fake_app/db/schema_modern.rb b/spec/fake_app/db/schema_modern.rb new file mode 100644 index 0000000..31d000d --- /dev/null +++ b/spec/fake_app/db/schema_modern.rb @@ -0,0 +1,13 @@ +ActiveRecord::Schema.define do + self.verbose = false + + create_table :api_clients, :force => true do |t| + t.string :name, null: false + t.column :key, "uuid", null: false + t.column :enabled, :bool, null: false, default: true + t.column :created_at, "timestamp with time zone", null: false + t.column :disabled_at, "timestamp with time zone", null: true + end + add_index :api_clients, [:name] + add_index :api_clients, [:key], unique: true +end diff --git a/spec/fake_app/db/seeds.rb b/spec/fake_app/db/seeds.rb new file mode 100644 index 0000000..f3a0480 --- /dev/null +++ b/spec/fake_app/db/seeds.rb @@ -0,0 +1,7 @@ +# This file should contain all the record creation needed to seed the database with its default values. +# The data can then be loaded with the bin/rails db:seed command (or created alongside the database with db:setup). +# +# Examples: +# +# movies = Movie.create([{ name: 'Star Wars' }, { name: 'Lord of the Rings' }]) +# Character.create(name: 'Luke', movie: movies.first) diff --git a/spec/fake_app/db/test.sqlite3 b/spec/fake_app/db/test.sqlite3 new file mode 100644 index 0000000..e69de29 diff --git a/spec/fake_app/doc/api.md b/spec/fake_app/doc/api.md new file mode 100644 index 0000000..26fa90d --- /dev/null +++ b/spec/fake_app/doc/api.md @@ -0,0 +1,4 @@ +Apitome Documentation +===================== + +This file was automatically generated, and can be found at `doc/api.md`. diff --git a/spec/fake_app/lib/tasks/generate_api_key.rake b/spec/fake_app/lib/tasks/generate_api_key.rake new file mode 100644 index 0000000..a8d6a99 --- /dev/null +++ b/spec/fake_app/lib/tasks/generate_api_key.rake @@ -0,0 +1,10 @@ +desc "Generates a new API Key. Requires a name, e.g. rake generate_api_key[YOUR_APP_NAME_HERE]" +task :generate_api_key, [:name] => :environment do |t, args| + fail "You must provide a name" unless args.name + api_client = ::ApiClient.create!(name: args.name) + api_client.reload + puts "Your key is #{api_client.key}" + puts + puts "You can test it via curl:" + puts "curl -v -X POST -H 'Accept: application/json; version=1' -H 'Content-type: application/json; version=1' -H 'Authorization: CustomKeyAuth key=#{api_client.key}' https://your_app.herokuapp.com/api/ping" +end diff --git a/spec/fake_app/public/404.html b/spec/fake_app/public/404.html new file mode 100644 index 0000000..2be3af2 --- /dev/null +++ b/spec/fake_app/public/404.html @@ -0,0 +1,67 @@ + + +
+You may have mistyped the address or the page may have moved.
+If you are the application owner check the logs for more information.
+Maybe you tried to change something you didn't have access to.
+If you are the application owner check the logs for more information.
+If you are the application owner check the logs for more information.
+