Download as
Browse Code »

Commit 962b038c104fa77d61847e7079190493271127fe

Authored by Alessandro Beltrão
Committed by Larissa Reis
1 parent 28b32a73
Exists in oauth_external_login and in 1 other branch external_followers

Adding tests to Webfinger Api 

Signed-off-by: Alessandro Caetano <alessandro.caetanob@gmail.com>
Signed-off-by: Thiago Ribeiro <thiagitosouza@gmail.com>
Showing 3 changed files with 79 additions and 30 deletions   Show diff stats
lib/noosfero/api/api.rb
  Diff comments   View file @962b038
@@ -6,6 +6,7 @@ module Noosfero @@ -6,6 +6,7 @@ module Noosfero
6 module API 6 module API
7 7
8 class NoosferoFederation < Grape::API 8 class NoosferoFederation < Grape::API
  9 + helpers APIHelpers
9 before { detect_stuff_by_domain } 10 before { detect_stuff_by_domain }
10 format :json 11 format :json
11 content_type :json, "application/jrd+json" 12 content_type :json, "application/jrd+json"
lib/noosfero/api/federation/webfinger.rb
  Diff comments   View file @962b038
@@ -3,9 +3,9 @@ module Noosfero @@ -3,9 +3,9 @@ module Noosfero
3 module API 3 module API
4 module Federation 4 module Federation
5 class Webfinger < Grape::API 5 class Webfinger < Grape::API
6 - get "webfinger" do 6 + get 'webfinger' do
7 result = generate_jrd 7 result = generate_jrd
8 - present result, :with => Grape::Presenters::Presenter 8 + present result, with: Grape::Presenters::Presenter
9 end 9 end
10 end 10 end
11 end 11 end
@@ -13,62 +13,79 @@ module Noosfero @@ -13,62 +13,79 @@ module Noosfero
13 end 13 end
14 14
15 def generate_jrd 15 def generate_jrd
16 - result = {}  
17 - if valid_domain? && request_acct?  
18 - result = acct_hash  
19 - elsif valid_domain? && valid_uri?(params[:resource])  
20 - result = uri_hash 16 + unless valid_domain?
  17 + not_found!
  18 + Rails.logger.error 'Domain Not Found'
  19 + end
  20 + if request_acct?
  21 + acct_hash
  22 + elsif valid_uri?(params[:resource])
  23 + uri_hash
21 end 24 end
22 end 25 end
23 26
24 -def valid_domain?  
25 - #validate domain if resource have acct 27 +def domain
26 if request_acct? 28 if request_acct?
27 - domain = params[:resource].split("@")[1]  
28 - environment.domains.map(&:name).include? domain 29 + params[:resource].split('@')[1]
29 else 30 else
30 - domain = params[:resource].split("/")[2]  
31 - environment.domains.map(&:name).include? domain 31 + params[:resource].split('/')[2]
32 end 32 end
33 end 33 end
34 34
  35 +def valid_domain?
  36 + environment.domains.map(&:name).include? domain
  37 +end
  38 +
35 def request_acct? 39 def request_acct?
36 - params[:resource].include? "acct:" 40 + params[:resource].include? 'acct:'
37 end 41 end
38 42
39 def acct_hash 43 def acct_hash
40 acct = {} 44 acct = {}
41 acct[:subject] = params[:resource] 45 acct[:subject] = params[:resource]
42 acct[:properties] = Person.find_by_identifier(extract_person_identifier) 46 acct[:properties] = Person.find_by_identifier(extract_person_identifier)
  47 + if acct[:properties].nil?
  48 + Rails.logger.error 'Person not found'
  49 + not_found!
  50 + end
43 acct 51 acct
44 end 52 end
45 53
46 def extract_person_identifier 54 def extract_person_identifier
47 - params[:resource].split("@")[0].split(":")[1] 55 + params[:resource].split('@')[0].split(':')[1]
48 end 56 end
49 57
50 def valid_uri?(url) 58 def valid_uri?(url)
51 uri = URI.parse(url) 59 uri = URI.parse(url)
52 - uri.kind_of?(URI::HTTP)  
53 - rescue URI::BadURIError => ex  
54 - Rails.logger.error "Bad URI Error: #{ex}"  
55 - rescue URI::InvalidURIError => ex  
56 - Rails.logger.error "Invalid URI Error: #{ex}" 60 + if uri.is_a?(URI::HTTP)
  61 + true
  62 + else
  63 + Rails.logger.error 'Bad URI Error'
  64 + not_found!
  65 + end
57 end 66 end
58 67
59 def uri_hash 68 def uri_hash
60 uri = {} 69 uri = {}
61 uri[:subject] = params[:resource] 70 uri[:subject] = params[:resource]
62 - entity = entity_exists?(params[:resource]) 71 + entity = find_entity(params[:resource])
63 id = params[:resource].split('/').last.to_i 72 id = params[:resource].split('/').last.to_i
64 - uri[:properties] = entity.classify.constantize.find(id) 73 + begin
  74 + uri[:properties] = entity.classify.constantize.find(id)
  75 + rescue ActiveRecord::RecordNotFound
  76 + Rails.logger.error "Entity: #{entity} with id: #{id} not found"
  77 + not_found!
  78 + end
65 uri 79 uri
66 end 80 end
67 81
68 -def entity_exists?(uri) 82 +def find_entity(uri)
69 possible_entity = uri.split('/') 83 possible_entity = uri.split('/')
70 - possible_entity.map! {|entity| "#{entity}s"}  
71 - ( ActiveRecord::Base.connection.tables & possible_entity ).first  
72 - rescue ActiveRecord::RecordNotFound => ex  
73 - Rails.logger.error "Entity not found on records: #{ex}" 84 + possible_entity.map! { |entity| "#{entity}s" }
  85 + entity = (ActiveRecord::Base.connection.tables & possible_entity).first
  86 + unless entity
  87 + Rails.logger.error 'Entity not found on records'
  88 + not_found!
  89 + end
  90 + entity
74 end 91 end
test/api/federation/webfinger_test.rb
  Diff comments   View file @962b038
1 require_relative '../test_helper' 1 require_relative '../test_helper'
2 2
3 class WebfingerTest < ActiveSupport::TestCase 3 class WebfingerTest < ActiveSupport::TestCase
4 -  
5 def setup 4 def setup
  5 + Domain.create(name: 'example.com')
  6 + Environment.default.domains << Domain.last
6 login_api 7 login_api
7 end 8 end
8 9
@@ -13,10 +14,40 @@ class WebfingerTest &lt; ActiveSupport::TestCase @@ -13,10 +14,40 @@ class WebfingerTest &lt; ActiveSupport::TestCase
13 assert_equal webfinger['subject'], 'acct:ze@example.com' 14 assert_equal webfinger['subject'], 'acct:ze@example.com'
14 end 15 end
15 16
  17 + should 'not return json when user not found' do
  18 + invalid_user = 'invalid_user_in_url'
  19 + get ".well-known/webfinger?resource=acct%3A#{invalid_user}%40example.com"
  20 + assert_equal 404, last_response.status
  21 + end
  22 +
16 should 'return correct article via webfinger url' do 23 should 'return correct article via webfinger url' do
17 - get '.well-known/webfinger?resource=http://example.com/article/id/1' 24 + a = fast_create(Article, name: 'my article', profile_id: 1)
  25 + a.save
  26 + get ".well-known/webfinger?resource=http://example.com/article/id/#{a.id}"
18 webfinger = JSON.parse(last_response.body) 27 webfinger = JSON.parse(last_response.body)
19 assert_equal 200, last_response.status 28 assert_equal 200, last_response.status
20 - assert_equal webfinger['subject'], 'http://example.com/article/id/1' 29 + assert_equal webfinger['subject'], "http://example.com/article/id/#{a.id}"
  30 + end
  31 +
  32 + should 'not return json when domain is invalid' do
  33 + invalid_domain = 'doest_not_exist.com'
  34 + get ".well-known/webfinger?resource=http://#{invalid_domain}/article/id/1"
  35 + assert_equal 404, last_response.status
  36 + end
  37 +
  38 + should 'not return json when entity is not found' do
  39 + get '.well-known/webfinger?resource=http://example.com/article/id/999999'
  40 + assert_equal 404, last_response.status
  41 + end
  42 +
  43 + should 'not return json when entity does not exist' do
  44 + get '.well-known/webfinger?resource=http://example.com/doest_not_exist/id/1'
  45 + assert_equal 404, last_response.status
  46 + end
  47 +
  48 + should 'not return json when request is not http' do
  49 + not_http_url = 'kkttc://example.com/article/id/1'
  50 + get ".well-known/webfinger?resource=#{not_http_url}"
  51 + assert_equal 404, last_response.status
21 end 52 end
22 end 53 end