From 40e9ba1e4627f1939153e7a061aaf060c87ec902 Mon Sep 17 00:00:00 2001 From: Joshua Peek Date: Thu, 4 Dec 2008 01:24:24 -0600 Subject: Refactor SessionFixationTest and WebServiceTest with IntegrationTest so they are compatible with the Rack interface. --- .../test/controller/session_fixation_test.rb | 93 +++--- actionpack/test/controller/webservice_test.rb | 322 ++++++++++++--------- 2 files changed, 222 insertions(+), 193 deletions(-) (limited to 'actionpack/test') diff --git a/actionpack/test/controller/session_fixation_test.rb b/actionpack/test/controller/session_fixation_test.rb index 164438c513..e8dc8bd295 100644 --- a/actionpack/test/controller/session_fixation_test.rb +++ b/actionpack/test/controller/session_fixation_test.rb @@ -1,20 +1,13 @@ require 'abstract_unit' - -class SessionFixationTest < Test::Unit::TestCase - class MockCGI < CGI #:nodoc: - attr_accessor :stdoutput, :env_table - - def initialize(env, data = '') - self.env_table = env - self.stdoutput = StringIO.new - super(nil, StringIO.new(data)) - end - end - +class SessionFixationTest < ActionController::IntegrationTest class TestController < ActionController::Base - session :session_key => '_myapp_session_id', :secret => CGI::Session.generate_unique_id, :except => :default_session_key - session :cookie_only => false, :only => :allow_session_fixation + session :session_key => '_myapp_session_id', + :secret => CGI::Session.generate_unique_id, + :except => :default_session_key + + session :cookie_only => false, + :only => :allow_session_fixation def default_session_key render :text => "default_session_key" @@ -36,54 +29,56 @@ class SessionFixationTest < Test::Unit::TestCase end def test_should_be_able_to_make_a_successful_request - cgi = mock_cgi_for_request_to(:custom_session_key, :id => 1) - - assert_nothing_raised do - @controller.send(:process, ActionController::CgiRequest.new(cgi, {}), ActionController::CgiResponse.new(cgi)) + with_test_route_set do + assert_nothing_raised do + get '/custom_session_key', :id => "1" + end + assert_equal 'custom_session_key: 1', @controller.response.body + assert_not_nil @controller.session end - assert_equal 'custom_session_key: 1', @controller.response.body - assert_not_nil @controller.session end def test_should_catch_session_fixation_attempt - cgi = mock_cgi_for_request_to(:custom_session_key, :_myapp_session_id => 42) - - assert_raises ActionController::CgiRequest::SessionFixationAttempt do - @controller.send(:process, ActionController::CgiRequest.new(cgi, {}), ActionController::CgiResponse.new(cgi)) + with_test_route_set do + assert_raises(ActionController::RackRequest::SessionFixationAttempt) do + get '/custom_session_key', :_myapp_session_id => "42" + end + assert_nil @controller.session end - assert_nil @controller.session end def test_should_not_catch_session_fixation_attempt_when_cookie_only_setting_is_disabled - cgi = mock_cgi_for_request_to(:allow_session_fixation, :_myapp_session_id => 42) - - assert_nothing_raised do - @controller.send(:process, ActionController::CgiRequest.new(cgi, {}), ActionController::CgiResponse.new(cgi)) + with_test_route_set do + assert_nothing_raised do + get '/allow_session_fixation', :_myapp_session_id => "42" + end + assert !@controller.response.body.blank? + assert_not_nil @controller.session end - assert ! @controller.response.body.blank? - assert_not_nil @controller.session end def test_should_catch_session_fixation_attempt_with_default_session_key - ActionController::Base.session_store = :p_store # using the default session_key is not possible with cookie store - cgi = mock_cgi_for_request_to(:default_session_key, :_session_id => 42) - - assert_raises ActionController::CgiRequest::SessionFixationAttempt do - @controller.send(:process, ActionController::CgiRequest.new(cgi, {}), ActionController::CgiResponse.new(cgi)) + # using the default session_key is not possible with cookie store + ActionController::Base.session_store = :p_store + + with_test_route_set do + assert_raises ActionController::RackRequest::SessionFixationAttempt do + get '/default_session_key', :_session_id => "42" + end + assert_nil @controller.response + assert_nil @controller.session end - assert @controller.response.body.blank? - assert_nil @controller.session - end - -private - - def mock_cgi_for_request_to(action, params = {}) - MockCGI.new({ - "REQUEST_METHOD" => "GET", - "QUERY_STRING" => "action=#{action}&#{params.to_query}", - "REQUEST_URI" => "/", - "SERVER_PORT" => "80", - "HTTP_HOST" => "testdomain.com" }, '') end + private + def with_test_route_set + with_routing do |set| + set.draw do |map| + map.with_options :controller => "session_fixation_test/test" do |c| + c.connect "/:action" + end + end + yield + end + end end diff --git a/actionpack/test/controller/webservice_test.rb b/actionpack/test/controller/webservice_test.rb index 6d2b3e4f23..4c44ea4205 100644 --- a/actionpack/test/controller/webservice_test.rb +++ b/actionpack/test/controller/webservice_test.rb @@ -1,16 +1,6 @@ require 'abstract_unit' -class WebServiceTest < Test::Unit::TestCase - class MockCGI < CGI #:nodoc: - attr_accessor :stdoutput, :env_table - - def initialize(env, data = '') - self.env_table = env - self.stdoutput = StringIO.new - super(nil, StringIO.new(data)) - end - end - +class WebServiceTest < ActionController::IntegrationTest class TestController < ActionController::Base session :off @@ -22,7 +12,7 @@ class WebServiceTest < Test::Unit::TestCase end end - def dump_params_keys(hash=params) + def dump_params_keys(hash = params) hash.keys.sort.inject("") do |s, k| value = hash[k] value = Hash === value ? "(#{dump_params_keys(value)})" : "" @@ -33,7 +23,7 @@ class WebServiceTest < Test::Unit::TestCase def rescue_action(e) raise end end - + def setup @controller = TestController.new @default_param_parsers = ActionController::Base.param_parsers.dup @@ -44,185 +34,229 @@ class WebServiceTest < Test::Unit::TestCase end def test_check_parameters - process('GET') - assert_equal '', @controller.response.body + with_test_route_set do + get "/" + assert_equal '', @controller.response.body + end end def test_post_xml - process('POST', 'application/xml', 'content...') - - assert_equal 'entry', @controller.response.body - assert @controller.params.has_key?(:entry) - assert_equal 'content...', @controller.params["entry"]['summary'] - assert_equal 'true', @controller.params["entry"]['attributed'] + with_test_route_set do + post "/", 'content...', + {'CONTENT_TYPE' => 'application/xml'} + + assert_equal 'entry', @controller.response.body + assert @controller.params.has_key?(:entry) + assert_equal 'content...', @controller.params["entry"]['summary'] + assert_equal 'true', @controller.params["entry"]['attributed'] + end end def test_put_xml - process('PUT', 'application/xml', 'content...') + with_test_route_set do + put "/", 'content...', + {'CONTENT_TYPE' => 'application/xml'} - assert_equal 'entry', @controller.response.body - assert @controller.params.has_key?(:entry) - assert_equal 'content...', @controller.params["entry"]['summary'] - assert_equal 'true', @controller.params["entry"]['attributed'] + assert_equal 'entry', @controller.response.body + assert @controller.params.has_key?(:entry) + assert_equal 'content...', @controller.params["entry"]['summary'] + assert_equal 'true', @controller.params["entry"]['attributed'] + end end def test_put_xml_using_a_type_node - process('PUT', 'application/xml', 'content...') + with_test_route_set do + put "/", 'content...', + {'CONTENT_TYPE' => 'application/xml'} - assert_equal 'type', @controller.response.body - assert @controller.params.has_key?(:type) - assert_equal 'content...', @controller.params["type"]['summary'] - assert_equal 'true', @controller.params["type"]['attributed'] + assert_equal 'type', @controller.response.body + assert @controller.params.has_key?(:type) + assert_equal 'content...', @controller.params["type"]['summary'] + assert_equal 'true', @controller.params["type"]['attributed'] + end end def test_put_xml_using_a_type_node_and_attribute - process('PUT', 'application/xml', 'false') + with_test_route_set do + put "/", 'false', + {'CONTENT_TYPE' => 'application/xml'} - assert_equal 'type', @controller.response.body - assert @controller.params.has_key?(:type) - assert_equal false, @controller.params["type"]['summary'] - assert_equal 'true', @controller.params["type"]['attributed'] + assert_equal 'type', @controller.response.body + assert @controller.params.has_key?(:type) + assert_equal false, @controller.params["type"]['summary'] + assert_equal 'true', @controller.params["type"]['attributed'] + end end def test_post_xml_using_a_type_node - process('POST', 'application/xml', 'arial') + with_test_route_set do + post "/", 'arial', + {'CONTENT_TYPE' => 'application/xml'} - assert_equal 'font', @controller.response.body - assert @controller.params.has_key?(:font) - assert_equal 'arial', @controller.params['font']['type'] - assert_equal 'true', @controller.params["font"]['attributed'] + assert_equal 'font', @controller.response.body + assert @controller.params.has_key?(:font) + assert_equal 'arial', @controller.params['font']['type'] + assert_equal 'true', @controller.params["font"]['attributed'] + end end def test_post_xml_using_a_root_node_named_type - process('POST', 'application/xml', '33') + with_test_route_set do + post "/", '33', + {'CONTENT_TYPE' => 'application/xml'} - assert @controller.params.has_key?(:type) - assert_equal 33, @controller.params['type'] + assert @controller.params.has_key?(:type) + assert_equal 33, @controller.params['type'] + end end def test_post_xml_using_an_attributted_node_named_type - ActionController::Base.param_parsers[Mime::XML] = Proc.new { |data| Hash.from_xml(data)['request'].with_indifferent_access } - process('POST', 'application/xml', 'Arial,123') + with_test_route_set do + ActionController::Base.param_parsers[Mime::XML] = Proc.new { |data| Hash.from_xml(data)['request'].with_indifferent_access } + post "/", 'Arial,123', + {'CONTENT_TYPE' => 'application/xml'} - assert_equal 'type, z', @controller.response.body - assert @controller.params.has_key?(:type) - assert_equal 'Arial,12', @controller.params['type'], @controller.params.inspect - assert_equal '3', @controller.params['z'], @controller.params.inspect + assert_equal 'type, z', @controller.response.body + assert @controller.params.has_key?(:type) + assert_equal 'Arial,12', @controller.params['type'], @controller.params.inspect + assert_equal '3', @controller.params['z'], @controller.params.inspect + end end def test_register_and_use_yaml - ActionController::Base.param_parsers[Mime::YAML] = Proc.new { |d| YAML.load(d) } - process('POST', 'application/x-yaml', {"entry" => "loaded from yaml"}.to_yaml) - assert_equal 'entry', @controller.response.body - assert @controller.params.has_key?(:entry) - assert_equal 'loaded from yaml', @controller.params["entry"] + with_test_route_set do + ActionController::Base.param_parsers[Mime::YAML] = Proc.new { |d| YAML.load(d) } + post "/", {"entry" => "loaded from yaml"}.to_yaml, + {'CONTENT_TYPE' => 'application/x-yaml'} + + assert_equal 'entry', @controller.response.body + assert @controller.params.has_key?(:entry) + assert_equal 'loaded from yaml', @controller.params["entry"] + end end - + def test_register_and_use_yaml_as_symbol - ActionController::Base.param_parsers[Mime::YAML] = :yaml - process('POST', 'application/x-yaml', {"entry" => "loaded from yaml"}.to_yaml) - assert_equal 'entry', @controller.response.body - assert @controller.params.has_key?(:entry) - assert_equal 'loaded from yaml', @controller.params["entry"] + with_test_route_set do + ActionController::Base.param_parsers[Mime::YAML] = :yaml + post "/", {"entry" => "loaded from yaml"}.to_yaml, + {'CONTENT_TYPE' => 'application/x-yaml'} + + assert_equal 'entry', @controller.response.body + assert @controller.params.has_key?(:entry) + assert_equal 'loaded from yaml', @controller.params["entry"] + end end def test_register_and_use_xml_simple - ActionController::Base.param_parsers[Mime::XML] = Proc.new { |data| Hash.from_xml(data)['request'].with_indifferent_access } - process('POST', 'application/xml', 'content...SimpleXml' ) - assert_equal 'summary, title', @controller.response.body - assert @controller.params.has_key?(:summary) - assert @controller.params.has_key?(:title) - assert_equal 'content...', @controller.params["summary"] - assert_equal 'SimpleXml', @controller.params["title"] + with_test_route_set do + ActionController::Base.param_parsers[Mime::XML] = Proc.new { |data| Hash.from_xml(data)['request'].with_indifferent_access } + post "/", 'content...SimpleXml', + {'CONTENT_TYPE' => 'application/xml'} + + assert_equal 'summary, title', @controller.response.body + assert @controller.params.has_key?(:summary) + assert @controller.params.has_key?(:title) + assert_equal 'content...', @controller.params["summary"] + assert_equal 'SimpleXml', @controller.params["title"] + end end def test_use_xml_ximple_with_empty_request - ActionController::Base.param_parsers[Mime::XML] = :xml_simple - assert_nothing_raised { process('POST', 'application/xml', "") } - assert_equal "", @controller.response.body + with_test_route_set do + ActionController::Base.param_parsers[Mime::XML] = :xml_simple + assert_nothing_raised { post "/", "", {'CONTENT_TYPE' => 'application/xml'} } + assert_equal "", @controller.response.body + end end def test_dasherized_keys_as_xml - ActionController::Base.param_parsers[Mime::XML] = :xml_simple - process('POST', 'application/xml', "\n...\n", true) - assert_equal 'action, controller, first_key(sub_key), full', @controller.response.body - assert_equal "...", @controller.params[:first_key][:sub_key] + with_test_route_set do + ActionController::Base.param_parsers[Mime::XML] = :xml_simple + post "/?full=1", "\n...\n", + {'CONTENT_TYPE' => 'application/xml'} + assert_equal 'action, controller, first_key(sub_key), full', @controller.response.body + assert_equal "...", @controller.params[:first_key][:sub_key] + end end def test_typecast_as_xml - ActionController::Base.param_parsers[Mime::XML] = :xml_simple - process('POST', 'application/xml', <<-XML) - - 15 - false - true - 2005-03-17 - 2005-03-17T21:41:07Z - unparsed - 1 - hello - 1974-07-25 - - XML - params = @controller.params - assert_equal 15, params[:data][:a] - assert_equal false, params[:data][:b] - assert_equal true, params[:data][:c] - assert_equal Date.new(2005,3,17), params[:data][:d] - assert_equal Time.utc(2005,3,17,21,41,7), params[:data][:e] - assert_equal "unparsed", params[:data][:f] - assert_equal [1, "hello", Date.new(1974,7,25)], params[:data][:g] + with_test_route_set do + ActionController::Base.param_parsers[Mime::XML] = :xml_simple + xml = <<-XML + + 15 + false + true + 2005-03-17 + 2005-03-17T21:41:07Z + unparsed + 1 + hello + 1974-07-25 + + XML + post "/", xml, {'CONTENT_TYPE' => 'application/xml'} + + params = @controller.params + assert_equal 15, params[:data][:a] + assert_equal false, params[:data][:b] + assert_equal true, params[:data][:c] + assert_equal Date.new(2005,3,17), params[:data][:d] + assert_equal Time.utc(2005,3,17,21,41,7), params[:data][:e] + assert_equal "unparsed", params[:data][:f] + assert_equal [1, "hello", Date.new(1974,7,25)], params[:data][:g] + end end def test_entities_unescaped_as_xml_simple - ActionController::Base.param_parsers[Mime::XML] = :xml_simple - process('POST', 'application/xml', <<-XML) - <foo "bar's" & friends> - XML - assert_equal %(), @controller.params[:data] + with_test_route_set do + ActionController::Base.param_parsers[Mime::XML] = :xml_simple + xml = <<-XML + <foo "bar's" & friends> + XML + post "/", xml, {'CONTENT_TYPE' => 'application/xml'} + assert_equal %(), @controller.params[:data] + end end def test_typecast_as_yaml - ActionController::Base.param_parsers[Mime::YAML] = :yaml - process('POST', 'application/x-yaml', <<-YAML) - --- - data: - a: 15 - b: false - c: true - d: 2005-03-17 - e: 2005-03-17T21:41:07Z - f: unparsed - g: - - 1 - - hello - - 1974-07-25 - YAML - params = @controller.params - assert_equal 15, params[:data][:a] - assert_equal false, params[:data][:b] - assert_equal true, params[:data][:c] - assert_equal Date.new(2005,3,17), params[:data][:d] - assert_equal Time.utc(2005,3,17,21,41,7), params[:data][:e] - assert_equal "unparsed", params[:data][:f] - assert_equal [1, "hello", Date.new(1974,7,25)], params[:data][:g] - end - - private - - def process(verb, content_type = 'application/x-www-form-urlencoded', data = '', full=false) - - cgi = MockCGI.new({ - 'REQUEST_METHOD' => verb, - 'CONTENT_TYPE' => content_type, - 'QUERY_STRING' => "action=assign_parameters&controller=webservicetest/test#{"&full=1" if full}", - "REQUEST_URI" => "/", - "HTTP_HOST" => 'testdomain.com', - "CONTENT_LENGTH" => data.size, - "SERVER_PORT" => "80", - "HTTPS" => "off"}, data) - - @controller.send(:process, ActionController::CgiRequest.new(cgi, {}), ActionController::CgiResponse.new(cgi)) - end - + with_test_route_set do + ActionController::Base.param_parsers[Mime::YAML] = :yaml + yaml = <<-YAML + --- + data: + a: 15 + b: false + c: true + d: 2005-03-17 + e: 2005-03-17T21:41:07Z + f: unparsed + g: + - 1 + - hello + - 1974-07-25 + YAML + post "/", yaml, {'CONTENT_TYPE' => 'application/x-yaml'} + params = @controller.params + assert_equal 15, params[:data][:a] + assert_equal false, params[:data][:b] + assert_equal true, params[:data][:c] + assert_equal Date.new(2005,3,17), params[:data][:d] + assert_equal Time.utc(2005,3,17,21,41,7), params[:data][:e] + assert_equal "unparsed", params[:data][:f] + assert_equal [1, "hello", Date.new(1974,7,25)], params[:data][:g] + end + end + + private + def with_test_route_set + with_routing do |set| + set.draw do |map| + map.with_options :controller => "web_service_test/test" do |c| + c.connect "/", :action => "assign_parameters" + end + end + yield + end + end end -- cgit v1.2.3