Churn: update dependencies and improve tests to fix rubocop warnings

katalyst · Jun 13, 2024 · e58a3e9 · e58a3e9
1 parent 8581b11
commit e58a3e9
Show file tree

Hide file tree

Showing 8 changed files with 197 additions and 181 deletions.
diff --git a/.ruby-version b/.ruby-version
@@ -1 +1 @@
-3.3.1
+3.3.2
diff --git a/Gemfile b/Gemfile
@@ -5,6 +5,7 @@ source "https://rubygems.org"
 # Specify your gem's dependencies in katalyst-basic-auth.gemspec
 gemspec
 
+gem "activesupport"
 gem "rake"
 
 group :development, :test do

diff --git a/Gemfile.lock b/Gemfile.lock
@@ -7,20 +7,40 @@ PATH
 GEM
   remote: https://rubygems.org/
   specs:
+    activesupport (7.1.3.4)
+      base64
+      bigdecimal
+      concurrent-ruby (~> 1.0, >= 1.0.2)
+      connection_pool (>= 2.2.5)
+      drb
+      i18n (>= 1.6, < 2)
+      minitest (>= 5.1)
+      mutex_m
+      tzinfo (~> 2.0)
     ast (2.4.2)
+    base64 (0.2.0)
+    bigdecimal (3.1.8)
+    concurrent-ruby (1.3.3)
+    connection_pool (2.4.1)
     diff-lcs (1.5.1)
+    drb (2.2.1)
+    i18n (1.14.5)
+      concurrent-ruby (~> 1.0)
     json (2.7.2)
     language_server-protocol (3.17.0.3)
-    parallel (1.24.0)
-    parser (3.3.1.0)
+    minitest (5.23.1)
+    mutex_m (0.2.0)
+    parallel (1.25.1)
+    parser (3.3.3.0)
       ast (~> 2.4.1)
       racc
-    racc (1.7.3)
-    rack (3.0.10)
+    racc (1.8.0)
+    rack (3.1.3)
     rainbow (3.1.1)
     rake (13.2.1)
-    regexp_parser (2.9.0)
-    rexml (3.2.6)
+    regexp_parser (2.9.2)
+    rexml (3.3.0)
+      strscan
     rspec (3.13.0)
       rspec-core (~> 3.13.0)
       rspec-expectations (~> 3.13.0)
@@ -30,11 +50,11 @@ GEM
     rspec-expectations (3.13.0)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.13.0)
-    rspec-mocks (3.13.0)
+    rspec-mocks (3.13.1)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.13.0)
     rspec-support (3.13.1)
-    rubocop (1.63.4)
+    rubocop (1.64.1)
       json (~> 2.3)
       language_server-protocol (>= 3.17.0)
       parallel (~> 1.10)
@@ -45,9 +65,12 @@ GEM
       rubocop-ast (>= 1.31.1, < 2.0)
       ruby-progressbar (~> 1.7)
       unicode-display_width (>= 2.4.0, < 3.0)
-    rubocop-ast (1.31.2)
-      parser (>= 3.3.0.4)
+    rubocop-ast (1.31.3)
+      parser (>= 3.3.1.0)
     ruby-progressbar (1.13.0)
+    strscan (3.1.0)
+    tzinfo (2.0.6)
+      concurrent-ruby (~> 1.0)
     unicode-display_width (2.5.0)
 
 PLATFORMS
@@ -56,10 +79,11 @@ PLATFORMS
   x86_64-linux
 
 DEPENDENCIES
+  activesupport
   katalyst-basic-auth!
   rake
   rspec
   rubocop
 
 BUNDLED WITH
-   2.5.9
+   2.5.11
diff --git a/lib/katalyst/basic/auth/config.rb b/lib/katalyst/basic/auth/config.rb
@@ -19,8 +19,8 @@ class << self
           def for_path(path)
             path ||= ROOT_PATH
             all.sort_by(&:path)
-               .reverse
-               .detect { |i| path.match(/^#{i.path}/) } || global
+              .reverse
+              .detect { |i| path.match(/^#{i.path}/) } || global
           end
 
           # @return [Config] The global configuration
@@ -39,7 +39,7 @@ def add(path:, username: nil, password: nil, enabled: nil, ip_allowlist: nil)
               username:     username,
               password:     password,
               enabled:      enabled,
-              ip_allowlist: ip_allowlist
+              ip_allowlist: ip_allowlist,
             )
             all.delete(all.detect { |i| i.path == config.path })
             all << config
@@ -79,7 +79,7 @@ def enabled?
           def enabled_rails_env?
             return false unless rails?
 
-            Rails.env.staging? || Rails.env.uat?
+            %w[staging uat].include?(Rails.env)
           end
 
           def rails?
@@ -107,7 +107,7 @@ def default_password_salt
             if rails? && Rails.application.respond_to?(:secret_key_base)
               Rails.application.secret_key_base
             else
-              ENV["SECRET_KEY_BASE"]
+              ENV.fetch("SECRET_KEY_BASE", nil)
             end
           end
 

diff --git a/spec/katalyst/basic/auth/config_spec.rb b/spec/katalyst/basic/auth/config_spec.rb
@@ -0,0 +1,134 @@
+# frozen_string_literal: true
+
+RSpec.describe Katalyst::Basic::Auth::Config do # rubocop:disable Metrics/BlockLength
+  subject(:config) { described_class.new }
+
+  let(:all_env_settings) do
+    %w[
+      KATALYST_BASIC_AUTH_ENABLED
+      KATALYST_BASIC_AUTH_USER
+      KATALYST_BASIC_AUTH_PASS
+      KATALYST_BASIC_AUTH_IP_ALLOWLIST
+    ]
+  end
+
+  def with_environment(name, value)
+    orig      = ENV.fetch(name, nil)
+    ENV[name] = value
+    yield
+    ENV[name] = orig
+  end
+
+  it "sets username from environment" do
+    with_environment("KATALYST_BASIC_AUTH_USER", "user") do
+      expect(config.username).to eq "user"
+    end
+  end
+
+  it "sets password from environment" do
+    with_environment("KATALYST_BASIC_AUTH_PASS", "pass") do
+      expect(config.password).to eq "pass"
+    end
+  end
+
+  it "sets IP allowlist from the environment" do
+    with_environment("KATALYST_BASIC_AUTH_IP_ALLOWLIST", "192.168.1.0/24") do
+      expect(config.ip_allowlist).to eq([IPAddr.new("192.168.1.0/24")])
+    end
+  end
+
+  it "can be enabled from the environment" do
+    with_environment("KATALYST_BASIC_AUTH_ENABLED", "true") do
+      expect(config).to be_enabled
+    end
+  end
+
+  it "can be disabled from the environment" do
+    with_environment("KATALYST_BASIC_AUTH_ENABLED", "false") do
+      expect(config).not_to be_enabled
+    end
+  end
+
+  context "with a rails environment" do
+    before do
+      stub_const("Rails", DummyRails)
+    end
+
+    it "is disabled in development" do
+      expect(config).not_to be_enabled
+    end
+
+    it "is enabled in staging" do
+      DummyRails.env = "staging"
+      expect(config).to be_enabled
+    end
+
+    it "is enabled in uat" do
+      DummyRails.env = "uat"
+      expect(config).to be_enabled
+    end
+
+    it "is disabled in production" do
+      DummyRails.env = "production"
+      expect(config).not_to be_enabled
+    end
+  end
+
+  context "with default settings" do
+    around do |example|
+      orig_env = ENV.to_h.dup
+      all_env_settings.each { |i| ENV.delete(i) }
+      example.run
+      all_env_settings.each { |i| ENV[i] = orig_env[i] }
+    end
+
+    it "has a default user name" do
+      expect(config.username).to eq "katalyst"
+    end
+
+    it "has a default password" do
+      expect(config.password).to eq "68ccde95e7b6267c"
+    end
+
+    it "has an empty IP allowlist" do
+      expect(config.ip_allowlist).to eq []
+    end
+
+    it "is not enabled" do
+      expect(config).not_to be_enabled
+    end
+  end
+
+  describe "#description" do
+    it "describes basic auth configuration" do
+      expect(described_class.description).to be_a(String)
+    end
+  end
+
+  describe "allow_ip?" do
+    subject(:config) { described_class.new(ip_allowlist: [ip_allowlist]) }
+
+    let(:ip_allowlist) { "192.168.1.0/24" }
+    let(:remote_ip_header) { "REMOTE_ADDR" }
+
+    it { expect(config).to be_allow_ip({ remote_ip_header => "192.168.1.1" }) }
+    it { expect(config).not_to be_allow_ip({ remote_ip_header => "10.0.1.1" }) }
+  end
+
+  describe "#for_path" do
+    let!(:config_a) { described_class.add(path: "/path_a", username: "user_a") }
+    let!(:config_b) { described_class.add(path: "/path_b", username: "user_b") }
+
+    it "matches path a" do
+      expect(described_class.for_path("/path_a/foo/bar.html")).to eq(config_a)
+    end
+
+    it "matches path b" do
+      expect(described_class.for_path("/path_b/foo/bar.html")).to eq(config_b)
+    end
+
+    it "matches the global config" do
+      expect(described_class.for_path("/path_c/foo/bar.html")).to eq(described_class.global)
+    end
+  end
+end
diff --git a/spec/katalyst/basic/middleware_spec.rb → spec/katalyst/basic/auth/middleware_spec.rb b/spec/katalyst/basic/middleware_spec.rb → spec/katalyst/basic/auth/middleware_spec.rb
@@ -3,28 +3,28 @@
 RSpec.describe Katalyst::Basic::Auth::Middleware do # rubocop:disable Metrics/BlockLength
   subject { middleware }
 
-  let(:middleware) { described_class.new(app) }
-  let(:app) do
-    app = Object.new
-    app.define_singleton_method(:call) {}
-    app
-  end
-  let(:basic_auth) do
-    app = Object.new
-    app.define_singleton_method(:call) {}
+  # Create an app instance for call tracking (use 'expect' to verify)
+  def app_stub
+    klass = Class.new
+    klass.define_method(:call) { |_| nil }
+    app = klass.new
+    allow(app).to receive(:call)
     app
   end
+
+  let(:middleware) { described_class.new(app) }
+  let(:app) { app_stub }
+  let(:basic_auth) { app_stub }
+
   let(:env) { { "PATH_INFO" => request_path, "REMOTE_ADDR" => request_ip } }
   let(:request_path) { "/" }
   let(:request_ip) { "127.0.0.1" }
 
   before do
-    allow(app).to receive(:call)
-    allow(basic_auth).to receive(:call)
     allow(Rack::Auth::Basic).to receive(:new).and_return(basic_auth)
   end
 
-  around(:each) do |example|
+  around do |example|
     Katalyst::Basic::Auth::Config.add(path: "/", enabled: true, username: "test", password: "test")
     Katalyst::Basic::Auth::Config.add(path: "/no_auth", enabled: false)
     Katalyst::Basic::Auth::Config.add(path: "/test_path", ip_allowlist: ["192.168.1.0/24"])