From f39bd24bea3aa36592149b8a1cde25ad68779c13 Mon Sep 17 00:00:00 2001
From: Gabi <gabrielafijalkowska@gmail.com>
Date: Thu, 20 Jun 2019 12:58:00 +0200
Subject: [PATCH] Build security per request

---
 .../filestack_rails/application_helper.rb     | 19 +++++++++------
 lib/filestack_rails/configuration.rb          |  5 +++-
 spec/helpers/application_helper_spec.rb       | 24 +++++++++++++++++--
 spec/lib/configuration_spec.rb                | 14 +++++++++--
 4 files changed, 50 insertions(+), 12 deletions(-)

diff --git a/app/helpers/filestack_rails/application_helper.rb b/app/helpers/filestack_rails/application_helper.rb
index 8f14bb9..7099478 100644
--- a/app/helpers/filestack_rails/application_helper.rb
+++ b/app/helpers/filestack_rails/application_helper.rb
@@ -82,14 +82,11 @@ def get_client_and_api_key
     end
 
     def get_policy_and_signature
-      if ::Rails.application.config.filestack_rails.security
-        signature = ::Rails.application.config.filestack_rails.security.signature
-        policy = ::Rails.application.config.filestack_rails.security.policy
-      else
-        signature = nil
-        policy = nil
+      if security
+        signature = security.signature
+        policy = security.policy
       end
-      return [signature, policy]
+      [signature, policy]
     end
 
     def get_policy_and_signature_string
@@ -104,5 +101,13 @@ def get_policy_and_signature_string
         "''"
       end
     end
+
+    def security
+      security_options = ::Rails.application.config.filestack_rails.security
+      app_secret = ::Rails.application.config.filestack_rails.app_secret
+
+      return nil unless security_options
+      FilestackSecurity.new(app_secret, options: security_options)
+    end
   end
 end
diff --git a/lib/filestack_rails/configuration.rb b/lib/filestack_rails/configuration.rb
index 7344dc5..af6738f 100644
--- a/lib/filestack_rails/configuration.rb
+++ b/lib/filestack_rails/configuration.rb
@@ -22,8 +22,11 @@ def security=(security_options = {})
       if @app_secret.nil?
         raise 'You must have secret key to use security'
       end
-      @security = FilestackSecurity.new(@app_secret, options: security_options)
+      @security = security_options
     end
 
+    def app_secret
+      @app_secret or nil
+    end
   end
 end
diff --git a/spec/helpers/application_helper_spec.rb b/spec/helpers/application_helper_spec.rb
index 1bd11aa..cd4a5a1 100644
--- a/spec/helpers/application_helper_spec.rb
+++ b/spec/helpers/application_helper_spec.rb
@@ -47,12 +47,15 @@
   end
 
   describe "#get_policy_and_signature_string" do
+    let(:signature) { "signature123" }
+    let(:policy) { "policy321" }
+
     it "returns correct data" do
       allow_any_instance_of(FilestackRails::ApplicationHelper).to receive(:get_policy_and_signature)
-        .and_return(["21312SDFSDF", "4234DSFSDFDSF"])
+        .and_return([:signature, :policy])
 
       expect(get_policy_and_signature_string).to eq(
-        "{\"security\":{\"signature\":\"21312SDFSDF\",\"policy\":\"4234DSFSDFDSF\"}}"
+        {"security":{"signature": :signature, "policy": :policy}}.to_json
       )
     end
 
@@ -60,4 +63,21 @@
       expect(get_policy_and_signature_string).to eq("''")
     end
   end
+
+  describe "#security" do
+    it "returns signature and policy" do
+      allow(Rails.application.config.filestack_rails).to receive(:security)
+        .and_return({call: %w[read store pick stat write], expiry: 60})
+      allow(Rails.application.config.filestack_rails).to receive(:app_secret)
+        .and_return('app_secret123')
+
+      expect(security.policy).to be
+      expect(security.signature).to be
+    end
+
+    it "does not return signature and policy" do
+      allow(::Rails.application.config.filestack_rails).to receive(:security).and_return(nil)
+      expect(security).to be(nil)
+    end
+  end
 end
diff --git a/spec/lib/configuration_spec.rb b/spec/lib/configuration_spec.rb
index d2ae8f7..3a5fa05 100644
--- a/spec/lib/configuration_spec.rb
+++ b/spec/lib/configuration_spec.rb
@@ -32,8 +32,7 @@
     it 'has security' do
       configuration.app_secret = 'somesecret'
       configuration.security = {}
-      expect(configuration.security.policy)
-      expect(configuration.security.signature)
+      expect(configuration.security).to eq({})
     end
 
     it 'has not defined @app_secret' do
@@ -84,4 +83,15 @@
       expect(configuration.expiry).to eq expiry
     end
   end
+
+  describe '#app_secret' do
+    it 'has defined value' do
+      configuration.app_secret = "my app secret"
+      expect(configuration.app_secret).to eq("my app secret")
+    end
+
+    it 'has no @app_secret' do
+      expect(configuration.app_secret).to eq(nil)
+    end
+  end
 end