From fc5c1b0e901a735a68dd822608eec2f99b6c7b74 Mon Sep 17 00:00:00 2001 From: Joshua Peek Date: Sun, 19 Apr 2009 17:51:23 -0500 Subject: Session tests belong under dispatch folder --- .../test/controller/session/cookie_store_test.rb | 250 --------------------- .../controller/session/mem_cache_store_test.rb | 127 ----------- .../test/controller/session/test_session_test.rb | 58 ----- 3 files changed, 435 deletions(-) delete mode 100644 actionpack/test/controller/session/cookie_store_test.rb delete mode 100644 actionpack/test/controller/session/mem_cache_store_test.rb delete mode 100644 actionpack/test/controller/session/test_session_test.rb (limited to 'actionpack/test/controller') diff --git a/actionpack/test/controller/session/cookie_store_test.rb b/actionpack/test/controller/session/cookie_store_test.rb deleted file mode 100644 index b9bf8cf411..0000000000 --- a/actionpack/test/controller/session/cookie_store_test.rb +++ /dev/null @@ -1,250 +0,0 @@ -require 'abstract_unit' -require 'stringio' - -class CookieStoreTest < ActionController::IntegrationTest - SessionKey = '_myapp_session' - SessionSecret = 'b3c631c314c0bbca50c1b2843150fe33' - - DispatcherApp = ActionController::Dispatcher.new - CookieStoreApp = ActionDispatch::Session::CookieStore.new(DispatcherApp, - :key => SessionKey, :secret => SessionSecret) - - Verifier = ActiveSupport::MessageVerifier.new(SessionSecret, 'SHA1') - - SignedBar = "BAh7BjoIZm9vIghiYXI%3D--fef868465920f415f2c0652d6910d3af288a0367" - - class TestController < ActionController::Base - def no_session_access - head :ok - end - - def persistent_session_id - render :text => session[:session_id] - end - - def set_session_value - session[:foo] = "bar" - render :text => Rack::Utils.escape(Verifier.generate(session.to_hash)) - end - - def get_session_value - render :text => "foo: #{session[:foo].inspect}" - end - - def get_session_id - render :text => "foo: #{session[:foo].inspect}; id: #{request.session_options[:id]}" - end - - def call_reset_session - reset_session - head :ok - end - - def raise_data_overflow - session[:foo] = 'bye!' * 1024 - head :ok - end - - def rescue_action(e) raise end - end - - def setup - @integration_session = open_session(CookieStoreApp) - end - - def test_raises_argument_error_if_missing_session_key - assert_raise(ArgumentError, nil.inspect) { - ActionDispatch::Session::CookieStore.new(nil, - :key => nil, :secret => SessionSecret) - } - - assert_raise(ArgumentError, ''.inspect) { - ActionDispatch::Session::CookieStore.new(nil, - :key => '', :secret => SessionSecret) - } - end - - def test_raises_argument_error_if_missing_secret - assert_raise(ArgumentError, nil.inspect) { - ActionDispatch::Session::CookieStore.new(nil, - :key => SessionKey, :secret => nil) - } - - assert_raise(ArgumentError, ''.inspect) { - ActionDispatch::Session::CookieStore.new(nil, - :key => SessionKey, :secret => '') - } - end - - def test_raises_argument_error_if_secret_is_probably_insecure - assert_raise(ArgumentError, "password".inspect) { - ActionDispatch::Session::CookieStore.new(nil, - :key => SessionKey, :secret => "password") - } - - assert_raise(ArgumentError, "secret".inspect) { - ActionDispatch::Session::CookieStore.new(nil, - :key => SessionKey, :secret => "secret") - } - - assert_raise(ArgumentError, "12345678901234567890123456789".inspect) { - ActionDispatch::Session::CookieStore.new(nil, - :key => SessionKey, :secret => "12345678901234567890123456789") - } - end - - def test_setting_session_value - with_test_route_set do - get '/set_session_value' - assert_response :success - assert_equal "_myapp_session=#{response.body}; path=/; HttpOnly", - headers['Set-Cookie'] - end - end - - def test_getting_session_value - with_test_route_set do - cookies[SessionKey] = SignedBar - get '/get_session_value' - assert_response :success - assert_equal 'foo: "bar"', response.body - end - end - - def test_getting_session_id - with_test_route_set do - cookies[SessionKey] = SignedBar - get '/persistent_session_id' - assert_response :success - assert_equal response.body.size, 32 - session_id = response.body - - get '/get_session_id' - assert_response :success - assert_equal "foo: \"bar\"; id: #{session_id}", response.body - end - end - - def test_disregards_tampered_sessions - with_test_route_set do - cookies[SessionKey] = "BAh7BjoIZm9vIghiYXI%3D--123456780" - get '/get_session_value' - assert_response :success - assert_equal 'foo: nil', response.body - end - end - - def test_close_raises_when_data_overflows - with_test_route_set do - assert_raise(ActionDispatch::Session::CookieStore::CookieOverflow) { - get '/raise_data_overflow' - } - end - end - - def test_doesnt_write_session_cookie_if_session_is_not_accessed - with_test_route_set do - get '/no_session_access' - assert_response :success - assert_equal "", headers['Set-Cookie'] - end - end - - def test_doesnt_write_session_cookie_if_session_is_unchanged - with_test_route_set do - cookies[SessionKey] = "BAh7BjoIZm9vIghiYXI%3D--" + - "fef868465920f415f2c0652d6910d3af288a0367" - get '/no_session_access' - assert_response :success - assert_equal "", headers['Set-Cookie'] - end - end - - def test_setting_session_value_after_session_reset - with_test_route_set do - get '/set_session_value' - assert_response :success - session_payload = response.body - assert_equal "_myapp_session=#{response.body}; path=/; HttpOnly", - headers['Set-Cookie'] - - get '/call_reset_session' - assert_response :success - assert_not_equal [], headers['Set-Cookie'] - assert_not_equal session_payload, cookies[SessionKey] - - get '/get_session_value' - assert_response :success - assert_equal 'foo: nil', response.body - end - end - - def test_persistent_session_id - with_test_route_set do - cookies[SessionKey] = SignedBar - get '/persistent_session_id' - assert_response :success - assert_equal response.body.size, 32 - session_id = response.body - get '/persistent_session_id' - assert_equal session_id, response.body - reset! - get '/persistent_session_id' - assert_not_equal session_id, response.body - end - end - - def test_session_store_with_expire_after - app = ActionDispatch::Session::CookieStore.new(DispatcherApp, :key => SessionKey, :secret => SessionSecret, :expire_after => 5.hours) - @integration_session = open_session(app) - - with_test_route_set do - # First request accesses the session - time = Time.local(2008, 4, 24) - Time.stubs(:now).returns(time) - expected_expiry = (time + 5.hours).gmtime.strftime("%a, %d-%b-%Y %H:%M:%S GMT") - - cookies[SessionKey] = SignedBar - - get '/set_session_value' - assert_response :success - - cookie_body = response.body - assert_equal "_myapp_session=#{cookie_body}; path=/; expires=#{expected_expiry}; HttpOnly", - headers['Set-Cookie'] - - # Second request does not access the session - time = Time.local(2008, 4, 25) - Time.stubs(:now).returns(time) - expected_expiry = (time + 5.hours).gmtime.strftime("%a, %d-%b-%Y %H:%M:%S GMT") - - get '/no_session_access' - assert_response :success - - # Mystery bug that came up in 2.3 as well. What is this trying to test?! - # assert_equal "_myapp_session=#{cookie_body}; path=/; expires=#{expected_expiry}; HttpOnly", - # headers['Set-Cookie'] - end - end - - private - def with_test_route_set - with_routing do |set| - set.draw do |map| - map.with_options :controller => "cookie_store_test/test" do |c| - c.connect "/:action" - end - end - yield - end - end - - def unmarshal_session(cookie_string) - session = Rack::Utils.parse_query(cookie_string, ';,').inject({}) {|h,(k,v)| - h[k] = Array === v ? v.first : v - h - }[SessionKey] - verifier = ActiveSupport::MessageVerifier.new(SessionSecret, 'SHA1') - verifier.verify(session) - end -end diff --git a/actionpack/test/controller/session/mem_cache_store_test.rb b/actionpack/test/controller/session/mem_cache_store_test.rb deleted file mode 100644 index 7561c93e4a..0000000000 --- a/actionpack/test/controller/session/mem_cache_store_test.rb +++ /dev/null @@ -1,127 +0,0 @@ -require 'abstract_unit' - -# You need to start a memcached server inorder to run these tests -class MemCacheStoreTest < ActionController::IntegrationTest - class TestController < ActionController::Base - def no_session_access - head :ok - end - - def set_session_value - session[:foo] = "bar" - head :ok - end - - def get_session_value - render :text => "foo: #{session[:foo].inspect}" - end - - def get_session_id - session[:foo] - render :text => "#{request.session_options[:id]}" - end - - def call_reset_session - session[:bar] - reset_session - session[:bar] = "baz" - head :ok - end - - def rescue_action(e) raise end - end - - begin - DispatcherApp = ActionController::Dispatcher.new - MemCacheStoreApp = ActionDispatch::Session::MemCacheStore.new( - DispatcherApp, :key => '_session_id') - - - def setup - @integration_session = open_session(MemCacheStoreApp) - end - - def test_setting_and_getting_session_value - with_test_route_set do - get '/set_session_value' - assert_response :success - assert cookies['_session_id'] - - get '/get_session_value' - assert_response :success - assert_equal 'foo: "bar"', response.body - end - end - - def test_getting_nil_session_value - with_test_route_set do - get '/get_session_value' - assert_response :success - assert_equal 'foo: nil', response.body - end - end - - def test_setting_session_value_after_session_reset - with_test_route_set do - get '/set_session_value' - assert_response :success - assert cookies['_session_id'] - session_id = cookies['_session_id'] - - get '/call_reset_session' - assert_response :success - assert_not_equal [], headers['Set-Cookie'] - - get '/get_session_value' - assert_response :success - assert_equal 'foo: nil', response.body - - get '/get_session_id' - assert_response :success - assert_not_equal session_id, response.body - end - end - - def test_getting_session_id - with_test_route_set do - get '/set_session_value' - assert_response :success - assert cookies['_session_id'] - session_id = cookies['_session_id'] - - get '/get_session_id' - assert_response :success - assert_equal session_id, response.body - end - end - - def test_prevents_session_fixation - with_test_route_set do - get '/get_session_value' - assert_response :success - assert_equal 'foo: nil', response.body - session_id = cookies['_session_id'] - - reset! - - get '/set_session_value', :_session_id => session_id - assert_response :success - assert_equal nil, cookies['_session_id'] - end - end - rescue LoadError, RuntimeError - $stderr.puts "Skipping MemCacheStoreTest tests. Start memcached and try again." - end - - private - def with_test_route_set - with_routing do |set| - set.draw do |map| - map.with_options :controller => "mem_cache_store_test/test" do |c| - c.connect "/:action" - end - end - yield - end - end -end diff --git a/actionpack/test/controller/session/test_session_test.rb b/actionpack/test/controller/session/test_session_test.rb deleted file mode 100644 index de6539e1cc..0000000000 --- a/actionpack/test/controller/session/test_session_test.rb +++ /dev/null @@ -1,58 +0,0 @@ -require 'abstract_unit' -require 'stringio' - -class ActionController::TestSessionTest < ActiveSupport::TestCase - - def test_calling_delete_without_parameters_raises_deprecation_warning_and_calls_to_clear_test_session - assert_deprecated(/use clear instead/){ ActionController::TestSession.new.delete } - end - - def test_calling_update_without_parameters_raises_deprecation_warning_and_calls_to_clear_test_session - assert_deprecated(/use replace instead/){ ActionController::TestSession.new.update } - end - - def test_calling_close_raises_deprecation_warning - assert_deprecated(/sessions should no longer be closed/){ ActionController::TestSession.new.close } - end - - def test_defaults - session = ActionController::TestSession.new - assert_equal({}, session.data) - assert_equal('', session.session_id) - end - - def test_ctor_allows_setting - session = ActionController::TestSession.new({:one => 'one', :two => 'two'}) - assert_equal('one', session[:one]) - assert_equal('two', session[:two]) - end - - def test_setting_session_item_sets_item - session = ActionController::TestSession.new - session[:key] = 'value' - assert_equal('value', session[:key]) - end - - def test_calling_delete_removes_item - session = ActionController::TestSession.new - session[:key] = 'value' - assert_equal('value', session[:key]) - session.delete(:key) - assert_nil(session[:key]) - end - - def test_calling_update_with_params_passes_to_attributes - session = ActionController::TestSession.new() - session.update('key' => 'value') - assert_equal('value', session[:key]) - end - - def test_clear_emptys_session - params = {:one => 'one', :two => 'two'} - session = ActionController::TestSession.new({:one => 'one', :two => 'two'}) - session.clear - assert_nil(session[:one]) - assert_nil(session[:two]) - end - -end \ No newline at end of file -- cgit v1.2.3