refactor

Author: bruno-costanzo

.rubocop.yml

@@ -9,3 +9,12 @@ Style/StringLiteralsInInterpolation:
 
 Style/Documentation:
   Enabled: false
+
+Naming/MethodParameterName:
+  AllowedNames:
+    - cn
+    - uid
+
+Metrics/ClassLength:
+  Exclude:
+    - 'test/**/*'

.simplecov

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+
+SimpleCov.start do
+  add_filter "/test/"
+  enable_coverage :branch
+  primary_coverage :branch
+end

Gemfile

@@ -12,4 +12,6 @@ gem "minitest", "~> 5.16"
 
 gem "rubocop", "~> 1.21"
 
+gem "simplecov"
+
 gem "vcr", "~> 6.0"

Gemfile.lock

@@ -10,6 +10,7 @@ GEM
     ast (2.4.3)
     base64 (0.3.0)
     date (3.4.1)
+    docile (1.4.1)
     erb (5.0.2)
     faraday (2.14.0)
       faraday-net_http (>= 2.0, < 3.5)
@@ -65,6 +66,12 @@ GEM
       parser (>= 3.3.7.2)
       prism (~> 1.4)
     ruby-progressbar (1.13.0)
+    simplecov (0.22.0)
+      docile (~> 1.1)
+      simplecov-html (~> 0.11)
+      simplecov_json_formatter (~> 0.1)
+    simplecov-html (0.13.2)
+    simplecov_json_formatter (0.1.4)
     stringio (3.1.7)
     tsort (0.2.0)
     unicode-display_width (3.2.0)
@@ -84,6 +91,7 @@ DEPENDENCIES
   minitest (~> 5.16)
   rake (~> 13.0)
   rubocop (~> 1.21)
+  simplecov
   vcr (~> 6.0)
 
 BUNDLED WITH

README.md

@@ -24,15 +24,13 @@ gem install fripa
 
 ## Configuration
 
-Fripa offers multiple ways to configure your FreeIPA connection:
+Configure your FreeIPA server settings globally. These settings are shared across all client instances:
 
 ### With a block
 
 ```ruby
 Fripa.configure do |config|
   config.host = 'ipa.example.com'
-  config.username = 'admin'
-  config.password = 'secret'
   config.verify_ssl = true  # default: true
 end
 ```
@@ -42,8 +40,7 @@ end
 ```ruby
 Fripa.config = {
   host: 'ipa.example.com',
-  username: 'admin',
-  password: 'secret'
+  verify_ssl: true
 }
 ```
 
@@ -52,8 +49,7 @@ Fripa.config = {
 ```ruby
 config = Fripa::Configuration.new(
   host: 'ipa.example.com',
-  username: 'admin',
-  password: 'secret'
+  verify_ssl: true
 )
 Fripa.config = config
 ```
@@ -62,68 +58,158 @@ Fripa.config = config
 
 ```ruby
 Fripa.config.host = 'ipa.example.com'
-Fripa.config.username = 'admin'
-Fripa.config.password = 'secret'
+Fripa.config.verify_ssl = false
 ```
 
 ## Usage
 
-### Authentication
+### Creating a Client
 
-After configuring Fripa, authenticate to obtain a session:
+Create a client instance with user credentials. Each client maintains its own session:
 
 ```ruby
-authenticator = Fripa::Authenticator.new
-authenticator.login!
+client = Fripa::Client.new(
+  username: 'your-username',
+  password: 'your-password'
+)
+```
+
+The client will automatically authenticate when making API calls.
 
-# The session cookie is now stored in the configuration
-puts Fripa.config.session_cookie
+### Manual Authentication (Optional)
+
+If you need to authenticate manually:
+
+```ruby
+client.authenticator.login!
+# The session cookie is now stored in the client
+puts client.session_cookie
 ```
 
 If authentication fails, a `Fripa::AuthenticationError` will be raised:
 
 ```ruby
 begin
-  authenticator.login!
+  client.authenticator.login!
 rescue Fripa::AuthenticationError => e
   puts "Authentication failed: #{e.message}"
 end
 ```
 
 ### Making API Calls
 
-Use the `Client` class to interact with the FreeIPA API:
+#### Using Resource Methods (Recommended)
+
+The gem provides convenient resource methods with parameter validation:
+
+##### Users
 
 ```ruby
-client = Fripa::Client.new
+client = Fripa::Client.new(username: 'admin', password: 'secret')
+
+# Find users
+users = client.users.find  # All users
+user = client.users.find("admin")  # Find specific user
 
-# Find a user (automatically authenticates if needed)
-result = client.call("user_find", ["admin"])
-puts result.dig("result", "count")  # Number of users found
+# Show user details
+details = client.users.show("admin")
 
-# Add a user with options
-client.call("user_add", ["newuser"], {
+# Add a user (validates required fields)
+client.users.add("newuser",
   givenname: "New",
   sn: "User",
+  cn: "New User",
   userpassword: "TempPassword123"
-})
+)
 
 # Modify a user
-client.call("user_mod", ["newuser"], {
-  mail: "newuser@example.com"
-})
+client.users.mod("newuser", mail: "newuser@example.com")
+
+# Change user password
+client.users.passwd("newuser", "NewPassword123", "TempPassword123")
 
 # Delete a user
-client.call("user_del", ["newuser"])
+client.users.delete("newuser")
+```
+
+##### Groups
+
+```ruby
+client = Fripa::Client.new(username: 'admin', password: 'secret')
+
+# Find groups
+groups = client.groups.find  # All groups
+group = client.groups.find("admins")  # Find specific group
+
+# Show group details
+details = client.groups.show("admins")
+
+# Add a group
+client.groups.add("developers", description: "Development Team")
+
+# Modify a group
+client.groups.mod("developers", description: "Software Development Team")
+
+# Add members to a group
+client.groups.add_member("developers", user: ["alice", "bob"])
+
+# Remove members from a group
+client.groups.remove_member("developers", user: ["alice"])
+
+# Add member managers (users who can manage group membership)
+client.groups.add_member_manager("developers", user: ["manager"])
+
+# Remove member managers
+client.groups.remove_member_manager("developers", user: ["manager"])
+
+# Delete a group
+client.groups.delete("developers")
 ```
 
-The client will automatically authenticate using the configured credentials if no session exists.
+#### Using Raw API Calls
+
+For API methods without a resource wrapper, use the `call` method directly:
+
+```ruby
+client = Fripa::Client.new(username: 'admin', password: 'secret')
+
+# Any FreeIPA JSON-RPC method
+result = client.call("user_find", ["admin"], { all: true })
+puts result.dig("result", "count")
+```
+
+The client will automatically authenticate if no session exists.
 
 ## Development
 
-After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake test` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
+After checking out the repo, run `bin/setup` to install dependencies.
+
+### Running Tests
+
+To run the test suite with coverage:
+
+```bash
+bin/test
+```
+
+This will run all tests and generate a coverage report in `coverage/index.html`. The test suite includes:
+- Line coverage tracking
+- Branch coverage tracking
+- VCR cassettes for testing against FreeIPA sandbox
+
+You can also run tests using rake:
+
+```bash
+rake test
+```
+
+### Other Development Commands
+
+- `bin/console` - Interactive prompt for experimentation
+- `bundle exec rake install` - Install gem onto your local machine
+- `bundle exec rubocop` - Run code style checks
 
-To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and the created tag, and push the `.gem` file to [rubygems.org](https://rubygems.org).
+To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and the created tag, and push the `.gem` file to [rubygems.org](https://rubygems.org).
 
 ## Contributing
 

Rakefile

@@ -3,7 +3,9 @@
 require "bundler/gem_tasks"
 require "minitest/test_task"
 
-Minitest::TestTask.create
+Minitest::TestTask.create do |t|
+  t.warning = false
+end
 
 require "rubocop/rake_task"
 

bin/test

@@ -0,0 +1,19 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+require "bundler/setup"
+
+# Load SimpleCov first
+require "simplecov"
+
+# Now load test helper (which loads the code)
+$LOAD_PATH.unshift File.expand_path("../lib", __dir__)
+$LOAD_PATH.unshift File.expand_path("../test", __dir__)
+
+require "test_helper"
+
+# Require all test files
+Dir.glob("test/test_*.rb").each { |file| require File.expand_path("../#{file}", __dir__) }
+
+# Run minitest
+require "minitest/autorun"

lib/fripa.rb

@@ -4,6 +4,9 @@
 require_relative "fripa/configuration"
 require_relative "fripa/errors"
 require_relative "fripa/authenticator"
+require_relative "fripa/resources/base"
+require_relative "fripa/resources/user"
+require_relative "fripa/resources/group"
 require_relative "fripa/client"
 
 module Fripa

lib/fripa/authenticator.rb

@@ -8,10 +8,10 @@ class Authenticator
     LOGIN_PATH = "/ipa/session/login_password"
     CONTENT_TYPE = "application/x-www-form-urlencoded"
 
-    attr_reader :config
+    attr_reader :client
 
-    def initialize(config = nil)
-      @config = config || Fripa.config
+    def initialize(client)
+      @client = client
     end
 
     def login!
@@ -20,43 +20,30 @@ def login!
 
       raise AuthenticationError, "Login failed: #{response.status}" unless response.success?
 
-      config.session_cookie = extract_session_cookie(response)
+      response.headers["set-cookie"]
     end
 
     private
 
     def validate_credentials!
-      raise ArgumentError, "Username cannot be blank" if config.username.to_s.strip.empty?
-      raise ArgumentError, "Password cannot be blank" if config.password.to_s.strip.empty?
+      raise ArgumentError, "Username cannot be blank" if client.username.to_s.strip.empty?
+      raise ArgumentError, "Password cannot be blank" if client.password.to_s.strip.empty?
     end
 
     def perform_login
       connection.post(LOGIN_PATH) do |request|
         request.headers["Content-Type"] = CONTENT_TYPE
-        request.headers["Referer"] = "#{config.base_url}/ipa"
-        request.body = URI.encode_www_form(user: config.username, password: config.password)
+        request.headers["Referer"] = "#{client.config.base_url}/ipa"
+        request.body = URI.encode_www_form(user: client.username, password: client.password)
       end
     end
 
-    def extract_session_cookie(response)
-      cookie = response.headers["set-cookie"]
-      raise AuthenticationError, "No session cookie received" unless cookie
-
-      cookie
-    end
-
     def connection
-      @connection ||= Faraday.new(url: config.base_url.to_s) do |f|
+      @connection ||= Faraday.new(url: client.config.base_url.to_s) do |f|
         f.request :url_encoded
         f.adapter Faraday.default_adapter
-        f.ssl.verify = config.verify_ssl
+        f.ssl.verify = client.config.verify_ssl
       end
     end
   end
-
-  class << self
-    def authenticator
-      @authenticator ||= Authenticator.new
-    end
-  end
 end