aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/test/controller
Commit message (Collapse)AuthorAgeFilesLines
* Show unpermitted parameters as symbols in logs (so they could be copy-pasted ↵Igor Kasyanchuk2016-08-101-4/+4
| | | | to the code)
* code gardening: removes redundant selfsXavier Noria2016-08-082-2/+2
| | | | | | | | | A few have been left for aesthetic reasons, but have made a pass and removed most of them. Note that if the method `foo` returns an array, `foo << 1` is a regular push, nothing to do with assignments, so no self required.
* adds missing comma in assert callXavier Noria2016-08-071-2/+2
|
* Assign config on base instead of on `@controller`.Kasper Timm Hansen2016-08-071-1/+1
| | | | | | | | | | | | | | In some test runs `ActionController::Base.enable_fragment_cache_logging` would be false, based on the test order. Turns out it was off because we assigned the config to the `@controller` variable, and not on `ActionController::Base`. The test failure was reproducible with, and now passes after this: ``` bin/test test/controller/log_subscriber_test.rb --seed 19918 ```
* Merge pull request #25825 from st0012/partial-cacheKasper Timm Hansen2016-08-072-0/+17
|\ | | | | Better logging of cached partial renders
| * Modify LogSubscriber for single partial's cache message.Stan Lo2016-08-082-0/+17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Implement naive partial caching mechanism. Add test for LogSubscriber Use ActionView::Base#log_payload to store log_subscriber's payload, so we can pass cache result into it. Fixed tests Remove useless settings Check if #log_payload exists before calling it. Because other classes also includes CacheHelper but don't have is attribute Use @log_payload_for_partial_reder instead of #log_payload to carry ActionView's payload. Update test's hash syntax Add configuration to enable/disable fragment caching logging Remove unless test and add new test to ensure cache info won't effect next rendering's log Move :enable_fragment_cache_logging config from ActionView to ActionPack Apply new config to tests Update actionview's changelog Update configuration guide Improve actionview's changelog Refactor PartialRenderer#render and log tests Mute subscriber's log instead of disabling instrumentation. Fix typo, remove useless comment and use new hash syntax Improve actionpack's log_subscriber test Fix rebase mistake Apply new config to all caching intstrument actions
* | Fix Accept header overridden when "xhr: true" in integration testDavid Chen2016-08-071-0/+13
|/ | | | | | | | | | | | | | | | | | | | | | | | In integration test when specify the "Accept" header with "xhr: true" option, the Accept header is overridden with a default xhr Accept header. The issue only affects HTTP header "Accept" but not CGI variable "HTTP_ACCEPT". For example: get '/page', headers: { 'Accept' => 'application/json' }, xhr: true # This is WRONG! And the response.content_type is also affected. # It should be "application/json" assert_equal "text/javascript, text/html, ...", request.accept assert_equal 'text/html', response.content_type The issue is in `ActionDispatch::Integration::RequestHelpers`. When setting "xhr: true" the helper sets a default HTTP_ACCEPT if blank. But the code doesn't consider supporting both HTTP header style and CGI variable style. For detail see this GitHub issue: https://github.com/rails/rails/issues/25859
* Add `Style/EmptyLines` in `.rubocop.yml` and remove extra empty linesRyuta Kamizono2016-08-076-7/+0
|
* applies remaining conventions across the projectXavier Noria2016-08-0623-39/+12
|
* normalizes indentation and whitespace across the projectXavier Noria2016-08-0616-168/+167
|
* remove redundant curlies from hash argumentsXavier Noria2016-08-0619-232/+188
|
* modernizes hash syntax in actionpackXavier Noria2016-08-0644-1303/+1303
|
* applies new string literal convention in actionpack/testXavier Noria2016-08-0684-2649/+2649
| | | | | The current code base is not uniform. After some discussion, we have chosen to go with double quotes by default.
* Fix GET JSON integration test request to use method overrideeileencodes2016-08-051-0/+16
| | | | | | | | | | | | | | | | | | When a `GET` request is sent `as: :json` in an integration test the test should use Rack's method override to change to a post request so the paramters are included in the postdata. Otherwise it will not encode the parameters correctly for the integration test. Because integration test sets up it's own middleware, `Rack::MethodOverride` needs to be included in the integration tests as well. `headers ||= {}` was moved so that headers are never nil. They should default to a hash. Fixes #26033 [Eileen M. Uchitelle & Aaron Patterson]
* Fix wrong assignment.Kasper Timm Hansen2016-08-021-4/+5
| | | | Screwed up both the left and right hand sides!
* Set `always_permitted_parameters`.Kasper Timm Hansen2016-08-021-0/+9
| | | | | | | The tests were written with the common false value seen in Rails apps, show that intent in the code. Should also fix the build on 5-0-stable.
* Let Psych 2.0.9+ deserialize 2.0.8 serialized parameters.Kasper Timm Hansen2016-08-021-2/+15
| | | | | | | | | | | | | | | | | | | | | | | | | | | If we were to serialize an `ActionController::Parameters` on Psych 2.0.8, we'd get: ```yaml --- !ruby/hash:ActionController::Parameters key: :value ``` Because 2.0.8 didn't store instance variables, while 2.0.9 did: https://github.com/tenderlove/psych/commit/8f84ad0fc711a82a1040def861cb121e8985fd4c That, coupled with 2.0.8 calling `new` instead of `allocate` meant parameters was deserialized just fine: https://github.com/tenderlove/psych/commit/af308f8307899cb9e1c0fffea4bce3110a1c3926 However, if users have 2.0.8 serialized parameters, then upgrade to Psych 2.0.9+ and Rails 5, it would start to blow up because `initialize` will never be called, and thus `@parameters` will never be assigned. Hello, `NoMethodErrors` on `NilClass`! :) To fix this we register another variant of the previous serialization format and take it into account in `init_with`. I've tested this in our app and previously raising code now deserializes like a champ. I'm unsure how to test this in our suite because we use Psych 2.0.8 and don't know how to make us use 2.0.9+ for just one test.
* Make Parameters support legacy YAML encodings.Kasper Timm Hansen2016-08-011-0/+32
| | | | | | | | | | | | | | | | | | | | | By changing ActionController::Parameter's superclass, Rails 5 also changed the YAML serialization format. Since YAML doesn't know how to handle parameters it would fallback to its routine for the superclass, which in Rails 4.2 was Hash while just Object in Rails 5. As evident in the tags YAML would spit out: 4.2: !ruby/hash-with-ivars:ActionController::Parameters 5.0: !ruby/object:ActionController::Parameters Thus when loading parameters YAML from 4.2 in Rails 5, it would parse a hash dump as it would an Object class. To fix this we have to provide our own `init_with` to be aware of the past format as well as the new one. Then we add a `load_tags` mapping, such that when the YAML parser sees `!ruby/hash-with-ivars:ActionController::Parameters`, it knows to call our `init_with` function and not try to instantiate it as a normal hash subclass.
* Test that ActionDispatch::IntegrationTest does not leak parametersNick Sieger2016-07-281-0/+14
|
* Reset rack.input when the environment is scrubbed for the next requestNick Sieger2016-07-271-0/+8
| | | | | | | | | | | | | | | | | Before this change, posted parameters would leak across requests. The included test case failed like so: 1) Failure: TestCaseTest#test_multiple_mixed_method_process_should_scrub_rack_input: --- expected +++ actual @@ -1 +1 @@ -{"bar"=>"an bar", "controller"=>"test_case_test/test", "action"=>"test_params"} +{"foo"=>"an foo", "bar"=>"an bar", "controller"=>"test_case_test/test", "action"=>"test_params"} An argument could be made that this situation isn't encountered often and that one should limit the number of requests per test case, but I still think the parameter leaking is an unexpected side-effect.
* There are some cases where @@app is not definedSantiago Pastorino2016-07-261-19/+0
|
* Be more explicit with the expected resultSantiago Pastorino2016-07-261-1/+1
|
* Return ActionDispatch.test_app when no app is set on IntegrationTest.app methodSantiago Pastorino2016-07-261-0/+19
| | | | Fixes #25926
* Bring back support for callable cache_key on collection renderingIgnatius Reza2016-07-211-1/+11
|
* Make sure the tests setup are made correctlyRafael Mendonça França2016-07-171-9/+9
|
* Fix adding implicitly rendered namespaced template digests to ETagsJavan Makhmali2016-07-131-10/+44
|
* Remove duplicate test and fix a typo in the testPrathamesh Sonpatki2016-07-122-6/+1
| | | | | - Tests for dup'ing params was separately added in a separate file in https://github.com/rails/rails/pull/25735.
* Trust `Object#dup` in `ActionController::Parameters`, using ↵Tim Rogers2016-07-081-1/+19
| | | | | | `#initialize_copy` to manually duplicate the underlying parameters hash It looks like `ActionController::Parameters#dup` is leftover from when the class inherited from `Hash`. We can just trust `#dup`, which already copies the `@permitted` instance variable (confirmed by tests). We still define a `#initialize_copy` to make `@parameters` a copy that can be mutated without affecting the original instance.
* Changes to a dupped `ActionController::Parameters` mutate the originalTim Rogers2016-07-071-0/+25
| | | | | | | | | | | | | | When `ActionController::Parameters` is duplicated with `#dup`, it doesn't create a duplicate of the instance variables (e.g. `@parameters`) but rather maintains the reference (see <http://ruby-doc.org/core-2.3.1/Object.html>). Given that the parameters object is often manipulated as if it were a hash (e.g. with `#delete` and similar methods), this leads to unexpected behaviour, like the following: ``` params = ActionController::Parameters.new(foo: "bar") duplicated_params = params.dup duplicated_params.delete(:foo) params == duplicated_params ``` This fixes the bug by defining a private `#initialize_copy` method, used internally by `#dup`, which makes a copy of `@parameters`.
* Merge pull request #24177 from vipulnsward/rename-testRafael França2016-07-011-1/+1
|\ | | | | Renamed NestedParametersTest to NestedParametersPermitTest
| * - Renamed NestedParametersTest to NestedParametersPermitTest, to indicate ↵Vipul A M2016-03-131-1/+1
| | | | | | | | what we are actually testing in this file
* | Fix adding implicitly rendered template digests to ETagsJavan Makhmali2016-06-281-10/+35
| | | | | | | | Signed-off-by: Jeremy Daer <jeremydaer@gmail.com>
* | Merge pull request #25435 from y-yagi/make_as_option_work_with_get_parametersKasper Timm Hansen2016-06-251-0/+14
|\ \ | | | | | | make `as` option work with get parameters
| * | make `as` option work with get parametersyuuji.yaginuma2016-06-251-0/+14
| | | | | | | | | | | | | | | | | | | | | | | | Currently, if path is a relative path, add format without the discrimination of the query. Therefore, if there is a query, format at end of the query would been added, format was not be specified correctly. This fix add format to end of path rather than query.
* | | `params.permitted?` is false by defaultJon Moss2016-06-231-0/+6
|/ / | | | | | | | | In the docs: "+permit_all_parameters+ - If it's +true+, all the parameters will be permitted by default. The default is +false+."
* | render_to_string Regression Outside of Real Requests in Rails 5.0.0.rc1 (#25308)Brandon Medenwald2016-06-091-0/+7
| | | | | | | | | | | | * Restore the functionality of PR#14129, but do so with not nil to better indicate the purpose of the conditional * Add a test when render_to_string called on ActionController::Base.new()
* | Add regression test to `as` option.Kasper Timm Hansen2016-06-071-0/+16
| | | | | | | | | | Was worried the `as` might impede on users doing the long form JSON response encoding; test for certainty.
* | Use `#performed?` to terminate controller callbacksJeff Kreeftmeijer2016-06-031-0/+15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Since 69009f, `ActionController::Metal::DataStreaming#send_file` doesn't set `@_response_body` anymore. `AbstractController::Callbacks` used `@_response_body` in its callback terminator, so it failed to halt the callback cycle when using `#send_file` from a `before_action`. Instead, it now uses `#performed?` on `AbstractController::Base` and `ActionController::Metal`, which checks `response.committed?`, besides checking if `@_response_body` is set, if possible. Example application: https://gist.github.com/jeffkreeftmeijer/78ae4572f36b198e729724b0cf79ef8e
* | Clean up the test request/response even after an exceptionMatthew Draper2016-06-011-0/+24
| |
* | More Action Pack `abstract_unit` cleanup (#25211)Jon Moss2016-05-312-1/+21
| | | | | | | | | | - Remove dead classes / dead code - Move class definitions to where they are used, don't define in a shared space
* | Move `Workshop` class definitionJon Moss2016-05-301-0/+18
| | | | | | | | | | We should define it only where we need it, not in the global abstract unit :grimacing:
* | Respect `log_warning_on_csrf_failure` setting for all CSRF failuresMatthew Caruana Galizia2016-05-231-0/+31
| | | | | | | | | | | | | | | | | | | | | | | | CSRF verification for non-XHR GET requests (cross-origin `<script>` tags) didn't check this flag before logging failures. Setting `config.action_controller.log_warning_on_csrf_failure = false` now disables logging for these CSRF failures as well. Closes #25086. Signed-off-by: Jeremy Daer <jeremydaer@gmail.com>
* | Support for unified Integer class in Ruby 2.4+Jeremy Daer2016-05-182-3/+3
| | | | | | | | | | | | | | | | Ruby 2.4 unifies Fixnum and Bignum into Integer: https://bugs.ruby-lang.org/issues/12005 * Forward compat with new unified Integer class in Ruby 2.4+. * Backward compat with separate Fixnum/Bignum in Ruby 2.2 & 2.3. * Drops needless Fixnum distinction in docs, preferring Integer.
* | Action Mailer: Declarative exception handling with `rescue_from`.Jeremy Daer2016-05-151-30/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Follows the same pattern as controllers and jobs. Exceptions raised in delivery jobs (enqueued by `#deliver_later`) are also delegated to the mailer's rescue_from handlers, so you can handle the DeserializationError raised by delivery jobs: ```ruby class MyMailer < ApplicationMailer rescue_from ActiveJob::DeserializationError do … end ``` ActiveSupport::Rescuable polish: * Add the `rescue_with_handler` class method so exceptions may be handled at the class level without requiring an instance. * Rationalize `exception.cause` handling. If no handler matches the exception, fall back to the handler that matches its cause. * Handle exceptions raised elsewhere. Pass `object: …` to execute the `rescue_from` handler (e.g. a method call or a block to instance_exec) against a different object. Defaults to `self`.
* | Make flash messages cookie compatible with Rails 4Rafael Mendonça França2016-05-061-2/+2
| | | | | | | | | | | | | | | | In #18721 we removed the discard key from the session hash used to flash messages and that broke compatibility with Rails 4 applications because they try to map in the discarded flash messages and it returns nil. Fixes #24726.
* | Merge pull request #24029 from ↵Sean Griffin2016-05-061-1/+2
|\ \ | | | | | | | | | | | | | | | | | | rthbound/dont-call-each-when-calling-body-on-response Dont call each when calling body on response to fix #23964 Fixes #23964
| * | Fixes #23964Ryan T. Hosford2016-03-131-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Adds #each_chunk to ActionDispatch::Response. it's a method which will be called by ActionDispatch::Response#each. - Make Response#each a proper method instead of delegating to @stream - In Live, instead of overriding #each, override #each_chunk. - `#each` should just spit out @str_body if it's already set - Adds #test_set_header_after_read_body_during_action to prove this fixes #23964 - Adds #test_each_isnt_called_if_str_body_is_written to ensure #each_chunk is not called when @str_body is available - Call `@response.sent!` in AC::TestCase's #perform so a test response acts a bit more like a real response. Makes test that call `#assert_stream_closed` pass again. - Additionally assert `#committed?` in `#assert_stream_closed` - Make test that was calling @response.stream.each pass again by calling @response.each instead.
* | | Implement helpers proxy in controller instance levelRafael Mendonça França2016-05-051-0/+16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It is a common pattern in the Rails community that when people want to :xa use any kind of helper that is defined inside app/helpers they includes the helper module inside the controller like: module UserHelper def my_user_helper # ... end end class UsersController < ApplicationController include UserHelper def index render inline: my_user_helper end end This has problem because the helper can't access anything that is defined in the view level context class. Also all public methods of the helper become available in the controller what can lead to undesirable methods being routed and behaving as actions. Also if you helper depends on other helpers or even Action View helpers you need to include each one of these dependencies in your controller otherwise your helper is not going to work. We already have a helpers proxy at controller class level but that proxy doesn't have access to the instance variables defined in the controller. With this new instance level helper proxy users can reuse helpers in the controller without having to include the modules and with access to instance variables defined in the controller. class UsersController < ApplicationController def index render inline: helpers.my_user_helper end end
* | | Add more info to insecure URL generation errorDerek Prior2016-04-261-2/+1
| | | | | | | | | | | | | | | | | | | | | | | | I always appreciate having a bit more information as to why something is now an error. We can use this error to tell people why what they were previously doing is insecure and give them hints on how to fix it. Signed-off-by: Kasper Timm Hansen <kaspth@gmail.com>
* | | Merge pull request #24641 from rafaelfranca/fix-per-form-token-with-full-urlJeremy Daer2016-04-251-0/+13
|\ \ \ | | | | | | | | | | | | Discart the schema and host information when building the per-form token
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-09 07:53:33 +0000