├── .gitignore
├── .travis.yml
├── CHANGELOG.md
├── README.md
├── lib
    ├── main.js
    ├── remotestorage-server.js
    ├── requests.js
    └── scopes.js
├── package.json
└── test
    ├── basics.js
    ├── main.js
    ├── requests.js
    └── scopes.js


/.gitignore:
--------------------------------------------------------------------------------
1 | node_modules
2 | 


--------------------------------------------------------------------------------
/.travis.yml:
--------------------------------------------------------------------------------
1 | language: node_js
2 | node_js:
3 |   - 0.10
4 | branches:
5 |   only:
6 |     - master
7 | script: npm install && npm test
8 | 


--------------------------------------------------------------------------------
/CHANGELOG.md:
--------------------------------------------------------------------------------
 1 | # 0.5.11 (Oct 2014)
 2 | * add backdoor for initializing data like web-authoring apps
 3 | 
 4 | # 0.5.10 (Sep 2014)
 5 | * make draft-dejong-remotestorage-04 (rc3) the default behavior
 6 | 
 7 | # 0.5.9 (Jun 2014)
 8 | * fix two mistakes in the empty-folder implementation
 9 | 
10 | # 0.5.8 (Jun 2014)
11 | * add support for draft-dejong-remotestorage-03
12 | * fix tests
13 | 
14 | # 0.5.7 (May 2014)
15 | * fix cases where requests stayed pending without being serviced
16 | 
17 | # 0.5.6 (Apr 2014)
18 | * fix folder revisions
19 | 
20 | # 0.5.5 (Feb 2014)
21 | * fix bug with attaching > 1 listener to res.on('end')
22 | 
23 | # 0.5.4 (Feb 2014)
24 | * fix bug in makeScopePaths function
25 | 
26 | # 0.5.3 (Feb 2014)
27 | * fix contentTypes were still stored as strings instead of Buffers
28 | 
29 | # 0.5.2 (Feb 2014)
30 | * fix revisions were still stored as strings instead of Buffers
31 | 
32 | # 0.5.1 (Feb 2014)
33 | * store only Buffers in the dataStore
34 | 
35 | # 0.5.0 (Feb 2014)
36 | * safely handle execution of concurrent http requests
37 | 
38 | # 0.4.1 (Feb 2014)
39 | * fix bug in README code example
40 | 
41 | # 0.4.0 (Feb 2014)
42 | * partition tokenStore and dataStore per user
43 | 
44 | # 0.3.2 (Feb 2014)
45 | * more efficient document existence ,based on revision instead content
46 | * fix webfinger for legacy spec versions
47 | 
48 | # 0.3.1 (Feb 2014)
49 | * avoid duplicate storage of revisions in folder listings
50 | 
51 | # 0.3.0 (Feb 2014)
52 | * receive PUT body as buffer
53 | * use sha1 for generating ETags
54 | 
55 | # 0.2.4 (Feb 2014)
56 | * error checking
57 | 
58 | # 0.2.3 (Feb 2014)
59 | * no body and no Content-Length header in 304 responses
60 | 
61 | # 0.2.2 (Feb 2014)
62 | * add WWW-Authenticate header
63 | 
64 | # 0.2.1 (Feb 2014)
65 | * adapt headers to reStore specs
66 | 
67 | # 0.2.0 (Feb 2014)
68 | * switch to constructors`
69 | 
70 | # 0.1.8 (Feb 2014)
71 | * switch to node-style callbacks: `doSomething(a, function(err, data) { ... });`
72 | 
73 | # 0.1.7 (Jan 2014)
74 | * add support for -00 and -01 webfinger formats
75 | 
76 | # 0.1.0-pre .. 0.1.6-pre
77 | very early versions
78 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # remotestorage-server
 2 | 
 3 | The remoteStorage core from https://github.com/remotestorage/starter-kit
 4 | 
 5 | [![Build Status](https://secure.travis-ci.org/remotestorage/remotestorage-server.png)](http://travis-ci.org/remotestorage/remotestorage-server)
 6 | [![devDependency Status](https://david-dm.org/remotestorage/remotestorage-server/dev-status.png)](https://david-dm.org/remotestorage/remotestorage-server#info=devDependencies)
 7 | [![Code Climate](https://codeclimate.com/github/remotestorage/remotestorage-server.png)](https://codeclimate.com/github/remotestorage/remotestorage-server)
 8 | 
 9 | # Interface
10 | 
11 | ````js
12 | var remotestorageServer = require('remotestorage-server'), fs = require('fs'), https = require('https');
13 | var specVersion = 'draft-dejong-remotestorage-02';
14 | 
15 | // Set up the token store, this is responsible for storing OAuth tokens
16 | var tokenStore = {
17 |     _data: {},
18 |     get: function(username, token, cb) {
19 |         cb(null, this._data[username+':'+token]);
20 |     },
21 |     set: function(username, token, scopes, cb) {
22 |         this._data[username+':'+token] = scopes; 
23 |         cb(null); 
24 |     }
25 | };
26 | // Set up the data store, this is responsible for storing the files saved on the RemoteStorage server
27 | var dataStore =  {
28 |     _data: {},
29 |     get: function(username, key, cb) {
30 |         cb(null, this._data[username + ':' + key]);
31 |     },
32 |     set: function(username, key, buf, cb) {
33 |         this._data[username + ':' + key] = buf;
34 |         cb(null);
35 |     }
36 | };
37 | 
38 | var serverInstance = new RemotestorageServer(specVersion, tokenStore, dataStore);
39 | var httpsConfig = {
40 |     key: fs.readFileSync('./tls.key'),
41 |     cert: fs.readFileSync('./tls.cert'),
42 |     ca: fs.readFileSync('./ca.pem')
43 |   };
44 | 
45 | //add access tokens (you would typically do this from an ajax call in your OAuth dialog):
46 | tokenStore._data['me:SECRET'] = serverInstance.makeScopePaths(['tasks:rw', 'contacts:r']);
47 | tokenStore._data['me:GOD'] = serverInstance.makeScopePaths(['*:rw']);
48 | //serve storage:
49 | https.createServer(httpsConfig, serverInstance.storage).listen(8000);
50 |     
51 | //get the link for including in your webfinger record:
52 | var link = remotestorageServer.getWebfingerLink('https', 'example.com', 8000, 'me', 'https://example.com/auth/me');
53 | ````
54 | 
55 | You will also need:
56 | 
57 | * a webfinger server, serving your webfinger record on path `/.well-known/webfinger` on port 443 (or on port 80 when testing on localhost).
58 | * an html page which serves as an OAuth dialog
59 | 
60 | See https://github.com/remotestorage/starter-kit for an examples of both.
61 | 


--------------------------------------------------------------------------------
/lib/main.js:
--------------------------------------------------------------------------------
  1 | var sha1 = require('sha1');
  2 | 
  3 | module.exports = function(dataStore) {
  4 |   this.dataStore = dataStore;
  5 | };
  6 | 
  7 | module.exports.prototype.condMet = function(cond, username, path, cb) {
  8 |   this.getRevision(username, path, function(err, revision) {
  9 |     var i, found;
 10 |     if (err) {
 11 |       cb(err);
 12 |       return;
 13 |     }
 14 |     if (cond.ifNoneMatch === '*') {//if-none-match is either '*'...
 15 |       if (typeof(revision) !== 'undefined') {
 16 |         cb(err, false);
 17 |         return;
 18 |       }
 19 |     } else if (cond.ifNoneMatch && typeof(revision) !== 'undefined') {//or a comma-separated list of etags
 20 |       for (i=0; i<cond.ifNoneMatch.length; i++) {
 21 |         if(cond.ifNoneMatch[i].toString('utf-8') === revision.toString('utf-8')) {
 22 |           cb(err, false);
 23 |           return;
 24 |         }
 25 |       }
 26 |     }
 27 |     if (cond.ifMatch) {
 28 |       if (Buffer.isBuffer(revision)) {
 29 |         for (i=0; i<cond.ifMatch.length; i++) {
 30 |           if (cond.ifMatch[i].toString('utf-8') === revision.toString('utf-8')) {
 31 |             found = true;
 32 |           }
 33 |         }
 34 |       }
 35 |       if (!found) {
 36 |         cb(err, false);
 37 |         return;
 38 |       }
 39 |     }
 40 |     cb(err, true);
 41 |   }.bind(this));
 42 | };
 43 | module.exports.prototype.revisionsToMap = function(revisions, username, path, cb) {
 44 |   var i, items = {}, todo = 1, error, errorSent;
 45 |   function doneOne() {
 46 |     if (error) {
 47 |       if (!errorSent) {
 48 |         cb(error);
 49 |         errorSent = true;
 50 |       }
 51 |       return;
 52 |     }
 53 |     todo--;
 54 |     if (todo === 0) {
 55 |       cb(null, {
 56 |         '@context': 'http://remotestorage.io/spec/folder-description',
 57 |         items: items
 58 |       });
 59 |     }
 60 |   }
 61 |   for (i in revisions) {
 62 |     items[i] = { ETag: revisions[i] };
 63 |     items[i] = { ETag: revisions[i].toString() };
 64 |     if (i.substr(-1) !== '/') {
 65 |       todo++;
 66 |       (function(captureI) {
 67 |         this.getContentType(username, path + captureI, function(err, value) {
 68 |           if (err) {
 69 |             error = err;
 70 |             return;
 71 |           }
 72 |           items[captureI]['Content-Type'] = value.toString('utf-8');
 73 |           doneOne.bind(this)();
 74 |         });
 75 |       }.bind(this))(i);
 76 |       todo++;
 77 |       (function(captureI) {
 78 |         this.getContentLength(username, path + captureI, function(err, value) {
 79 |           if (err) {
 80 |             error = err;
 81 |             return;
 82 |           }
 83 |           items[captureI]['Content-Length'] = value;
 84 |           doneOne();
 85 |         });
 86 |       }.bind(this))(i);
 87 |     }
 88 |   }
 89 |   doneOne();
 90 | };
 91 | module.exports.prototype.getFolderDescription = function(username, path, folderFormat, cb) {
 92 |   this.getContent(username, path, function(err, content) {
 93 |     var i, itemNames, revisions = {}, todo = 1, error, errorSent;
 94 |     if (content) {
 95 |       try {
 96 |         itemNames = JSON.parse(content);
 97 |       } catch(e) {
 98 |         cb(e);
 99 |         return;
100 |       }
101 |     } else {//empty folder
102 |       if (folderFormat === 'map') {
103 |         this.revisionsToMap({}, username, path, cb);
104 |       } else {
105 |         cb(err, {});
106 |       }
107 |       return;
108 |     }
109 |     function doneOne() {
110 |       if (error) {
111 |         if (!errorSent) {
112 |           cb(error);
113 |           errorSent = true;
114 |         }
115 |         return;
116 |       }
117 |       todo--;
118 |       if (todo === 0) {
119 |         if (folderFormat === 'map') {
120 |           this.revisionsToMap(revisions, username, path, cb);
121 |         } else {
122 |           cb(err, revisions);
123 |         }
124 |       }
125 |     }
126 |     for (i in itemNames) {
127 |       todo++;
128 |       (function(captureI) {
129 |         this.getRevision(username, path+captureI, function(err, revision) {
130 |           if (err) {
131 |             error = err;
132 |             return;
133 |           }
134 |           revisions[captureI] = revision.toString('utf-8');
135 |           doneOne.bind(this)();
136 |         }.bind(this));
137 |       }.bind(this))(i);
138 |     }
139 |     doneOne.bind(this)();
140 |   }.bind(this));
141 | };
142 | module.exports.prototype.exists = function(username, path, cb) {
143 |   this.dataStore.get(username, 'revision:' + path, function(err, content) {
144 |     if (err) {
145 |       cb(err);
146 |       return;
147 |     }
148 |     cb(err, (typeof(content) !== 'undefined'));
149 |   });
150 | };
151 | module.exports.prototype.getContent = function(username, path, cb) {
152 |   this.dataStore.get(username, 'content:' + path, cb);
153 | };
154 | module.exports.prototype.getContentType = function(username, path, cb) {
155 |   this.dataStore.get(username, 'contentType:' + path, cb);
156 | };
157 | module.exports.prototype.getContentLength = function(username, path, cb) {
158 |   this.dataStore.get(username, 'content:' + path, function(err, buf) {
159 |     if (err) {
160 |       cb(err);
161 |       return;
162 |     }
163 |     if (buf) {
164 |       cb(err, buf.length);
165 |     } else {
166 |       cb(err);
167 |     }
168 |   });
169 | };
170 | module.exports.prototype.getRevision = function(username, path, cb) {
171 |   this.dataStore.get(username, 'revision:' + path, function(err, revision) {
172 |     if (err) {
173 |       cb(err);
174 |       return;
175 |     }
176 |     if (revision) {
177 |       cb(err, revision);
178 |     } else if (path.substr(-1) === '/') {
179 |       cb(err, new Buffer('empty-folder', 'utf-8'));
180 |     } else {
181 |       cb(err);
182 |     }
183 |   });
184 | };
185 | module.exports.prototype.setParents = function(username, pathParts, fileItself, revision, cb) {
186 |   if (pathParts.length <= 1) {
187 |     cb();
188 |   } else {
189 |     var thisPart = pathParts.pop();
190 |     if(fileItself) {
191 |       fileItself = false;
192 |     } else {
193 |       thisPart += '/';
194 |     }
195 |     this.dataStore.get(username, 'content:' + pathParts.join('/') + '/', function(err1, buf) {
196 |       var obj;
197 |       if (err1) {
198 |         cb(err1);
199 |         return;
200 |       }
201 |       if(buf === undefined) {
202 |         obj = {};
203 |       } else {
204 |         try {
205 |           obj = JSON.parse(buf.toString('utf-8'));
206 |         } catch(e) {
207 |           cb(e);
208 |           return;
209 |         }
210 |       }
211 |       if (revision) {
212 |         //add
213 |         obj[thisPart] = revision;//we need to store the revision here so that it changes the parent revision
214 |       } else {
215 |         //remove
216 |         delete obj[thisPart];
217 |       }
218 |       this.dataStore.set(username, 'content:' + pathParts.join('/') + '/', new Buffer(JSON.stringify(obj), 'utf-8'), function(err2) {
219 |         if (err2) {
220 |           cb(err2);
221 |           return;
222 |         }
223 |         this.dataStore.set(username, 'revision:' + pathParts.join('/') + '/', new Buffer(sha1(JSON.stringify(obj)), 'utf-8'), function(err3) {
224 |           if (err3) {
225 |             cb(err3);
226 |             return;
227 |           }
228 |           this.setParents(username, pathParts, false, revision, cb);
229 |         }.bind(this));
230 |       }.bind(this));
231 |     }.bind(this));
232 |   }
233 | };
234 | module.exports.prototype.set = function(username, path, dataBuf, contentType, revision, cb) {
235 |   this.dataStore.set(username, 'content:' + path, dataBuf, function(err1) {
236 |     if (err1) {
237 |       cb(err1);
238 |       return;
239 |     }
240 |     this.dataStore.set(username, 'contentType:' + path, contentType, function(err2) {
241 |       if (err2) {
242 |         cb(err2);
243 |         return;
244 |       }
245 |       this.dataStore.set(username, 'revision:' + path, revision, function(err3) {
246 |         if (err3) {
247 |           cb(err3);
248 |           return;
249 |         }
250 |         var pathParts = path.split('/');
251 |         var fileItself = true;
252 |         this.setParents(username, pathParts, true, revision, cb);
253 |       }.bind(this));
254 |     }.bind(this));
255 |   }.bind(this));
256 | };
257 | 


--------------------------------------------------------------------------------
/lib/remotestorage-server.js:
--------------------------------------------------------------------------------
 1 | var Scopes = require('./scopes'),
 2 |   Main = require('./main'),
 3 |   Requests = require('./requests'),
 4 |   sha1 = require('sha1');
 5 | 
 6 | module.exports = function(specVersion, tokenStore, dataStore) {
 7 |   this.specVersion = specVersion;
 8 |   this.folderFormat = 'map';
 9 |   this.folderContentType = new Buffer('application/ld+json', 'utf-8');
10 |   this.folder404s = false;
11 |   this.rootScope = '*';
12 |   this.scopesInstance = new Scopes(tokenStore);
13 |   this.mainInstance = new Main(dataStore);
14 |   this.requestsInstance = new Requests('/storage/', this.scopesInstance, this.mainInstance);
15 | 
16 |   if (specVersion === 'draft-dejong-remotestorage-00' || specVersion === 'draft-dejong-remotestorage-01') {
17 |     this.folderFormat = 'etags-only';
18 |     this.rootScope = 'root';
19 |     this.folder404s = true;
20 |   } else if (specVersion === 'draft-dejong-remotestorage-02') {
21 |     this.folderContentType = new Buffer('application/json', 'utf-8');
22 |   }
23 | };
24 | module.exports.prototype.storage = function(req, res) {
25 |   this.requestsInstance.handleRequest(req, res, this.folderFormat, this.folderContentType, this.folder404s);
26 | };
27 | module.exports.prototype.makeScopePaths = function(scopes) {
28 |   return this.scopesInstance.makeScopePaths(scopes, this.rootScope);
29 | };
30 | module.exports.prototype.getWebfingerLink = function(protocol, host, port, userName, authUrl, webAuthoring) {
31 |   switch (this.specVersion) {
32 |     case 'draft-dejong-remotestorage-00':
33 |       return {
34 |         href: protocol + '://' + host + ':' + port + '/storage/' + userName,
35 |         rel: "remotestorage",
36 |         type: this.specVersion,
37 |         properties: {
38 |           'auth-method': "http://tools.ietf.org/html/rfc6749#section-4.2",
39 |           'auth-endpoint': authUrl
40 |         }
41 |       };
42 |     case 'draft-dejong-remotestorage-01':
43 |       return {
44 |         href: protocol + '://' + host + ':' + port + '/storage/' + userName,
45 |         rel: "remotestorage",
46 |         type: this.specVersion,
47 |         properties: {
48 |           "http://tools.ietf.org/html/rfc6749#section-4.2": authUrl
49 |         }
50 |       };
51 |     case 'draft-dejong-remotestorage-02':
52 |     case 'draft-dejong-remotestorage-03':
53 |       return {
54 |         href: protocol + '://' + host + ':' + port + '/storage/' + userName,
55 |         rel: "remotestorage",
56 |         properties: {
57 |           'http://remotestorage.io/spec/version': this.specVersion,
58 |           'http://tools.ietf.org/html/rfc6749#section-4.2': authUrl,
59 |           'http://tools.ietf.org/html/rfc6750#section-2.3': false,
60 |           'http://tools.ietf.org/html/rfc2616#section-14.16': false
61 |         }
62 |       };
63 |     default:
64 |       return {
65 |         href: protocol + '://' + host + ':' + port + '/storage/' + userName,
66 |         rel: "remotestorage",
67 |         properties: {
68 |           'http://remotestorage.io/spec/version': this.specVersion,
69 |           'http://tools.ietf.org/html/rfc6749#section-4.2': authUrl,
70 |           'http://tools.ietf.org/html/rfc6750#section-2.3': false,
71 |           'http://tools.ietf.org/html/rfc7233': false,
72 |           'http://remotestorage.io/spec/web-authoring': (webAuthoring || false)
73 |         }
74 |       };
75 |   }
76 | };
77 | 
78 | module.exports.prototype.backdoorSet = function(username, path, body, contentType, cb) {
79 |   var revision = new Buffer(sha1(body), 'utf-8');
80 |   if (typeof contentType === 'string') {
81 |     contentType = new Buffer(contentType, 'utf-8');
82 |   }
83 |   this.mainInstance.set(username, path, body, contentType, revision, function(err) {
84 |     if (err) {
85 |       cb('backdoorSet', username, path, body, contentType, err);
86 |     } else {
87 |       cb(null, revision);
88 |     }
89 |   });
90 | };
91 | 


--------------------------------------------------------------------------------
/lib/requests.js:
--------------------------------------------------------------------------------
  1 | var url = require('url'),
  2 |   sha1 = require('sha1'),
  3 |   async = require('async');
  4 | 
  5 | module.exports = function(pathPrefix, scopesInstance, mainInstance) {
  6 |   this.pathPrefix = pathPrefix;
  7 |   this.scopesInstance = scopesInstance;
  8 |   this.mainInstance = mainInstance;
  9 |   this._queue = async.queue(function(task, cb) { task(cb) }, 1);
 10 | };
 11 | /*
 12 |  * the way this works is if two http requests run in parallel,
 13 |  * it will handle the first one entirely before starting the
 14 |  * other one. Calling _lock puts a release function on the http
 15 |  * server response object (res)
 16 |  * object, and any function completing the current request by
 17 |  * calling res.end() will allow the next item to be popped from
 18 |  * the queue
 19 |  */
 20 | module.exports.prototype._lock = function(cb) {
 21 |   this._queue.push(cb);
 22 | }
 23 | module.exports.prototype.writeHead = function(res, status, origin, revision, contentType, contentLength) {
 24 |   var headers = {
 25 |     'Access-Control-Allow-Origin': (origin ? origin : '*'),
 26 |     'Access-Control-Allow-Headers': 'Authorization, Content-Length, Content-Type, If-Match, If-None-Match, Origin, X-Requested-With',
 27 |     'Access-Control-Expose-Headers': 'Content-Type, Content-Length, ETag',
 28 |     'Access-Control-Allow-Methods': 'GET, PUT, DELETE',
 29 |     'Cache-Control': 'no-cache, no-store',
 30 |     'Expires': '0'
 31 |   };
 32 |   if (status === 401) {
 33 |     headers['WWW-Authenticate'] = 'Bearer realm="remoteStorage" error="invalid_token"';
 34 |   }
 35 |   if (Buffer.isBuffer(revision)) {
 36 |     headers.etag = '"' + revision.toString('utf-8') + '"';
 37 |   }
 38 |   if (Buffer.isBuffer(contentType)) {
 39 |     headers['content-type'] = contentType.toString('utf-8');
 40 |   }
 41 |   if (typeof(contentLength) === 'number') {
 42 |     headers['content-length'] = contentLength.toString();
 43 |   }
 44 |   res.writeHead(status, headers);
 45 | };
 46 | 
 47 | module.exports.prototype.writeRaw = function(res, contentType, content, origin, revision, explicitLength) {
 48 |   this.writeHead(res, 200, origin, revision, contentType, (Buffer.isBuffer(content) ? content.length : explicitLength));
 49 |   if (Buffer.isBuffer(content)) {
 50 |     res.end(content);
 51 |   } else {
 52 |     res.end();
 53 |   }
 54 | };
 55 | 
 56 | module.exports.prototype.error = function(res, msg, origin) {
 57 |   //console.log('internal server error - '+msg);
 58 |   this.respond(res, origin, 500);
 59 | };
 60 | 
 61 | module.exports.prototype.respond = function(res, origin, status, etag) {
 62 |   var errorMsg = {
 63 |     304: false,
 64 |     401: 'Unauthorized',
 65 |     404: 'Not Found',
 66 |     405: 'Method not allowed',
 67 |     412: 'Precondition failed',
 68 |     500: 'Internal Server Error'
 69 |   };
 70 |   if (errorMsg[status] === undefined) {
 71 |     errorMsg[status] = 'Computer says no';
 72 |   }
 73 |   if (errorMsg[status]) {
 74 |     this.writeHead(res, status, origin, etag, new Buffer('text/plain', 'utf-8'), errorMsg[status].length+4);
 75 |     res.end(status.toString() + ' ' + errorMsg[status]);
 76 |   } else {
 77 |     //no Content-Length header in this case:
 78 |     this.writeHead(res, status, origin, etag, 'text/plain');
 79 |     res.end();
 80 |   }
 81 | };
 82 | 
 83 | module.exports.prototype.checkNoFolder = function(req, res, username, path, cb, release) {
 84 | console.log('module.exports.prototype.checkNoFolder = function(', req, res, username, path, cb, release);
 85 |   if (path.substr(-1) === '/') {
 86 |     this.respond(res, req.headers.origin, 400);
 87 |     //console.log('checkNoFolder:no calling release');
 88 |     release();
 89 |   } else {
 90 |     cb(null, true);
 91 |   }
 92 | };
 93 | module.exports.prototype.checkMayRead = function(req, res, username, path, cb, release) {
 94 |   this.scopesInstance.mayRead(req.headers.authorization, username, path, function(err, answer) {
 95 |     if (err) {
 96 |       this.error(res, err, req.headers.origin);
 97 |       //console.log('checkMayRead:err calling release');
 98 |       release();
 99 |     } else if (answer) {
100 |       cb(err, answer);
101 |     } else {
102 |       this.respond(res, req.headers.origin, 401);
103 |       //console.log('checkMayRead:no calling release');
104 |       release();
105 |     }
106 |   }.bind(this));
107 | };
108 | module.exports.prototype.checkMayWrite = function(req, res, username, path, cb, release) {
109 |   this.scopesInstance.mayWrite(req.headers.authorization, username, path, function(err, answer) {
110 |     if (err) {
111 |       this.error(res, err, req.headers.origin);
112 |       //console.log('checkMayWrite:err calling release');
113 |       release();
114 |     } else if (answer) {
115 |       cb(err, answer);
116 |     } else {
117 |       this.respond(res, req.headers.origin, 401);
118 |       //console.log('checkMayWrite:no calling release');
119 |       release();
120 |     }
121 |   }.bind(this));
122 | };
123 | module.exports.prototype.stripQuotes = function(str) {
124 |   var i, parts, ret = [];
125 |   if (typeof(str) !== 'string') {
126 |     return undefined;
127 |   }
128 |   if (str === '*') {
129 |     return str;
130 |   }
131 |   parts = str.split(',');
132 |   for (i=0; i<parts.length; i++) {
133 |     parts[i] = parts[i].trim();
134 |     if (parts[i][0] === '"' && parts[i][parts[i].length-1] === '"') {
135 |       ret.push(new Buffer(parts[i].substring(1, parts[i].length-1), 'utf-8'));
136 |     } else {
137 |       ret.push(new Buffer(parts[i], 'utf-8'));
138 |     }
139 |   }
140 |   return ret;
141 | };
142 | module.exports.prototype.checkCondMet = function(req, res, username, path, statusCode, cb, release) {
143 |   var cond = {
144 |     ifNoneMatch: this.stripQuotes(req.headers['if-none-match']),
145 |     ifMatch: this.stripQuotes(req.headers['if-match'])
146 |   };
147 |   this.mainInstance.condMet(cond, username, path, function(err, answer) {
148 |     if (err) {
149 |       this.error(res, err, req.headers.origin);
150 |       //console.log('checkCondMet:err calling release');
151 |       release();
152 |     } else if (answer) {
153 |       cb(err, answer);
154 |     } else {
155 |       this.mainInstance.getRevision(username, path, function(err, revision) {
156 |         if (err) {
157 |           this.error(res, err, req.headers.origin);
158 |         } else {
159 |           this.respond(res, req.headers.origin, statusCode, revision);
160 |         }
161 |         //console.log('checkCondMet:no calling release');
162 |         release();
163 |       }.bind(this));
164 |     }
165 |   }.bind(this));
166 | };
167 | module.exports.prototype.checkFound = function(req, res, username, path, folder404s, cb, release) {
168 |   if (path.substr(-1) === '/' && !folder404s) {//folders always exist in new spec versions
169 |     cb();
170 |   } else {
171 |     this.mainInstance.exists(username, path, function(err, answer) {
172 |       if (err) {
173 |         this.error(res, err, req.headers.origin);
174 |         //console.log('checkFound:err calling release');
175 |         release();
176 |       } else if (answer) {
177 |         cb(err, answer);
178 |       } else {
179 |         this.respond(res, req.headers.origin, 404);
180 |         //console.log('checkFound:no calling release');
181 |         release();
182 |       }
183 |     }.bind(this));
184 |   }
185 | };
186 | module.exports.prototype.doHead = function(req, res, release, username, path, folderContentType) {
187 |   if (path.substr(-1) === '/') {
188 |     this.mainInstance.getRevision(username, path, function(err, revision) {
189 |       if (err) {
190 |         this.error(res, err, req.headers.origin);
191 |         //console.log('doHead:folder:err calling release');
192 |         release();
193 |       } else {
194 |         this.writeRaw(res, folderContentType, undefined, req.headers.origin, revision);
195 |         //console.log('doHead:folder calling release');
196 |         release();
197 |       }
198 |     }.bind(this));
199 |   } else {
200 |     this.mainInstance.getContentType(username, path, function(err, contentType) {
201 |       if (err) {
202 |         this.error(res, err, req.headers.origin);
203 |         //console.log('doHead:doc:err calling release');
204 |         release();
205 |       } else {
206 |         this.mainInstance.getRevision(username, path, function(err2, revision) {
207 |           if (err) {
208 |             this.error(res, err2, req.headers.origin);
209 |             //console.log('doHead:doc:err2 calling release');
210 |             release();
211 |           } else {
212 |             this.mainInstance.getContent(username, path, function(err3, content) {
213 |               if (err) {
214 |                 this.error(res, err3, req.headers.origin);
215 |               } else {
216 |                 this.writeRaw(res, contentType, undefined, req.headers.origin, revision, content.length);
217 |               }
218 |               //console.log('doHead:doc calling release');
219 |               release();
220 |             }.bind(this));
221 |           }
222 |         }.bind(this));
223 |       }
224 |     }.bind(this));
225 |   }
226 | };
227 | module.exports.prototype.doGet = function(req, res, release, username, path, folderFormat, folderContentType) {
228 |   if (path.substr(-1) === '/') {
229 |     this.mainInstance.getRevision(username, path, function(err, revision) {
230 |       if (err) {
231 |         this.error(res, err, req.headers.origin);
232 |         //console.log('doGet:folder:err calling release');
233 |         release();
234 |       } else {
235 |         this.mainInstance.getFolderDescription(username, path, folderFormat, function(err, desc) {
236 |           if (err) {
237 |             this.error(res, err, req.headers.origin);
238 |           } else {
239 |             var content = new Buffer(JSON.stringify(desc), 'utf-8');
240 |             this.writeRaw(res, folderContentType, content, req.headers.origin, revision);
241 |           }
242 |           //console.log('doGet:folder calling release');
243 |           release();
244 |         }.bind(this));
245 |       }
246 |     }.bind(this));
247 |   } else {
248 |     var contentType, revision;
249 |     this.mainInstance.getContentType(username, path, function(err, contentType) {
250 |       if (err) {
251 |         this.error(res, err, req.headers.origin);
252 |         //console.log('doGet:doc:err calling release');
253 |         release();
254 |       } else {
255 |         this.mainInstance.getRevision(username, path, function(err2, revision) {
256 |           if (err) {
257 |             this.error(res, err2, req.headers.origin);
258 |             //console.log('doGet:doc:err2 calling release');
259 |             release();
260 |           } else {
261 |             this.mainInstance.getContent(username, path, function(err3, content) {
262 |               if (err) {
263 |                 this.error(res, err, req.headers.origin);
264 |               } else {
265 |                 this.writeRaw(res, contentType, content, req.headers.origin, revision);
266 |               }
267 |               //console.log('doGet:doc calling release');
268 |               release();
269 |             }.bind(this));
270 |           }
271 |         }.bind(this));
272 |       }
273 |     }.bind(this));
274 |   }
275 | };
276 | module.exports.prototype.doPut = function(req, res, release, username, path) {
277 |   var body = new Buffer(0);
278 |   req.on('data', function(chunk) {
279 |     var buffer = new Buffer(body.length + chunk.length);
280 |     body.copy(buffer);
281 |     chunk.copy(buffer, body.length);
282 |     body = buffer;
283 |   });
284 | 
285 |   req.on('end', function() {
286 |     var revision = new Buffer(sha1(body), 'utf-8');
287 |     var contentType;
288 |     if(req.headers['content-type']) {
289 |       contentType = new Buffer(req.headers['content-type'], 'utf-8');
290 |     }
291 |     this.mainInstance.set(username, path, body, contentType, revision, function(err) {
292 |       if (err) {
293 |         this.error(res, err, req.headers.origin);
294 |       } else {
295 |         this.writeRaw(res, undefined, undefined, req.headers.origin, revision);
296 |       }
297 |       //console.log('doPut calling release');
298 |       release();
299 |     }.bind(this));
300 |   }.bind(this));
301 | };
302 | module.exports.prototype.doDelete = function(req, res, release, username, path) {
303 |   this.mainInstance.set(username, path, undefined, undefined, undefined, function(err) {
304 |     if (err) {
305 |       this.error(res, err, req.headers.origin);
306 |     } else {
307 |       this.writeRaw(res, undefined, undefined, req.headers.origin);
308 |     }
309 |     //console.log('doDelete calling release');
310 |     release();
311 |   }.bind(this));
312 | };
313 | module.exports.prototype.handleRequest = function(req, res, folderFormat, folderContentType, folder404s) {
314 |   var urlObj = url.parse(req.url, true);
315 |   var path = urlObj.pathname.substring(this.pathPrefix.length);
316 |   var pos = path.indexOf('/');
317 |   var username = path.substring(0, pos);
318 |   path = path.substring(pos);
319 | //console.log('locking', req.method);
320 |   this._lock(function(release) {
321 | //console.log('switching', req.method);
322 |     switch (req.method) {
323 |     case 'OPTIONS':
324 |       this.writeRaw(res, undefined, undefined, req.headers.origin);
325 |       //console.log('OPTIONS case calling release');
326 |       release();
327 |       break;
328 |     case 'HEAD':
329 |       this.checkMayRead(req, res, username, path, function() {
330 |         this.checkFound(req, res, username, path, folder404s, function() {
331 |           this.checkCondMet(req, res, username, path, 304, function() {
332 |             this.doHead(req, res, release, username, path, folderContentType);
333 |           }.bind(this), release);
334 |         }.bind(this), release);
335 |       }.bind(this), release);
336 |       break;
337 |     case 'GET':
338 |       this.checkMayRead(req, res, username, path, function() {
339 |         this.checkFound(req, res, username, path, folder404s, function() {
340 |           this.checkCondMet(req, res, username, path, 304, function() {
341 |             this.doGet(req, res, release, username, path, folderFormat, folderContentType);
342 |           }.bind(this), release);
343 |         }.bind(this), release);
344 |       }.bind(this), release);
345 |       break;
346 |     case 'PUT':
347 |       this.checkNoFolder(req, res, username, path, function() {
348 |         this.checkMayWrite(req, res, username, path, function() {
349 |           this.checkCondMet(req, res, username, path, 412, function() {
350 |             this.doPut(req, res, release, username, path);
351 |           }.bind(this), release);
352 |         }.bind(this), release);
353 |       }.bind(this), release);
354 |       break;
355 |     case 'DELETE':
356 |       this.checkNoFolder(req, res, username, path, function() {
357 |         this.checkMayWrite(req, res, username, path, function() {
358 |           this.checkCondMet(req, res, username, path, 412, function() {
359 |             this.checkFound(req, res, username, path, folder404s, function() {
360 |               this.doDelete(req, res, release, username, path);
361 |             }.bind(this), release);
362 |           }.bind(this), release);
363 |         }.bind(this), release);
364 |       }.bind(this), release);
365 |       break;
366 |     default:
367 |       this.respond(res, req.headers.origin, 405);
368 |       release();
369 |     }
370 |   }.bind(this));
371 | };
372 | 


--------------------------------------------------------------------------------
/lib/scopes.js:
--------------------------------------------------------------------------------
 1 | module.exports = function(tokenStore) {
 2 |   this.tokenStore = tokenStore;
 3 | };
 4 | module.exports.prototype.makeScopePaths = function(scopes, rootScope) {
 5 |   var i, scopePaths=[];
 6 |   for (i=0; i<scopes.length; i++) {
 7 |     var thisScopeParts = scopes[i].split(':');
 8 |     if (thisScopeParts[0] === rootScope) {
 9 |       scopePaths.push('/:'+thisScopeParts[1]);
10 |     } else {
11 |       scopePaths.push('/'+thisScopeParts[0]+'/:'+thisScopeParts[1]);
12 |       scopePaths.push('/public/'+thisScopeParts[0]+'/:'+thisScopeParts[1]);
13 |     }
14 |   }
15 |   return scopePaths;
16 | };
17 | 
18 | module.exports.prototype.may = function(authorizationHeader, username, path, write, cb) {
19 |   var i, scopeParts, scopes, pathParts;
20 |   if (write && path.substr(-1) === '/') {
21 |     cb(null, false);
22 |   } else if (path[0] !== '/' || username.length === 0) {
23 |     cb(null, false);
24 |   } else if (authorizationHeader) {
25 |     this.tokenStore.get(username, authorizationHeader.substring('Bearer '.length), function(err, scopes) {
26 |       if (err) {
27 |         cb(err);
28 |         return;
29 |       }
30 |       if (scopes) {
31 |         for (i=0; i<scopes.length; i++) {
32 |           scopeParts = scopes[i].split(':');
33 |           if(scopeParts.length==2
34 |               && path.substring(0, scopeParts[0].length)==scopeParts[0] 
35 |               && (scopeParts[1]=='rw' || !write)) {
36 |             cb(null, true);
37 |             return;
38 |           }
39 |         }
40 |       }
41 |       if (write) {
42 |         cb(null, false);
43 |       } else {
44 |         pathParts = path.split('/');//e.g. ['public', 'foo', 'bar', '']
45 |         cb(null, (pathParts[1] === 'public') && (path.substr(-1) !== '/'));
46 |       }
47 |     });
48 |     return;
49 |   } else if (write) {
50 |     cb(null, false);
51 |   } else {
52 |     pathParts = path.split('/');//e.g. ['public', 'foo', 'bar', '']
53 |     cb(null, (pathParts[1] === 'public') && (path.substr(-1) !== '/'));
54 |   }
55 | };
56 | module.exports.prototype.mayRead = function(authorizationHeader, username, path, cb) {
57 |   return this.may(authorizationHeader, username, path, false, cb);
58 | };
59 | module.exports.prototype.mayWrite = function(authorizationHeader, username, path, cb) {
60 |   return this.may(authorizationHeader, username, path, true, cb);
61 | };
62 | 


--------------------------------------------------------------------------------
/package.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "name": "remotestorage-server",
 3 |   "desc": "The remoteStorage core from https://github.com/remotestorage/starter-kit",
 4 |   "version": "0.5.11",
 5 |   "private": false,
 6 |   "license": "MIT",
 7 |   "repository": {
 8 |     "type": "git",
 9 |     "url": "git://github.com/remotestorage/remotestorage-server.git"
10 |   },
11 |   "homepage": "http://remotestorage.io/",
12 |   "main": "./lib/remotestorage-server",
13 |   "dependencies": {
14 |     "sha1": "*",
15 |     "async": "*"
16 |   },
17 |   "devDependencies": {
18 |     "nodeunit": "*"
19 |   },
20 |   "scripts": {
21 |     "test": "nodeunit test"
22 |   }
23 | }
24 | 


--------------------------------------------------------------------------------
/test/basics.js:
--------------------------------------------------------------------------------
 1 | var RemotestorageServer = require('../lib/remotestorage-server');
 2 | 
 3 | exports['RemotestorageServer constuctor accepts version string "draft-dejong-remotestorage-00"'] = function(test) {
 4 |   var server = new RemotestorageServer('draft-dejong-remotestorage-00', {}, {});
 5 |   test.equal(!!server, true);
 6 |   test.done();
 7 | };
 8 | exports['RemotestorageServer constuctor accepts version string "draft-dejong-remotestorage-01"'] = function(test) {
 9 |   var server = new RemotestorageServer('draft-dejong-remotestorage-01', {}, {});
10 |   test.equal(!!server, true);
11 |   test.done();
12 | };
13 | exports['RemotestorageServer constuctor supports version string "draft-dejong-remotestorage-02"'] = function(test) {
14 |   var server = new RemotestorageServer('draft-dejong-remotestorage-02', {}, {});
15 |   test.equal(!!server, true);
16 |   test.done();
17 | };
18 | exports['RemotestorageServer constuctor supports version string "draft-dejong-remotestorage-03"'] = function(test) {
19 |   var server = new RemotestorageServer('draft-dejong-remotestorage-03', {}, {});
20 |   test.equal(!!server, true);
21 |   test.done();
22 | };
23 | exports['RemotestorageServer constuctor supports version string "draft-dejong-remotestorage-04"'] = function(test) {
24 |   var server = new RemotestorageServer('draft-dejong-remotestorage-03', {}, {});
25 |   test.equal(!!server, true);
26 |   test.done();
27 | };
28 | 


--------------------------------------------------------------------------------
/test/main.js:
--------------------------------------------------------------------------------
  1 | var Main = require('../lib/main'),
  2 |   nodeunit = require('nodeunit');
  3 |   
  4 | function setUp() {
  5 |   this.dataStore = {
  6 |     _data: {},
  7 |     get: function(username, key, cb) { cb(null, this._data[username+':'+key]); },
  8 |     set: function(username, key, value, cb) { this._data[username+':'+key] = value; cb(null); }
  9 |   };
 10 |   this.mainInstance = new Main(this.dataStore);
 11 |   this.dataStore._data = {
 12 |     'me:content:/': JSON.stringify({a: true, b: true, existing: true}),
 13 |     'me:content:/a': new Buffer('blij', 'utf-8'),
 14 |     'me:content:/b': new Buffer('Unhošť', 'utf-8'),
 15 |     'me:content:/existing': new Buffer('hi', 'utf-8'),
 16 |     'me:contentType:/a': new Buffer('a-ish', 'utf-8'),
 17 |     'me:contentType:/b': new Buffer('b-ish', 'utf-8'),
 18 |     'me:contentType:/existing': new Buffer('hi', 'utf-8'),
 19 |     'me:revision:/': new Buffer('123', 'utf-8'),
 20 |     'me:revision:/a': new Buffer('a', 'utf-8'),
 21 |     'me:revision:/b': new Buffer('b', 'utf-8'),
 22 |     'me:revision:/existing': new Buffer('hi', 'utf-8'),
 23 |   };
 24 | }
 25 | 
 26 | exports['main'] = nodeunit.testCase({
 27 |   /*setUp: function() {
 28 |   },
 29 |   tearDown: function() {
 30 |   },*/
 31 |   'condMet': function(test) {
 32 |     setUp.bind(this)();
 33 |     this.mainInstance.condMet({ ifNoneMatch: undefined, ifMatch: undefined }, 'me', '/existing', function(err, answer) {
 34 |       test.equal(err, null);
 35 |       test.equal(answer, true);
 36 |       this.mainInstance.condMet({ifNoneMatch: '*'}, 'me', '/existing', function(err, answer) {
 37 |         test.equal(err, null);
 38 |         test.equal(answer, false);
 39 |         this.mainInstance.condMet({ifNoneMatch: '*'}, 'me', '/non-existing', function(err, answer) {
 40 |           test.equal(err, null);
 41 |           test.equal(answer, true);
 42 |           this.mainInstance.condMet({ifNoneMatch: ['ho']}, 'me', '/existing', function(err, answer) {
 43 |             test.equal(err, null);
 44 |             test.equal(answer, true);
 45 |             this.mainInstance.condMet({ifNoneMatch: ['he', 'ho']}, 'me', '/existing', function(err, answer) {
 46 |               test.equal(err, null);
 47 |               test.equal(answer, true);
 48 |               this.mainInstance.condMet({ifNoneMatch: ['hi']}, 'me', '/existing', function(err, answer) {
 49 |                 test.equal(err, null);
 50 |                 test.equal(answer, false);
 51 |                 this.mainInstance.condMet({ifNoneMatch: ['he', 'hi']}, 'me', '/existing', function(err, answer) {
 52 |                   test.equal(err, null);
 53 |                   test.equal(answer, false);
 54 |                   this.mainInstance.condMet({ifNoneMatch: ['ho']}, 'me', '/non-existing', function(err, answer) {
 55 |                     test.equal(err, null);
 56 |                     test.equal(answer, true);
 57 |                     this.mainInstance.condMet({ifMatch: ['hi']}, 'me', '/existing', function(err, answer) {
 58 |                       test.equal(err, null);
 59 |                       test.equal(answer, true);
 60 |                       this.mainInstance.condMet({ifMatch: ['ho']}, 'me', '/existing', function(err, answer) {
 61 |                         test.equal(err, null);
 62 |                         test.equal(answer, false);
 63 |                         this.mainInstance.condMet({ifMatch: ['hi']}, 'me', '/non-existing', function(err, answer) {
 64 |                           test.equal(err, null);
 65 |                           test.equal(answer, false);
 66 |                           test.done();
 67 |                         }.bind(this));
 68 |                       }.bind(this));
 69 |                     }.bind(this));
 70 |                   }.bind(this));
 71 |                 }.bind(this));
 72 |               }.bind(this));
 73 |             }.bind(this));
 74 |           }.bind(this));
 75 |         }.bind(this));
 76 |       }.bind(this));
 77 |     }.bind(this));
 78 |   },
 79 |   'revisionsToMap': function(test) {
 80 |     setUp.bind(this)();
 81 |     this.mainInstance.revisionsToMap({ a: 'a', b: 'b'}, 'me', '/', function(err, answer) {
 82 |       test.equal(err, null);
 83 |       test.deepEqual(JSON.stringify(answer), JSON.stringify({
 84 |         '@context': 'http://remotestorage.io/spec/folder-description',
 85 |         items: {
 86 |           a: {
 87 |             ETag: 'a',
 88 |             'Content-Type': 'a-ish',
 89 |             'Content-Length': 4
 90 |           },
 91 |           b: {
 92 |             ETag: 'b',
 93 |             'Content-Type': 'b-ish',
 94 |             'Content-Length': 8
 95 |           }
 96 |         }
 97 |       }));
 98 |     });
 99 |     test.done();
100 |   },
101 |   'getFolderDescription': function(test) {
102 |     setUp.bind(this)();
103 |     this.mainInstance.getFolderDescription('me', '/', 'etags-only', function(err, obj) {
104 |       test.equal(err, null);
105 |       test.deepEqual(obj, {
106 |         a: 'a',
107 |         b: 'b',
108 |         existing: 'hi'
109 |       });
110 |       this.mainInstance.getFolderDescription('me', '/', 'map', function(err, obj) {
111 |         test.equal(err, null);
112 |         test.deepEqual(obj, {
113 |           '@context': 'http://remotestorage.io/spec/folder-description',
114 |           items: {
115 |             a: {
116 |               ETag: 'a',
117 |               'Content-Type': 'a-ish',
118 |               'Content-Length': 4
119 |             },
120 |             b: {
121 |               ETag: 'b',
122 |               'Content-Type': 'b-ish',
123 |               'Content-Length': 8
124 |             },
125 |             existing: {
126 |               ETag: 'hi',
127 |               'Content-Type': 'hi',
128 |               'Content-Length': 2
129 |             }
130 |           }
131 |         });
132 |       });
133 |       test.done();
134 |     }.bind(this));
135 |   },
136 |   'exists': function(test) {
137 |     setUp.bind(this)();
138 |     this.mainInstance.exists('me', '/', function(err, answer) {
139 |       test.equal(err, null);
140 |       test.equal(answer, true);
141 |       this.mainInstance.exists('me', '/a', function(err, answer) {
142 |         test.equal(err, null);
143 |         test.equal(answer, true);
144 |         this.mainInstance.exists('me', '/non-existing', function(err, answer) {
145 |           test.equal(err, null);
146 |           test.equal(answer, false);
147 |           this.mainInstance.exists('me', '/non/existing', function(err, answer) {
148 |             test.equal(err, null);
149 |             test.equal(answer, false);
150 |             this.mainInstance.exists('me', '/non-existing/', function(err, answer) {
151 |               test.equal(err, null);
152 |               test.equal(answer, false);
153 |               this.mainInstance.exists('me', '/non/existing/', function(err, answer) {
154 |                 test.equal(err, null);
155 |                 test.equal(answer, false);
156 |                 this.mainInstance.exists('me', '/existing', function(err, answer) {
157 |                   test.equal(err, null);
158 |                   test.equal(answer, true);
159 |                   test.done();
160 |                 }.bind(this));
161 |               }.bind(this));
162 |             }.bind(this));
163 |           }.bind(this));
164 |         }.bind(this));
165 |       }.bind(this));
166 |     }.bind(this));
167 |   },
168 |   'getContent': function(test) {
169 |     setUp.bind(this)();
170 |     this.mainInstance.getContent('me', '/a', function(err, answer) {
171 |       test.equal(err, null);
172 |       test.equal(answer, this.dataStore._data['me:content:/a']);
173 |       this.mainInstance.getContent('me', '/non-existing', function(err, answer) {
174 |         test.equal(err, null);
175 |         test.equal(answer, undefined);
176 |         test.done();
177 |       });
178 |     }.bind(this));
179 |   },
180 |   'getContentType': function(test) {
181 |     setUp.bind(this)();
182 |     this.mainInstance.getContentType('me', '/a', function(err, answer) {
183 |       test.equal(err, null);
184 |       test.equal(answer, this.dataStore._data['me:contentType:/a']);
185 |       this.mainInstance.getContentType('me', '/non-existing', function(err, answer) {
186 |         test.equal(err, null);
187 |         test.equal(answer, undefined);
188 |         test.done();
189 |       });
190 |     }.bind(this));
191 |   },
192 |   'getContentLength': function(test) {
193 |     setUp.bind(this)();
194 |     this.mainInstance.getContentLength('me', '/a', function(err, answer) {
195 |       test.equal(err, null);
196 |       test.equal(answer, 4);
197 |       this.mainInstance.getContentLength('me', '/non-existing', function(err, answer) {
198 |         test.equal(err, null);
199 |         test.equal(answer, undefined);
200 |         test.done();
201 |       });
202 |     }.bind(this));
203 |   },
204 |   'getRevision': function(test) {
205 |     setUp.bind(this)();
206 |     this.mainInstance.getRevision('me', '/a', function(err, answer) {
207 |       test.equal(err, null);
208 |       test.equal(answer, this.dataStore._data['me:revision:/a']);
209 |       this.mainInstance.getRevision('me', '/non-existing', function(err, answer) {
210 |         test.equal(err, null);
211 |         test.equal(answer, undefined);
212 |         test.done();
213 |       });
214 |     }.bind(this));
215 |   },
216 |   'set': function(test) {
217 |     setUp.bind(this)();
218 |     this.mainInstance.set('me', '/a', new Buffer('hi', 'utf-8'), new Buffer('hi', 'utf-8'), new Buffer('123', 'utf-8'), function(err) {
219 |       test.equal(err, null);
220 |       this.mainInstance.set('me', '/c', new Buffer('ho', 'utf-8'), new Buffer('ho', 'utf-8'), new Buffer('456', 'utf-8'), function(err) {
221 |         test.equal(err, null);
222 |         test.deepEqual(this.dataStore._data['me:content:/a'], new Buffer('hi', 'utf-8'));
223 |         test.deepEqual(this.dataStore._data['me:contentType:/a'], new Buffer('hi', 'utf-8'));
224 |         test.deepEqual(this.dataStore._data['me:revision:/a'], new Buffer('123', 'utf-8'));
225 |         test.deepEqual(this.dataStore._data['me:content:/c'], new Buffer('ho', 'utf-8'));
226 |         test.deepEqual(this.dataStore._data['me:contentType:/c'], new Buffer('ho', 'utf-8'));
227 |         test.deepEqual(this.dataStore._data['me:revision:/c'], new Buffer('456', 'utf-8'));
228 |         test.done();
229 |       }.bind(this));
230 |     }.bind(this));
231 |   }
232 | });
233 | 


--------------------------------------------------------------------------------
/test/requests.js:
--------------------------------------------------------------------------------
  1 | var Requests = require('../lib/requests'),
  2 |   nodeunit = require('nodeunit');
  3 |   
  4 | function setUp() {
  5 |   this.scopesMock = {
  6 |     _mayReadCalled: 0,
  7 |     _mayWriteCalled: 0,
  8 |     mayRead: function(authHeader, username, path, cb) {
  9 |       this._mayReadCalled++;
 10 |       cb(null, (authHeader === 'asdfqwer-read' && path === '/qwer/asdf/read')
 11 |           || (authHeader === 'Bearer SECRET' && path === '/existing')
 12 |           || (authHeader === 'Bearer SECRET' && path === '/folder/'));
 13 |     },
 14 |     mayWrite: function(authHeader, username, path, cb) {
 15 |       this._mayWriteCalled++;
 16 |       cb(null, (authHeader === 'asdfqwer-write' && path === '/qwer/asdf/write')
 17 |           || (authHeader === 'Bearer SECRET' && path === '/existing')
 18 |           || (authHeader === 'Bearer SECRET' && path === '/folder/'));
 19 |     }
 20 |   };
 21 |   this.mainMock = {
 22 |     _condMetCalled: 0,
 23 |     _existsCalled: 0,
 24 |     _getRevisionCalled: 0,
 25 |     _getContentCalled: 0,
 26 |     _getFolderDescriptionCalled: 0,
 27 |     _getContentTypeCalled: 0,
 28 |     _setCalled: 0,
 29 |     _data: {},
 30 |     condMet: function(cond, username, path, cb) {
 31 |       this._condMetCalled++;
 32 |       cb(null, (cond.ifNoneMatch === '*' && path === '/qwer/asdf/cond')
 33 |           || (cond.ifNoneMatch === undefined && cond.ifMatch === undefined && path === '/existing')
 34 |           || (cond.ifNoneMatch === undefined && cond.ifMatch === undefined && path === '/folder/')
 35 |           || (Array.isArray(cond.ifNoneMatch) && cond.ifNoneMatch[0].toString('utf-8') === '123' && path === '/existing'));
 36 |     },
 37 |     exists: function(username, path, cb) {
 38 |       this._existsCalled++;
 39 |       cb(null, path === '/existing' || path === '/folder/');
 40 |     },
 41 |     getContent: function(username, path, cb) {
 42 |       this._getContentCalled++;
 43 |       cb(null, new Buffer('yes, very content!', 'utf-8'));
 44 |     },
 45 |     getFolderDescription: function(username, path, format, cb) {
 46 |       this._getFolderDescriptionCalled++;
 47 |       cb(null, {a: 'b'});
 48 |     },
 49 |     getContentType: function(username, path, cb) {
 50 |       this._getContentTypeCalled++;
 51 |       cb(null, new Buffer('very!', 'utf-8'));
 52 |     },
 53 |     getRevision: function(username, path, cb) {
 54 |       this._getRevisionCalled++;
 55 |       cb(null, new Buffer('koe', 'utf-8'));
 56 |     },
 57 |     set: function(username, path, buf, contentType, revision, cb) {
 58 |       console.log('mainMock set');
 59 |       this._setCalled++;
 60 |       this._data[username+':'+path] = [buf, contentType, revision];
 61 |       console.log('stored', buf, contentType, revision);
 62 |       cb(null);
 63 |     }
 64 |   };
 65 |   this.res = {
 66 |     _status: undefined,
 67 |     _headers: undefined,
 68 |     _body: '',
 69 |     _ended: false,
 70 |     writeHead: function(status, headers) {
 71 |       this._status = status;
 72 |       this._headers = headers;
 73 |     },
 74 |     write: function(buf) {
 75 |       this._body += buf.toString();
 76 |     },
 77 |     end: function(buf) {
 78 |       if (buf) {
 79 |         this._body += buf.toString();
 80 |       }
 81 |       this._ended = true;
 82 |       if (this._cb) {
 83 |         this._cb();
 84 |       }
 85 |     },
 86 |     onEnd: function(cb) {
 87 |       this._cb = cb;
 88 |     }
 89 |   };
 90 |   this.req = {
 91 |     headers: {
 92 |       origin: 'http://local.host'
 93 |     }
 94 |   };
 95 |   this.requestsInstance = new Requests('/path/to/storage/', this.scopesMock, this.mainMock);
 96 | }
 97 | 
 98 | exports['requests'] = nodeunit.testCase({
 99 |   /*setUp: function() {
100 |   },
101 |   tearDown: function() {
102 |   },*/
103 |   'writeHead': function(test) {
104 |     setUp.bind(this)();
105 |     this.requestsInstance.writeHead(this.res, 207, 'https://foo.bar', new Buffer('123', 'utf-8'), new Buffer('application/json', 'utf-8'), 456);
106 |     test.equal(this.res._status, 207);
107 |     test.deepEqual(this.res._headers, {
108 |       'Access-Control-Allow-Origin': 'https://foo.bar',
109 |       'Access-Control-Allow-Headers': 'Authorization, Content-Length, Content-Type, If-Match, If-None-Match, Origin, X-Requested-With',
110 |       'Access-Control-Expose-Headers': 'Content-Type, Content-Length, ETag',
111 |       'Access-Control-Allow-Methods': 'GET, PUT, DELETE',
112 |       'Cache-Control': 'no-cache, no-store',
113 |       Expires: '0',
114 |       etag: '"123"',
115 |       'content-type': 'application/json',
116 |       'content-length': '456'
117 |     });
118 |     test.equal(this.res._body, '');
119 |     test.equal(this.res._ended, false);
120 |     test.done();
121 |   },
122 |   'writeRaw': function(test) {
123 |     setUp.bind(this)();
124 |     this.requestsInstance.writeRaw(this.res, new Buffer('application/json', 'utf-8'), new Buffer('asdf', 'utf-8'), 'https://foo.bar', new Buffer('123', 'utf-8'));
125 |     test.equal(this.res._status, 200);
126 |     test.deepEqual(this.res._headers, {
127 |       'Access-Control-Allow-Origin': 'https://foo.bar',
128 |       'Access-Control-Allow-Headers': 'Authorization, Content-Length, Content-Type, If-Match, If-None-Match, Origin, X-Requested-With',
129 |       'Access-Control-Expose-Headers': 'Content-Type, Content-Length, ETag',
130 |       'Access-Control-Allow-Methods': 'GET, PUT, DELETE',
131 |       'Cache-Control': 'no-cache, no-store',
132 |       Expires: '0',
133 |       etag: '"123"',
134 |       'content-type': 'application/json',
135 |       'content-length': '4'
136 |     });
137 |     test.equal(this.res._body, 'asdf');
138 |     test.done();
139 |   },
140 |   'respond': function(test) {
141 |     setUp.bind(this)();
142 |     this.requestsInstance.respond(this.res, 'https://foo.bar', 408, new Buffer('123', 'utf-8'));
143 |     test.equal(this.res._status, 408);
144 |     test.deepEqual(this.res._headers, {
145 |       'Access-Control-Allow-Origin': 'https://foo.bar',
146 |       'Access-Control-Allow-Headers': 'Authorization, Content-Length, Content-Type, If-Match, If-None-Match, Origin, X-Requested-With',
147 |       'Access-Control-Expose-Headers': 'Content-Type, Content-Length, ETag',
148 |       'Access-Control-Allow-Methods': 'GET, PUT, DELETE',
149 |       'Cache-Control': 'no-cache, no-store',
150 |       Expires: '0',
151 |       etag: '"123"',
152 |       'content-type': 'text/plain',
153 |       'content-length': '20'
154 |     });
155 |     test.equal(this.res._body, '408 Computer says no');
156 |     test.equal(this.res._ended, true);
157 |     test.done();
158 |   },
159 |   'checkNoFolder': function(test) {
160 |     setUp.bind(this)();
161 |     test.expect(8);
162 |     this.requestsInstance.checkNoFolder(this.req, this.res, 'me', '/foo', function(err, answer) {
163 |       test.equal(err, null);
164 |       test.equal(answer, true);
165 |       test.equal(this.res._headers, undefined);
166 |       test.equal(this.res._body, '');
167 |       test.equal(this.res._ended, false);
168 |       this.requestsInstance.checkNoFolder(this.req, this.res, 'me', '/foo/', function(err, answer) {
169 |         test.equal(true, false);
170 |       }.bind(this), function() {});
171 |       test.deepEqual(this.res._headers, {
172 |         'Access-Control-Allow-Origin': 'http://local.host',
173 |         'Access-Control-Allow-Headers': 'Authorization, Content-Length, Content-Type, If-Match, If-None-Match, Origin, X-Requested-With',
174 |         'Access-Control-Expose-Headers': 'Content-Type, Content-Length, ETag',
175 |         'Access-Control-Allow-Methods': 'GET, PUT, DELETE',
176 |         'Cache-Control': 'no-cache, no-store',
177 |         Expires: '0',
178 |         'content-type': 'text/plain',
179 |         'content-length': '20'
180 |       });
181 |       test.equal(this.res._body, '400 Computer says no');
182 |       test.equal(this.res._ended, true);
183 |       test.done();
184 |     }.bind(this), function() {});
185 |   },
186 |   'checkMayRead': function(test) {
187 |     setUp.bind(this)();
188 |     test.expect(12);
189 |     this.req.headers.authorization = 'asdfqwer-read';
190 |     this.requestsInstance.checkMayRead(this.req, this.res, 'me', '/qwer/asdf/read', function(err, answer) {
191 |       test.equal(err, null);
192 |       test.equal(answer, true);
193 |       test.equal(this.scopesMock._mayReadCalled, 1);
194 |       test.equal(this.res._status, undefined);
195 |       test.equal(this.res._headers, undefined);
196 |       test.equal(this.res._body, '');
197 |       test.equal(this.res._ended, false);
198 |       this.req.headers.authorization = 'asdfqwer-wrong';
199 |       this.requestsInstance.checkMayRead(this.req, this.res, 'me', '/qwer/asdf/read', function(err, answer) {
200 |         test.equal(true, false);
201 |       }.bind(this), function() {});
202 |       test.equal(this.scopesMock._mayReadCalled, 2);
203 |       test.equal(this.res._status, 401);
204 |       test.deepEqual(this.res._headers, {
205 |         "Access-Control-Allow-Origin":"http://local.host",
206 |         'Access-Control-Allow-Headers': 'Authorization, Content-Length, Content-Type, If-Match, If-None-Match, Origin, X-Requested-With',
207 |         "Access-Control-Expose-Headers":"Content-Type, Content-Length, ETag",
208 |         "Access-Control-Allow-Methods":"GET, PUT, DELETE",
209 |         'Cache-Control': 'no-cache, no-store',
210 |         "Expires":"0",
211 |         'WWW-Authenticate': 'Bearer realm="remoteStorage" error="invalid_token"',
212 |         "content-type":"text/plain",
213 |         "content-length":"16"});
214 |       test.equal(this.res._body, '401 Unauthorized');
215 |       test.equal(this.res._ended, true);
216 |       test.done();
217 |     }.bind(this));
218 |   },
219 |   'checkMayWrite': function(test) {
220 |     setUp.bind(this)();
221 |     this.req.headers.authorization = 'asdfqwer-write';
222 |     this.requestsInstance.checkMayWrite(this.req, this.res, 'me', '/qwer/asdf/write', function(err, answer) {
223 |       test.equal(err, null);
224 |       test.equal(answer, true);
225 |       test.equal(this.scopesMock._mayWriteCalled, 1);
226 |       test.equal(this.res._status, undefined);
227 |       test.equal(this.res._headers, undefined);
228 |       test.equal(this.res._body, '');
229 |       test.equal(this.res._ended, false);
230 |       this.req.headers.authorization = 'asdfqwer-wrong';
231 |       this.requestsInstance.checkMayWrite(this.req, this.res, 'me', '/qwer/asdf/write', function(err, answer) {
232 |         test.equal(false, true);
233 |       }, function() {});
234 |       test.equal(this.scopesMock._mayWriteCalled, 2);
235 |       test.equal(this.res._status, 401);
236 |       test.deepEqual(this.res._headers, {
237 |         "Access-Control-Allow-Origin":"http://local.host",
238 |         'Access-Control-Allow-Headers': 'Authorization, Content-Length, Content-Type, If-Match, If-None-Match, Origin, X-Requested-With',
239 |         "Access-Control-Expose-Headers":"Content-Type, Content-Length, ETag",
240 |         "Access-Control-Allow-Methods":"GET, PUT, DELETE",
241 |         'Cache-Control': 'no-cache, no-store',
242 |         "Expires":"0",
243 |         'WWW-Authenticate': 'Bearer realm="remoteStorage" error="invalid_token"',
244 |         "content-type":"text/plain",
245 |         "content-length":"16"});
246 |       test.equal(this.res._body, '401 Unauthorized');
247 |       test.equal(this.res._ended, true);
248 |       test.done();
249 |     }.bind(this));
250 |   },
251 |   'stripQuotes': function(test) {
252 |     setUp.bind(this)();
253 |     test.deepEqual(this.requestsInstance.stripQuotes(''), [new Buffer('', 'utf-8')]);
254 |     test.deepEqual(this.requestsInstance.stripQuotes('""'), [new Buffer('', 'utf-8')]);
255 |     test.deepEqual(this.requestsInstance.stripQuotes('"a"'), [new Buffer('a', 'utf-8')]);
256 |     test.deepEqual(this.requestsInstance.stripQuotes('"a","b"'), [new Buffer('a', 'utf-8'), new Buffer('b', 'utf-8')]);
257 |     test.deepEqual(this.requestsInstance.stripQuotes('a,b'), [new Buffer('a', 'utf-8'), new Buffer('b', 'utf-8')]);
258 |     test.deepEqual(this.requestsInstance.stripQuotes('"asdf","qw er"'), [new Buffer('asdf', 'utf-8'), new Buffer('qw er', 'utf-8')]);
259 |     test.deepEqual(this.requestsInstance.stripQuotes('as df,qwer'), [new Buffer('as df', 'utf-8'), new Buffer('qwer', 'utf-8')]);
260 |     test.deepEqual(this.requestsInstance.stripQuotes('"asdf", "qw er"'), [new Buffer('asdf', 'utf-8'), new Buffer('qw er', 'utf-8')]);
261 |     test.deepEqual(this.requestsInstance.stripQuotes('as df , qwer'), [new Buffer('as df', 'utf-8'), new Buffer('qwer', 'utf-8')]);
262 |     test.deepEqual(this.requestsInstance.stripQuotes(' "asdf"  ,    "qw er"   '), [new Buffer('asdf', 'utf-8'), new Buffer('qw er', 'utf-8')]);
263 |     test.deepEqual(this.requestsInstance.stripQuotes('   as df    ,qwer    '), [new Buffer('as df', 'utf-8'), new Buffer('qwer', 'utf-8')]);
264 |     test.done();
265 |   },
266 |   'checkCondMet': function(test) {
267 |     setUp.bind(this)();
268 |     this.req.headers['if-none-match'] = '*';
269 |     this.requestsInstance.checkCondMet(this.req, this.res, 'me', '/qwer/asdf/cond', 412, function(err, answer) {
270 |       test.equal(err, null);
271 |       test.equal(answer, true);
272 |       test.equal(this.mainMock._condMetCalled, 1);
273 |       test.equal(this.res._status, undefined);
274 |       test.equal(this.res._headers, undefined);
275 |       test.equal(this.res._body, '');
276 |       test.equal(this.res._ended, false);
277 |       this.req.headers = {};
278 |       this.req.headers.authorization = 'asdfqwer-wrong';
279 |       this.req.headers['if-match'] = 'aap';
280 |       this.requestsInstance.checkCondMet(this.req, this.res, 'me', '/qwer/asdf/cond', 409, function(err, answer) {
281 |         test.equal(false, true);
282 |       }, function() {});
283 |       test.equal(this.mainMock._condMetCalled, 2);
284 |       test.equal(this.res._status, 409);
285 |       test.deepEqual(this.res._headers, {
286 |         'Access-Control-Allow-Origin': '*',
287 |         'Access-Control-Allow-Headers': 'Authorization, Content-Length, Content-Type, If-Match, If-None-Match, Origin, X-Requested-With',
288 |         'Access-Control-Expose-Headers': 'Content-Type, Content-Length, ETag',
289 |         'Access-Control-Allow-Methods': 'GET, PUT, DELETE',
290 |         'Cache-Control': 'no-cache, no-store',
291 |         'Expires': '0',
292 |         'etag': '"koe"',
293 |         'content-type': 'text/plain',
294 |         'content-length': '20'});
295 |       test.equal(this.res._body, '409 Computer says no');
296 |       test.equal(this.res._ended, true);
297 |       test.done();
298 |     }.bind(this));
299 |   },
300 |   'checkFound': function(test) {
301 |     setUp.bind(this)();
302 |     this.req.headers = {
303 |       origin: 'http://local.host'
304 |     };
305 |     this.requestsInstance.checkFound(this.req, this.res, 'me', '/existing', false, function(err, answer) {
306 |       test.equal(err, null);
307 |       test.equal(answer, true);
308 |       test.equal(this.mainMock._existsCalled, 1);
309 |       test.equal(this.res._status, undefined);
310 |       test.equal(this.res._headers, undefined);
311 |       test.equal(this.res._body, '');
312 |       test.equal(this.res._ended, false);
313 |       this.requestsInstance.checkFound(this.req, this.res, 'me', '/non-existing', false, function(err, answer) {
314 |         test.equal(false, true);
315 |       }, function() {});
316 |       test.equal(this.mainMock._existsCalled, 2);
317 |       test.equal(this.res._status, 404);
318 |       test.deepEqual(this.res._headers, {
319 |         'Access-Control-Allow-Origin': 'http://local.host',
320 |         'Access-Control-Allow-Headers': 'Authorization, Content-Length, Content-Type, If-Match, If-None-Match, Origin, X-Requested-With',
321 |         'Access-Control-Expose-Headers': 'Content-Type, Content-Length, ETag',
322 |         'Access-Control-Allow-Methods': 'GET, PUT, DELETE',
323 |         'Cache-Control': 'no-cache, no-store',
324 |         'Expires': '0',
325 |         'content-type': 'text/plain',
326 |         'content-length': '13'});
327 |       test.equal(this.res._body, '404 Not Found');
328 |       test.equal(this.res._ended, true);
329 |       test.done();
330 |     }.bind(this));
331 |   },
332 |   'illegal verb': function(test) {
333 |     setUp.bind(this)();
334 |     test.expect(6);
335 |     this.res.onEnd(function() {
336 |       test.equal(this.scopesMock._mayReadCalled, 0);
337 |       test.equal(this.scopesMock._mayWriteCalled, 0);
338 |       test.equal(this.res._status, 405);
339 |       test.deepEqual(this.res._headers, {
340 |         'Access-Control-Allow-Origin': 'http://local.host',
341 |         'Access-Control-Allow-Headers': 'Authorization, Content-Length, Content-Type, If-Match, If-None-Match, Origin, X-Requested-With',
342 |         'Access-Control-Expose-Headers': 'Content-Type, Content-Length, ETag',
343 |         'Access-Control-Allow-Methods': 'GET, PUT, DELETE',
344 |         'Cache-Control': 'no-cache, no-store',
345 |         'Expires': '0',
346 |         'content-type': 'text/plain',
347 |         'content-length': '22'
348 |       });
349 |       test.equal(this.res._body, '405 Method not allowed');
350 |       test.equal(this.res._ended, true);
351 |       test.done();
352 |     }.bind(this));
353 |     this.req = {
354 |       method: 'PATCH',
355 |       url: '/path/to/storage/me/existing',
356 |       headers: {
357 |         origin: 'http://local.host',
358 |         authorization: 'Bearer SECRET'
359 |       }
360 |     };
361 |     this.requestsInstance.handleRequest(this.req, this.res);
362 |   },
363 |   'OPTIONS verb': function(test) {
364 |     setUp.bind(this)();
365 |     test.expect(6);
366 |     this.res.onEnd(function() {
367 |       test.equal(this.scopesMock._mayReadCalled, 0);
368 |       test.equal(this.scopesMock._mayWriteCalled, 0);
369 |       test.equal(this.res._status, 200);
370 |       test.deepEqual(this.res._headers, {
371 |         'Access-Control-Allow-Origin': 'http://local.host',
372 |         'Access-Control-Allow-Headers': 'Authorization, Content-Length, Content-Type, If-Match, If-None-Match, Origin, X-Requested-With',
373 |         'Access-Control-Expose-Headers': 'Content-Type, Content-Length, ETag',
374 |         'Access-Control-Allow-Methods': 'GET, PUT, DELETE',
375 |         'Cache-Control': 'no-cache, no-store',
376 |         'Expires': '0'
377 |       });
378 |       test.equal(this.res._body, '');
379 |       test.equal(this.res._ended, true);
380 |       test.done();
381 |     }.bind(this));
382 |     this.req = {
383 |       method: 'OPTIONS',
384 |       url: '/path/to/storage/me/existing',
385 |       headers: {
386 |         origin: 'http://local.host',
387 |         authorization: 'Bearer SECRET'
388 |       }
389 |     };
390 |     this.requestsInstance.handleRequest(this.req, this.res);
391 |   },
392 |   'HEAD verb document': function(test) {
393 |     setUp.bind(this)();
394 |     test.expect(6);
395 |     this.res.onEnd(function() {
396 |       test.equal(this.scopesMock._mayReadCalled, 1);
397 |       test.equal(this.scopesMock._mayWriteCalled, 0);
398 |       test.equal(this.res._status, 200);
399 |       test.deepEqual(this.res._headers, {
400 |         'Access-Control-Allow-Origin': 'http://local.host',
401 |         'Access-Control-Allow-Headers': 'Authorization, Content-Length, Content-Type, If-Match, If-None-Match, Origin, X-Requested-With',
402 |         'Access-Control-Expose-Headers': 'Content-Type, Content-Length, ETag',
403 |         'Access-Control-Allow-Methods': 'GET, PUT, DELETE',
404 |         'Cache-Control': 'no-cache, no-store',
405 |         'Expires': '0',
406 |         'etag': '"koe"',
407 |         'content-length': '18',
408 |         'content-type': 'very!'
409 |       });
410 |       test.equal(this.res._body, '');
411 |       test.equal(this.res._ended, true);
412 |       test.done();
413 |     }.bind(this));
414 |     this.req = {
415 |       method: 'HEAD',
416 |       url: '/path/to/storage/me/existing',
417 |       headers: {
418 |         origin: 'http://local.host',
419 |         authorization: 'Bearer SECRET'
420 |       }
421 |     };
422 |     this.requestsInstance.handleRequest(this.req, this.res, 'etags-only', new Buffer('asdf', 'utf-8'));
423 |   },
424 |   'HEAD verb folder': function(test) {
425 |     setUp.bind(this)();
426 |     test.expect(6);
427 |     this.res.onEnd(function() {
428 |       test.equal(this.scopesMock._mayReadCalled, 1);
429 |       test.equal(this.scopesMock._mayWriteCalled, 0);
430 |       test.equal(this.res._status, 200);
431 |       test.deepEqual(this.res._headers, {
432 |         'Access-Control-Allow-Origin': 'http://local.host',
433 |         'Access-Control-Allow-Headers': 'Authorization, Content-Length, Content-Type, If-Match, If-None-Match, Origin, X-Requested-With',
434 |         'Access-Control-Expose-Headers': 'Content-Type, Content-Length, ETag',
435 |         'Access-Control-Allow-Methods': 'GET, PUT, DELETE',
436 |         'Cache-Control': 'no-cache, no-store',
437 |         'Expires': '0',
438 |         'etag': '"koe"',
439 |         'content-type': 'asdf'
440 |       });
441 |       test.equal(this.res._body, '');
442 |       test.equal(this.res._ended, true);
443 |       test.done();
444 |     }.bind(this));
445 |     this.req = {
446 |       method: 'HEAD',
447 |       url: '/path/to/storage/me/folder/',
448 |       headers: {
449 |         origin: 'http://local.host',
450 |         authorization: 'Bearer SECRET'
451 |       }
452 |     };
453 |     this.requestsInstance.handleRequest(this.req, this.res, 'etags-only', new Buffer('asdf', 'utf-8'));
454 |   },
455 |   'GET verb document': function(test) {
456 |     setUp.bind(this)();
457 |     test.expect(7);
458 |     this.res.onEnd(function() {
459 |       test.equal(this.scopesMock._mayReadCalled, 1);
460 |       test.equal(this.scopesMock._mayWriteCalled, 0);
461 |       test.equal(this.mainMock._getContentCalled, 1);
462 |       test.equal(this.res._status, 200);
463 |       test.deepEqual(this.res._headers, {
464 |         'Access-Control-Allow-Origin': 'http://local.host',
465 |         'Access-Control-Allow-Headers': 'Authorization, Content-Length, Content-Type, If-Match, If-None-Match, Origin, X-Requested-With',
466 |         'Access-Control-Expose-Headers': 'Content-Type, Content-Length, ETag',
467 |         'Access-Control-Allow-Methods': 'GET, PUT, DELETE',
468 |         'Cache-Control': 'no-cache, no-store',
469 |         'Expires': '0',
470 |         'etag': '"koe"',
471 |         'content-length': '18',
472 |         'content-type': 'very!'
473 |       });
474 |       test.equal(this.res._body, 'yes, very content!');
475 |       test.equal(this.res._ended, true);
476 |       test.done();
477 |     }.bind(this));
478 |     this.req = {
479 |       method: 'GET',
480 |       url: '/path/to/storage/me/existing',
481 |       headers: {
482 |         origin: 'http://local.host',
483 |         authorization: 'Bearer SECRET'
484 |       }
485 |     };
486 |     this.requestsInstance.handleRequest(this.req, this.res, 'etags-only', new Buffer('asdf', 'utf-8'));
487 |   },
488 |   'GET verb folder': function(test) {
489 |     setUp.bind(this)();
490 |     test.expect(7);
491 |     this.res.onEnd(function() {
492 |       test.equal(this.scopesMock._mayReadCalled, 1);
493 |       test.equal(this.scopesMock._mayWriteCalled, 0);
494 |       test.equal(this.mainMock._getFolderDescriptionCalled, 1);
495 |       test.equal(this.res._status, 200);
496 |       test.deepEqual(this.res._headers, {
497 |         'Access-Control-Allow-Origin': 'http://local.host',
498 |         'Access-Control-Allow-Headers': 'Authorization, Content-Length, Content-Type, If-Match, If-None-Match, Origin, X-Requested-With',
499 |         'Access-Control-Expose-Headers': 'Content-Type, Content-Length, ETag',
500 |         'Access-Control-Allow-Methods': 'GET, PUT, DELETE',
501 |         'Cache-Control': 'no-cache, no-store',
502 |         'Expires': '0',
503 |         'etag': '"koe"',
504 |         'content-length': '9',
505 |         'content-type': 'asdf'
506 |       });
507 |       test.equal(this.res._body, JSON.stringify({a: 'b'}));
508 |       test.equal(this.res._ended, true);
509 |       test.done();
510 |     }.bind(this));
511 |     this.req = {
512 |       method: 'GET',
513 |       url: '/path/to/storage/me/folder/',
514 |       headers: {
515 |         origin: 'http://local.host',
516 |         authorization: 'Bearer SECRET'
517 |       }
518 |     };
519 |     this.requestsInstance.handleRequest(this.req, this.res, 'etags-only', new Buffer('asdf', 'utf-8'));
520 |   },
521 |   'PUT verb': function(test) {
522 |     setUp.bind(this)();
523 |     test.expect(10);
524 |     this.res.onEnd(function() {
525 |       test.equal(this.scopesMock._mayReadCalled, 0);
526 |       test.equal(this.scopesMock._mayWriteCalled, 1);
527 |       test.equal(this.mainMock._setCalled, 1);
528 |       test.equal(this.mainMock._data['me:/existing'][0], 'i put you');
529 |       test.equal(this.mainMock._data['me:/existing'][1], undefined);
530 |       test.equal(Buffer.isBuffer(this.mainMock._data['me:/existing'][2]), true);
531 |       test.equal(this.res._status, 200);
532 |       test.deepEqual(this.res._headers, {
533 |         'Access-Control-Allow-Origin': 'http://local.host',
534 |         'Access-Control-Allow-Headers': 'Authorization, Content-Length, Content-Type, If-Match, If-None-Match, Origin, X-Requested-With',
535 |         'Access-Control-Expose-Headers': 'Content-Type, Content-Length, ETag',
536 |         'Access-Control-Allow-Methods': 'GET, PUT, DELETE',
537 |         'Cache-Control': 'no-cache, no-store',
538 |         'Expires': '0',
539 |         'etag': '"' + this.mainMock._data['me:/existing'][2] + '"'
540 |       });
541 |       test.equal(this.res._body, '');
542 |       test.equal(this.res._ended, true);
543 |       test.done();
544 |     }.bind(this));
545 |     this.req = {
546 |       _queuedData: false,
547 |       _dataCb: function(buf) {
548 |         this._queuedData = buf;
549 |       },
550 |       _queuedEnd: false,
551 |       _endCb: function() {
552 |         this._queuedEnd = true;
553 |       },
554 |       method: 'PUT',
555 |       url: '/path/to/storage/me/existing',
556 |       headers: {
557 |         origin: 'http://local.host',
558 |         authorization: 'Bearer SECRET',
559 |         'if-none-match': '"123", "456"'
560 |       },
561 |       on: function(event, cb) {
562 |         if (event === 'data') {
563 |           if(this._queuedData) {
564 |             cb(this._queuedData);
565 |           };
566 |           this._dataCb = cb;
567 |         } else if (event === 'end') {
568 |           if(this._queuedEnd) {
569 |             cb();
570 |           };
571 |           this._endCb = cb;
572 |         }
573 |       }
574 |     };
575 |     this.requestsInstance.handleRequest(this.req, this.res);
576 |     this.req._dataCb(new Buffer('i put you', 'utf-8'));
577 |     this.req._endCb();
578 |   },
579 |   'DELETE verb': function(test) {
580 |     setUp.bind(this)();
581 |     test.expect(10);
582 |     this.res.onEnd(function() {
583 |       test.equal(this.scopesMock._mayReadCalled, 0);
584 |       test.equal(this.scopesMock._mayWriteCalled, 1);
585 |       test.equal(this.mainMock._setCalled, 1);
586 |       test.equal(this.mainMock._data['me:/existing'][0], undefined);
587 |       test.equal(this.mainMock._data['me:/existing'][1], undefined);
588 |       test.equal(this.mainMock._data['me:/existing'][2], undefined);
589 |       test.equal(this.res._status, 200);
590 |       test.deepEqual(this.res._headers, {
591 |         'Access-Control-Allow-Origin': 'http://local.host',
592 |         'Access-Control-Allow-Headers': 'Authorization, Content-Length, Content-Type, If-Match, If-None-Match, Origin, X-Requested-With',
593 |         'Access-Control-Expose-Headers': 'Content-Type, Content-Length, ETag',
594 |         'Access-Control-Allow-Methods': 'GET, PUT, DELETE',
595 |         'Cache-Control': 'no-cache, no-store',
596 |         'Expires': '0'
597 |       });
598 |       test.equal(this.res._body, '');
599 |       test.equal(this.res._ended, true);
600 |       test.done();
601 |     }.bind(this));
602 |     this.req = {
603 |       method: 'DELETE',
604 |       url: '/path/to/storage/me/existing',
605 |       headers: {
606 |         origin: 'http://local.host',
607 |         authorization: 'Bearer SECRET',
608 |         'if-none-match': '"123", "456"'
609 |       }
610 |     };
611 |     this.requestsInstance.handleRequest(this.req, this.res);
612 |   }
613 | });
614 | 


--------------------------------------------------------------------------------
/test/scopes.js:
--------------------------------------------------------------------------------
   1 | var Scopes = require('../lib/scopes'),
   2 |   nodeunit = require('nodeunit');
   3 |   
   4 | function setUp() {
   5 |   this.tokenStore = {
   6 |     _data: {},
   7 |     get: function(username, token, cb) {
   8 |       cb(null, this._data[username+':'+token]); },
   9 |     set: function(username, token, scopes, cb) {
  10 |       this._data[username+':'+token] = scopes; cb(null); }
  11 |   };
  12 |   this.scopesInstance = new Scopes(this.tokenStore);
  13 | }
  14 | 
  15 | exports['scopes'] = nodeunit.testCase({
  16 |   /*setUp: function() {
  17 |   },
  18 |   tearDown: function() {
  19 |   },*/
  20 |   'makeScopePaths for modules': function(test) {
  21 |     setUp.bind(this)();
  22 |     test.expect(1);
  23 |     test.deepEqual(this.scopesInstance.makeScopePaths(['foo:r', 'bar:rw']).sort(), ['/foo/:r', '/public/foo/:r', '/bar/:rw', '/public/bar/:rw'].sort());
  24 |     test.done();
  25 |   },
  26 |   'makeScopePaths for root': function(test) {
  27 |     setUp.bind(this)();
  28 |     test.expect(2);
  29 |     test.deepEqual(this.scopesInstance.makeScopePaths(['*:r'], '*'), ['/:r']);
  30 |     test.deepEqual(this.scopesInstance.makeScopePaths(['root:rw'], 'root'), ['/:rw']);
  31 |     test.done();
  32 |   },
  33 |   'mayRead for foo:r foo': function(test) {
  34 |     setUp.bind(this)();
  35 |     test.expect(24);
  36 |     this.tokenStore._data = { 'me:SECRET': this.scopesInstance.makeScopePaths(['foo:r'])};
  37 |     this.scopesInstance.mayRead('Bearer SECRET', 'me', '/foo/', function(err, answer) {
  38 |       test.equal(err, null);
  39 |       test.equal(answer, true);
  40 |       this.scopesInstance.mayRead('Bearer wrong', 'me', '/foo/', function(err, answer) {
  41 |         test.equal(err, null);
  42 |         test.equal(answer, false);
  43 |         this.scopesInstance.mayRead('Bearer SECRET', 'me', '/foo/bar', function(err, answer) {
  44 |           test.equal(err, null);
  45 |           test.equal(answer, true);
  46 |           this.scopesInstance.mayRead('Bearer wrong', 'me', '/foo/bar', function(err, answer) {
  47 |             test.equal(err, null);
  48 |             test.equal(answer, false);
  49 |             this.scopesInstance.mayRead('Bearer SECRET', 'me', '/foo/bar/', function(err, answer) {
  50 |               test.equal(err, null);
  51 |               test.equal(answer, true);
  52 |               this.scopesInstance.mayRead('Bearer wrong', 'me', '/foo/bar/', function(err, answer) {
  53 |                 test.equal(err, null);
  54 |                 test.equal(answer, false);
  55 |                 this.scopesInstance.mayRead('Bearer SECRET', 'me', '/public/foo/', function(err, answer) {
  56 |                   test.equal(err, null);
  57 |                   test.equal(answer, true);
  58 |                   this.scopesInstance.mayRead('Bearer wrong', 'me', '/public/foo/', function(err, answer) {
  59 |                     test.equal(err, null);
  60 |                     test.equal(answer, false);
  61 |                     this.scopesInstance.mayRead('Bearer SECRET', 'me', '/public/foo/bar', function(err, answer) {
  62 |                       test.equal(err, null);
  63 |                       test.equal(answer, true);
  64 |                       this.scopesInstance.mayRead('Bearer wrong', 'me', '/public/foo/bar', function(err, answer) {//public
  65 |                         test.equal(err, null);
  66 |                         test.equal(answer, true);
  67 |                         this.scopesInstance.mayRead('Bearer SECRET', 'me', '/public/foo/bar/', function(err, answer) {
  68 |                           test.equal(err, null);
  69 |                           test.equal(answer, true);
  70 |                           this.scopesInstance.mayRead('Bearer wrong', 'me', '/public/foo/bar/', function(err, answer) {
  71 |                             test.equal(err, null);
  72 |                             test.equal(answer, false);
  73 |                             test.done();
  74 |                           }.bind(this));
  75 |                         }.bind(this));
  76 |                       }.bind(this));
  77 |                     }.bind(this));
  78 |                   }.bind(this));
  79 |                 }.bind(this));
  80 |               }.bind(this));
  81 |             }.bind(this));
  82 |           }.bind(this));
  83 |         }.bind(this));
  84 |       }.bind(this));
  85 |     }.bind(this));
  86 |   },
  87 |   'mayRead for foo:r bar': function(test) {
  88 |     setUp.bind(this)();
  89 |     test.expect(24);
  90 |     this.tokenStore._data = { 'me:SECRET': this.scopesInstance.makeScopePaths(['foo:r'])};
  91 |     this.scopesInstance.mayRead('Bearer SECRET', 'me', '/bar/', function(err, answer) {
  92 |       test.equal(err, null);
  93 |       test.equal(answer, false);
  94 |       this.scopesInstance.mayRead('Bearer wrong', 'me', '/bar/', function(err, answer) {
  95 |         test.equal(err, null);
  96 |         test.equal(answer, false);
  97 |         this.scopesInstance.mayRead('Bearer SECRET', 'me', '/bar/bar', function(err, answer) {
  98 |           test.equal(err, null); 
  99 |           test.equal(answer, false);
 100 |           this.scopesInstance.mayRead('Bearer wrong', 'me', '/bar/bar', function(err, answer) { 
 101 |             test.equal(err, null); 
 102 |             test.equal(answer, false);
 103 |             this.scopesInstance.mayRead('Bearer SECRET', 'me', '/bar/bar/', function(err, answer) { 
 104 |               test.equal(err, null); 
 105 |               test.equal(answer, false);
 106 |               this.scopesInstance.mayRead('Bearer wrong', 'me', '/bar/bar/', function(err, answer) { 
 107 |                 test.equal(err, null); 
 108 |                 test.equal(answer, false);
 109 |                 this.scopesInstance.mayRead('Bearer SECRET', 'me', '/public/bar/', function(err, answer) { 
 110 |                   test.equal(err, null); 
 111 |                   test.equal(answer, false);
 112 |                   this.scopesInstance.mayRead('Bearer wrong', 'me', '/public/bar/', function(err, answer) { 
 113 |                     test.equal(err, null); 
 114 |                     test.equal(answer, false);
 115 |                     this.scopesInstance.mayRead('Bearer SECRET', 'me', '/public/bar/bar', function(err, answer) {//public
 116 |                       test.equal(err, null);
 117 |                       test.equal(answer, true);
 118 |                       this.scopesInstance.mayRead('Bearer wrong', 'me', '/public/bar/bar', function(err, answer) {//public
 119 |                         test.equal(err, null);
 120 |                         test.equal(answer, true);
 121 |                         this.scopesInstance.mayRead('Bearer SECRET', 'me', '/public/bar/bar/', function(err, answer) { 
 122 |                           test.equal(err, null); 
 123 |                           test.equal(answer, false);
 124 |                           this.scopesInstance.mayRead('Bearer wrong', 'me', '/public/bar/bar/', function(err, answer) { 
 125 |                             test.equal(err, null); 
 126 |                             test.equal(answer, false);
 127 |                             test.done();
 128 |                           }.bind(this));
 129 |                         }.bind(this));
 130 |                       }.bind(this));
 131 |                     }.bind(this));
 132 |                   }.bind(this));
 133 |                 }.bind(this));
 134 |               }.bind(this));
 135 |             }.bind(this));
 136 |           }.bind(this));
 137 |         }.bind(this));
 138 |       }.bind(this));
 139 |     }.bind(this));
 140 |   },
 141 |   'mayRead for foo:r root': function(test) {
 142 |     setUp.bind(this)();
 143 |     test.expect(12);
 144 |     this.tokenStore._data = { 'me:SECRET': this.scopesInstance.makeScopePaths(['foo:r'])};
 145 |     this.scopesInstance.mayRead('Bearer SECRET', 'me', '/', function(err, answer) { 
 146 |       test.equal(err, null); 
 147 |       test.equal(answer, false);
 148 |       this.scopesInstance.mayRead('Bearer wrong', 'me', '/', function(err, answer) { 
 149 |         test.equal(err, null); 
 150 |         test.equal(answer, false);
 151 |         this.scopesInstance.mayRead('Bearer SECRET', 'me', '/foo', function(err, answer) { 
 152 |           test.equal(err, null); 
 153 |           test.equal(answer, false);
 154 |           this.scopesInstance.mayRead('Bearer wrong', 'me', '/bar', function(err, answer) { 
 155 |             test.equal(err, null); 
 156 |             test.equal(answer, false);
 157 |             this.scopesInstance.mayRead('Bearer SECRET', 'me', '/bar', function(err, answer) { 
 158 |               test.equal(err, null); 
 159 |               test.equal(answer, false);
 160 |               this.scopesInstance.mayRead('Bearer wrong', 'me', '/foo', function(err, answer) { 
 161 |                 test.equal(err, null); 
 162 |                 test.equal(answer, false);
 163 |                 test.done();
 164 |               }.bind(this));
 165 |             }.bind(this));
 166 |           }.bind(this));
 167 |         }.bind(this));
 168 |       }.bind(this));
 169 |     }.bind(this));
 170 |   },
 171 |   'mayRead for foo:r outside': function(test) {
 172 |     setUp.bind(this)();
 173 |     test.expect(12);
 174 |     this.tokenStore._data = { 'me:SECRET': this.scopesInstance.makeScopePaths(['foo:r'])};
 175 |     this.scopesInstance.mayRead('Bearer SECRET', '', '', function(err, answer) { 
 176 |       test.equal(err, null); 
 177 |       test.equal(answer, false);
 178 |       this.scopesInstance.mayRead('Bearer wrong', '', '', function(err, answer) { 
 179 |         test.equal(err, null); 
 180 |         test.equal(answer, false);
 181 |         this.scopesInstance.mayRead('Bearer SECRET', 'me', '/', function(err, answer) { 
 182 |           test.equal(err, null); 
 183 |           test.equal(answer, false);
 184 |           this.scopesInstance.mayRead('Bearer wrong', 'me', '/', function(err, answer) { 
 185 |             test.equal(err, null); 
 186 |             test.equal(answer, false);
 187 |             this.scopesInstance.mayRead('Bearer SECRET', 'you', '/', function(err, answer) { 
 188 |               test.equal(err, null); 
 189 |               test.equal(answer, false);
 190 |               this.scopesInstance.mayRead('Bearer wrong', 'you', '/', function(err, answer) { 
 191 |                 test.equal(err, null); 
 192 |                 test.equal(answer, false);
 193 |                 test.done();
 194 |               }.bind(this));
 195 |             }.bind(this));
 196 |           }.bind(this));
 197 |         }.bind(this));
 198 |       }.bind(this));
 199 |     }.bind(this));
 200 |   },
 201 |   'mayRead for foo:r other users': function(test) {
 202 |     setUp.bind(this)();
 203 |     test.expect(20);
 204 |     this.tokenStore._data = { 'me:SECRET': this.scopesInstance.makeScopePaths(['foo:r'])};
 205 |     this.scopesInstance.mayRead('Bearer SECRET', 'you', '/', function(err, answer) { 
 206 |       test.equal(err, null); 
 207 |       test.equal(answer, false);
 208 |       this.scopesInstance.mayRead('Bearer wrong', 'you', '/', function(err, answer) { 
 209 |         test.equal(err, null); 
 210 |         test.equal(answer, false);
 211 |         this.scopesInstance.mayRead('Bearer SECRET', 'you', 'foo', function(err, answer) { 
 212 |           test.equal(err, null); 
 213 |           test.equal(answer, false);
 214 |           this.scopesInstance.mayRead('Bearer wrong', 'you', 'foo', function(err, answer) { 
 215 |             test.equal(err, null); 
 216 |             test.equal(answer, false);
 217 |             this.scopesInstance.mayRead('Bearer SECRET', 'you', 'foo/', function(err, answer) { 
 218 |               test.equal(err, null); 
 219 |               test.equal(answer, false);
 220 |               this.scopesInstance.mayRead('Bearer wrong', 'you', 'foo/', function(err, answer) { 
 221 |                 test.equal(err, null); 
 222 |                 test.equal(answer, false);
 223 |                 this.scopesInstance.mayRead('Bearer SECRET', 'you', 'foo/bar', function(err, answer) { 
 224 |                   test.equal(err, null); 
 225 |                   test.equal(answer, false);
 226 |                   this.scopesInstance.mayRead('Bearer wrong', 'you', 'foo/bar', function(err, answer) { 
 227 |                     test.equal(err, null); 
 228 |                     test.equal(answer, false);
 229 |                     this.scopesInstance.mayRead('Bearer SECRET', 'you', 'foo/bar/', function(err, answer) { 
 230 |                       test.equal(err, null); 
 231 |                       test.equal(answer, false);
 232 |                       this.scopesInstance.mayRead('Bearer wrong', 'you', 'foo/bar/', function(err, answer) { 
 233 |                         test.equal(err, null); 
 234 |                         test.equal(answer, false);
 235 |                         test.done();
 236 |                       }.bind(this));
 237 |                     }.bind(this));
 238 |                   }.bind(this));
 239 |                 }.bind(this));
 240 |               }.bind(this));
 241 |             }.bind(this));
 242 |           }.bind(this));
 243 |         }.bind(this));
 244 |       }.bind(this));
 245 |     }.bind(this));
 246 |   },
 247 |   'mayRead for foo:rw - foo': function(test) {
 248 |     setUp.bind(this)();
 249 |     test.expect(24);
 250 |     this.tokenStore._data = { 'me:SECRET': this.scopesInstance.makeScopePaths(['foo:rw'])};
 251 |     this.scopesInstance.mayRead('Bearer SECRET', 'me', '/foo/', function(err, answer) { 
 252 |       test.equal(err, null); 
 253 |       test.equal(answer, true);
 254 |       this.scopesInstance.mayRead('Bearer wrong', 'me', '/foo/', function(err, answer) { 
 255 |         test.equal(err, null); 
 256 |         test.equal(answer, false);
 257 |         this.scopesInstance.mayRead('Bearer SECRET', 'me', '/foo/bar', function(err, answer) { 
 258 |           test.equal(err, null); 
 259 |           test.equal(answer, true);
 260 |           this.scopesInstance.mayRead('Bearer wrong', 'me', '/foo/bar', function(err, answer) { 
 261 |             test.equal(err, null); 
 262 |             test.equal(answer, false);
 263 |             this.scopesInstance.mayRead('Bearer SECRET', 'me', '/foo/bar/', function(err, answer) { 
 264 |               test.equal(err, null); 
 265 |               test.equal(answer, true);
 266 |               this.scopesInstance.mayRead('Bearer wrong', 'me', '/foo/bar/', function(err, answer) { 
 267 |                 test.equal(err, null); 
 268 |                 test.equal(answer, false);
 269 |                 this.scopesInstance.mayRead('Bearer SECRET', 'me', '/public/foo/', function(err, answer) { 
 270 |                   test.equal(err, null); 
 271 |                   test.equal(answer, true);
 272 |                   this.scopesInstance.mayRead('Bearer wrong', 'me', '/public/foo/', function(err, answer) { 
 273 |                     test.equal(err, null); 
 274 |                     test.equal(answer, false);
 275 |                     this.scopesInstance.mayRead('Bearer SECRET', 'me', '/public/foo/bar', function(err, answer) { 
 276 |                       test.equal(err, null); 
 277 |                       test.equal(answer, true);
 278 |                       this.scopesInstance.mayRead('Bearer wrong', 'me', '/public/foo/bar', function(err, answer) {//public
 279 |                         test.equal(err, null);
 280 |                         test.equal(answer, true);
 281 |                         this.scopesInstance.mayRead('Bearer SECRET', 'me', '/public/foo/bar/', function(err, answer) { 
 282 |                           test.equal(err, null); 
 283 |                           test.equal(answer, true);
 284 |                           this.scopesInstance.mayRead('Bearer wrong', 'me', '/public/foo/bar/', function(err, answer) { 
 285 |                             test.equal(err, null); 
 286 |                             test.equal(answer, false);
 287 |                             test.done();
 288 |                           }.bind(this));
 289 |                         }.bind(this));
 290 |                       }.bind(this));
 291 |                     }.bind(this));
 292 |                   }.bind(this));
 293 |                 }.bind(this));
 294 |               }.bind(this));
 295 |             }.bind(this));
 296 |           }.bind(this));
 297 |         }.bind(this));
 298 |       }.bind(this));
 299 |     }.bind(this));
 300 |   },
 301 |   'mayRead for foo:rw - bar': function(test) {
 302 |     setUp.bind(this)();
 303 |     test.expect(24);
 304 |     this.tokenStore._data = { 'me:SECRET': this.scopesInstance.makeScopePaths(['foo:rw'])};
 305 |     this.scopesInstance.mayRead('Bearer SECRET', 'me', '/bar/', function(err, answer) { 
 306 |       test.equal(err, null); 
 307 |       test.equal(answer, false);
 308 |       this.scopesInstance.mayRead('Bearer wrong', 'me', '/bar/', function(err, answer) { 
 309 |         test.equal(err, null); 
 310 |         test.equal(answer, false);
 311 |         this.scopesInstance.mayRead('Bearer SECRET', 'me', '/bar/bar', function(err, answer) { 
 312 |           test.equal(err, null); 
 313 |           test.equal(answer, false);
 314 |           this.scopesInstance.mayRead('Bearer wrong', 'me', '/bar/bar', function(err, answer) { 
 315 |             test.equal(err, null); 
 316 |             test.equal(answer, false);
 317 |             this.scopesInstance.mayRead('Bearer SECRET', 'me', '/bar/bar/', function(err, answer) { 
 318 |               test.equal(err, null); 
 319 |               test.equal(answer, false);
 320 |               this.scopesInstance.mayRead('Bearer wrong', 'me', '/bar/bar/', function(err, answer) { 
 321 |                 test.equal(err, null); 
 322 |                 test.equal(answer, false);
 323 |                 this.scopesInstance.mayRead('Bearer SECRET', 'me', '/public/bar/', function(err, answer) { 
 324 |                   test.equal(err, null); 
 325 |                   test.equal(answer, false);
 326 |                   this.scopesInstance.mayRead('Bearer wrong', 'me', '/public/bar/', function(err, answer) { 
 327 |                     test.equal(err, null); 
 328 |                     test.equal(answer, false);
 329 |                     this.scopesInstance.mayRead('Bearer SECRET', 'me', '/public/bar/bar', function(err, answer) {//public
 330 |                       test.equal(err, null);
 331 |                       test.equal(answer, true);
 332 |                       this.scopesInstance.mayRead('Bearer wrong', 'me', '/public/bar/bar', function(err, answer) {//public
 333 |                         test.equal(err, null);
 334 |                         test.equal(answer, true);
 335 |                         this.scopesInstance.mayRead('Bearer SECRET', 'me', '/public/bar/bar/', function(err, answer) { 
 336 |                           test.equal(err, null); 
 337 |                           test.equal(answer, false);
 338 |                           this.scopesInstance.mayRead('Bearer wrong', 'me', '/public/bar/bar/', function(err, answer) { 
 339 |                             test.equal(err, null); 
 340 |                             test.equal(answer, false);
 341 |                             test.done();
 342 |                           }.bind(this));
 343 |                         }.bind(this));
 344 |                       }.bind(this));
 345 |                     }.bind(this));
 346 |                   }.bind(this));
 347 |                 }.bind(this));
 348 |               }.bind(this));
 349 |             }.bind(this));
 350 |           }.bind(this));
 351 |         }.bind(this));
 352 |       }.bind(this));
 353 |     }.bind(this));
 354 |   },
 355 |   'mayRead for foo:rw - root': function(test) {
 356 |     setUp.bind(this)();
 357 |     test.expect(12);
 358 |     this.tokenStore._data = { 'me:SECRET': this.scopesInstance.makeScopePaths(['foo:rw'])};
 359 |     this.scopesInstance.mayRead('Bearer SECRET', 'me', '/', function(err, answer) { 
 360 |       test.equal(err, null); 
 361 |       test.equal(answer, false);
 362 |       this.scopesInstance.mayRead('Bearer wrong', 'me', '/', function(err, answer) { 
 363 |         test.equal(err, null); 
 364 |         test.equal(answer, false);
 365 |         this.scopesInstance.mayRead('Bearer SECRET', 'me', '/foo', function(err, answer) { 
 366 |           test.equal(err, null); 
 367 |           test.equal(answer, false);
 368 |           this.scopesInstance.mayRead('Bearer wrong', 'me', '/bar', function(err, answer) { 
 369 |             test.equal(err, null); 
 370 |             test.equal(answer, false);
 371 |             this.scopesInstance.mayRead('Bearer SECRET', 'me', '/bar', function(err, answer) { 
 372 |               test.equal(err, null); 
 373 |               test.equal(answer, false);
 374 |               this.scopesInstance.mayRead('Bearer wrong', 'me', '/foo', function(err, answer) { 
 375 |                 test.equal(err, null); 
 376 |                 test.equal(answer, false);
 377 |                 test.done();
 378 |               }.bind(this));
 379 |             }.bind(this));
 380 |           }.bind(this));
 381 |         }.bind(this));
 382 |       }.bind(this));
 383 |     }.bind(this));
 384 |   },
 385 |   'mayRead for foo:rw - outside': function(test) {
 386 |     setUp.bind(this)();
 387 |     test.expect(12);
 388 |     this.tokenStore._data = { 'me:SECRET': this.scopesInstance.makeScopePaths(['foo:rw'])};
 389 |     this.scopesInstance.mayRead('Bearer SECRET', '', '', function(err, answer) { 
 390 |       test.equal(err, null); 
 391 |       test.equal(answer, false);
 392 |       this.scopesInstance.mayRead('Bearer wrong', '', '', function(err, answer) { 
 393 |         test.equal(err, null); 
 394 |         test.equal(answer, false);
 395 |         this.scopesInstance.mayRead('Bearer SECRET', 'me', '/', function(err, answer) { 
 396 |           test.equal(err, null); 
 397 |           test.equal(answer, false);
 398 |           this.scopesInstance.mayRead('Bearer wrong', 'me', '/', function(err, answer) { 
 399 |             test.equal(err, null); 
 400 |             test.equal(answer, false);
 401 |             this.scopesInstance.mayRead('Bearer SECRET', 'you', '/', function(err, answer) { 
 402 |               test.equal(err, null); 
 403 |               test.equal(answer, false);
 404 |               this.scopesInstance.mayRead('Bearer wrong', 'you', '/', function(err, answer) { 
 405 |                 test.equal(err, null); 
 406 |                 test.equal(answer, false);
 407 |                 test.done();
 408 |               }.bind(this));
 409 |             }.bind(this));
 410 |           }.bind(this));
 411 |         }.bind(this));
 412 |       }.bind(this));
 413 |     }.bind(this));
 414 |   },
 415 |   'mayRead for foo:rw - other users': function(test) {
 416 |     setUp.bind(this)();
 417 |     test.expect(20);
 418 |     this.tokenStore._data = { 'me:SECRET': this.scopesInstance.makeScopePaths(['foo:rw'])};
 419 |     this.scopesInstance.mayRead('Bearer SECRET', 'you', '/', function(err, answer) { 
 420 |       test.equal(err, null); 
 421 |       test.equal(answer, false);
 422 |       this.scopesInstance.mayRead('Bearer wrong', 'you', '/', function(err, answer) { 
 423 |         test.equal(err, null); 
 424 |         test.equal(answer, false);
 425 |         this.scopesInstance.mayRead('Bearer SECRET', 'you', 'foo', function(err, answer) { 
 426 |           test.equal(err, null); 
 427 |           test.equal(answer, false);
 428 |           this.scopesInstance.mayRead('Bearer wrong', 'you', 'foo', function(err, answer) { 
 429 |             test.equal(err, null); 
 430 |             test.equal(answer, false);
 431 |             this.scopesInstance.mayRead('Bearer SECRET', 'you', 'foo/', function(err, answer) { 
 432 |               test.equal(err, null); 
 433 |               test.equal(answer, false);
 434 |               this.scopesInstance.mayRead('Bearer wrong', 'you', 'foo/', function(err, answer) { 
 435 |                 test.equal(err, null); 
 436 |                 test.equal(answer, false);
 437 |                 this.scopesInstance.mayRead('Bearer SECRET', 'you', 'foo/bar', function(err, answer) { 
 438 |                   test.equal(err, null); 
 439 |                   test.equal(answer, false);
 440 |                   this.scopesInstance.mayRead('Bearer wrong', 'you', 'foo/bar', function(err, answer) { 
 441 |                     test.equal(err, null); 
 442 |                     test.equal(answer, false);
 443 |                     this.scopesInstance.mayRead('Bearer SECRET', 'you', 'foo/bar/', function(err, answer) { 
 444 |                       test.equal(err, null); 
 445 |                       test.equal(answer, false);
 446 |                       this.scopesInstance.mayRead('Bearer wrong', 'you', 'foo/bar/', function(err, answer) { 
 447 |                         test.equal(err, null); 
 448 |                         test.equal(answer, false);
 449 |                         test.done();
 450 |                       }.bind(this));
 451 |                     }.bind(this));
 452 |                   }.bind(this));
 453 |                 }.bind(this));
 454 |               }.bind(this));
 455 |             }.bind(this));
 456 |           }.bind(this));
 457 |         }.bind(this));
 458 |       }.bind(this));
 459 |     }.bind(this));
 460 |   },
 461 |   'mayWrite for foo:r - foo': function(test) {
 462 |     setUp.bind(this)();
 463 |     test.expect(24);
 464 |     this.tokenStore._data = { 'me:SECRET': this.scopesInstance.makeScopePaths(['foo:r'])};
 465 |     this.scopesInstance.mayWrite('Bearer SECRET', 'me', '/foo/', function(err, answer) { 
 466 |       test.equal(err, null); 
 467 |       test.equal(answer, false);
 468 |       this.scopesInstance.mayWrite('Bearer wrong', 'me', '/foo/', function(err, answer) { 
 469 |         test.equal(err, null); 
 470 |         test.equal(answer, false);
 471 |         this.scopesInstance.mayWrite('Bearer SECRET', 'me', '/foo/bar', function(err, answer) { 
 472 |           test.equal(err, null); 
 473 |           test.equal(answer, false);
 474 |           this.scopesInstance.mayWrite('Bearer wrong', 'me', '/foo/bar', function(err, answer) { 
 475 |             test.equal(err, null); 
 476 |             test.equal(answer, false);
 477 |             this.scopesInstance.mayWrite('Bearer SECRET', 'me', '/foo/bar/', function(err, answer) { 
 478 |               test.equal(err, null); 
 479 |               test.equal(answer, false);
 480 |               this.scopesInstance.mayWrite('Bearer wrong', 'me', '/foo/bar/', function(err, answer) { 
 481 |                 test.equal(err, null); 
 482 |                 test.equal(answer, false);
 483 |                 this.scopesInstance.mayWrite('Bearer SECRET', 'me', '/public/foo/', function(err, answer) { 
 484 |                   test.equal(err, null); 
 485 |                   test.equal(answer, false);
 486 |                   this.scopesInstance.mayWrite('Bearer wrong', 'me', '/public/foo/', function(err, answer) { 
 487 |                     test.equal(err, null); 
 488 |                     test.equal(answer, false);
 489 |                     this.scopesInstance.mayWrite('Bearer SECRET', 'me', '/public/foo/bar', function(err, answer) { 
 490 |                       test.equal(err, null); 
 491 |                       test.equal(answer, false);
 492 |                       this.scopesInstance.mayWrite('Bearer wrong', 'me', '/public/foo/bar', function(err, answer) { 
 493 |                         test.equal(err, null);
 494 |                         test.equal(answer, false);
 495 |                         this.scopesInstance.mayWrite('Bearer SECRET', 'me', '/public/foo/bar/', function(err, answer) { 
 496 |                           test.equal(err, null); 
 497 |                           test.equal(answer, false);
 498 |                           this.scopesInstance.mayWrite('Bearer wrong', 'me', '/public/foo/bar/', function(err, answer) { 
 499 |                             test.equal(err, null); 
 500 |                             test.equal(answer, false);
 501 |                             test.done();
 502 |                           }.bind(this));
 503 |                         }.bind(this));
 504 |                       }.bind(this));
 505 |                     }.bind(this));
 506 |                   }.bind(this));
 507 |                 }.bind(this));
 508 |               }.bind(this));
 509 |             }.bind(this));
 510 |           }.bind(this));
 511 |         }.bind(this));
 512 |       }.bind(this));
 513 |     }.bind(this));
 514 |   },
 515 |   'mayWrite for foo:r - bar': function(test) {
 516 |     setUp.bind(this)();
 517 |     test.expect(24);
 518 |     this.tokenStore._data = { 'me:SECRET': this.scopesInstance.makeScopePaths(['foo:r'])};
 519 |     this.scopesInstance.mayWrite('Bearer SECRET', 'me', '/bar/', function(err, answer) { 
 520 |       test.equal(err, null); 
 521 |       test.equal(answer, false);
 522 |       this.scopesInstance.mayWrite('Bearer wrong', 'me', '/bar/', function(err, answer) { 
 523 |         test.equal(err, null); 
 524 |         test.equal(answer, false);
 525 |         this.scopesInstance.mayWrite('Bearer SECRET', 'me', '/bar/bar', function(err, answer) { 
 526 |           test.equal(err, null); 
 527 |           test.equal(answer, false);
 528 |           this.scopesInstance.mayWrite('Bearer wrong', 'me', '/bar/bar', function(err, answer) { 
 529 |             test.equal(err, null); 
 530 |             test.equal(answer, false);
 531 |             this.scopesInstance.mayWrite('Bearer SECRET', 'me', '/bar/bar/', function(err, answer) { 
 532 |               test.equal(err, null); 
 533 |               test.equal(answer, false);
 534 |               this.scopesInstance.mayWrite('Bearer wrong', 'me', '/bar/bar/', function(err, answer) { 
 535 |                 test.equal(err, null); 
 536 |                 test.equal(answer, false);
 537 |                 this.scopesInstance.mayWrite('Bearer SECRET', 'me', '/public/bar/', function(err, answer) { 
 538 |                   test.equal(err, null); 
 539 |                   test.equal(answer, false);
 540 |                   this.scopesInstance.mayWrite('Bearer wrong', 'me', '/public/bar/', function(err, answer) { 
 541 |                     test.equal(err, null); 
 542 |                     test.equal(answer, false);
 543 |                     this.scopesInstance.mayWrite('Bearer SECRET', 'me', '/public/bar/bar', function(err, answer) { 
 544 |                       test.equal(err, null); 
 545 |                       test.equal(answer, false);
 546 |                       this.scopesInstance.mayWrite('Bearer wrong', 'me', '/public/bar/bar', function(err, answer) { 
 547 |                         test.equal(err, null); 
 548 |                         test.equal(answer, false);
 549 |                         this.scopesInstance.mayWrite('Bearer SECRET', 'me', '/public/bar/bar/', function(err, answer) { 
 550 |                           test.equal(err, null); 
 551 |                           test.equal(answer, false);
 552 |                           this.scopesInstance.mayWrite('Bearer wrong', 'me', '/public/bar/bar/', function(err, answer) { 
 553 |                             test.equal(err, null); 
 554 |                             test.equal(answer, false);
 555 |                             test.done();
 556 |                           }.bind(this));
 557 |                         }.bind(this));
 558 |                       }.bind(this));
 559 |                     }.bind(this));
 560 |                   }.bind(this));
 561 |                 }.bind(this));
 562 |               }.bind(this));
 563 |             }.bind(this));
 564 |           }.bind(this));
 565 |         }.bind(this));
 566 |       }.bind(this));
 567 |     }.bind(this));
 568 |   },
 569 |   'mayWrite for foo:r - root': function(test) {
 570 |     setUp.bind(this)();
 571 |     test.expect(12);
 572 |     this.tokenStore._data = { 'me:SECRET': this.scopesInstance.makeScopePaths(['foo:r'])};
 573 |     this.scopesInstance.mayRead('Bearer SECRET', 'me', '/', function(err, answer) { 
 574 |       test.equal(err, null); 
 575 |       test.equal(answer, false);
 576 |       this.scopesInstance.mayRead('Bearer wrong', 'me', '/', function(err, answer) { 
 577 |         test.equal(err, null); 
 578 |         test.equal(answer, false);
 579 |         this.scopesInstance.mayRead('Bearer SECRET', 'me', '/foo', function(err, answer) { 
 580 |           test.equal(err, null); 
 581 |           test.equal(answer, false);
 582 |           this.scopesInstance.mayRead('Bearer wrong', 'me', '/bar', function(err, answer) { 
 583 |               test.equal(err, null); 
 584 |               test.equal(answer, false);
 585 |               this.scopesInstance.mayRead('Bearer SECRET', 'me', '/bar', function(err, answer) { 
 586 |               test.equal(err, null); 
 587 |               test.equal(answer, false);
 588 |               this.scopesInstance.mayRead('Bearer wrong', 'me', '/foo', function(err, answer) { 
 589 |                 test.equal(err, null); 
 590 |                 test.equal(answer, false);
 591 |                 test.done();
 592 |               }.bind(this));
 593 |             }.bind(this));
 594 |           }.bind(this));
 595 |         }.bind(this));
 596 |       }.bind(this));
 597 |     }.bind(this));
 598 |   },
 599 |   'mayWrite for foo:r - outside': function(test) {
 600 |     setUp.bind(this)();
 601 |     test.expect(12);
 602 |     this.tokenStore._data = { 'me:SECRET': this.scopesInstance.makeScopePaths(['foo:r'])};
 603 |     this.scopesInstance.mayRead('Bearer SECRET', '', '', function(err, answer) { 
 604 |       test.equal(err, null); 
 605 |       test.equal(answer, false);
 606 |       this.scopesInstance.mayRead('Bearer wrong', '', '', function(err, answer) { 
 607 |         test.equal(err, null); 
 608 |         test.equal(answer, false);
 609 |         this.scopesInstance.mayRead('Bearer SECRET', 'me', '/', function(err, answer) { 
 610 |           test.equal(err, null); 
 611 |           test.equal(answer, false);
 612 |           this.scopesInstance.mayRead('Bearer wrong', 'me', '/', function(err, answer) { 
 613 |             test.equal(err, null); 
 614 |             test.equal(answer, false);
 615 |             this.scopesInstance.mayRead('Bearer SECRET', 'you', '/', function(err, answer) { 
 616 |               test.equal(err, null); 
 617 |               test.equal(answer, false);
 618 |               this.scopesInstance.mayRead('Bearer wrong', 'you', '/', function(err, answer) { 
 619 |                 test.equal(err, null); 
 620 |                 test.equal(answer, false);
 621 |                 test.done();
 622 |               }.bind(this));
 623 |             }.bind(this));
 624 |           }.bind(this));
 625 |         }.bind(this));
 626 |       }.bind(this));
 627 |     }.bind(this));
 628 |   },
 629 |   'mayWrite for foo:r - other users': function(test) {
 630 |     setUp.bind(this)();
 631 |     test.expect(20);
 632 |     this.tokenStore._data = { 'me:SECRET': this.scopesInstance.makeScopePaths(['foo:r'])};
 633 |     this.scopesInstance.mayRead('Bearer SECRET', 'you', '/', function(err, answer) { 
 634 |       test.equal(err, null); 
 635 |       test.equal(answer, false);
 636 |       this.scopesInstance.mayRead('Bearer wrong', 'you', '/', function(err, answer) { 
 637 |         test.equal(err, null); 
 638 |         test.equal(answer, false);
 639 |         this.scopesInstance.mayRead('Bearer SECRET', 'you', 'foo', function(err, answer) { 
 640 |           test.equal(err, null); 
 641 |           test.equal(answer, false);
 642 |           this.scopesInstance.mayRead('Bearer wrong', 'you', 'foo', function(err, answer) { 
 643 |             test.equal(err, null); 
 644 |             test.equal(answer, false);
 645 |             this.scopesInstance.mayRead('Bearer SECRET', 'you', 'foo/', function(err, answer) { 
 646 |               test.equal(err, null); 
 647 |               test.equal(answer, false);
 648 |               this.scopesInstance.mayRead('Bearer wrong', 'you', 'foo/', function(err, answer) { 
 649 |                 test.equal(err, null); 
 650 |                 test.equal(answer, false);
 651 |                 this.scopesInstance.mayRead('Bearer SECRET', 'you', 'foo/bar', function(err, answer) { 
 652 |                   test.equal(err, null); 
 653 |                   test.equal(answer, false);
 654 |                   this.scopesInstance.mayRead('Bearer wrong', 'you', 'foo/bar', function(err, answer) { 
 655 |                     test.equal(err, null); 
 656 |                     test.equal(answer, false);
 657 |                     this.scopesInstance.mayRead('Bearer SECRET', 'you', 'foo/bar/', function(err, answer) { 
 658 |                       test.equal(err, null); 
 659 |                       test.equal(answer, false);
 660 |                       this.scopesInstance.mayRead('Bearer wrong', 'you', 'foo/bar/', function(err, answer) { 
 661 |                         test.equal(err, null); 
 662 |                         test.equal(answer, false);
 663 |                         test.done();
 664 |                       }.bind(this));
 665 |                     }.bind(this));
 666 |                   }.bind(this));
 667 |                 }.bind(this));
 668 |               }.bind(this));
 669 |             }.bind(this));
 670 |           }.bind(this));
 671 |         }.bind(this));
 672 |       }.bind(this));
 673 |     }.bind(this));
 674 |   },
 675 |   'mayWrite for foo:rw - foo': function(test) {
 676 |     setUp.bind(this)();
 677 |     test.expect(24);
 678 |     this.tokenStore._data = { 'me:SECRET': this.scopesInstance.makeScopePaths(['foo:rw'])};
 679 |     this.scopesInstance.mayWrite('Bearer SECRET', 'me', '/foo/', function(err, answer) { 
 680 |       test.equal(err, null); 
 681 |       test.equal(answer, false);
 682 |       this.scopesInstance.mayWrite('Bearer wrong', 'me', '/foo/', function(err, answer) { 
 683 |         test.equal(err, null); 
 684 |         test.equal(answer, false);
 685 |         this.scopesInstance.mayWrite('Bearer SECRET', 'me', '/foo/bar', function(err, answer) { 
 686 |           test.equal(err, null); 
 687 |           test.equal(answer, true);
 688 |           this.scopesInstance.mayWrite('Bearer wrong', 'me', '/foo/bar', function(err, answer) { 
 689 |             test.equal(err, null); 
 690 |             test.equal(answer, false);
 691 |             this.scopesInstance.mayWrite('Bearer SECRET', 'me', '/foo/bar/', function(err, answer) { 
 692 |               test.equal(err, null); 
 693 |               test.equal(answer, false);
 694 |               this.scopesInstance.mayWrite('Bearer wrong', 'me', '/foo/bar/', function(err, answer) { 
 695 |                 test.equal(err, null); 
 696 |                 test.equal(answer, false);
 697 |                 this.scopesInstance.mayWrite('Bearer SECRET', 'me', '/public/foo/', function(err, answer) { 
 698 |                   test.equal(err, null); 
 699 |                   test.equal(answer, false);
 700 |                   this.scopesInstance.mayWrite('Bearer wrong', 'me', '/public/foo/', function(err, answer) { 
 701 |                     test.equal(err, null); 
 702 |                     test.equal(answer, false);
 703 |                     this.scopesInstance.mayWrite('Bearer SECRET', 'me', '/public/foo/bar', function(err, answer) { 
 704 |                       test.equal(err, null); 
 705 |                       test.equal(answer, true);
 706 |                       this.scopesInstance.mayWrite('Bearer wrong', 'me', '/public/foo/bar', function(err, answer) { 
 707 |                         test.equal(err, null); 
 708 |                         test.equal(answer, false);
 709 |                         this.scopesInstance.mayWrite('Bearer SECRET', 'me', '/public/foo/bar/', function(err, answer) { 
 710 |                           test.equal(err, null); 
 711 |                           test.equal(answer, false);
 712 |                           this.scopesInstance.mayWrite('Bearer wrong', 'me', '/public/foo/bar/', function(err, answer) { 
 713 |                             test.equal(err, null); 
 714 |                             test.equal(answer, false);
 715 |                             test.done();
 716 |                           }.bind(this));
 717 |                         }.bind(this));
 718 |                       }.bind(this));
 719 |                     }.bind(this));
 720 |                   }.bind(this));
 721 |                 }.bind(this));
 722 |               }.bind(this));
 723 |             }.bind(this));
 724 |           }.bind(this));
 725 |         }.bind(this));
 726 |       }.bind(this));
 727 |     }.bind(this));
 728 |   },
 729 |   'mayWrite for foo:rw - bar': function(test) {
 730 |     setUp.bind(this)();
 731 |     test.expect(24);
 732 |     this.tokenStore._data = { 'me:SECRET': this.scopesInstance.makeScopePaths(['foo:rw'])};
 733 |     this.scopesInstance.mayWrite('Bearer SECRET', 'me', '/bar/', function(err, answer) { 
 734 |       test.equal(err, null); 
 735 |       test.equal(answer, false);
 736 |       this.scopesInstance.mayWrite('Bearer wrong', 'me', '/bar/', function(err, answer) { 
 737 |         test.equal(err, null); 
 738 |         test.equal(answer, false);
 739 |         this.scopesInstance.mayWrite('Bearer SECRET', 'me', '/bar/bar', function(err, answer) { 
 740 |           test.equal(err, null); 
 741 |           test.equal(answer, false);
 742 |           this.scopesInstance.mayWrite('Bearer wrong', 'me', '/bar/bar', function(err, answer) { 
 743 |             test.equal(err, null); 
 744 |             test.equal(answer, false);
 745 |             this.scopesInstance.mayWrite('Bearer SECRET', 'me', '/bar/bar/', function(err, answer) { 
 746 |               test.equal(err, null); 
 747 |               test.equal(answer, false);
 748 |               this.scopesInstance.mayWrite('Bearer wrong', 'me', '/bar/bar/', function(err, answer) { 
 749 |                 test.equal(err, null); 
 750 |                 test.equal(answer, false);
 751 |                 this.scopesInstance.mayWrite('Bearer SECRET', 'me', '/public/bar/', function(err, answer) { 
 752 |                   test.equal(err, null); 
 753 |                   test.equal(answer, false);
 754 |                   this.scopesInstance.mayWrite('Bearer wrong', 'me', '/public/bar/', function(err, answer) { 
 755 |                     test.equal(err, null); 
 756 |                     test.equal(answer, false);
 757 |                     this.scopesInstance.mayWrite('Bearer SECRET', 'me', '/public/bar/bar', function(err, answer) { 
 758 |                       test.equal(err, null); 
 759 |                       test.equal(answer, false);
 760 |                       this.scopesInstance.mayWrite('Bearer wrong', 'me', '/public/bar/bar', function(err, answer) { 
 761 |                         test.equal(err, null); 
 762 |                         test.equal(answer, false);
 763 |                         this.scopesInstance.mayWrite('Bearer SECRET', 'me', '/public/bar/bar/', function(err, answer) { 
 764 |                           test.equal(err, null); 
 765 |                           test.equal(answer, false);
 766 |                           this.scopesInstance.mayWrite('Bearer wrong', 'me', '/public/bar/bar/', function(err, answer) { 
 767 |                             test.equal(err, null); 
 768 |                             test.equal(answer, false);
 769 |                             test.done();
 770 |                           }.bind(this));
 771 |                         }.bind(this));
 772 |                       }.bind(this));
 773 |                     }.bind(this));
 774 |                   }.bind(this));
 775 |                 }.bind(this));
 776 |               }.bind(this));
 777 |             }.bind(this));
 778 |           }.bind(this));
 779 |         }.bind(this));
 780 |       }.bind(this));
 781 |     }.bind(this));
 782 |   },
 783 |   'mayWrite for foo:rw - root': function(test) {
 784 |     setUp.bind(this)();
 785 |     test.expect(12);
 786 |     this.tokenStore._data = { 'me:SECRET': this.scopesInstance.makeScopePaths(['foo:rw'])};
 787 |     this.scopesInstance.mayRead('Bearer SECRET', 'me', '/', function(err, answer) { 
 788 |       test.equal(err, null); 
 789 |       test.equal(answer, false);
 790 |       this.scopesInstance.mayRead('Bearer wrong', 'me', '/', function(err, answer) { 
 791 |         test.equal(err, null); 
 792 |         test.equal(answer, false);
 793 |         this.scopesInstance.mayRead('Bearer SECRET', 'me', '/foo', function(err, answer) { 
 794 |           test.equal(err, null); 
 795 |           test.equal(answer, false);
 796 |           this.scopesInstance.mayRead('Bearer wrong', 'me', '/bar', function(err, answer) { 
 797 |             test.equal(err, null); 
 798 |             test.equal(answer, false);
 799 |             this.scopesInstance.mayRead('Bearer SECRET', 'me', '/bar', function(err, answer) { 
 800 |               test.equal(err, null); 
 801 |               test.equal(answer, false);
 802 |               this.scopesInstance.mayRead('Bearer wrong', 'me', '/foo', function(err, answer) { 
 803 |                 test.equal(err, null); 
 804 |                 test.equal(answer, false);
 805 |                 test.done();
 806 |               }.bind(this));
 807 |             }.bind(this));
 808 |           }.bind(this));
 809 |         }.bind(this));
 810 |       }.bind(this));
 811 |     }.bind(this));
 812 |   },
 813 |   'mayWrite for foo:rw - outside': function(test) {
 814 |     setUp.bind(this)();
 815 |     test.expect(12);
 816 |     this.tokenStore._data = { 'me:SECRET': this.scopesInstance.makeScopePaths(['foo:rw'])};
 817 |     this.scopesInstance.mayRead('Bearer SECRET', '', '', function(err, answer) { 
 818 |       test.equal(err, null); 
 819 |       test.equal(answer, false);
 820 |       this.scopesInstance.mayRead('Bearer wrong', '', '', function(err, answer) { 
 821 |         test.equal(err, null); 
 822 |         test.equal(answer, false);
 823 |         this.scopesInstance.mayRead('Bearer SECRET', 'me', '/', function(err, answer) { 
 824 |           test.equal(err, null); 
 825 |           test.equal(answer, false);
 826 |           this.scopesInstance.mayRead('Bearer wrong', 'me', '/', function(err, answer) { 
 827 |             test.equal(err, null); 
 828 |             test.equal(answer, false);
 829 |             this.scopesInstance.mayRead('Bearer SECRET', 'you', '/', function(err, answer) { 
 830 |               test.equal(err, null); 
 831 |               test.equal(answer, false);
 832 |               this.scopesInstance.mayRead('Bearer wrong', 'you', '/', function(err, answer) { 
 833 |                 test.equal(err, null); 
 834 |                 test.equal(answer, false);
 835 |                 test.done();
 836 |               }.bind(this));
 837 |             }.bind(this));
 838 |           }.bind(this));
 839 |         }.bind(this));
 840 |       }.bind(this));
 841 |     }.bind(this));
 842 |   },
 843 |   'mayWrite for foo:rw - other users': function(test) {
 844 |     setUp.bind(this)();
 845 |     test.expect(20);
 846 |     this.tokenStore._data = { 'me:SECRET': this.scopesInstance.makeScopePaths(['foo:rw'])};
 847 |     this.scopesInstance.mayRead('Bearer SECRET', 'you', '/', function(err, answer) { 
 848 |       test.equal(err, null); 
 849 |       test.equal(answer, false);
 850 |       this.scopesInstance.mayRead('Bearer wrong', 'you', '/', function(err, answer) { 
 851 |         test.equal(err, null); 
 852 |         test.equal(answer, false);
 853 |         this.scopesInstance.mayRead('Bearer SECRET', 'you', 'foo', function(err, answer) { 
 854 |           test.equal(err, null); 
 855 |           test.equal(answer, false);
 856 |           this.scopesInstance.mayRead('Bearer wrong', 'you', 'foo', function(err, answer) { 
 857 |             test.equal(err, null); 
 858 |             test.equal(answer, false);
 859 |             this.scopesInstance.mayRead('Bearer SECRET', 'you', 'foo/', function(err, answer) { 
 860 |               test.equal(err, null); 
 861 |               test.equal(answer, false);
 862 |               this.scopesInstance.mayRead('Bearer wrong', 'you', 'foo/', function(err, answer) { 
 863 |                 test.equal(err, null); 
 864 |                 test.equal(answer, false);
 865 |                 this.scopesInstance.mayRead('Bearer SECRET', 'you', 'foo/bar', function(err, answer) { 
 866 |                   test.equal(err, null); 
 867 |                   test.equal(answer, false);
 868 |                   this.scopesInstance.mayRead('Bearer wrong', 'you', 'foo/bar', function(err, answer) { 
 869 |                     test.equal(err, null); 
 870 |                     test.equal(answer, false);
 871 |                     this.scopesInstance.mayRead('Bearer SECRET', 'you', 'foo/bar/', function(err, answer) { 
 872 |                       test.equal(err, null); 
 873 |                       test.equal(answer, false);
 874 |                       this.scopesInstance.mayRead('Bearer wrong', 'you', 'foo/bar/', function(err, answer) { 
 875 |                         test.equal(err, null); 
 876 |                         test.equal(answer, false);
 877 |                         test.done();
 878 |                       }.bind(this));
 879 |                     }.bind(this));
 880 |                   }.bind(this));
 881 |                 }.bind(this));
 882 |               }.bind(this));
 883 |             }.bind(this));
 884 |           }.bind(this));
 885 |         }.bind(this));
 886 |       }.bind(this));
 887 |     }.bind(this));
 888 |   },
 889 |   'mayRead for :r - foo': function(test) {
 890 |     setUp.bind(this)();
 891 |     test.expect(24);
 892 |     this.tokenStore._data = { 'me:SECRET': this.scopesInstance.makeScopePaths(['root:r'], 'root')};
 893 |     this.scopesInstance.mayRead('Bearer SECRET', 'me', '/foo/', function(err, answer) { 
 894 |       test.equal(err, null); 
 895 |       test.equal(answer, true);
 896 |       this.scopesInstance.mayRead('Bearer wrong', 'me', '/foo/', function(err, answer) { 
 897 |         test.equal(err, null); 
 898 |         test.equal(answer, false);
 899 |         this.scopesInstance.mayRead('Bearer SECRET', 'me', '/foo/bar', function(err, answer) { 
 900 |           test.equal(err, null); 
 901 |           test.equal(answer, true);
 902 |           this.scopesInstance.mayRead('Bearer wrong', 'me', '/foo/bar', function(err, answer) { 
 903 |             test.equal(err, null); 
 904 |             test.equal(answer, false);
 905 |             this.scopesInstance.mayRead('Bearer SECRET', 'me', '/foo/bar/', function(err, answer) { 
 906 |               test.equal(err, null); 
 907 |               test.equal(answer, true);
 908 |               this.scopesInstance.mayRead('Bearer wrong', 'me', '/foo/bar/', function(err, answer) { 
 909 |                 test.equal(err, null); 
 910 |                 test.equal(answer, false);
 911 |                 this.scopesInstance.mayRead('Bearer SECRET', 'me', '/public/foo/', function(err, answer) { 
 912 |                   test.equal(err, null); 
 913 |                   test.equal(answer, true);
 914 |                   this.scopesInstance.mayRead('Bearer wrong', 'me', '/public/foo/', function(err, answer) { 
 915 |                     test.equal(err, null); 
 916 |                     test.equal(answer, false);
 917 |                     this.scopesInstance.mayRead('Bearer SECRET', 'me', '/public/foo/bar', function(err, answer) { 
 918 |                       test.equal(err, null); 
 919 |                       test.equal(answer, true);
 920 |                       this.scopesInstance.mayRead('Bearer wrong', 'me', '/public/foo/bar', function(err, answer) {//public
 921 |                         test.equal(err, null);
 922 |                         test.equal(answer, true);
 923 |                         this.scopesInstance.mayRead('Bearer SECRET', 'me', '/public/foo/bar/', function(err, answer) { 
 924 |                           test.equal(err, null); 
 925 |                           test.equal(answer, true);
 926 |                           this.scopesInstance.mayRead('Bearer wrong', 'me', '/public/foo/bar/', function(err, answer) { 
 927 |                             test.equal(err, null); 
 928 |                             test.equal(answer, false);
 929 |                             test.done();
 930 |                           }.bind(this));
 931 |                         }.bind(this));
 932 |                       }.bind(this));
 933 |                     }.bind(this));
 934 |                   }.bind(this));
 935 |                 }.bind(this));
 936 |               }.bind(this));
 937 |             }.bind(this));
 938 |           }.bind(this));
 939 |         }.bind(this));
 940 |       }.bind(this));
 941 |     }.bind(this));
 942 |   },
 943 |   'mayRead for :r - root': function(test) {
 944 |     setUp.bind(this)();
 945 |     test.expect(12);
 946 |     this.tokenStore._data = { 'me:SECRET': this.scopesInstance.makeScopePaths(['root:r'], 'root')};
 947 |     this.scopesInstance.mayRead('Bearer SECRET', 'me', '/', function(err, answer) { 
 948 |       test.equal(err, null); 
 949 |       test.equal(answer, true);
 950 |       this.scopesInstance.mayRead('Bearer wrong', 'me', '/', function(err, answer) { 
 951 |         test.equal(err, null); 
 952 |         test.equal(answer, false);
 953 |         this.scopesInstance.mayRead('Bearer SECRET', 'me', '/foo', function(err, answer) { 
 954 |           test.equal(err, null); 
 955 |           test.equal(answer, true);
 956 |           this.scopesInstance.mayRead('Bearer wrong', 'me', '/bar', function(err, answer) { 
 957 |             test.equal(err, null); 
 958 |             test.equal(answer, false);
 959 |             this.scopesInstance.mayRead('Bearer SECRET', 'me', '/bar', function(err, answer) { 
 960 |               test.equal(err, null); 
 961 |               test.equal(answer, true);
 962 |               this.scopesInstance.mayRead('Bearer wrong', 'me', '/foo', function(err, answer) { 
 963 |                 test.equal(err, null); 
 964 |                 test.equal(answer, false);
 965 |                 test.done();
 966 |               }.bind(this));
 967 |             }.bind(this));
 968 |           }.bind(this));
 969 |         }.bind(this));
 970 |       }.bind(this));
 971 |     }.bind(this));
 972 |   },
 973 |   'mayRead for :r - outside': function(test) {
 974 |     setUp.bind(this)();
 975 |     test.expect(12);
 976 |     this.tokenStore._data = { 'me:SECRET': this.scopesInstance.makeScopePaths(['root:r'], 'root')};
 977 |     this.scopesInstance.mayRead('Bearer SECRET', '', '', function(err1, answer1) { 
 978 |       test.equal(err1, null); 
 979 |       test.equal(answer1, false);
 980 |       this.scopesInstance.mayRead('Bearer wrong', '', '', function(err2, answer2) { 
 981 |         test.equal(err2, null); 
 982 |         test.equal(answer2, false);
 983 |         this.scopesInstance.mayRead('Bearer SECRET', 'me', '', function(err3, answer3) { 
 984 |           test.equal(err3, null); 
 985 |           test.equal(answer3, false);
 986 |           this.scopesInstance.mayRead('Bearer wrong', 'me', '', function(err4, answer4) { 
 987 |             test.equal(err4, null); 
 988 |             test.equal(answer4, false);
 989 |             this.scopesInstance.mayRead('Bearer SECRET', 'you', '', function(err5, answer5) { 
 990 |               test.equal(err5, null); 
 991 |               test.equal(answer5, false);
 992 |               this.scopesInstance.mayRead('Bearer wrong', 'you', '', function(err6, answer6) { 
 993 |                 test.equal(err6, null); 
 994 |                 test.equal(answer6, false);
 995 |                 test.done();
 996 |               }.bind(this));
 997 |             }.bind(this));
 998 |           }.bind(this));
 999 |         }.bind(this));
1000 |       }.bind(this));
1001 |     }.bind(this));
1002 |   },
1003 |   'mayRead for :r - other users': function(test) {
1004 |     setUp.bind(this)();
1005 |     test.expect(20);
1006 |     this.tokenStore._data = { 'me:SECRET': this.scopesInstance.makeScopePaths(['root:r'], 'root')};
1007 |     this.scopesInstance.mayRead('Bearer SECRET', 'you', '/', function(err, answer) { 
1008 |       test.equal(err, null); 
1009 |       test.equal(answer, false);
1010 |       this.scopesInstance.mayRead('Bearer wrong', 'you', '/', function(err, answer) { 
1011 |         test.equal(err, null); 
1012 |         test.equal(answer, false);
1013 |         this.scopesInstance.mayRead('Bearer SECRET', 'you', 'foo', function(err, answer) { 
1014 |           test.equal(err, null); 
1015 |           test.equal(answer, false);
1016 |           this.scopesInstance.mayRead('Bearer wrong', 'you', 'foo', function(err, answer) { 
1017 |             test.equal(err, null); 
1018 |             test.equal(answer, false);
1019 |             this.scopesInstance.mayRead('Bearer SECRET', 'you', 'foo/', function(err, answer) { 
1020 |               test.equal(err, null); 
1021 |               test.equal(answer, false);
1022 |               this.scopesInstance.mayRead('Bearer wrong', 'you', 'foo/', function(err, answer) { 
1023 |                 test.equal(err, null); 
1024 |                 test.equal(answer, false);
1025 |                 this.scopesInstance.mayRead('Bearer SECRET', 'you', 'foo/bar', function(err, answer) { 
1026 |                   test.equal(err, null); 
1027 |                   test.equal(answer, false);
1028 |                   this.scopesInstance.mayRead('Bearer wrong', 'you', 'foo/bar', function(err, answer) { 
1029 |                     test.equal(err, null); 
1030 |                     test.equal(answer, false);
1031 |                     this.scopesInstance.mayRead('Bearer SECRET', 'you', 'foo/bar/', function(err, answer) { 
1032 |                       test.equal(err, null); 
1033 |                       test.equal(answer, false);
1034 |                       this.scopesInstance.mayRead('Bearer wrong', 'you', 'foo/bar/', function(err, answer) { 
1035 |                         test.equal(err, null); 
1036 |                         test.equal(answer, false);
1037 |                         test.done();
1038 |                       }.bind(this));
1039 |                     }.bind(this));
1040 |                   }.bind(this));
1041 |                 }.bind(this));
1042 |               }.bind(this));
1043 |             }.bind(this));
1044 |           }.bind(this));
1045 |         }.bind(this));
1046 |       }.bind(this));
1047 |     }.bind(this));
1048 |   },
1049 |   'mayRead for :rw - foo': function(test) {
1050 |     setUp.bind(this)();
1051 |     test.expect(24);
1052 |     this.tokenStore._data = { 'me:SECRET': this.scopesInstance.makeScopePaths(['root:rw'], 'root')};
1053 |     this.scopesInstance.mayRead('Bearer SECRET', 'me', '/foo/', function(err, answer) { 
1054 |       test.equal(err, null); 
1055 |       test.equal(answer, true);
1056 |       this.scopesInstance.mayRead('Bearer wrong', 'me', '/foo/', function(err, answer) { 
1057 |         test.equal(err, null); 
1058 |         test.equal(answer, false);
1059 |         this.scopesInstance.mayRead('Bearer SECRET', 'me', '/foo/bar', function(err, answer) { 
1060 |           test.equal(err, null); 
1061 |           test.equal(answer, true);
1062 |           this.scopesInstance.mayRead('Bearer wrong', 'me', '/foo/bar', function(err, answer) { 
1063 |             test.equal(err, null); 
1064 |             test.equal(answer, false);
1065 |             this.scopesInstance.mayRead('Bearer SECRET', 'me', '/foo/bar/', function(err, answer) { 
1066 |               test.equal(err, null); 
1067 |               test.equal(answer, true);
1068 |               this.scopesInstance.mayRead('Bearer wrong', 'me', '/foo/bar/', function(err, answer) { 
1069 |                 test.equal(err, null); 
1070 |                 test.equal(answer, false);
1071 |                 this.scopesInstance.mayRead('Bearer SECRET', 'me', '/public/foo/', function(err, answer) { 
1072 |                   test.equal(err, null); 
1073 |                   test.equal(answer, true);
1074 |                   this.scopesInstance.mayRead('Bearer wrong', 'me', '/public/foo/', function(err, answer) { 
1075 |                     test.equal(err, null); 
1076 |                     test.equal(answer, false);
1077 |                     this.scopesInstance.mayRead('Bearer SECRET', 'me', '/public/foo/bar', function(err, answer) { 
1078 |                       test.equal(err, null); 
1079 |                       test.equal(answer, true);
1080 |                       this.scopesInstance.mayRead('Bearer wrong', 'me', '/public/foo/bar', function(err, answer) {//public
1081 |                           test.equal(err, null);
1082 |                           test.equal(answer, true);
1083 |                           this.scopesInstance.mayRead('Bearer SECRET', 'me', '/public/foo/bar/', function(err, answer) { 
1084 |                             test.equal(err, null); 
1085 |                             test.equal(answer, true);
1086 |                             this.scopesInstance.mayRead('Bearer wrong', 'me', '/public/foo/bar/', function(err, answer) { 
1087 |                             test.equal(err, null); 
1088 |                             test.equal(answer, false);
1089 |                             test.done();
1090 |                           }.bind(this));
1091 |                         }.bind(this));
1092 |                       }.bind(this));
1093 |                     }.bind(this));
1094 |                   }.bind(this));
1095 |                 }.bind(this));
1096 |               }.bind(this));
1097 |             }.bind(this));
1098 |           }.bind(this));
1099 |         }.bind(this));
1100 |       }.bind(this));
1101 |     }.bind(this));
1102 |   },
1103 |   'mayRead for :r - root': function(test) {
1104 |     setUp.bind(this)();
1105 |     test.expect(12);
1106 |     this.tokenStore._data = { 'me:SECRET': this.scopesInstance.makeScopePaths(['root:r'], 'root')};
1107 |     this.scopesInstance.mayRead('Bearer SECRET', 'me', '/', function(err, answer) { 
1108 |       test.equal(err, null); 
1109 |       test.equal(answer, true);
1110 |       this.scopesInstance.mayRead('Bearer wrong', 'me', '/', function(err, answer) { 
1111 |         test.equal(err, null); 
1112 |         test.equal(answer, false);
1113 |         this.scopesInstance.mayRead('Bearer SECRET', 'me', '/foo', function(err, answer) { 
1114 |           test.equal(err, null); 
1115 |           test.equal(answer, true);
1116 |           this.scopesInstance.mayRead('Bearer wrong', 'me', '/bar', function(err, answer) { 
1117 |             test.equal(err, null); 
1118 |             test.equal(answer, false);
1119 |             this.scopesInstance.mayRead('Bearer SECRET', 'me', '/bar', function(err, answer) { 
1120 |               test.equal(err, null); 
1121 |               test.equal(answer, true);
1122 |               this.scopesInstance.mayRead('Bearer wrong', 'me', '/foo', function(err, answer) { 
1123 |                 test.equal(err, null); 
1124 |                 test.equal(answer, false);
1125 |                 test.done();
1126 |               }.bind(this));
1127 |             }.bind(this));
1128 |           }.bind(this));
1129 |         }.bind(this));
1130 |       }.bind(this));
1131 |     }.bind(this));
1132 |   },
1133 |   'mayRead for :r - outside': function(test) {
1134 |     setUp.bind(this)();
1135 |     test.expect(12);
1136 |     this.tokenStore._data = { 'me:SECRET': this.scopesInstance.makeScopePaths(['root:r'], 'root')};
1137 |     this.scopesInstance.mayRead('Bearer SECRET', '', '', function(err, answer) { 
1138 |       test.equal(err, null); 
1139 |       test.equal(answer, false);
1140 |       this.scopesInstance.mayRead('Bearer wrong', '', '', function(err, answer) { 
1141 |         test.equal(err, null); 
1142 |         test.equal(answer, false);
1143 |         this.scopesInstance.mayRead('Bearer SECRET', 'me', '', function(err, answer) { 
1144 |           test.equal(err, null); 
1145 |           test.equal(answer, false);
1146 |           this.scopesInstance.mayRead('Bearer wrong', 'me', '', function(err, answer) { 
1147 |             test.equal(err, null); 
1148 |             test.equal(answer, false);
1149 |             this.scopesInstance.mayRead('Bearer SECRET', 'you', '', function(err, answer) { 
1150 |               test.equal(err, null); 
1151 |               test.equal(answer, false);
1152 |               this.scopesInstance.mayRead('Bearer wrong', 'you', '/', function(err, answer) { 
1153 |                 test.equal(err, null); 
1154 |                 test.equal(answer, false);
1155 |                 test.done();
1156 |               }.bind(this));
1157 |             }.bind(this));
1158 |           }.bind(this));
1159 |         }.bind(this));
1160 |       }.bind(this));
1161 |     }.bind(this));
1162 |   },
1163 |   'mayRead for :r - other users': function(test) {
1164 |     setUp.bind(this)();
1165 |     test.expect(20);
1166 |     this.tokenStore._data = { 'me:SECRET': this.scopesInstance.makeScopePaths(['root:r'], 'root')};
1167 |     this.scopesInstance.mayRead('Bearer SECRET', 'you', '/', function(err, answer) { 
1168 |       test.equal(err, null); 
1169 |       test.equal(answer, false);
1170 |       this.scopesInstance.mayRead('Bearer wrong', 'you', '/', function(err, answer) { 
1171 |         test.equal(err, null); 
1172 |         test.equal(answer, false);
1173 |         this.scopesInstance.mayRead('Bearer SECRET', 'you', 'foo', function(err, answer) { 
1174 |           test.equal(err, null); 
1175 |           test.equal(answer, false);
1176 |           this.scopesInstance.mayRead('Bearer wrong', 'you', 'foo', function(err, answer) { 
1177 |             test.equal(err, null); 
1178 |             test.equal(answer, false);
1179 |             this.scopesInstance.mayRead('Bearer SECRET', 'you', 'foo/', function(err, answer) { 
1180 |               test.equal(err, null); 
1181 |               test.equal(answer, false);
1182 |               this.scopesInstance.mayRead('Bearer wrong', 'you', 'foo/', function(err, answer) { 
1183 |                 test.equal(err, null); 
1184 |                 test.equal(answer, false);
1185 |                 this.scopesInstance.mayRead('Bearer SECRET', 'you', 'foo/bar', function(err, answer) { 
1186 |                   test.equal(err, null); 
1187 |                   test.equal(answer, false);
1188 |                   this.scopesInstance.mayRead('Bearer wrong', 'you', 'foo/bar', function(err, answer) { 
1189 |                     test.equal(err, null); 
1190 |                     test.equal(answer, false);
1191 |                     this.scopesInstance.mayRead('Bearer SECRET', 'you', 'foo/bar/', function(err, answer) { 
1192 |                       test.equal(err, null); 
1193 |                       test.equal(answer, false);
1194 |                       this.scopesInstance.mayRead('Bearer wrong', 'you', 'foo/bar/', function(err, answer) { 
1195 |                         test.equal(err, null); 
1196 |                         test.equal(answer, false);
1197 |                         test.done();
1198 |                       }.bind(this));
1199 |                     }.bind(this));
1200 |                   }.bind(this));
1201 |                 }.bind(this));
1202 |               }.bind(this));
1203 |             }.bind(this));
1204 |           }.bind(this));
1205 |         }.bind(this));
1206 |       }.bind(this));
1207 |     }.bind(this));
1208 |   },
1209 |   'mayWrite for :r - foo': function(test) {
1210 |     setUp.bind(this)();
1211 |     test.expect(24);
1212 |     this.tokenStore._data = { 'me:SECRET': this.scopesInstance.makeScopePaths(['*:r'], '*')};
1213 |     this.scopesInstance.mayWrite('Bearer SECRET', 'me', '/foo/', function(err, answer) { 
1214 |       test.equal(err, null); 
1215 |       test.equal(answer, false);
1216 |       this.scopesInstance.mayWrite('Bearer wrong', 'me', '/foo/', function(err, answer) { 
1217 |         test.equal(err, null); 
1218 |         test.equal(answer, false);
1219 |         this.scopesInstance.mayWrite('Bearer SECRET', 'me', '/foo/bar', function(err, answer) { 
1220 |           test.equal(err, null); 
1221 |           test.equal(answer, false);
1222 |           this.scopesInstance.mayWrite('Bearer wrong', 'me', '/foo/bar', function(err, answer) { 
1223 |             test.equal(err, null); 
1224 |             test.equal(answer, false);
1225 |             this.scopesInstance.mayWrite('Bearer SECRET', 'me', '/foo/bar/', function(err, answer) { 
1226 |               test.equal(err, null); 
1227 |               test.equal(answer, false);
1228 |               this.scopesInstance.mayWrite('Bearer wrong', 'me', '/foo/bar/', function(err, answer) { 
1229 |                 test.equal(err, null); 
1230 |                 test.equal(answer, false);
1231 |                 this.scopesInstance.mayWrite('Bearer SECRET', 'me', '/public/foo/', function(err, answer) { 
1232 |                   test.equal(err, null); 
1233 |                   test.equal(answer, false);
1234 |                   this.scopesInstance.mayWrite('Bearer wrong', 'me', '/public/foo/', function(err, answer) { 
1235 |                     test.equal(err, null); 
1236 |                     test.equal(answer, false);
1237 |                     this.scopesInstance.mayWrite('Bearer SECRET', 'me', '/public/foo/bar', function(err, answer) { 
1238 |                       test.equal(err, null); 
1239 |                       test.equal(answer, false);
1240 |                       this.scopesInstance.mayWrite('Bearer wrong', 'me', '/public/foo/bar', function(err, answer) { 
1241 |                         test.equal(err, null); 
1242 |                         test.equal(answer, false);
1243 |                         this.scopesInstance.mayWrite('Bearer SECRET', 'me', '/public/foo/bar/', function(err, answer) { 
1244 |                           test.equal(err, null); 
1245 |                           test.equal(answer, false);
1246 |                           this.scopesInstance.mayWrite('Bearer wrong', 'me', '/public/foo/bar/', function(err, answer) { 
1247 |                             test.equal(err, null); 
1248 |                             test.equal(answer, false);
1249 |                             test.done();
1250 |                           }.bind(this));
1251 |                         }.bind(this));
1252 |                       }.bind(this));
1253 |                     }.bind(this));
1254 |                   }.bind(this));
1255 |                 }.bind(this));
1256 |               }.bind(this));
1257 |             }.bind(this));
1258 |           }.bind(this));
1259 |         }.bind(this));
1260 |       }.bind(this));
1261 |     }.bind(this));
1262 |   },
1263 |   'mayWrite for :r - root': function(test) {
1264 |     setUp.bind(this)();
1265 |     test.expect(12);
1266 |     this.tokenStore._data = { 'me:SECRET': this.scopesInstance.makeScopePaths(['root:r'], 'root')};
1267 |     this.scopesInstance.mayWrite('Bearer SECRET', 'me', '/', function(err, answer) { 
1268 |       test.equal(err, null); 
1269 |       test.equal(answer, false);
1270 |       this.scopesInstance.mayWrite('Bearer wrong', 'me', '/', function(err, answer) { 
1271 |         test.equal(err, null); 
1272 |         test.equal(answer, false);
1273 |         this.scopesInstance.mayWrite('Bearer SECRET', 'me', '/foo', function(err, answer) { 
1274 |           test.equal(err, null); 
1275 |           test.equal(answer, false);
1276 |           this.scopesInstance.mayWrite('Bearer wrong', 'me', '/bar', function(err, answer) { 
1277 |             test.equal(err, null); 
1278 |             test.equal(answer, false);
1279 |             this.scopesInstance.mayWrite('Bearer SECRET', 'me', '/bar', function(err, answer) { 
1280 |               test.equal(err, null); 
1281 |               test.equal(answer, false);
1282 |               this.scopesInstance.mayWrite('Bearer wrong', 'me', '/foo', function(err, answer) { 
1283 |                 test.equal(err, null); 
1284 |                 test.equal(answer, false);
1285 |                 test.done();
1286 |               }.bind(this));
1287 |             }.bind(this));
1288 |           }.bind(this));
1289 |         }.bind(this));
1290 |       }.bind(this));
1291 |     }.bind(this));
1292 |   },
1293 |   'mayWrite for :r - outside': function(test) {
1294 |     setUp.bind(this)();
1295 |     test.expect(12);
1296 |     this.tokenStore._data = { 'me:SECRET': this.scopesInstance.makeScopePaths(['root:r'], 'root')};
1297 |     this.scopesInstance.mayWrite('Bearer SECRET', '', '', function(err, answer) { 
1298 |       test.equal(err, null); 
1299 |       test.equal(answer, false);
1300 |       this.scopesInstance.mayWrite('Bearer wrong', '', '', function(err, answer) { 
1301 |         test.equal(err, null); 
1302 |         test.equal(answer, false);
1303 |         this.scopesInstance.mayWrite('Bearer SECRET', 'me', '/', function(err, answer) { 
1304 |           test.equal(err, null); 
1305 |           test.equal(answer, false);
1306 |           this.scopesInstance.mayWrite('Bearer wrong', 'me', '/', function(err, answer) { 
1307 |             test.equal(err, null); 
1308 |             test.equal(answer, false);
1309 |             this.scopesInstance.mayWrite('Bearer SECRET', 'you', '/', function(err, answer) { 
1310 |               test.equal(err, null); 
1311 |               test.equal(answer, false);
1312 |               this.scopesInstance.mayWrite('Bearer wrong', 'you', '/', function(err, answer) { 
1313 |                 test.equal(err, null); 
1314 |                 test.equal(answer, false);
1315 |                 test.done();
1316 |               }.bind(this));
1317 |             }.bind(this));
1318 |           }.bind(this));
1319 |         }.bind(this));
1320 |       }.bind(this));
1321 |     }.bind(this));
1322 |   },
1323 |   'mayWrite for :r - other users': function(test) {
1324 |     setUp.bind(this)();
1325 |     test.expect(20);
1326 |     this.tokenStore._data = { 'me:SECRET': this.scopesInstance.makeScopePaths(['root:r'], 'root')};
1327 |     this.scopesInstance.mayWrite('Bearer SECRET', 'you', '/', function(err, answer) { 
1328 |       test.equal(err, null); 
1329 |       test.equal(answer, false);
1330 |       this.scopesInstance.mayWrite('Bearer wrong', 'you', '/', function(err, answer) { 
1331 |         test.equal(err, null); 
1332 |         test.equal(answer, false);
1333 |         this.scopesInstance.mayWrite('Bearer SECRET', 'you', 'foo', function(err, answer) { 
1334 |           test.equal(err, null); 
1335 |           test.equal(answer, false);
1336 |           this.scopesInstance.mayWrite('Bearer wrong', 'you', 'foo', function(err, answer) { 
1337 |             test.equal(err, null); 
1338 |             test.equal(answer, false);
1339 |             this.scopesInstance.mayWrite('Bearer SECRET', 'you', 'foo/', function(err, answer) { 
1340 |               test.equal(err, null); 
1341 |               test.equal(answer, false);
1342 |               this.scopesInstance.mayWrite('Bearer wrong', 'you', 'foo/', function(err, answer) { 
1343 |                 test.equal(err, null); 
1344 |                 test.equal(answer, false);
1345 |                 this.scopesInstance.mayWrite('Bearer SECRET', 'you', 'foo/bar', function(err, answer) { 
1346 |                   test.equal(err, null); 
1347 |                   test.equal(answer, false);
1348 |                   this.scopesInstance.mayWrite('Bearer wrong', 'you', 'foo/bar', function(err, answer) { 
1349 |                     test.equal(err, null); 
1350 |                     test.equal(answer, false);
1351 |                     this.scopesInstance.mayWrite('Bearer SECRET', 'you', 'foo/bar/', function(err, answer) { 
1352 |                       test.equal(err, null); 
1353 |                       test.equal(answer, false);
1354 |                       this.scopesInstance.mayWrite('Bearer wrong', 'you', 'foo/bar/', function(err, answer) { 
1355 |                         test.equal(err, null); 
1356 |                         test.equal(answer, false);
1357 |                         test.done();
1358 |                       }.bind(this));
1359 |                     }.bind(this));
1360 |                   }.bind(this));
1361 |                 }.bind(this));
1362 |               }.bind(this));
1363 |             }.bind(this));
1364 |           }.bind(this));
1365 |         }.bind(this));
1366 |       }.bind(this));
1367 |     }.bind(this));
1368 |   },
1369 |   'mayWrite for :rw - foo': function(test) {
1370 |     setUp.bind(this)();
1371 |     test.expect(24);
1372 |     this.tokenStore._data = { 'me:SECRET': this.scopesInstance.makeScopePaths(['*:rw'], '*')};
1373 |     this.scopesInstance.mayWrite('Bearer SECRET', 'me', '/foo/', function(err, answer) {
1374 |       test.equal(err, null);
1375 |       test.equal(answer, false);
1376 |       this.scopesInstance.mayWrite('Bearer wrong', 'me', '/foo/', function(err, answer) {
1377 |         test.equal(err, null);
1378 |         test.equal(answer, false);
1379 |         this.scopesInstance.mayWrite('Bearer SECRET', 'me', '/foo/bar', function(err, answer) {
1380 |           test.equal(err, null);
1381 |           test.equal(answer, true);
1382 |           this.scopesInstance.mayWrite('Bearer wrong', 'me', '/foo/bar', function(err, answer) {
1383 |             test.equal(err, null);
1384 |             test.equal(answer, false);
1385 |             this.scopesInstance.mayWrite('Bearer SECRET', 'me', '/foo/bar/', function(err, answer) {
1386 |               test.equal(err, null);
1387 |               test.equal(answer, false);
1388 |               this.scopesInstance.mayWrite('Bearer wrong', 'me', '/foo/bar/', function(err, answer) {
1389 |                 test.equal(err, null);
1390 |                 test.equal(answer, false);
1391 |                 this.scopesInstance.mayWrite('Bearer SECRET', 'me', '/public/foo/', function(err, answer) {
1392 |                   test.equal(err, null);
1393 |                   test.equal(answer, false);
1394 |                   this.scopesInstance.mayWrite('Bearer wrong', 'me', '/public/foo/', function(err, answer) {
1395 |                     test.equal(err, null);
1396 |                     test.equal(answer, false);
1397 |                     this.scopesInstance.mayWrite('Bearer SECRET', 'me', '/public/foo/bar', function(err, answer) {
1398 |                       test.equal(err, null);
1399 |                       test.equal(answer, true);
1400 |                       this.scopesInstance.mayWrite('Bearer wrong', 'me', '/public/foo/bar', function(err, answer) {
1401 |                         test.equal(err, null);
1402 |                         test.equal(answer, false);
1403 |                         this.scopesInstance.mayWrite('Bearer SECRET', 'me', '/public/foo/bar/', function(err, answer) {
1404 |                           test.equal(err, null);
1405 |                           test.equal(answer, false);
1406 |                           this.scopesInstance.mayWrite('Bearer wrong', 'me', '/public/foo/bar/', function(err, answer) {
1407 |                             test.equal(err, null);
1408 |                             test.equal(answer, false);
1409 |                             test.done();
1410 |                           }.bind(this));
1411 |                         }.bind(this));
1412 |                       }.bind(this));
1413 |                     }.bind(this));
1414 |                   }.bind(this));
1415 |                 }.bind(this));
1416 |               }.bind(this));
1417 |             }.bind(this));
1418 |           }.bind(this));
1419 |         }.bind(this));
1420 |       }.bind(this));
1421 |     }.bind(this));
1422 |   },
1423 |   'mayWrite for :rw - root': function(test) {
1424 |     setUp.bind(this)();
1425 |     test.expect(12);
1426 |     this.tokenStore._data = { 'me:SECRET': this.scopesInstance.makeScopePaths(['*:rw'], '*')};
1427 |     this.scopesInstance.mayWrite('Bearer SECRET', 'me', '/', function(err, answer) {
1428 |       test.equal(err, null);
1429 |       test.equal(JSON.stringify(answer), JSON.stringify(false));
1430 |       this.scopesInstance.mayWrite('Bearer wrong', 'me', '/', function(err, answer) {
1431 |         test.equal(err, null);
1432 |         test.equal(answer, false);
1433 |         this.scopesInstance.mayWrite('Bearer SECRET', 'me', '/foo', function(err, answer) {
1434 |           test.equal(err, null);
1435 |           test.equal(answer, true);
1436 |           this.scopesInstance.mayWrite('Bearer wrong', 'me', '/bar', function(err, answer) {
1437 |             test.equal(err, null);
1438 |             test.equal(answer, false);
1439 |             this.scopesInstance.mayWrite('Bearer SECRET', 'me', '/bar', function(err, answer) {
1440 |               test.equal(err, null);
1441 |               test.equal(answer, true);
1442 |               this.scopesInstance.mayWrite('Bearer wrong', 'me', '/foo', function(err, answer) {
1443 |                 test.equal(err, null);
1444 |                 test.equal(answer, false);
1445 |                 test.done();
1446 |               }.bind(this));
1447 |             }.bind(this));
1448 |           }.bind(this));
1449 |         }.bind(this));
1450 |       }.bind(this));
1451 |     }.bind(this));
1452 |   },
1453 |   'mayWrite for :rw - outside': function(test) {
1454 |     setUp.bind(this)();
1455 |     test.expect(12);
1456 |     this.scopesInstance.mayWrite('Bearer SECRET', '', '', function(err, answer) {
1457 |       test.equal(err, null);
1458 |       test.equal(answer, false);
1459 |       this.scopesInstance.mayWrite('Bearer wrong', '', '', function(err, answer) {
1460 |         test.equal(err, null);
1461 |         test.equal(answer, false);
1462 |         this.scopesInstance.mayWrite('Bearer SECRET', 'me', '/', function(err, answer) {
1463 |           test.equal(err, null);
1464 |           test.equal(answer, false);
1465 |           this.scopesInstance.mayWrite('Bearer wrong', 'me', '/', function(err, answer) {
1466 |             test.equal(err, null);
1467 |             test.equal(answer, false);
1468 |             this.scopesInstance.mayWrite('Bearer SECRET', 'you', '/', function(err, answer) {
1469 |               test.equal(err, null);
1470 |               test.equal(answer, false);
1471 |               this.scopesInstance.mayWrite('Bearer wrong', 'you', '/', function(err, answer) {
1472 |                 test.equal(err, null);
1473 |                 test.equal(answer, false);
1474 |                 test.done();
1475 |               }.bind(this));
1476 |             }.bind(this));
1477 |           }.bind(this));
1478 |         }.bind(this));
1479 |       }.bind(this));
1480 |     }.bind(this));
1481 |   },
1482 |   'mayWrite for :rw - other users': function(test) {
1483 |     setUp.bind(this)();
1484 |     test.expect(20);
1485 |     this.scopesInstance.mayWrite('Bearer SECRET', 'you', '/', function(err, answer) {
1486 |       test.equal(err, null);
1487 |       test.equal(answer, false);
1488 |       this.scopesInstance.mayWrite('Bearer wrong', 'you', '/', function(err, answer) {
1489 |         test.equal(err, null);
1490 |         test.equal(answer, false);
1491 |         this.scopesInstance.mayWrite('Bearer SECRET', 'you', 'foo', function(err, answer) {
1492 |           test.equal(err, null);
1493 |           test.equal(answer, false);
1494 |           this.scopesInstance.mayWrite('Bearer wrong', 'you', 'foo', function(err, answer) {
1495 |             test.equal(err, null);
1496 |             test.equal(answer, false);
1497 |             this.scopesInstance.mayWrite('Bearer SECRET', 'you', 'foo/', function(err, answer) {
1498 |               test.equal(err, null);
1499 |               test.equal(answer, false);
1500 |               this.scopesInstance.mayWrite('Bearer wrong', 'you', 'foo/', function(err, answer) {
1501 |                 test.equal(err, null);
1502 |                 test.equal(answer, false);
1503 |                 this.scopesInstance.mayWrite('Bearer SECRET', 'you', 'foo/bar', function(err, answer) {
1504 |                   test.equal(err, null);
1505 |                   test.equal(answer, false);
1506 |                   this.scopesInstance.mayWrite('Bearer wrong', 'you', 'foo/bar', function(err, answer) {
1507 |                     test.equal(err, null);
1508 |                     test.equal(answer, false);
1509 |                     this.scopesInstance.mayWrite('Bearer SECRET', 'you', 'foo/bar/', function(err, answer) {
1510 |                       test.equal(err, null);
1511 |                       test.equal(answer, false);
1512 |                       this.scopesInstance.mayWrite('Bearer wrong', 'you', 'foo/bar/', function(err, answer) {
1513 |                         test.equal(err, null);
1514 |                         test.equal(answer, false);
1515 |                         test.done();
1516 |                       }.bind(this));
1517 |                     }.bind(this));
1518 |                   }.bind(this));
1519 |                 }.bind(this));
1520 |               }.bind(this));
1521 |             }.bind(this));
1522 |           }.bind(this));
1523 |         }.bind(this));
1524 |       }.bind(this));
1525 |     }.bind(this));
1526 |   }
1527 | });
1528 | 


--------------------------------------------------------------------------------