diff options
author | Jeremy Kemper <jeremy@bitsweat.net> | 2008-12-15 18:22:35 -0800 |
---|---|---|
committer | Jeremy Kemper <jeremy@bitsweat.net> | 2008-12-15 18:22:35 -0800 |
commit | 89056885b030b981193d73ebde56cf60829a924c (patch) | |
tree | 9d432f7226754115ac4d2ef8aa1134221ff294bb /actionpack/test/activerecord | |
parent | 19be3d35b38b6685789d8d343617d465a3652717 (diff) | |
parent | 43ac42c46a462e1453b1b97da00e11bff7bba55d (diff) | |
download | rails-89056885b030b981193d73ebde56cf60829a924c.tar.gz rails-89056885b030b981193d73ebde56cf60829a924c.tar.bz2 rails-89056885b030b981193d73ebde56cf60829a924c.zip |
Merge branch 'master' of git@github.com:rails/rails
Diffstat (limited to 'actionpack/test/activerecord')
-rw-r--r-- | actionpack/test/activerecord/active_record_store_test.rb | 202 |
1 files changed, 95 insertions, 107 deletions
diff --git a/actionpack/test/activerecord/active_record_store_test.rb b/actionpack/test/activerecord/active_record_store_test.rb index 677d434f9c..6a75e6050d 100644 --- a/actionpack/test/activerecord/active_record_store_test.rb +++ b/actionpack/test/activerecord/active_record_store_test.rb @@ -1,140 +1,128 @@ -# These tests exercise CGI::Session::ActiveRecordStore, so you're going to -# need AR in a sibling directory to AP and have SQLite installed. require 'active_record_unit' -module CommonActiveRecordStoreTests - def test_basics - s = session_class.new(:session_id => '1234', :data => { 'foo' => 'bar' }) - assert_equal 'bar', s.data['foo'] - assert s.save - assert_equal 'bar', s.data['foo'] +class ActiveRecordStoreTest < ActionController::IntegrationTest + DispatcherApp = ActionController::Dispatcher.new + SessionApp = ActiveRecord::SessionStore.new(DispatcherApp, + :key => '_session_id') + SessionAppWithFixation = ActiveRecord::SessionStore.new(DispatcherApp, + :key => '_session_id', :cookie_only => false) - assert_not_nil t = session_class.find_by_session_id('1234') - assert_not_nil t.data - assert_equal 'bar', t.data['foo'] - end - - def test_reload_same_session - @new_session.update - reloaded = CGI::Session.new(CGI.new, 'session_id' => @new_session.session_id, 'database_manager' => CGI::Session::ActiveRecordStore) - assert_equal 'bar', reloaded['foo'] - end - - def test_tolerates_close_close - assert_nothing_raised do - @new_session.close - @new_session.close + class TestController < ActionController::Base + def no_session_access + head :ok end - end -end -class ActiveRecordStoreTest < ActiveRecordTestCase - include CommonActiveRecordStoreTests + def set_session_value + session[:foo] = params[:foo] || "bar" + head :ok + end - def session_class - CGI::Session::ActiveRecordStore::Session - end + def get_session_value + render :text => "foo: #{session[:foo].inspect}" + end - def session_id_column - "session_id" + def rescue_action(e) raise end end def setup - session_class.create_table! - - ENV['REQUEST_METHOD'] = 'GET' - ENV['REQUEST_URI'] = '/' - CGI::Session::ActiveRecordStore.session_class = session_class - - @cgi = CGI.new - @new_session = CGI::Session.new(@cgi, 'database_manager' => CGI::Session::ActiveRecordStore, 'new_session' => true) - @new_session['foo'] = 'bar' + ActiveRecord::SessionStore.session_class.create_table! + @integration_session = open_session(SessionApp) end -# this test only applies for eager session saving -# def test_another_instance -# @another = CGI::Session.new(@cgi, 'session_id' => @new_session.session_id, 'database_manager' => CGI::Session::ActiveRecordStore) -# assert_equal @new_session.session_id, @another.session_id -# end - - def test_model_attribute - assert_kind_of CGI::Session::ActiveRecordStore::Session, @new_session.model - assert_equal({ 'foo' => 'bar' }, @new_session.model.data) + def teardown + ActiveRecord::SessionStore.session_class.drop_table! end - def test_save_unloaded_session - c = session_class.connection - bogus_class = c.quote(ActiveSupport::Base64.encode64("\004\010o:\vBlammo\000")) - c.insert("INSERT INTO #{session_class.table_name} ('#{session_id_column}', 'data') VALUES ('abcdefghijklmnop', #{bogus_class})") + def test_setting_and_getting_session_value + with_test_route_set do + get '/set_session_value' + assert_response :success + assert cookies['_session_id'] - sess = session_class.find_by_session_id('abcdefghijklmnop') - assert_not_nil sess - assert !sess.loaded? + get '/get_session_value' + assert_response :success + assert_equal 'foo: "bar"', response.body - # because the session is not loaded, the save should be a no-op. If it - # isn't, this'll try and unmarshall the bogus class, and should get an error. - assert_nothing_raised { sess.save } - end + get '/set_session_value', :foo => "baz" + assert_response :success + assert cookies['_session_id'] - def teardown - session_class.drop_table! + get '/get_session_value' + assert_response :success + assert_equal 'foo: "baz"', response.body + end end -end -class ColumnLimitTest < ActiveRecordTestCase - def setup - @session_class = CGI::Session::ActiveRecordStore::Session - @session_class.create_table! + def test_getting_nil_session_value + with_test_route_set do + get '/get_session_value' + assert_response :success + assert_equal 'foo: nil', response.body + end end - def teardown - @session_class.drop_table! - end + def test_prevents_session_fixation + with_test_route_set do + get '/set_session_value' + assert_response :success + assert cookies['_session_id'] - def test_protection_from_data_larger_than_column - # Can't test this unless there is a limit - return unless limit = @session_class.data_column_size_limit - too_big = ':(' * limit - s = @session_class.new(:session_id => '666', :data => {'foo' => too_big}) - s.data - assert_raise(ActionController::SessionOverflowError) { s.save } - end -end + get '/get_session_value' + assert_response :success + assert_equal 'foo: "bar"', response.body + session_id = cookies['_session_id'] + assert session_id + + reset! -class DeprecatedActiveRecordStoreTest < ActiveRecordStoreTest - def session_id_column - "sessid" + get '/set_session_value', :_session_id => session_id, :foo => "baz" + assert_response :success + assert_equal nil, cookies['_session_id'] + + get '/get_session_value', :_session_id => session_id + assert_response :success + assert_equal 'foo: nil', response.body + assert_equal nil, cookies['_session_id'] + end end - def setup - session_class.connection.execute 'create table old_sessions (id integer primary key, sessid text unique, data text)' - session_class.table_name = 'old_sessions' - session_class.send :setup_sessid_compatibility! + def test_allows_session_fixation + @integration_session = open_session(SessionAppWithFixation) - ENV['REQUEST_METHOD'] = 'GET' - CGI::Session::ActiveRecordStore.session_class = session_class + with_test_route_set do + get '/set_session_value' + assert_response :success + assert cookies['_session_id'] - @new_session = CGI::Session.new(CGI.new, 'database_manager' => CGI::Session::ActiveRecordStore, 'new_session' => true) - @new_session['foo'] = 'bar' - end + get '/get_session_value' + assert_response :success + assert_equal 'foo: "bar"', response.body + session_id = cookies['_session_id'] + assert session_id - def teardown - session_class.connection.execute 'drop table old_sessions' - session_class.table_name = 'sessions' - end -end + reset! + @integration_session = open_session(SessionAppWithFixation) + + get '/set_session_value', :_session_id => session_id, :foo => "baz" + assert_response :success + assert_equal session_id, cookies['_session_id'] -class SqlBypassActiveRecordStoreTest < ActiveRecordStoreTest - def session_class - unless defined? @session_class - @session_class = CGI::Session::ActiveRecordStore::SqlBypass - @session_class.connection = CGI::Session::ActiveRecordStore::Session.connection + get '/get_session_value', :_session_id => session_id + assert_response :success + assert_equal 'foo: "baz"', response.body + assert_equal session_id, cookies['_session_id'] end - @session_class end - def test_model_attribute - assert_kind_of CGI::Session::ActiveRecordStore::SqlBypass, @new_session.model - assert_equal({ 'foo' => 'bar' }, @new_session.model.data) - end + private + def with_test_route_set + with_routing do |set| + set.draw do |map| + map.with_options :controller => "active_record_store_test/test" do |c| + c.connect "/:action" + end + end + yield + end + end end |