Sync with latest (2/13/2007) Instiki svn.

vendor/plugins/form_spam_protection/test/form_spam_protection_test.rb

@@ -0,0 +1,39 @@
+require File.dirname(__FILE__) + '/test_helper'
+
+class FormSpamProtectionTest < Test::Unit::TestCase
+  def setup
+    @controller = ProtectedController.new
+    @request    = ActionController::TestRequest.new
+    @response   = ActionController::TestResponse.new
+  end
+
+  def test_index_form_is_protected
+    get :index
+    assert_response :success
+    assert_select 'code input[type="hidden"]'
+  end
+  
+  def test_index_form_handler_is_protected
+    post :index
+    assert_response 403
+    assert_equal "You must have Javascript on to submit this form.", @response.body
+
+    get :index
+    form_key_tag = assert_select('code input[type="hidden"]').first
+    submit_with_valid_key = lambda { post :index, :_form_key => form_key_tag.attributes['value'] }
+    
+    submit_with_valid_key.call
+    assert_response :success
+    assert_equal "Submission successful", @response.body
+    
+    3.times(&submit_with_valid_key) # Total of 4 times
+    assert_response 403
+    assert_equal "You cannot resubmit this form again.", @response.body
+  end
+  
+  def test_unprotected_form_is_unprotected
+    get :unprotected
+    assert_response :success
+    assert_select 'input[type="hidden"]', false
+  end
+end

vendor/plugins/form_spam_protection/test/mocks/enkoder.rb

@@ -0,0 +1,14 @@
+require File.join(File.dirname(__FILE__), '../../vendor/enkoder/lib/enkoder')
+
+module ActionView
+  module Helpers
+    module TextHelper
+
+      # Don't really enkode, because our tests can't eval Javascript
+      def enkode( html, max_length=nil )
+        "<code>#{html}</code>"
+      end
+      
+    end
+  end
+end

vendor/plugins/form_spam_protection/test/test_helper.rb

@@ -0,0 +1,30 @@
+RAILS_ENV = 'test'
+require File.expand_path(File.join(File.dirname(__FILE__), '../../../../config/environment.rb'))
+require 'action_controller/test_process'
+require 'breakpoint'
+
+class ProtectedController < ActionController::Base
+  protect_forms_from_spam :only => :index
+  def index
+    if request.get?
+      render :inline => form
+    else
+      render :text => 'Submission successful'
+    end
+  end
+  
+  def unprotected
+    render :inline => form
+  end
+  
+  private
+  def form
+    <<-EOD
+    <% form_tag  do %>
+    	MyField: <%= text_field_tag 'testme' %>
+    	<%= submit_tag %>
+    <% end  %>
+    EOD
+  end
+
+end