aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/test/controller/api
Commit message (Collapse)AuthorAgeFilesLines
* Enable `Layout/EmptyLinesAroundAccessModifier` copRyuta Kamizono2019-06-131-1/+0
| | | | | | | | | | | We sometimes say "✂️ newline after `private`" in a code review (e.g. https://github.com/rails/rails/pull/18546#discussion_r23188776, https://github.com/rails/rails/pull/34832#discussion_r244847195). Now `Layout/EmptyLinesAroundAccessModifier` cop have new enforced style `EnforcedStyle: only_before` (https://github.com/rubocop-hq/rubocop/pull/7059). That cop and enforced style will reduce the our code review cost.
* Deprecate controller level force_sslDerek Prior2018-03-301-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Today there are two common ways for Rails developers to force their applications to communicate over HTTPS: * `config.force_ssl` is a setting in environment configurations that enables the `ActionDispatch::SSL` middleware. With this middleware enabled, all HTTP communication to your application will be redirected to HTTPS. The middleware also takes care of other best practices by setting HSTS headers, upgrading all cookies to secure only, etc. * The `force_ssl` controller method redirects HTTP requests to certain controllers to HTTPS. As a consultant, I've seen many applications with misconfigured HTTPS setups due to developers adding `force_ssl` to `ApplicationController` and not enabling `config.force_ssl`. With this configuration, many application requests can be served over HTTP such as assets, requests that hit mounted engines, etc. In addition, because cookies are not upgraded to secure only in this configuration and HSTS headers are not set, it's possible for cookies that are meant to be secure to be sent over HTTP. The confusion between these two methods of forcing HTTPS is compounded by the fact that they share an identical name. This makes finding documentation on the "right" method confusing. HTTPS throughout is quickly becomming table stakes for all web sites. Sites are expected to operate over HTTPS for all communication, sensitive or otherwise. Let's encourage use of the broader-reaching `ActionDispatch::SSL` middleware and elminate this source of user confusion. If, for some reason, applications need to expose certain endpoints over HTTP they can do so by properly configuring `config.ssl_options`.
* Use assert_predicate and assert_not_predicateDaniel Colson2018-01-251-1/+1
|
* Use frozen string literal in actionpack/Kir Shatrov2017-07-2910-0/+20
|
* Revert "Merge pull request #29540 from kirs/rubocop-frozen-string"Matthew Draper2017-07-0210-10/+0
| | | | | This reverts commit 3420a14590c0e6915d8b6c242887f74adb4120f9, reversing changes made to afb66a5a598ce4ac74ad84b125a5abf046dcf5aa.
* Enforce frozen string in RubocopKir Shatrov2017-07-0110-0/+10
|
* Define path with __dir__bogdanvlviv2017-05-231-1/+1
| | | | | | ".. with __dir__ we can restore order in the Universe." - by @fxn Related to 5b8738c2df003a96f0e490c43559747618d10f5f
* Add test to make sure subclasses also get helpersRafael Mendonça França2017-03-291-0/+16
|
* Make sure that ActionController::Api can include helpersRafael Mendonça França2017-03-271-0/+26
| | | | Closes #28554
* Remove deprecated support to :text in renderRafael Mendonça França2016-10-101-12/+0
|
* Add three new rubocop rulesRafael Mendonça França2016-08-161-1/+1
| | | | | | | | Style/SpaceBeforeBlockBraces Style/SpaceInsideBlockBraces Style/SpaceInsideHashLiteralBraces Fix all violations in the repository.
* normalizes indentation and whitespace across the projectXavier Noria2016-08-061-3/+3
|
* applies new string literal convention in actionpack/testXavier Noria2016-08-069-30/+30
| | | | | The current code base is not uniform. After some discussion, we have chosen to go with double quotes by default.
* Fixes #24239Ryan T. Hosford2016-04-041-0/+21
| | | | | - skip calling helper_method if it's not there: if we don't have helpers, we needn't define one. - tests that an api controller can include and use ActionController::Cookies
* - Fix warning introduced in ↵Vipul A M2016-01-221-1/+3
| | | | | | https://github.com/vipulnsward/rails/commit/77acc004efad07dfd4d4f83be14ef897968a3fd9 when fixing API responses. - render :text is deprecated, so added an assertion for it.
* Re-add ActionController::ApiRenderingJon Moss2016-01-201-0/+20
| | | | | - Fixes bug #23142. - Bug was occurring only with ActionController::API, because `_process_options` wasn't being run for API requests, even though it was being run for normal app requests.
* Stop using deprecated `render :text` in testPrem Sichanugrist2015-07-171-2/+2
| | | | | | | | | This will silence deprecation warnings. Most of the test can be changed from `render :text` to render `:plain` or `render :body` right away. However, there are some tests that needed to be fixed by hand as they actually assert the default Content-Type returned from `render :body`.
* Make AC::Parameters not inherited from HashPrem Sichanugrist2015-07-151-1/+1
| | | | | | | | This is another take at #14384 as we decided to wait until `master` is targeting Rails 5.0. This commit is implementation-complete, as it guarantees that all the public methods on the hash-inherited Parameters are still working (based on test case). We can decide to follow-up later if we want to remove some methods out from Parameters.
* Return 204 if render is not called in API controllersJorge Bejar2015-06-111-0/+15
|
* Include ParamsWrapper in AC::APIJorge Bejar2015-06-111-0/+26
| | | | | | | | | ParamsWrapper was initially removed from API controllers according to the following discusision: https://github.com/rails-api/rails-api/issues/33 However, we're including it again so Rails API devs can decide whether to enable or disable it.
* Rename test methods in api conditional get controller testsJorge Bejar2015-06-111-2/+2
|
* Use new hash syntaxSantiago Pastorino2015-06-112-7/+7
|
* Use nex hash syntax on testsSantiago Pastorino2015-06-111-5/+5
|
* Move Model test class inside RenderersApiController namespaceSantiago Pastorino2015-06-111-8/+8
|
* Add ActionController API functionalitySantiago Pastorino2015-06-116-0/+180
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-28 16:27:38 +0000