From 1b4b8fbbd95d7d674df7f013fd88b9b7f859a6f1 Mon Sep 17 00:00:00 2001
From: Amos King <amos.l.king@gmail.com>
Date: Thu, 29 May 2008 16:49:44 -0700
Subject: verify :redirect_to => :back should redirect to the referrer. [#280
 state:resolved]

Signed-off-by: Pratik Naik <pratiknaik@gmail.com>
---
 actionpack/lib/action_controller/verification.rb |  2 +-
 actionpack/test/controller/verification_test.rb  | 51 ++++++++++++++++--------
 2 files changed, 35 insertions(+), 18 deletions(-)

(limited to 'actionpack')

diff --git a/actionpack/lib/action_controller/verification.rb b/actionpack/lib/action_controller/verification.rb
index 9f606e7b7c..35b12a7f13 100644
--- a/actionpack/lib/action_controller/verification.rb
+++ b/actionpack/lib/action_controller/verification.rb
@@ -116,7 +116,7 @@ module ActionController #:nodoc:
     end
     
     def apply_redirect_to(redirect_to_option) # :nodoc:
-      redirect_to_option.is_a?(Symbol) ? self.send!(redirect_to_option) : redirect_to_option
+      (redirect_to_option.is_a?(Symbol) && redirect_to_option != :back) ? self.send!(redirect_to_option) : redirect_to_option
     end
     
     def apply_remaining_actions(options) # :nodoc:
diff --git a/actionpack/test/controller/verification_test.rb b/actionpack/test/controller/verification_test.rb
index d6fde35f83..b289443129 100644
--- a/actionpack/test/controller/verification_test.rb
+++ b/actionpack/test/controller/verification_test.rb
@@ -21,10 +21,10 @@ class VerificationTest < Test::Unit::TestCase
 
     verify :only => :guarded_by_method, :method => :post,
            :redirect_to => { :action => "unguarded" }
-           
+
     verify :only => :guarded_by_xhr, :xhr => true,
            :redirect_to => { :action => "unguarded" }
-           
+
     verify :only => :guarded_by_not_xhr, :xhr => false,
            :redirect_to => { :action => "unguarded" }
 
@@ -39,10 +39,13 @@ class VerificationTest < Test::Unit::TestCase
 
     verify :only => :no_default_action, :params => "santa"
 
+    verify :only => :guarded_with_back, :method => :post,
+           :redirect_to => :back
+
     def guarded_one
       render :text => "#{params[:one]}"
     end
-    
+
     def guarded_one_for_named_route_test
       render :text => "#{params[:one]}"
     end
@@ -70,11 +73,11 @@ class VerificationTest < Test::Unit::TestCase
     def guarded_by_method
       render :text => "#{request.method}"
     end
-    
+
     def guarded_by_xhr
       render :text => "#{request.xhr?}"
     end
-    
+
     def guarded_by_not_xhr
       render :text => "#{request.xhr?}"
     end
@@ -86,15 +89,19 @@ class VerificationTest < Test::Unit::TestCase
     def two_redirects
       render :nothing => true
     end
-    
+
     def must_be_post
       render :text => "Was a post!"
     end
-    
+
+    def guarded_with_back
+      render :text => "#{params[:one]}"
+    end
+
     def no_default_action
       # Will never run
     end
-    
+
     protected
       def rescue_action(e) raise end
 
@@ -109,7 +116,17 @@ class VerificationTest < Test::Unit::TestCase
     @response   = ActionController::TestResponse.new
     ActionController::Routing::Routes.add_named_route :foo, '/foo', :controller => 'test', :action => 'foo'
   end
-  
+
+  def test_using_symbol_back_with_no_referrer
+    assert_raise(ActionController::RedirectBackError) { get :guarded_with_back }
+  end
+
+  def test_using_symbol_back_redirects_to_referrer
+    @request.env["HTTP_REFERER"] = "/foo"
+    get :guarded_with_back
+    assert_redirected_to '/foo'
+  end
+
   def test_no_deprecation_warning_for_named_route
     assert_not_deprecated do
       get :guarded_one_for_named_route_test, :two => "not one"
@@ -209,44 +226,44 @@ class VerificationTest < Test::Unit::TestCase
     get :guarded_by_method
     assert_redirected_to :action => "unguarded"
   end
-  
+
   def test_guarded_by_xhr_with_prereqs
     xhr :post, :guarded_by_xhr
     assert_equal "true", @response.body
   end
-    
+
   def test_guarded_by_xhr_without_prereqs
     get :guarded_by_xhr
     assert_redirected_to :action => "unguarded"
   end
-  
+
   def test_guarded_by_not_xhr_with_prereqs
     get :guarded_by_not_xhr
     assert_equal "false", @response.body
   end
-    
+
   def test_guarded_by_not_xhr_without_prereqs
     xhr :post, :guarded_by_not_xhr
     assert_redirected_to :action => "unguarded"
   end
-  
+
   def test_guarded_post_and_calls_render_succeeds
     post :must_be_post
     assert_equal "Was a post!", @response.body
   end
-    
+
   def test_default_failure_should_be_a_bad_request
     post :no_default_action
     assert_response :bad_request
   end
-    
+
   def test_guarded_post_and_calls_render_fails_and_sets_allow_header
     get :must_be_post
     assert_response 405
     assert_equal "Must be post", @response.body
     assert_equal "POST", @response.headers["Allow"]
   end
-  
+
   def test_second_redirect
     assert_nothing_raised { get :two_redirects }
   end
-- 
cgit v1.2.3