about summary refs log tree commit diff
diff options
context:
space:
mode:
-rw-r--r--app/services/pubsubhubbub/subscribe_service.rb57
-rw-r--r--spec/services/pubsubhubbub/subscribe_service_spec.rb71
2 files changed, 123 insertions, 5 deletions
diff --git a/app/services/pubsubhubbub/subscribe_service.rb b/app/services/pubsubhubbub/subscribe_service.rb
index 3642b4eca..67d7f6598 100644
--- a/app/services/pubsubhubbub/subscribe_service.rb
+++ b/app/services/pubsubhubbub/subscribe_service.rb
@@ -1,14 +1,61 @@
 # frozen_string_literal: true
 
 class Pubsubhubbub::SubscribeService < BaseService
+  URL_PATTERN = /\A#{URI.regexp(%w(http https))}\z/
+
+  attr_reader :account, :callback, :secret, :lease_seconds
+
   def call(account, callback, secret, lease_seconds)
-    return ['Invalid topic URL',        422] if account.nil?
-    return ['Invalid callback URL',     422] unless !callback.blank? && callback =~ /\A#{URI.regexp(%w(http https))}\z/
-    return ['Callback URL not allowed', 403] if DomainBlock.blocked?(Addressable::URI.parse(callback).normalize.host)
+    @account = account
+    @callback = callback
+    @secret = secret
+    @lease_seconds = lease_seconds
+
+    process_subscribe
+  end
+
+  private
+
+  def process_subscribe
+    case subscribe_status
+    when :invalid_topic
+      ['Invalid topic URL', 422]
+    when :invalid_callback
+      ['Invalid callback URL', 422]
+    when :callback_not_allowed
+      ['Callback URL not allowed', 403]
+    when :valid
+      confirm_subscription
+      ['', 202]
+    end
+  end
 
-    subscription = Subscription.where(account: account, callback_url: callback).first_or_create!(account: account, callback_url: callback)
+  def subscribe_status
+    if account.nil?
+      :invalid_topic
+    elsif !valid_callback?
+      :invalid_callback
+    elsif blocked_domain?
+      :callback_not_allowed
+    else
+      :valid
+    end
+  end
+
+  def confirm_subscription
+    subscription = locate_subscription
     Pubsubhubbub::ConfirmationWorker.perform_async(subscription.id, 'subscribe', secret, lease_seconds)
+  end
+
+  def valid_callback?
+    callback.present? && callback =~ URL_PATTERN
+  end
+
+  def blocked_domain?
+    DomainBlock.blocked? Addressable::URI.parse(callback).normalize.host
+  end
 
-    ['', 202]
+  def locate_subscription
+    Subscription.where(account: account, callback_url: callback).first_or_create!(account: account, callback_url: callback)
   end
 end
diff --git a/spec/services/pubsubhubbub/subscribe_service_spec.rb b/spec/services/pubsubhubbub/subscribe_service_spec.rb
new file mode 100644
index 000000000..82094117b
--- /dev/null
+++ b/spec/services/pubsubhubbub/subscribe_service_spec.rb
@@ -0,0 +1,71 @@
+# frozen_string_literal: true
+
+require 'rails_helper'
+
+describe Pubsubhubbub::SubscribeService do
+  describe '#call' do
+    subject { described_class.new }
+    let(:user_account) { Fabricate(:account) }
+
+    context 'with a nil account' do
+      it 'returns the invalid topic status results' do
+        result = service_call(account: nil)
+
+        expect(result).to eq invalid_topic_status
+      end
+    end
+
+    context 'with an invalid callback url' do
+      it 'returns invalid callback status when callback is blank' do
+        result = service_call(callback: '')
+
+        expect(result).to eq invalid_callback_status
+      end
+      it 'returns invalid callback status when callback is not a URI' do
+        result = service_call(callback: 'invalid-hostname')
+
+        expect(result).to eq invalid_callback_status
+      end
+    end
+
+    context 'with a blocked domain in the callback' do
+      it 'returns callback not allowed' do
+        Fabricate(:domain_block, domain: 'test.host', severity: :suspend)
+        result = service_call(callback: 'https://test.host/api')
+
+        expect(result).to eq not_allowed_callback_status
+      end
+    end
+
+    context 'with a valid account and callback' do
+      it 'returns success status and confirms subscription' do
+        allow(Pubsubhubbub::ConfirmationWorker).to receive(:perform_async).and_return(nil)
+        subscription = Fabricate(:subscription, account: user_account)
+
+        result = service_call(callback: subscription.callback_url)
+        expect(result).to eq success_status
+        expect(Pubsubhubbub::ConfirmationWorker).to have_received(:perform_async).with(subscription.id, 'subscribe', 'asdf', 3600)
+      end
+    end
+  end
+
+  def service_call(account: user_account, callback: 'https://callback.host', secret: 'asdf', lease_seconds: 3600)
+    subject.call(account, callback, secret, lease_seconds)
+  end
+
+  def invalid_topic_status
+    ['Invalid topic URL', 422]
+  end
+
+  def invalid_callback_status
+    ['Invalid callback URL', 422]
+  end
+
+  def not_allowed_callback_status
+    ['Callback URL not allowed', 403]
+  end
+
+  def success_status
+    ['', 202]
+  end
+end