From 1e1bee3ab985e47fae49d9fd5d2ca946f5d9c533 Mon Sep 17 00:00:00 2001
From: Guillermo Iguaran <guilleiguaran@gmail.com>
Date: Wed, 29 Aug 2012 10:08:58 -0500
Subject: Change tainted/untainted wording to permitted/forbidden

---
 .../parameters/parameters_permit_test.rb           | 59 ++++++++++++++++++++++
 .../controller/parameters/parameters_taint_test.rb | 59 ----------------------
 .../test/controller/permitted_params_test.rb       | 25 +++++++++
 actionpack/test/controller/tainted_params_test.rb  | 25 ---------
 4 files changed, 84 insertions(+), 84 deletions(-)
 create mode 100644 actionpack/test/controller/parameters/parameters_permit_test.rb
 delete mode 100644 actionpack/test/controller/parameters/parameters_taint_test.rb
 create mode 100644 actionpack/test/controller/permitted_params_test.rb
 delete mode 100644 actionpack/test/controller/tainted_params_test.rb

(limited to 'actionpack/test/controller')

diff --git a/actionpack/test/controller/parameters/parameters_permit_test.rb b/actionpack/test/controller/parameters/parameters_permit_test.rb
new file mode 100644
index 0000000000..f143e22d2e
--- /dev/null
+++ b/actionpack/test/controller/parameters/parameters_permit_test.rb
@@ -0,0 +1,59 @@
+require 'abstract_unit'
+require 'action_controller/metal/strong_parameters'
+
+class ParametersPermitTest < ActiveSupport::TestCase
+  setup do
+    @params = ActionController::Parameters.new({ person: { 
+      age: "32", name: { first: "David", last: "Heinemeier Hansson" }
+    }})
+  end
+
+  test "fetch raises ParameterMissing exception" do
+    e = assert_raises(ActionController::ParameterMissing) do
+      @params.fetch :foo
+    end
+    assert_equal :foo, e.param
+  end
+
+  test "fetch doesnt raise ParameterMissing exception if there is a default" do
+    assert_equal "monkey", @params.fetch(:foo, "monkey")
+    assert_equal "monkey", @params.fetch(:foo) { "monkey" }
+  end
+
+  test "permitted is sticky on accessors" do
+    assert !@params.slice(:person).permitted?
+    assert !@params[:person][:name].permitted?
+
+    @params.each { |key, value| assert(value.permitted?) if key == :person }
+
+    assert !@params.fetch(:person).permitted?
+
+    assert !@params.values_at(:person).first.permitted?
+  end
+
+  test "permitted is sticky on mutators" do
+    assert !@params.delete_if { |k| k == :person }.permitted?
+    assert !@params.keep_if { |k,v| k == :person }.permitted?
+  end
+
+  test "permitted is sticky beyond merges" do
+    assert !@params.merge(a: "b").permitted?
+  end
+
+  test "modifying the parameters" do
+    @params[:person][:hometown] = "Chicago"
+    @params[:person][:family] = { brother: "Jonas" }
+
+    assert_equal "Chicago", @params[:person][:hometown]
+    assert_equal "Jonas", @params[:person][:family][:brother]
+  end
+
+  test "permitting parameters that are not there should not include the keys" do
+    assert !@params.permit(:person, :funky).has_key?(:funky)
+  end
+
+  test "permit state is kept on a dup" do
+    @params.permit!
+    assert_equal @params.permitted?, @params.dup.permitted?
+  end
+end
diff --git a/actionpack/test/controller/parameters/parameters_taint_test.rb b/actionpack/test/controller/parameters/parameters_taint_test.rb
deleted file mode 100644
index 9e8444c897..0000000000
--- a/actionpack/test/controller/parameters/parameters_taint_test.rb
+++ /dev/null
@@ -1,59 +0,0 @@
-require 'abstract_unit'
-require 'action_controller/metal/strong_parameters'
-
-class ParametersTaintTest < ActiveSupport::TestCase
-  setup do
-    @params = ActionController::Parameters.new({ person: { 
-      age: "32", name: { first: "David", last: "Heinemeier Hansson" }
-    }})
-  end
-
-  test "fetch raises ParameterMissing exception" do
-    e = assert_raises(ActionController::ParameterMissing) do
-      @params.fetch :foo
-    end
-    assert_equal :foo, e.param
-  end
-
-  test "fetch doesnt raise ParameterMissing exception if there is a default" do
-    assert_equal "monkey", @params.fetch(:foo, "monkey")
-    assert_equal "monkey", @params.fetch(:foo) { "monkey" }
-  end
-
-  test "permitted is sticky on accessors" do
-    assert !@params.slice(:person).permitted?
-    assert !@params[:person][:name].permitted?
-
-    @params.each { |key, value| assert(value.permitted?) if key == :person }
-
-    assert !@params.fetch(:person).permitted?
-
-    assert !@params.values_at(:person).first.permitted?
-  end
-
-  test "permitted is sticky on mutators" do
-    assert !@params.delete_if { |k| k == :person }.permitted?
-    assert !@params.keep_if { |k,v| k == :person }.permitted?
-  end
-
-  test "permitted is sticky beyond merges" do
-    assert !@params.merge(a: "b").permitted?
-  end
-
-  test "modifying the parameters" do
-    @params[:person][:hometown] = "Chicago"
-    @params[:person][:family] = { brother: "Jonas" }
-
-    assert_equal "Chicago", @params[:person][:hometown]
-    assert_equal "Jonas", @params[:person][:family][:brother]
-  end
-
-  test "permitting parameters that are not there should not include the keys" do
-    assert !@params.permit(:person, :funky).has_key?(:funky)
-  end
-
-  test "permit state is kept on a dup" do
-    @params.permit!
-    assert_equal @params.permitted?, @params.dup.permitted?
-  end
-end
diff --git a/actionpack/test/controller/permitted_params_test.rb b/actionpack/test/controller/permitted_params_test.rb
new file mode 100644
index 0000000000..f46249d712
--- /dev/null
+++ b/actionpack/test/controller/permitted_params_test.rb
@@ -0,0 +1,25 @@
+require 'abstract_unit'
+
+class PeopleController < ActionController::Base
+  def create
+    render text: params[:person].permitted? ? "permitted" : "forbidden"
+  end
+
+  def create_with_permit
+    render text: params[:person].permit(:name).permitted? ? "permitted" : "forbidden"
+  end
+end
+
+class ActionControllerPermittedParamsTest < ActionController::TestCase
+  tests PeopleController
+
+  test "parameters are forbidden" do
+    post :create, { person: { name: "Mjallo!" } }
+    assert_equal "forbidden", response.body
+  end
+
+  test "parameters can be permitted and are then not forbidden" do
+    post :create_with_permit, { person: { name: "Mjallo!" } }
+    assert_equal "permitted", response.body
+  end
+end
diff --git a/actionpack/test/controller/tainted_params_test.rb b/actionpack/test/controller/tainted_params_test.rb
deleted file mode 100644
index 881b9d40fa..0000000000
--- a/actionpack/test/controller/tainted_params_test.rb
+++ /dev/null
@@ -1,25 +0,0 @@
-require 'abstract_unit'
-
-class PeopleController < ActionController::Base
-  def create
-    render text: params[:person].permitted? ? "untainted" : "tainted"
-  end
-
-  def create_with_permit
-    render text: params[:person].permit(:name).permitted? ? "untainted" : "tainted"
-  end
-end
-
-class ActionControllerTaintedParamsTest < ActionController::TestCase
-  tests PeopleController
-
-  test "parameters are tainted" do
-    post :create, { person: { name: "Mjallo!" } }
-    assert_equal "tainted", response.body
-  end
-
-  test "parameters can be permitted and are then not tainted" do
-    post :create_with_permit, { person: { name: "Mjallo!" } }
-    assert_equal "untainted", response.body
-  end
-end
-- 
cgit v1.2.3