deac/instiki
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Rails 2.1.1

Browse source 
Among other things, a security fix.
This commit is contained in:
Jacques Distler 2008-09-07 00:54:05 -05:00
parent d2c4c8737c
commit d4f97345db
354 changed files with 21027 additions and 3072 deletions
Download patch file Download diff file Expand all files Collapse all files

29
vendor/rails/actionpack/test/controller/action_pack_assertions_test.rb vendored
View file

@ -137,6 +137,9 @@ class AssertResponseWithUnexpectedErrorController < ActionController::Base
end
end
class UserController < ActionController::Base
end
module Admin
class InnerModuleController < ActionController::Base
def index
@ -174,7 +177,7 @@ class ActionPackAssertionsControllerTest < Test::Unit::TestCase
# let's get this party started
def setup
ActionController::Routing::Routes.reload
ActionController::Routing.use_controllers!(%w(action_pack_assertions admin/inner_module content admin/user))
ActionController::Routing.use_controllers!(%w(action_pack_assertions admin/inner_module user content admin/user))
@controller = ActionPackAssertionsController.new
@request, @response = ActionController::TestRequest.new, ActionController::TestResponse.new
end
@ -268,7 +271,7 @@ class ActionPackAssertionsControllerTest < Test::Unit::TestCase
assert_redirected_to admin_inner_module_path
end
end
def test_assert_redirected_to_top_level_named_route_from_nested_controller
with_routing do |set|
set.draw do |map|
@ -277,11 +280,25 @@ class ActionPackAssertionsControllerTest < Test::Unit::TestCase
end
@controller = Admin::InnerModuleController.new
process :redirect_to_top_level_named_route
# passes -> assert_redirected_to "http://test.host/action_pack_assertions/foo"
# assert_redirected_to "http://test.host/action_pack_assertions/foo" would pass because of exact match early return
assert_redirected_to "/action_pack_assertions/foo"
end
end
def test_assert_redirected_to_top_level_named_route_with_same_controller_name_in_both_namespaces
with_routing do |set|
set.draw do |map|
# this controller exists in the admin namespace as well which is the only difference from previous test
map.top_level '/user/:id', :controller => 'user', :action => 'index'
map.connect ':controller/:action/:id'
end
@controller = Admin::InnerModuleController.new
process :redirect_to_top_level_named_route
# assert_redirected_to top_level_url('foo') would pass because of exact match early return
assert_redirected_to top_level_path('foo')
end
end
# -- standard request/response object testing --------------------------------
# make sure that the template objects exist
@ -406,7 +423,7 @@ class ActionPackAssertionsControllerTest < Test::Unit::TestCase
process :redirect_to_action
assert_redirected_to :action => "flash_me"
follow_redirect
assert_deprecated { follow_redirect }
assert_equal 1, @request.parameters["id"].to_i
assert "Inconceivable!", @response.body
@ -416,7 +433,9 @@ class ActionPackAssertionsControllerTest < Test::Unit::TestCase
process :redirect_to_controller
assert_redirected_to :controller => "elsewhere", :action => "flash_me"
assert_raises(RuntimeError, "Can't follow redirects outside of current controller (elsewhere)") { follow_redirect }
assert_raises(RuntimeError, "Can't follow redirects outside of current controller (elsewhere)") do
assert_deprecated { follow_redirect }
end
end
def test_assert_redirection_fails_with_incorrect_controller

7
vendor/rails/actionpack/test/controller/assert_select_test.rb vendored
View file

@ -568,7 +568,12 @@ class AssertSelectTest < Test::Unit::TestCase
assert_select "div", 4
end
end
def test_assert_select_rjs_raise_errors
assert_raises(ArgumentError) { assert_select_rjs(:destroy) }
assert_raises(ArgumentError) { assert_select_rjs(:insert, :left) }
end
# Simple selection from a single result.
def test_nested_assert_select_rjs_with_single_result
render_rjs do |page|

38
vendor/rails/actionpack/test/controller/base_test.rb vendored
View file

@ -7,6 +7,7 @@ module Submodule
end
class ContainedNonEmptyController < ActionController::Base
def public_action
render :nothing => true
end
hide_action :hidden_action
@ -105,6 +106,18 @@ end
class PerformActionTest < Test::Unit::TestCase
class MockLogger
attr_reader :logged
def initialize
@logged = []
end
def method_missing(method, *args)
@logged << args.first
end
end
def use_controller(controller_class)
@controller = controller_class.new
@ -142,6 +155,13 @@ class PerformActionTest < Test::Unit::TestCase
get :another_hidden_action
assert_response 404
end
def test_namespaced_action_should_log_module_name
use_controller Submodule::ContainedNonEmptyController
@controller.logger = MockLogger.new
get :public_action
assert_match /Processing\sSubmodule::ContainedNonEmptyController#public_action/, @controller.logger.logged[1]
end
end
class DefaultUrlOptionsTest < Test::Unit::TestCase
@ -169,6 +189,22 @@ class DefaultUrlOptionsTest < Test::Unit::TestCase
end
end
class EmptyUrlOptionsTest < Test::Unit::TestCase
def setup
@controller = NonEmptyController.new
@request = ActionController::TestRequest.new
@response = ActionController::TestResponse.new
@request.host = 'www.example.com'
end
def test_ensure_url_for_works_as_expected_when_called_with_no_options_if_default_url_options_is_not_set
get :public_action
assert_equal "http://www.example.com/non_empty/public_action", @controller.url_for
end
end
class EnsureNamedRoutesWorksTicket22BugTest < Test::Unit::TestCase
def test_named_routes_still_work
ActionController::Routing::Routes.draw do |map|
@ -180,4 +216,4 @@ class EnsureNamedRoutesWorksTicket22BugTest < Test::Unit::TestCase
ensure
ActionController::Routing::Routes.load!
end
end
end

4
vendor/rails/actionpack/test/controller/dispatcher_test.rb vendored
View file

@ -27,14 +27,14 @@ class DispatcherTest < Test::Unit::TestCase
def test_clears_dependencies_after_dispatch_if_in_loading_mode
ActionController::Routing::Routes.expects(:reload).once
Dependencies.expects(:clear).once
ActiveSupport::Dependencies.expects(:clear).once
dispatch(@output, false)
end
def test_leaves_dependencies_after_dispatch_if_not_in_loading_mode
ActionController::Routing::Routes.expects(:reload).never
Dependencies.expects(:clear).never
ActiveSupport::Dependencies.expects(:clear).never
dispatch
end

25
vendor/rails/actionpack/test/controller/html-scanner/document_test.rb vendored
View file

@ -120,4 +120,29 @@ HTML
assert doc.find(:tag => "div", :attributes => { :id => "map" }, :content => "")
assert doc.find(:tag => "div", :attributes => { :id => "map" }, :content => nil)
end
def test_parse_invalid_document
assert_nothing_raised do
doc = HTML::Document.new("<html>
<table>
<tr>
<td style=\"color: #FFFFFF; height: 17px; onclick=\"window.location.href='http://www.rmeinc.com/about_rme.aspx'\" style=\"cursor:pointer; height: 17px;\"; nowrap onclick=\"window.location.href='http://www.rmeinc.com/about_rme.aspx'\" onmouseout=\"this.bgColor='#0066cc'; this.style.color='#FFFFFF'\" onmouseover=\"this.bgColor='#ffffff'; this.style.color='#0033cc'\">About Us</td>
</tr>
</table>
</html>")
end
end
def test_invalid_document_raises_exception_when_strict
assert_raises RuntimeError do
doc = HTML::Document.new("<html>
<table>
<tr>
<td style=\"color: #FFFFFF; height: 17px; onclick=\"window.location.href='http://www.rmeinc.com/about_rme.aspx'\" style=\"cursor:pointer; height: 17px;\"; nowrap onclick=\"window.location.href='http://www.rmeinc.com/about_rme.aspx'\" onmouseout=\"this.bgColor='#0066cc'; this.style.color='#FFFFFF'\" onmouseover=\"this.bgColor='#ffffff'; this.style.color='#0033cc'\">About Us</td>
</tr>
</table>
</html>", true)
end
end
end

2
vendor/rails/actionpack/test/controller/integration_upload_test.rb vendored
View file

@ -28,7 +28,7 @@ class SessionUploadTest < ActionController::IntegrationTest
# end
def test_post_with_upload
uses_mocha "test_post_with_upload" do
Dependencies.stubs(:load?).returns(false)
ActiveSupport::Dependencies.stubs(:load?).returns(false)
with_routing do |set|
set.draw do |map|
map.update 'update', :controller => "upload_test", :action => "update", :method => :post

25
vendor/rails/actionpack/test/controller/new_render_test.rb vendored
View file

@ -68,6 +68,11 @@ class NewRenderTestController < ActionController::Base
path = File.join(File.dirname(__FILE__), '../fixtures/test/render_file_with_ivar.erb')
render :file => path
end
def render_file_from_template
@secret = 'in the sauce'
@path = File.expand_path(File.join(File.dirname(__FILE__), '../fixtures/test/render_file_with_ivar.erb'))
end
def render_file_with_locals
path = File.join(File.dirname(__FILE__), '../fixtures/test/render_file_with_locals.erb')
@ -259,6 +264,10 @@ class NewRenderTestController < ActionController::Base
render :template => "test/hello_world"
end
def render_with_explicit_template_with_locals
render :template => "test/render_file_with_locals", :locals => { :secret => 'area51' }
end
def double_render
render :text => "hello"
render :text => "world"
@ -531,6 +540,11 @@ class NewRenderTest < Test::Unit::TestCase
get :render_file_with_locals
assert_equal "The secret is in the sauce\n", @response.body
end
def test_render_file_from_template
get :render_file_from_template
assert_equal "The secret is in the sauce\n", @response.body
end
def test_attempt_to_access_object_method
assert_raises(ActionController::UnknownAction, "No action responded to [clone]") { get :clone }
@ -742,7 +756,7 @@ EOS
def test_partial_collection_with_counter
get :partial_collection_with_counter
assert_equal "david1mary2", @response.body
assert_equal "david0mary1", @response.body
end
def test_partial_collection_with_locals
@ -762,7 +776,7 @@ EOS
def test_partial_collection_shorthand_with_different_types_of_records
get :partial_collection_shorthand_with_different_types_of_records
assert_equal "Bonjour bad customer: mark1Bonjour good customer: craig2Bonjour bad customer: john3Bonjour good customer: zach4Bonjour good customer: brandon5Bonjour bad customer: dan6", @response.body
assert_equal "Bonjour bad customer: mark0Bonjour good customer: craig1Bonjour bad customer: john2Bonjour good customer: zach3Bonjour good customer: brandon4Bonjour bad customer: dan5", @response.body
end
def test_empty_partial_collection
@ -800,7 +814,12 @@ EOS
get :render_text_with_assigns
assert_equal "world", assigns["hello"]
end
def test_template_with_locals
get :render_with_explicit_template_with_locals
assert_equal "The secret is area51\n", @response.body
end
def test_update_page
get :update_page
assert_template nil

33
vendor/rails/actionpack/test/controller/polymorphic_routes_test.rb vendored
View file

@ -118,6 +118,39 @@ uses_mocha 'polymorphic URL helpers' do
polymorphic_url([:site, :admin, @article, @response, @tag])
end
def test_nesting_with_array_ending_in_singleton_resource
expects(:article_response_url).with(@article)
polymorphic_url([@article, :response])
end
def test_nesting_with_array_containing_singleton_resource
@tag = Tag.new
@tag.save
expects(:article_response_tag_url).with(@article, @tag)
polymorphic_url([@article, :response, @tag])
end
def test_nesting_with_array_containing_namespace_and_singleton_resource
@tag = Tag.new
@tag.save
expects(:admin_article_response_tag_url).with(@article, @tag)
polymorphic_url([:admin, @article, :response, @tag])
end
def test_nesting_with_array_containing_singleton_resource_and_format
@tag = Tag.new
@tag.save
expects(:formatted_article_response_tag_url).with(@article, @tag, :pdf)
formatted_polymorphic_url([@article, :response, @tag, :pdf])
end
def test_nesting_with_array_containing_singleton_resource_and_format_option
@tag = Tag.new
@tag.save
expects(:article_response_tag_url).with(@article, @tag, :pdf)
polymorphic_url([@article, :response, @tag], :format => :pdf)
end
# TODO: Needs to be updated to correctly know about whether the object is in a hash or not
def xtest_with_hash
expects(:article_url).with(@article)

2
vendor/rails/actionpack/test/controller/render_test.rb vendored
View file

@ -103,7 +103,7 @@ class TestController < ActionController::Base
def render_line_offset
begin
render :inline => '<% raise %>', :locals => {:foo => 'bar'}
rescue => exc
rescue RuntimeError => exc
end
line = exc.backtrace.first
render :text => line

6
vendor/rails/actionpack/test/controller/request_test.rb vendored
View file

@ -12,6 +12,9 @@ class RequestTest < Test::Unit::TestCase
@request.remote_addr = '1.2.3.4'
assert_equal '1.2.3.4', @request.remote_ip
@request.remote_addr = '1.2.3.4,3.4.5.6'
assert_equal '1.2.3.4', @request.remote_ip
@request.env['HTTP_CLIENT_IP'] = '2.3.4.5'
assert_equal '1.2.3.4', @request.remote_ip
@ -59,6 +62,9 @@ class RequestTest < Test::Unit::TestCase
assert_match /HTTP_X_FORWARDED_FOR="9.9.9.9, 3.4.5.6, 10.0.0.1, 172.31.4.4"/, e.message
assert_match /HTTP_CLIENT_IP="8.8.8.8"/, e.message
@request.env['HTTP_X_FORWARDED_FOR'] = '8.8.8.8, 9.9.9.9'
assert_equal '8.8.8.8', @request.remote_ip
@request.env.delete 'HTTP_CLIENT_IP'
@request.env.delete 'HTTP_X_FORWARDED_FOR'
end

32
vendor/rails/actionpack/test/controller/resources_test.rb vendored
View file

@ -28,18 +28,16 @@ module Backoffice
end
class ResourcesTest < Test::Unit::TestCase
# The assertions in these tests are incompatible with the hash method
# optimisation. This could indicate user level problems
def setup
ActionController::Base.optimise_named_routes = false
end
def tear_down
def teardown
ActionController::Base.optimise_named_routes = true
end
def test_should_arrange_actions
resource = ActionController::Resources::Resource.new(:messages,
:collection => { :rss => :get, :reorder => :post, :csv => :post },
@ -159,14 +157,14 @@ class ResourcesTest < Test::Unit::TestCase
def test_with_collection_actions_and_name_prefix
actions = { 'a' => :get, 'b' => :put, 'c' => :post, 'd' => :delete }
with_restful_routing :messages, :path_prefix => '/threads/:thread_id', :name_prefix => "thread_", :collection => actions do
assert_restful_routes_for :messages, :path_prefix => 'threads/1/', :name_prefix => 'thread_', :options => { :thread_id => '1' } do |options|
actions.each do |action, method|
assert_recognizes(options.merge(:action => action), :path => "/threads/1/messages/#{action}", :method => method)
end
end
assert_restful_named_routes_for :messages, :path_prefix => 'threads/1/', :name_prefix => 'thread_', :options => { :thread_id => '1' } do |options|
actions.keys.each do |action|
assert_named_route "/threads/1/messages/#{action}", "#{action}_thread_messages_path", :action => action
@ -177,14 +175,14 @@ class ResourcesTest < Test::Unit::TestCase
def test_with_collection_action_and_name_prefix_and_formatted
actions = { 'a' => :get, 'b' => :put, 'c' => :post, 'd' => :delete }
with_restful_routing :messages, :path_prefix => '/threads/:thread_id', :name_prefix => "thread_", :collection => actions do
assert_restful_routes_for :messages, :path_prefix => 'threads/1/', :name_prefix => 'thread_', :options => { :thread_id => '1' } do |options|
actions.each do |action, method|
assert_recognizes(options.merge(:action => action, :format => 'xml'), :path => "/threads/1/messages/#{action}.xml", :method => method)
end
end
assert_restful_named_routes_for :messages, :path_prefix => 'threads/1/', :name_prefix => 'thread_', :options => { :thread_id => '1' } do |options|
actions.keys.each do |action|
assert_named_route "/threads/1/messages/#{action}.xml", "formatted_#{action}_thread_messages_path", :action => action, :format => 'xml'
@ -279,7 +277,7 @@ class ResourcesTest < Test::Unit::TestCase
end
end
end
def test_with_new_action_with_name_prefix
with_restful_routing :messages, :new => { :preview => :post }, :path_prefix => '/threads/:thread_id', :name_prefix => 'thread_' do
preview_options = {:action => 'preview', :thread_id => '1'}
@ -293,7 +291,7 @@ class ResourcesTest < Test::Unit::TestCase
end
end
end
def test_with_formatted_new_action_with_name_prefix
with_restful_routing :messages, :new => { :preview => :post }, :path_prefix => '/threads/:thread_id', :name_prefix => 'thread_' do
preview_options = {:action => 'preview', :thread_id => '1', :format => 'xml'}
@ -307,7 +305,7 @@ class ResourcesTest < Test::Unit::TestCase
end
end
end
def test_override_new_method
with_restful_routing :messages do
assert_restful_routes_for :messages do |options|
@ -524,9 +522,9 @@ class ResourcesTest < Test::Unit::TestCase
map.resources :messages, :collection => {:search => :get}, :new => {:preview => :any}, :name_prefix => 'thread_', :path_prefix => '/threads/:thread_id'
map.resource :account, :member => {:login => :get}, :new => {:preview => :any}, :name_prefix => 'admin_', :path_prefix => '/admin'
end
action_separator = ActionController::Base.resource_action_separator
assert_simply_restful_for :messages, :name_prefix => 'thread_', :path_prefix => 'threads/1/', :options => { :thread_id => '1' }
assert_named_route "/threads/1/messages#{action_separator}search", "search_thread_messages_path", {}
assert_named_route "/threads/1/messages/new", "new_thread_message_path", {}
@ -623,7 +621,7 @@ class ResourcesTest < Test::Unit::TestCase
assert_simply_restful_for :products, :controller => "backoffice/products"
end
end
def test_nested_resources_using_namespace
with_routing do |set|
set.draw do |map|
@ -795,7 +793,7 @@ class ResourcesTest < Test::Unit::TestCase
yield options[:options] if block_given?
end
def assert_singleton_routes_for(singleton_name, options = {})
options[:options] ||= {}
options[:options][:controller] = options[:controller] || singleton_name.to_s.pluralize
@ -855,7 +853,7 @@ class ResourcesTest < Test::Unit::TestCase
actual = @controller.send(route, options) rescue $!.class.name
assert_equal expected, actual, "Error on route: #{route}(#{options.inspect})"
end
def assert_resource_methods(expected, resource, action_method, method)
assert_equal expected.length, resource.send("#{action_method}_methods")[method].size, "#{resource.send("#{action_method}_methods")[method].inspect}"
expected.each do |action|

24
vendor/rails/actionpack/test/controller/routing_test.rb vendored
View file

@ -1983,6 +1983,26 @@ class RouteSetTest < Test::Unit::TestCase
Object.send(:remove_const, :Api)
end
def test_namespace_with_path_prefix
Object.const_set(:Api, Module.new { |m| m.const_set(:ProductsController, Class.new) })
set.draw do |map|
map.namespace 'api', :path_prefix => 'prefix' do |api|
api.route 'inventory', :controller => "products", :action => 'inventory'
end
end
request.path = "/prefix/inventory"
request.method = :get
assert_nothing_raised { set.recognize(request) }
assert_equal("api/products", request.path_parameters[:controller])
assert_equal("inventory", request.path_parameters[:action])
ensure
Object.send(:remove_const, :Api)
end
def test_generate_finds_best_fit
set.draw do |map|
map.connect "/people", :controller => "people", :action => "index"
@ -2392,10 +2412,10 @@ uses_mocha 'route loading' do
end
def test_adding_inflections_forces_reload
Inflector::Inflections.instance.expects(:uncountable).with('equipment')
ActiveSupport::Inflector::Inflections.instance.expects(:uncountable).with('equipment')
routes.expects(:reload!)
Inflector.inflections { |inflect| inflect.uncountable('equipment') }
ActiveSupport::Inflector.inflections { |inflect| inflect.uncountable('equipment') }
end
def test_load_with_configuration

13
vendor/rails/actionpack/test/controller/test_test.rb vendored
View file

@ -531,6 +531,11 @@ XML
assert_equal content_type, file.content_type
assert_equal file.path, file.local_path
assert_equal expected, file.read
new_content_type = "new content_type"
file.content_type = new_content_type
assert_equal new_content_type, file.content_type
end
def test_test_uploaded_file_with_binary
@ -571,7 +576,9 @@ XML
get :redirect_to_same_controller
assert_response :redirect
assert_redirected_to :controller => 'test_test/test', :action => 'test_uri', :id => 5
assert_nothing_raised { follow_redirect }
assert_deprecated 'follow_redirect' do
assert_nothing_raised { follow_redirect }
end
end
end
@ -580,7 +587,9 @@ XML
get :redirect_to_different_controller
assert_response :redirect
assert_redirected_to :controller => 'fail', :id => 5
assert_raise(RuntimeError) { follow_redirect }
assert_raise(RuntimeError) do
assert_deprecated { follow_redirect }
end
end
end

51
vendor/rails/actionpack/test/controller/verification_test.rb vendored
View file

@ -21,10 +21,10 @@ class VerificationTest < Test::Unit::TestCase
verify :only => :guarded_by_method, :method => :post,
:redirect_to => { :action => "unguarded" }
verify :only => :guarded_by_xhr, :xhr => true,
:redirect_to => { :action => "unguarded" }
verify :only => :guarded_by_not_xhr, :xhr => false,
:redirect_to => { :action => "unguarded" }
@ -39,10 +39,13 @@ class VerificationTest < Test::Unit::TestCase
verify :only => :no_default_action, :params => "santa"
verify :only => :guarded_with_back, :method => :post,
:redirect_to => :back
def guarded_one
render :text => "#{params[:one]}"
end
def guarded_one_for_named_route_test
render :text => "#{params[:one]}"
end
@ -70,11 +73,11 @@ class VerificationTest < Test::Unit::TestCase
def guarded_by_method
render :text => "#{request.method}"
end
def guarded_by_xhr
render :text => "#{request.xhr?}"
end
def guarded_by_not_xhr
render :text => "#{request.xhr?}"
end
@ -86,15 +89,19 @@ class VerificationTest < Test::Unit::TestCase
def two_redirects
render :nothing => true
end
def must_be_post
render :text => "Was a post!"
end
def guarded_with_back
render :text => "#{params[:one]}"
end
def no_default_action
# Will never run
end
protected
def rescue_action(e) raise end
@ -109,7 +116,17 @@ class VerificationTest < Test::Unit::TestCase
@response = ActionController::TestResponse.new
ActionController::Routing::Routes.add_named_route :foo, '/foo', :controller => 'test', :action => 'foo'
end
def test_using_symbol_back_with_no_referrer
assert_raise(ActionController::RedirectBackError) { get :guarded_with_back }
end
def test_using_symbol_back_redirects_to_referrer
@request.env["HTTP_REFERER"] = "/foo"
get :guarded_with_back
assert_redirected_to '/foo'
end
def test_no_deprecation_warning_for_named_route
assert_not_deprecated do
get :guarded_one_for_named_route_test, :two => "not one"
@ -209,44 +226,44 @@ class VerificationTest < Test::Unit::TestCase
get :guarded_by_method
assert_redirected_to :action => "unguarded"
end
def test_guarded_by_xhr_with_prereqs
xhr :post, :guarded_by_xhr
assert_equal "true", @response.body
end
def test_guarded_by_xhr_without_prereqs
get :guarded_by_xhr
assert_redirected_to :action => "unguarded"
end
def test_guarded_by_not_xhr_with_prereqs
get :guarded_by_not_xhr
assert_equal "false", @response.body
end
def test_guarded_by_not_xhr_without_prereqs
xhr :post, :guarded_by_not_xhr
assert_redirected_to :action => "unguarded"
end
def test_guarded_post_and_calls_render_succeeds
post :must_be_post
assert_equal "Was a post!", @response.body
end
def test_default_failure_should_be_a_bad_request
post :no_default_action
assert_response :bad_request
end
def test_guarded_post_and_calls_render_fails_and_sets_allow_header
get :must_be_post
assert_response 405
assert_equal "Must be post", @response.body
assert_equal "POST", @response.headers["Allow"]
end
def test_second_redirect
assert_nothing_raised { get :two_redirects }
end