Remove cache files, proxy web views with filtering

.gitignore

@@ -1,2 +1,4 @@
 sshd_honey_web
 gin-bin
+tmp
+log

app/assets/javascripts/http_request.coffee

@@ -0,0 +1,3 @@
+# Place all the behaviors and hooks related to the matching controller here.
+# All this logic will automatically be available in application.js.
+# You can use CoffeeScript in this file: http://coffeescript.org/

app/assets/stylesheets/http_request.scss

@@ -0,0 +1,3 @@
+// Place all the styles related to the HttpRequest controller here.
+// They will automatically be included in application.css.
+// You can use Sass (SCSS) here: http://sass-lang.com/

app/controllers/http_requests_controller.rb

@@ -0,0 +1,11 @@
+class HttpRequestsController < ApplicationController
+  def index
+    @requests = HttpRequest.order(id: :desc)
+    @requests = @requests.page(params[:page])
+  end
+
+  def show
+    @request = HttpRequest.find(params[:id])
+    @login = @request.try(:login)
+  end
+end

app/helpers/http_request_helper.rb

@@ -0,0 +1,2 @@
+module HttpRequestHelper
+end

app/models/http_request.rb

@@ -3,4 +3,13 @@ class HttpRequest < ActiveRecord::Base
   def self.latest(n=25)
     order(id: :desc).limit(n)
   end
+
+  def filtered_response
+    ips = Honeypot.pluck(:ip).map(&:to_s)
+    resp = response
+    ips.each do |ip|
+      resp.gsub!(ip, '*.*.*.*')
+    end
+    resp
+  end
 end

app/views/http_requests/_list.html.slim

@@ -0,0 +1,19 @@
+table.table.table-striped.table-condensed
+  thead
+    th
+    th Username
+    th IP
+    th URL
+    th Method
+    th Country
+    th Date
+  tbody
+    - requests.each do |request|
+      tr
+        td = link_to 'View', request
+        td = link_to request.try(:login).try(:username), logins_path(username: request.try(:login).try(:username))
+        td = request.try(:login).try(:remote_addr)
+        td = request.url
+        td = request.method
+        td = request.try(:login).try(:country_name)
+        td = request.created_at.strftime("%Y/%m/%d %H:%M")

app/views/http_requests/index.html.slim

@@ -0,0 +1,6 @@
+h2 Proxy Requests
+center
+  = paginate @requests, theme: 'twitter-bootstrap-3', pagination_class: "pagination-small pagination-centered"
+= render 'list', requests: @requests
+center
+  = paginate @requests, theme: 'twitter-bootstrap-3', pagination_class: "pagination-small pagination-centered"

app/views/http_requests/show.html.slim

@@ -0,0 +1,45 @@
+h2 Proxy Request Viewer
+.row
+  .col-lg-4
+    h4 Session Details
+    table.table.table-striped.table-condensed
+      tr
+        td Username
+        td = @login.try(:username)
+      tr
+        td Password
+        td = @login.try(:password)
+      tr
+        td IP
+        td = @login.try(:remote_addr)
+      tr
+        td Country
+        td = @login.try(:country_name)
+      tr
+        td Client Version
+        td = @login.try(:client_version)
+
+  .col-lg-8
+    h4 Request Details
+    .row
+      .col-lg-6
+        h5 Headers
+        table.table.table-striped.table-condensed
+          - @request.headers.each do |header|
+            - x = header.split(":").map(&:strip)
+            tr
+              td = x[0]
+              td = x[1]
+      .col-lg-6
+        h5 Form Data
+        table.table.table-striped.table-condensed
+          - formdata = HttpRequest.last.formdata
+          - formdata.each do |fd|
+            tr
+              td
+                pre = fd
+
+.row
+  .col-lg-12
+    h4 Proxied Response
+    pre = @request.filtered_response

app/views/layouts/_navigation_links.html.slim

@@ -1,2 +1,4 @@
 li
   = link_to 'Logins', logins_path
+li
+  = link_to 'Proxy Requests', http_requests_path

config/routes.rb

@@ -1,8 +1,5 @@
 Rails.application.routes.draw do
-  namespace :api do
-  get 'http_request/create'
-  end
-
+  resources :http_requests
   resources :logins
 
   resources :home do

log/development.log

@@ -29078,3 +29078,147 @@ WHERE c.contype = 'f'
   AND t3.nspname = ANY (current_schemas(false))
 ORDER BY c.conname
 
+  Honeypot Load (0.7ms)  SELECT "honeypots".* FROM "honeypots"
+  Honeypot Load (0.9ms)  SELECT  "honeypots".* FROM "honeypots"  ORDER BY "honeypots"."id" DESC LIMIT 1
+  Honeypot Load (0.5ms)  SELECT  "honeypots".* FROM "honeypots"  ORDER BY "honeypots"."id" DESC LIMIT 1
+  Honeypot Load (0.5ms)  SELECT  "honeypots".* FROM "honeypots"  ORDER BY "honeypots"."id" DESC LIMIT 1
+  HttpRequest Load (0.8ms)  SELECT  "http_requests".* FROM "http_requests"  ORDER BY "http_requests"."id" DESC LIMIT 1
+  HttpRequest Load (0.6ms)  SELECT  "http_requests".* FROM "http_requests"  ORDER BY "http_requests"."id" DESC LIMIT 1
+  Login Load (12.1ms)  SELECT  "logins".* FROM "logins" WHERE "logins"."guid" = $1 LIMIT 1  [["guid", "e7dea714-68f7-41ef-825d-310949f5e0ae"]]
+  HttpRequest Load (0.6ms)  SELECT  "http_requests".* FROM "http_requests"  ORDER BY "http_requests"."id" DESC LIMIT 1
+  HttpRequest Load (0.5ms)  SELECT  "http_requests".* FROM "http_requests"  ORDER BY "http_requests"."id" DESC LIMIT 1
+  HttpRequest Load (0.7ms)  SELECT  "http_requests".* FROM "http_requests"  ORDER BY "http_requests"."id" DESC LIMIT 1
+  HttpRequest Load (0.6ms)  SELECT  "http_requests".* FROM "http_requests"  ORDER BY "http_requests"."id" DESC LIMIT 1
+  HttpRequest Load (0.6ms)  SELECT  "http_requests".* FROM "http_requests"  ORDER BY "http_requests"."id" DESC LIMIT 1
+  HttpRequest Load (0.6ms)  SELECT  "http_requests".* FROM "http_requests"  ORDER BY "http_requests"."id" DESC LIMIT 1
+  HttpRequest Load (0.5ms)  SELECT  "http_requests".* FROM "http_requests"  ORDER BY "http_requests"."id" DESC LIMIT 1
+  HttpRequest Load (1.6ms)  SELECT  "http_requests".* FROM "http_requests"  ORDER BY "http_requests"."id" DESC LIMIT 1
+  HttpRequest Load (0.6ms)  SELECT  "http_requests".* FROM "http_requests"  ORDER BY "http_requests"."id" DESC LIMIT 1
+  HttpRequest Load (0.6ms)  SELECT  "http_requests".* FROM "http_requests"  ORDER BY "http_requests"."id" DESC LIMIT 1
+  HttpRequest Load (2.2ms)  SELECT  "http_requests".* FROM "http_requests"  ORDER BY "http_requests"."id" DESC LIMIT 1
+  HttpRequest Load (2.1ms)  SELECT  "http_requests".* FROM "http_requests"  ORDER BY "http_requests"."id" DESC LIMIT 1
+  HttpRequest Load (0.6ms)  SELECT  "http_requests".* FROM "http_requests"  ORDER BY "http_requests"."id" DESC LIMIT 1
+  HttpRequest Load (0.5ms)  SELECT  "http_requests".* FROM "http_requests"  ORDER BY "http_requests"."id" DESC LIMIT 1
+  HttpRequest Load (0.6ms)  SELECT  "http_requests".* FROM "http_requests"  ORDER BY "http_requests"."id" DESC LIMIT 1
+  HttpRequest Load (4.7ms)  SELECT "http_requests".* FROM "http_requests"  ORDER BY "http_requests"."id" DESC
+  HttpRequest Load (0.6ms)  SELECT  "http_requests".* FROM "http_requests"  ORDER BY "http_requests"."id" DESC LIMIT 1
+  HttpRequest Load (0.6ms)  SELECT  "http_requests".* FROM "http_requests"  ORDER BY "http_requests"."id" ASC LIMIT 1
+  HttpRequest Load (0.6ms)  SELECT  "http_requests".* FROM "http_requests"  ORDER BY "http_requests"."id" DESC LIMIT 1
+
+
+Started POST "/api/http_requests" for ::1 at 2016-05-14 23:49:13 -0400
+  ActiveRecord::SchemaMigration Load (0.6ms)  SELECT "schema_migrations".* FROM "schema_migrations"
+Processing by Api::HttpRequestsController#create as HTML
+  Parameters: {"{\"headers\":{\"Accept\":"=>{"\"*/*\""=>{",\"Content-Length\":"=>{"\"23\""=>{",\"Content-Type\":"=>{"\"application/x-www-form-urlencoded\""=>{",\"User-Agent\":"=>{"\"curl/7.43.0\""=>{"},\"url\":\"ip-api.com/json\",\"form_data\":{\"t\":"=>{"\"1\""=>{",\"t2\":"=>{"\"2\""=>{",\"t3\":"=>{"\"3\""=>{",\"t4\":"=>{"\"4\""=>{",\"t5\":"=>{"\"5\""=>{"},\"method\":\"POST\",\"guid\":\"ee034526-e252-4a82-935f-0d16a7fdddd8\",\"hostname\":\"ip-api.com\",\"response\":\"{\\\"as\\\":\\\"AS5650 Frontier Communications of America, Inc.\\\",\\\"city\\\":\\\"Clearwater\\\",\\\"country\\\":\\\"United States\\\",\\\"countryCode\\\":\\\"US\\\",\\\"isp\\\":\\\"Verizon Fios\\\",\\\"lat\\\":27.9447,\\\"lon\\\":-82.7943,\\\"org\\\":\\\"Verizon Fios\\\",\\\"query\\\":\\\"96.228.244.140\\\",\\\"region\\\":\\\"FL\\\",\\\"regionName\\\":\\\"Florida\\\",\\\"status\\\":\\\"success\\\",\\\"timezone\\\":\\\"America/New_York\\\",\\\"zip\\\":\\\"33756\\\"}\"}"=>nil}}}}}}}}}}}}}}}}}}}
+   (0.2ms)  BEGIN
+  SQL (2.1ms)  INSERT INTO "http_requests" ("url", "response", "hostname", "headers", "formdata", "method", "guid", "created_at", "updated_at") VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9) RETURNING "id"  [["url", "ip-api.com/json"], ["response", "{\"as\":\"AS5650 Frontier Communications of America, Inc.\",\"city\":\"Clearwater\",\"country\":\"United States\",\"countryCode\":\"US\",\"isp\":\"Verizon Fios\",\"lat\":27.9447,\"lon\":-82.7943,\"org\":\"Verizon Fios\",\"query\":\"96.228.244.140\",\"region\":\"FL\",\"regionName\":\"Florida\",\"status\":\"success\",\"timezone\":\"America/New_York\",\"zip\":\"33756\"}"], ["hostname", "ip-api.com"], ["headers", "{\"Accept: */*\",\"Content-Length: 23\",\"Content-Type: application/x-www-form-urlencoded\",\"User-Agent: curl/7.43.0\"}"], ["formdata", "{\"{\\\"t\\\"=>\\\"1\\\"}\",\"{\\\"t2\\\"=>\\\"2\\\"}\",\"{\\\"t3\\\"=>\\\"3\\\"}\",\"{\\\"t4\\\"=>\\\"4\\\"}\",\"{\\\"t5\\\"=>\\\"5\\\"}\"}"], ["method", "POST"], ["guid", "ee034526-e252-4a82-935f-0d16a7fdddd8"], ["created_at", "2016-05-15 03:49:13.398103"], ["updated_at", "2016-05-15 03:49:13.398103"]]
+   (0.5ms)  COMMIT
+Completed 200 OK in 25ms (Views: 0.5ms | ActiveRecord: 6.8ms)
+  HttpRequest Load (0.5ms)  SELECT  "http_requests".* FROM "http_requests"  ORDER BY "http_requests"."id" DESC LIMIT 1
+
+
+Started GET "/http_requests" for ::1 at 2016-05-14 23:49:26 -0400
+Processing by HttpRequestsController#index as HTML
+   (0.6ms)  SELECT COUNT(*) FROM "http_requests"
+  HttpRequest Load (1.0ms)  SELECT  "http_requests".* FROM "http_requests"  ORDER BY "http_requests"."id" DESC LIMIT 25 OFFSET 0
+  Login Load (1.1ms)  SELECT  "logins".* FROM "logins" WHERE "logins"."guid" = $1 LIMIT 1  [["guid", "ee034526-e252-4a82-935f-0d16a7fdddd8"]]
+  Login Load (0.4ms)  SELECT  "logins".* FROM "logins" WHERE "logins"."guid" = $1 LIMIT 1  [["guid", "e7dea714-68f7-41ef-825d-310949f5e0ae"]]
+  CACHE (0.0ms)  SELECT  "logins".* FROM "logins" WHERE "logins"."guid" = $1 LIMIT 1  [["guid", "e7dea714-68f7-41ef-825d-310949f5e0ae"]]
+  CACHE (0.0ms)  SELECT  "logins".* FROM "logins" WHERE "logins"."guid" = $1 LIMIT 1  [["guid", "e7dea714-68f7-41ef-825d-310949f5e0ae"]]
+  CACHE (0.0ms)  SELECT  "logins".* FROM "logins" WHERE "logins"."guid" = $1 LIMIT 1  [["guid", "e7dea714-68f7-41ef-825d-310949f5e0ae"]]
+  CACHE (0.0ms)  SELECT  "logins".* FROM "logins" WHERE "logins"."guid" = $1 LIMIT 1  [["guid", "e7dea714-68f7-41ef-825d-310949f5e0ae"]]
+  CACHE (0.0ms)  SELECT  "logins".* FROM "logins" WHERE "logins"."guid" = $1 LIMIT 1  [["guid", "e7dea714-68f7-41ef-825d-310949f5e0ae"]]
+  CACHE (0.0ms)  SELECT  "logins".* FROM "logins" WHERE "logins"."guid" = $1 LIMIT 1  [["guid", "e7dea714-68f7-41ef-825d-310949f5e0ae"]]
+  CACHE (0.0ms)  SELECT  "logins".* FROM "logins" WHERE "logins"."guid" = $1 LIMIT 1  [["guid", "e7dea714-68f7-41ef-825d-310949f5e0ae"]]
+  CACHE (0.0ms)  SELECT  "logins".* FROM "logins" WHERE "logins"."guid" = $1 LIMIT 1  [["guid", "e7dea714-68f7-41ef-825d-310949f5e0ae"]]
+  CACHE (0.0ms)  SELECT  "logins".* FROM "logins" WHERE "logins"."guid" = $1 LIMIT 1  [["guid", "e7dea714-68f7-41ef-825d-310949f5e0ae"]]
+  CACHE (0.1ms)  SELECT  "logins".* FROM "logins" WHERE "logins"."guid" = $1 LIMIT 1  [["guid", "e7dea714-68f7-41ef-825d-310949f5e0ae"]]
+  CACHE (0.0ms)  SELECT  "logins".* FROM "logins" WHERE "logins"."guid" = $1 LIMIT 1  [["guid", "e7dea714-68f7-41ef-825d-310949f5e0ae"]]
+  CACHE (0.0ms)  SELECT  "logins".* FROM "logins" WHERE "logins"."guid" = $1 LIMIT 1  [["guid", "e7dea714-68f7-41ef-825d-310949f5e0ae"]]
+  CACHE (0.0ms)  SELECT  "logins".* FROM "logins" WHERE "logins"."guid" = $1 LIMIT 1  [["guid", "e7dea714-68f7-41ef-825d-310949f5e0ae"]]
+  CACHE (0.0ms)  SELECT  "logins".* FROM "logins" WHERE "logins"."guid" = $1 LIMIT 1  [["guid", "e7dea714-68f7-41ef-825d-310949f5e0ae"]]
+  CACHE (0.0ms)  SELECT  "logins".* FROM "logins" WHERE "logins"."guid" = $1 LIMIT 1  [["guid", "e7dea714-68f7-41ef-825d-310949f5e0ae"]]
+  CACHE (0.0ms)  SELECT  "logins".* FROM "logins" WHERE "logins"."guid" = $1 LIMIT 1  [["guid", "e7dea714-68f7-41ef-825d-310949f5e0ae"]]
+  CACHE (0.0ms)  SELECT  "logins".* FROM "logins" WHERE "logins"."guid" = $1 LIMIT 1  [["guid", "e7dea714-68f7-41ef-825d-310949f5e0ae"]]
+  CACHE (0.0ms)  SELECT  "logins".* FROM "logins" WHERE "logins"."guid" = $1 LIMIT 1  [["guid", "e7dea714-68f7-41ef-825d-310949f5e0ae"]]
+  CACHE (0.0ms)  SELECT  "logins".* FROM "logins" WHERE "logins"."guid" = $1 LIMIT 1  [["guid", "e7dea714-68f7-41ef-825d-310949f5e0ae"]]
+  CACHE (0.0ms)  SELECT  "logins".* FROM "logins" WHERE "logins"."guid" = $1 LIMIT 1  [["guid", "e7dea714-68f7-41ef-825d-310949f5e0ae"]]
+  CACHE (0.0ms)  SELECT  "logins".* FROM "logins" WHERE "logins"."guid" = $1 LIMIT 1  [["guid", "e7dea714-68f7-41ef-825d-310949f5e0ae"]]
+  CACHE (0.0ms)  SELECT  "logins".* FROM "logins" WHERE "logins"."guid" = $1 LIMIT 1  [["guid", "e7dea714-68f7-41ef-825d-310949f5e0ae"]]
+  CACHE (0.0ms)  SELECT  "logins".* FROM "logins" WHERE "logins"."guid" = $1 LIMIT 1  [["guid", "e7dea714-68f7-41ef-825d-310949f5e0ae"]]
+  Rendered http_requests/_list.html.slim (57.7ms)
+  Rendered http_requests/index.html.slim within layouts/application (139.1ms)
+  Rendered layouts/_navigation_links.html.slim (4.0ms)
+  Rendered layouts/_navigation.html.slim (15.2ms)
+  Rendered layouts/_messages.html.slim (4.5ms)
+Completed 200 OK in 3666ms (Views: 3660.5ms | ActiveRecord: 5.2ms)
+
+
+Started GET "/http_requests/77" for ::1 at 2016-05-14 23:49:33 -0400
+Processing by HttpRequestsController#show as HTML
+  Parameters: {"id"=>"77"}
+  HttpRequest Load (0.4ms)  SELECT  "http_requests".* FROM "http_requests" WHERE "http_requests"."id" = $1 LIMIT 1  [["id", 77]]
+  Login Load (0.5ms)  SELECT  "logins".* FROM "logins" WHERE "logins"."guid" = $1 LIMIT 1  [["guid", "ee034526-e252-4a82-935f-0d16a7fdddd8"]]
+  HttpRequest Load (0.5ms)  SELECT  "http_requests".* FROM "http_requests"  ORDER BY "http_requests"."id" DESC LIMIT 1
+  Rendered http_requests/show.html.slim within layouts/application (14.0ms)
+  Rendered layouts/_navigation_links.html.slim (0.1ms)
+  Rendered layouts/_navigation.html.slim (1.4ms)
+  Rendered layouts/_messages.html.slim (0.1ms)
+Completed 200 OK in 115ms (Views: 106.5ms | ActiveRecord: 1.4ms)
+
+
+Started GET "/http_requests/77" for ::1 at 2016-05-14 23:50:08 -0400
+Processing by HttpRequestsController#show as HTML
+  Parameters: {"id"=>"77"}
+  HttpRequest Load (0.4ms)  SELECT  "http_requests".* FROM "http_requests" WHERE "http_requests"."id" = $1 LIMIT 1  [["id", 77]]
+  Login Load (0.3ms)  SELECT  "logins".* FROM "logins" WHERE "logins"."guid" = $1 LIMIT 1  [["guid", "ee034526-e252-4a82-935f-0d16a7fdddd8"]]
+  HttpRequest Load (0.5ms)  SELECT  "http_requests".* FROM "http_requests"  ORDER BY "http_requests"."id" DESC LIMIT 1
+  Rendered http_requests/show.html.slim within layouts/application (15.2ms)
+  Rendered layouts/_navigation_links.html.slim (0.1ms)
+  Rendered layouts/_navigation.html.slim (2.0ms)
+  Rendered layouts/_messages.html.slim (0.1ms)
+Completed 200 OK in 75ms (Views: 72.0ms | ActiveRecord: 1.2ms)
+
+
+Started GET "/http_requests/77" for ::1 at 2016-05-14 23:50:36 -0400
+Processing by HttpRequestsController#show as HTML
+  Parameters: {"id"=>"77"}
+  HttpRequest Load (0.3ms)  SELECT  "http_requests".* FROM "http_requests" WHERE "http_requests"."id" = $1 LIMIT 1  [["id", 77]]
+  Login Load (0.4ms)  SELECT  "logins".* FROM "logins" WHERE "logins"."guid" = $1 LIMIT 1  [["guid", "ee034526-e252-4a82-935f-0d16a7fdddd8"]]
+  HttpRequest Load (0.5ms)  SELECT  "http_requests".* FROM "http_requests"  ORDER BY "http_requests"."id" DESC LIMIT 1
+  Rendered http_requests/show.html.slim within layouts/application (10.9ms)
+  Rendered layouts/_navigation_links.html.slim (0.1ms)
+  Rendered layouts/_navigation.html.slim (1.1ms)
+  Rendered layouts/_messages.html.slim (0.0ms)
+Completed 200 OK in 65ms (Views: 62.2ms | ActiveRecord: 1.2ms)
+  Honeypot Load (0.6ms)  SELECT  "honeypots".* FROM "honeypots"  ORDER BY "honeypots"."id" ASC LIMIT 1
+   (0.5ms)  SELECT "honeypots"."ip" FROM "honeypots"
+   (0.4ms)  SELECT "honeypots"."ip" FROM "honeypots"
+
+
+Started GET "/http_requests/77" for ::1 at 2016-05-14 23:52:14 -0400
+Processing by HttpRequestsController#show as HTML
+  Parameters: {"id"=>"77"}
+  HttpRequest Load (0.4ms)  SELECT  "http_requests".* FROM "http_requests" WHERE "http_requests"."id" = $1 LIMIT 1  [["id", 77]]
+  Login Load (0.4ms)  SELECT  "logins".* FROM "logins" WHERE "logins"."guid" = $1 LIMIT 1  [["guid", "ee034526-e252-4a82-935f-0d16a7fdddd8"]]
+  HttpRequest Load (0.5ms)  SELECT  "http_requests".* FROM "http_requests"  ORDER BY "http_requests"."id" DESC LIMIT 1
+   (0.4ms)  SELECT "honeypots"."ip" FROM "honeypots"
+  Rendered http_requests/show.html.slim within layouts/application (16.0ms)
+  Rendered layouts/_navigation_links.html.slim (0.1ms)
+  Rendered layouts/_navigation.html.slim (1.7ms)
+  Rendered layouts/_messages.html.slim (0.1ms)
+Completed 200 OK in 110ms (Views: 83.7ms | ActiveRecord: 6.8ms)
+
+
+Started GET "/http_requests/77" for ::1 at 2016-05-14 23:52:19 -0400
+Processing by HttpRequestsController#show as HTML
+  Parameters: {"id"=>"77"}
+  HttpRequest Load (0.3ms)  SELECT  "http_requests".* FROM "http_requests" WHERE "http_requests"."id" = $1 LIMIT 1  [["id", 77]]
+  Login Load (0.2ms)  SELECT  "logins".* FROM "logins" WHERE "logins"."guid" = $1 LIMIT 1  [["guid", "ee034526-e252-4a82-935f-0d16a7fdddd8"]]
+  HttpRequest Load (0.5ms)  SELECT  "http_requests".* FROM "http_requests"  ORDER BY "http_requests"."id" DESC LIMIT 1
+   (0.2ms)  SELECT "honeypots"."ip" FROM "honeypots"
+  Rendered http_requests/show.html.slim within layouts/application (5.0ms)
+  Rendered layouts/_navigation_links.html.slim (0.1ms)
+  Rendered layouts/_navigation.html.slim (1.4ms)
+  Rendered layouts/_messages.html.slim (0.1ms)
+Completed 200 OK in 79ms (Views: 59.9ms | ActiveRecord: 5.7ms)

test/controllers/http_request_controller_test.rb

@@ -0,0 +1,14 @@
+require 'test_helper'
+
+class HttpRequestControllerTest < ActionController::TestCase
+  test "should get index" do
+    get :index
+    assert_response :success
+  end
+
+  test "should get show" do
+    get :show
+    assert_response :success
+  end
+
+end