diff options
Diffstat (limited to 'actionpack/test/dispatch')
| -rw-r--r-- | actionpack/test/dispatch/cookies_test.rb | 91 | ||||
| -rw-r--r-- | actionpack/test/dispatch/debug_exceptions_test.rb | 12 | ||||
| -rw-r--r-- | actionpack/test/dispatch/mapper_test.rb | 2 | ||||
| -rw-r--r-- | actionpack/test/dispatch/mime_type_test.rb | 2 | ||||
| -rw-r--r-- | actionpack/test/dispatch/prefix_generation_test.rb | 126 | ||||
| -rw-r--r-- | actionpack/test/dispatch/request_test.rb | 2 | ||||
| -rw-r--r-- | actionpack/test/dispatch/session/cache_store_test.rb | 17 | ||||
| -rw-r--r-- | actionpack/test/dispatch/session/cookie_store_test.rb | 6 |
8 files changed, 151 insertions, 107 deletions
diff --git a/actionpack/test/dispatch/cookies_test.rb b/actionpack/test/dispatch/cookies_test.rb index 0f145666d1..f62e194ca9 100644 --- a/actionpack/test/dispatch/cookies_test.rb +++ b/actionpack/test/dispatch/cookies_test.rb @@ -21,6 +21,16 @@ class CookiesTest < ActionController::TestCase end end + class JSONWrapper + def initialize(obj) + @obj = obj + end + + def as_json(options = nil) + "wrapped: #{@obj.as_json(options)}" + end + end + class TestController < ActionController::Base def authenticate cookies["user_name"] = "david" @@ -85,6 +95,11 @@ class CookiesTest < ActionController::TestCase head :ok end + def set_wrapped_signed_cookie + cookies.signed[:user_id] = JSONWrapper.new(45) + head :ok + end + def get_signed_cookie cookies.signed[:user_id] head :ok @@ -95,6 +110,11 @@ class CookiesTest < ActionController::TestCase head :ok end + def set_wrapped_encrypted_cookie + cookies.encrypted[:foo] = JSONWrapper.new('bar') + head :ok + end + def get_encrypted_cookie cookies.encrypted[:foo] head :ok @@ -263,7 +283,7 @@ class CookiesTest < ActionController::TestCase def test_setting_the_same_value_to_permanent_cookie request.cookies[:user_name] = 'Jamie' get :set_permanent_cookie - assert_equal response.cookies, 'user_name' => 'Jamie' + assert_equal({'user_name' => 'Jamie'}, response.cookies) end def test_setting_with_escapable_characters @@ -369,6 +389,35 @@ class CookiesTest < ActionController::TestCase assert_equal 'Jamie', @controller.send(:cookies).permanent[:user_name] end + def test_signed_cookie_using_default_digest + get :set_signed_cookie + cookies = @controller.send :cookies + assert_not_equal 45, cookies[:user_id] + assert_equal 45, cookies.signed[:user_id] + + key_generator = @request.env["action_dispatch.key_generator"] + signed_cookie_salt = @request.env["action_dispatch.signed_cookie_salt"] + secret = key_generator.generate_key(signed_cookie_salt) + + verifier = ActiveSupport::MessageVerifier.new(secret, serializer: Marshal, digest: 'SHA1') + assert_equal verifier.generate(45), cookies[:user_id] + end + + def test_signed_cookie_using_custom_digest + @request.env["action_dispatch.cookies_digest"] = 'SHA256' + get :set_signed_cookie + cookies = @controller.send :cookies + assert_not_equal 45, cookies[:user_id] + assert_equal 45, cookies.signed[:user_id] + + key_generator = @request.env["action_dispatch.key_generator"] + signed_cookie_salt = @request.env["action_dispatch.signed_cookie_salt"] + secret = key_generator.generate_key(signed_cookie_salt) + + verifier = ActiveSupport::MessageVerifier.new(secret, serializer: Marshal, digest: 'SHA256') + assert_equal verifier.generate(45), cookies[:user_id] + end + def test_signed_cookie_using_default_serializer get :set_signed_cookie cookies = @controller.send :cookies @@ -392,6 +441,14 @@ class CookiesTest < ActionController::TestCase assert_equal 45, cookies.signed[:user_id] end + def test_wrapped_signed_cookie_using_json_serializer + @request.env["action_dispatch.cookies_serializer"] = :json + get :set_wrapped_signed_cookie + cookies = @controller.send :cookies + assert_not_equal 'wrapped: 45', cookies[:user_id] + assert_equal 'wrapped: 45', cookies.signed[:user_id] + end + def test_signed_cookie_using_custom_serializer @request.env["action_dispatch.cookies_serializer"] = CustomSerializer get :set_signed_cookie @@ -474,6 +531,17 @@ class CookiesTest < ActionController::TestCase assert_equal 'bar', cookies.encrypted[:foo] end + def test_wrapped_encrypted_cookie_using_json_serializer + @request.env["action_dispatch.cookies_serializer"] = :json + get :set_wrapped_encrypted_cookie + cookies = @controller.send :cookies + assert_not_equal 'wrapped: bar', cookies[:foo] + assert_raises ::JSON::ParserError do + cookies.signed[:foo] + end + assert_equal 'wrapped: bar', cookies.encrypted[:foo] + end + def test_encrypted_cookie_using_custom_serializer @request.env["action_dispatch.cookies_serializer"] = CustomSerializer get :set_encrypted_cookie @@ -481,6 +549,27 @@ class CookiesTest < ActionController::TestCase assert_equal 'bar was dumped and loaded', cookies.encrypted[:foo] end + def test_encrypted_cookie_using_custom_digest + @request.env["action_dispatch.cookies_digest"] = 'SHA256' + get :set_encrypted_cookie + cookies = @controller.send :cookies + assert_not_equal 'bar', cookies[:foo] + assert_equal 'bar', cookies.encrypted[:foo] + + sign_secret = @request.env["action_dispatch.key_generator"].generate_key(@request.env["action_dispatch.encrypted_signed_cookie_salt"]) + + sha1_verifier = ActiveSupport::MessageVerifier.new(sign_secret, serializer: ActiveSupport::MessageEncryptor::NullSerializer, digest: 'SHA1') + sha256_verifier = ActiveSupport::MessageVerifier.new(sign_secret, serializer: ActiveSupport::MessageEncryptor::NullSerializer, digest: 'SHA256') + + assert_raises(ActiveSupport::MessageVerifier::InvalidSignature) do + sha1_verifier.verify(cookies[:foo]) + end + + assert_nothing_raised do + sha256_verifier.verify(cookies[:foo]) + end + end + def test_encrypted_cookie_using_hybrid_serializer_can_migrate_marshal_dumped_value_to_json @request.env["action_dispatch.cookies_serializer"] = :hybrid diff --git a/actionpack/test/dispatch/debug_exceptions_test.rb b/actionpack/test/dispatch/debug_exceptions_test.rb index 24526fb00e..0add9fa3b0 100644 --- a/actionpack/test/dispatch/debug_exceptions_test.rb +++ b/actionpack/test/dispatch/debug_exceptions_test.rb @@ -151,37 +151,37 @@ class DebugExceptionsTest < ActionDispatch::IntegrationTest assert_response 500 assert_no_match(/<header>/, body) assert_no_match(/<body>/, body) - assert_equal response.content_type, "text/plain" + assert_equal "text/plain", response.content_type assert_match(/RuntimeError\npuke/, body) get "/not_found", {}, xhr_request_env assert_response 404 assert_no_match(/<body>/, body) - assert_equal response.content_type, "text/plain" + assert_equal "text/plain", response.content_type assert_match(/#{AbstractController::ActionNotFound.name}/, body) get "/method_not_allowed", {}, xhr_request_env assert_response 405 assert_no_match(/<body>/, body) - assert_equal response.content_type, "text/plain" + assert_equal "text/plain", response.content_type assert_match(/ActionController::MethodNotAllowed/, body) get "/unknown_http_method", {}, xhr_request_env assert_response 405 assert_no_match(/<body>/, body) - assert_equal response.content_type, "text/plain" + assert_equal "text/plain", response.content_type assert_match(/ActionController::UnknownHttpMethod/, body) get "/bad_request", {}, xhr_request_env assert_response 400 assert_no_match(/<body>/, body) - assert_equal response.content_type, "text/plain" + assert_equal "text/plain", response.content_type assert_match(/ActionController::BadRequest/, body) get "/parameter_missing", {}, xhr_request_env assert_response 400 assert_no_match(/<body>/, body) - assert_equal response.content_type, "text/plain" + assert_equal "text/plain", response.content_type assert_match(/ActionController::ParameterMissing/, body) end diff --git a/actionpack/test/dispatch/mapper_test.rb b/actionpack/test/dispatch/mapper_test.rb index 3e554a9cf6..889f9a4736 100644 --- a/actionpack/test/dispatch/mapper_test.rb +++ b/actionpack/test/dispatch/mapper_test.rb @@ -38,7 +38,7 @@ module ActionDispatch def test_mapping_requirements options = { :controller => 'foo', :action => 'bar', :via => :get } - m = Mapper::Mapping.build({}, FakeSet.new, '/store/:name(*rest)', options) + m = Mapper::Mapping.build({}, FakeSet.new, '/store/:name(*rest)', nil, options) _, _, requirements, _ = m.to_route assert_equal(/.+?/, requirements[:rest]) end diff --git a/actionpack/test/dispatch/mime_type_test.rb b/actionpack/test/dispatch/mime_type_test.rb index d29cc8473e..7f340ced41 100644 --- a/actionpack/test/dispatch/mime_type_test.rb +++ b/actionpack/test/dispatch/mime_type_test.rb @@ -124,7 +124,7 @@ class MimeTypeTest < ActiveSupport::TestCase end Mime::Type.register("text/foo", :foo) - assert_equal registered_mimes, [Mime::FOO] + assert_equal [Mime::FOO], registered_mimes ensure Mime::Type.unregister(:FOO) end diff --git a/actionpack/test/dispatch/prefix_generation_test.rb b/actionpack/test/dispatch/prefix_generation_test.rb index c6e4eefa7a..f90d5499d7 100644 --- a/actionpack/test/dispatch/prefix_generation_test.rb +++ b/actionpack/test/dispatch/prefix_generation_test.rb @@ -25,72 +25,47 @@ module TestGenerationPrefix include Rack::Test::Methods class BlogEngine < Rails::Engine - def self.routes - @routes ||= begin - routes = ActionDispatch::Routing::RouteSet.new - routes.draw do - get "/posts/:id", :to => "inside_engine_generating#show", :as => :post - get "/posts", :to => "inside_engine_generating#index", :as => :posts - get "/url_to_application", :to => "inside_engine_generating#url_to_application" - get "/polymorphic_path_for_engine", :to => "inside_engine_generating#polymorphic_path_for_engine" - get "/conflicting_url", :to => "inside_engine_generating#conflicting" - get "/foo", :to => "never#invoked", :as => :named_helper_that_should_be_invoked_only_in_respond_to_test - - get "/relative_path_root", :to => redirect("") - get "/relative_path_redirect", :to => redirect("foo") - get "/relative_option_root", :to => redirect(:path => "") - get "/relative_option_redirect", :to => redirect(:path => "foo") - get "/relative_custom_root", :to => redirect { |params, request| "" } - get "/relative_custom_redirect", :to => redirect { |params, request| "foo" } - - get "/absolute_path_root", :to => redirect("/") - get "/absolute_path_redirect", :to => redirect("/foo") - get "/absolute_option_root", :to => redirect(:path => "/") - get "/absolute_option_redirect", :to => redirect(:path => "/foo") - get "/absolute_custom_root", :to => redirect { |params, request| "/" } - get "/absolute_custom_redirect", :to => redirect { |params, request| "/foo" } - end - - routes - end - end - - def self.call(env) - env['action_dispatch.routes'] = routes - routes.call(env) + routes.draw do + get "/posts/:id", :to => "inside_engine_generating#show", :as => :post + get "/posts", :to => "inside_engine_generating#index", :as => :posts + get "/url_to_application", :to => "inside_engine_generating#url_to_application" + get "/polymorphic_path_for_engine", :to => "inside_engine_generating#polymorphic_path_for_engine" + get "/conflicting_url", :to => "inside_engine_generating#conflicting" + get "/foo", :to => "never#invoked", :as => :named_helper_that_should_be_invoked_only_in_respond_to_test + + get "/relative_path_root", :to => redirect("") + get "/relative_path_redirect", :to => redirect("foo") + get "/relative_option_root", :to => redirect(:path => "") + get "/relative_option_redirect", :to => redirect(:path => "foo") + get "/relative_custom_root", :to => redirect { |params, request| "" } + get "/relative_custom_redirect", :to => redirect { |params, request| "foo" } + + get "/absolute_path_root", :to => redirect("/") + get "/absolute_path_redirect", :to => redirect("/foo") + get "/absolute_option_root", :to => redirect(:path => "/") + get "/absolute_option_redirect", :to => redirect(:path => "/foo") + get "/absolute_custom_root", :to => redirect { |params, request| "/" } + get "/absolute_custom_redirect", :to => redirect { |params, request| "/foo" } end end - class RailsApplication - def self.routes - @routes ||= begin - routes = ActionDispatch::Routing::RouteSet.new - routes.draw do - scope "/:omg", :omg => "awesome" do - mount BlogEngine => "/blog", :as => "blog_engine" - end - get "/posts/:id", :to => "outside_engine_generating#post", :as => :post - get "/generate", :to => "outside_engine_generating#index" - get "/polymorphic_path_for_app", :to => "outside_engine_generating#polymorphic_path_for_app" - get "/polymorphic_path_for_engine", :to => "outside_engine_generating#polymorphic_path_for_engine" - get "/polymorphic_with_url_for", :to => "outside_engine_generating#polymorphic_with_url_for" - get "/conflicting_url", :to => "outside_engine_generating#conflicting" - get "/ivar_usage", :to => "outside_engine_generating#ivar_usage" - root :to => "outside_engine_generating#index" - end - - routes + class RailsApplication < Rails::Engine + routes.draw do + scope "/:omg", :omg => "awesome" do + mount BlogEngine => "/blog", :as => "blog_engine" end - end - - def self.call(env) - env['action_dispatch.routes'] = routes - routes.call(env) + get "/posts/:id", :to => "outside_engine_generating#post", :as => :post + get "/generate", :to => "outside_engine_generating#index" + get "/polymorphic_path_for_app", :to => "outside_engine_generating#polymorphic_path_for_app" + get "/polymorphic_path_for_engine", :to => "outside_engine_generating#polymorphic_path_for_engine" + get "/polymorphic_with_url_for", :to => "outside_engine_generating#polymorphic_with_url_for" + get "/conflicting_url", :to => "outside_engine_generating#conflicting" + get "/ivar_usage", :to => "outside_engine_generating#ivar_usage" + root :to => "outside_engine_generating#index" end end # force draw - RailsApplication.routes RailsApplication.routes.define_mounted_helper(:main_app) class ::InsideEngineGeneratingController < ActionController::Base @@ -162,19 +137,15 @@ module TestGenerationPrefix end def app - RailsApplication + RailsApplication.instance end - def engine_object - @engine_object ||= EngineObject.new - end - - def app_object - @app_object ||= AppObject.new - end + attr_reader :engine_object, :app_object def setup RailsApplication.routes.default_url_options = {} + @engine_object = EngineObject.new + @app_object = AppObject.new end include BlogEngine.routes.mounted_helpers @@ -396,27 +367,12 @@ module TestGenerationPrefix end end - class RailsApplication - def self.routes - @routes ||= begin - routes = ActionDispatch::Routing::RouteSet.new - routes.draw do - mount BlogEngine => "/" - end - - routes - end - end - - def self.call(env) - env['action_dispatch.routes'] = routes - routes.call(env) + class RailsApplication < Rails::Engine + routes.draw do + mount BlogEngine => "/" end end - # force draw - RailsApplication.routes - class ::PostsController < ActionController::Base include BlogEngine.routes.url_helpers include RailsApplication.routes.mounted_helpers @@ -427,7 +383,7 @@ module TestGenerationPrefix end def app - RailsApplication + RailsApplication.instance end test "generating path inside engine" do diff --git a/actionpack/test/dispatch/request_test.rb b/actionpack/test/dispatch/request_test.rb index 6737609567..fe9ee6f73d 100644 --- a/actionpack/test/dispatch/request_test.rb +++ b/actionpack/test/dispatch/request_test.rb @@ -640,7 +640,7 @@ end class RequestMethod < BaseRequestTest test "method returns environment's request method when it has not been - overriden by middleware".squish do + overridden by middleware".squish do ActionDispatch::Request::HTTP_METHODS.each do |method| request = stub_request('REQUEST_METHOD' => method) diff --git a/actionpack/test/dispatch/session/cache_store_test.rb b/actionpack/test/dispatch/session/cache_store_test.rb index b8479e8836..9f810cad01 100644 --- a/actionpack/test/dispatch/session/cache_store_test.rb +++ b/actionpack/test/dispatch/session/cache_store_test.rb @@ -148,16 +148,15 @@ class CacheStoreTest < ActionDispatch::IntegrationTest def test_prevents_session_fixation with_test_route_set do - get '/get_session_value' - assert_response :success - assert_equal 'foo: nil', response.body - session_id = cookies['_session_id'] + assert_equal nil, @cache.read('_session_id:0xhax') - reset! + cookies['_session_id'] = '0xhax' + get '/set_session_value' - get '/set_session_value', :_session_id => session_id assert_response :success - assert_not_equal session_id, cookies['_session_id'] + assert_not_equal '0xhax', cookies['_session_id'] + assert_equal nil, @cache.read('_session_id:0xhax') + assert_equal({'foo' => 'bar'}, @cache.read("_session_id:#{cookies['_session_id']}")) end end @@ -169,8 +168,8 @@ class CacheStoreTest < ActionDispatch::IntegrationTest end @app = self.class.build_app(set) do |middleware| - cache = ActiveSupport::Cache::MemoryStore.new - middleware.use ActionDispatch::Session::CacheStore, :key => '_session_id', :cache => cache + @cache = ActiveSupport::Cache::MemoryStore.new + middleware.use ActionDispatch::Session::CacheStore, :key => '_session_id', :cache => @cache middleware.delete "ActionDispatch::ShowExceptions" end diff --git a/actionpack/test/dispatch/session/cookie_store_test.rb b/actionpack/test/dispatch/session/cookie_store_test.rb index e99ff46edf..c5cd24d06e 100644 --- a/actionpack/test/dispatch/session/cookie_store_test.rb +++ b/actionpack/test/dispatch/session/cookie_store_test.rb @@ -86,7 +86,7 @@ class CookieStoreTest < ActionDispatch::IntegrationTest cookies[SessionKey] = SignedBar get '/persistent_session_id' assert_response :success - assert_equal response.body.size, 32 + assert_equal 32, response.body.size session_id = response.body get '/get_session_id' @@ -247,7 +247,7 @@ class CookieStoreTest < ActionDispatch::IntegrationTest cookies[SessionKey] = SignedBar get '/persistent_session_id' assert_response :success - assert_equal response.body.size, 32 + assert_equal 32, response.body.size session_id = response.body get '/persistent_session_id' assert_equal session_id, response.body @@ -263,7 +263,7 @@ class CookieStoreTest < ActionDispatch::IntegrationTest get "/get_session_id" sid = response.body - assert_equal sid.size, 36 + assert_equal 36, sid.size get "/change_session_id" assert_not_equal sid, response.body |