func init() { // Configure logging for appengine goa.Log.SetHandler(log15.MultiHandler( log15.StreamHandler(os.Stderr, log15.LogfmtFormat()), AppEngineLogHandler()), ) // Create goa application service := goa.New("cellar") // Setup CORS to allow for swagger UI. spec, err := cors.New(func() { cors.Origin("*", func() { cors.Resource("*", func() { cors.Methods("GET", "POST", "PUT", "PATCH", "DELETE") cors.Headers("*") }) }) }) if err != nil { panic(err) } // Setup basic middleware service.Use(goa.RequestID()) service.Use(AppEngineLogCtx()) service.Use(cors.Middleware(spec)) service.Use(goa.Recover()) // Mount account controller onto application ac := controllers.NewAccount() app.MountAccountController(service, ac) // Mount bottle controller onto application bc := controllers.NewBottle() app.MountBottleController(service, bc) // Mount Swagger Spec controller onto application swagger.MountController(service) // Mount CORS preflight controllers cors.MountPreflightController(service, spec) // Setup HTTP handler http.HandleFunc("/", service.HTTPHandler().ServeHTTP) }
It("returns an empty spec", func() { Ω(spec).ShouldNot(BeNil()) Ω(spec).Should(HaveLen(0)) }) }) Context("Origin", func() { const origin = "ORIGIN" const path = "PATH" BeforeEach(func() { dsl = func() { cors.Origin(origin, func() { cors.Resource(path, func() { cors.Methods("GET") }) }) } }) It("sets the resource origin", func() { Ω(spec).Should(HaveLen(1)) Ω(spec[0]).ShouldNot(BeNil()) Ω(spec[0].Origin).Should(Equal(origin)) Ω(spec[0].Path).Should(Equal(path)) Ω(spec[0].IsPathPrefix).Should(BeFalse()) }) Context("Headers", func() { headers := []string{"X-Foo", "X-Bar"}
method = "GET" path = "/" }) It("responds", func() { resp, err := http.Get(url) Ω(err).ShouldNot(HaveOccurred()) Ω(resp.StatusCode).Should(Equal(200)) }) Context("using CORS that allows the request", func() { BeforeEach(func() { dsl = func() { cors.Origin("http://authorized.com", func() { cors.Resource("/", func() { cors.Methods("GET") }) }) } }) It("sets the Acess-Control-Allow-Methods header", func() { req, err := http.NewRequest("GET", url, nil) Ω(err).ShouldNot(HaveOccurred()) req.Header.Set("Origin", "http://authorized.com") resp, err := http.DefaultClient.Do(req) Ω(err).ShouldNot(HaveOccurred()) Ω(resp.StatusCode).Should(Equal(200)) Ω(resp.Header).Should(HaveKey("Access-Control-Allow-Methods")) })