require 'spec_helper' describe "Caren", "signature checks" do before do @incorrect_url = "#{Caren::Api.url}/test_with_incorrect_signature" @correct_url = "#{Caren::Api.url}/test_with_correct_signature" @error_url = "#{Caren::Api.url}/test_with_errors" FakeWeb.register_uri(:get, @incorrect_url, :body => "TEST", :signature => "[INCORRECT]" ) FakeWeb.register_uri(:post, @incorrect_url, :body => "TEST", :signature => "[INCORRECT]" ) FakeWeb.register_uri(:put, @incorrect_url, :body => "TEST", :signature => "[INCORRECT]" ) FakeWeb.register_uri(:delete, @incorrect_url, :body => "TEST", :signature => "[INCORRECT]" ) FakeWeb.register_uri(:get, @correct_url, :body => "TEST", :signature => Caren::Api.sign("TEST") ) FakeWeb.register_uri(:post, @correct_url, :body => "TEST", :signature => Caren::Api.sign("TEST") ) FakeWeb.register_uri(:put, @correct_url, :body => "TEST", :signature => Caren::Api.sign("TEST") ) FakeWeb.register_uri(:delete, @correct_url, :body => "TEST", :signature => Caren::Api.sign("TEST") ) errors = File.read "spec/fixtures/caren_care_provider_validation.xml" unauth = File.read "spec/fixtures/caren_unauthorized.xml" FakeWeb.register_uri(:get, @error_url, :status => 406, :body => errors, :signature => Caren::Api.sign(errors) ) FakeWeb.register_uri(:post, @error_url, :status => 406, :body => errors, :signature => Caren::Api.sign(errors) ) FakeWeb.register_uri(:put, @error_url, :status => 406, :body => errors, :signature => Caren::Api.sign(errors) ) FakeWeb.register_uri(:delete, @error_url, :status => 403, :body => unauth, :signature => Caren::Api.sign(unauth) ) end it "should not accept result swith an incorrect signature" do lambda{ Caren::Api.get @incorrect_url }.should raise_error lambda{ Caren::Api.post @incorrect_url, "" }.should raise_error lambda{ Caren::Api.put @incorrect_url, "" }.should raise_error lambda{ Caren::Api.delete @incorrect_url }.should raise_error end it "should accept results with a correct signature" do lambda{ Caren::Api.get @correct_url }.should_not raise_error lambda{ Caren::Api.post @correct_url, "" }.should_not raise_error lambda{ Caren::Api.put @correct_url, "" }.should_not raise_error lambda{ Caren::Api.delete @correct_url }.should_not raise_error end it "should be able to handle server side errors" do lambda{ Caren::Api.get @error_url }.should raise_error(Caren::Exceptions::ServerSideError) lambda{ Caren::Api.put @error_url, "" }.should raise_error(Caren::Exceptions::ServerSideError) lambda{ Caren::Api.post @error_url, "" }.should raise_error(Caren::Exceptions::ServerSideError) lambda{ Caren::Api.delete @error_url }.should raise_error(Caren::Exceptions::ServerSideError) end it "should be able to handle authorization errors" do begin Caren::Api.delete @error_url rescue Caren::Exceptions::ServerSideError => e e.errors.should have(1).things e.errors.first.class.should == Caren::Error e.errors.first.category.should == "unauthorized" e.errors.first.message.should == "You are not allowed to perform this action." end end it "should be able to handle validation errors" do begin Caren::Api.get @error_url rescue Caren::Exceptions::ServerSideError => e e.errors.should have(1).things e.errors.first.class.should == Caren::ValidationError e.errors.first.message.should == "has already been taken" e.errors.first.field.should == :url_shortcut e.errors.first.to_s.should == "`url_shortcut` has already been taken" end end end