From 9c2c307ee48b91177c3e1cb8831afe4f972d19eb Mon Sep 17 00:00:00 2001 From: Joshua Peek Date: Sat, 30 Jan 2010 15:42:30 -0600 Subject: Move form_remote_tag and remote_form_for into prototype_legacy_helper --- .../lib/action_view/helpers/prototype_helper.rb | 109 --------------------- .../controller/request_forgery_protection_test.rb | 45 ++++----- actionpack/test/template/form_helper_test.rb | 29 ------ actionpack/test/template/prototype_helper_test.rb | 100 ------------------- 4 files changed, 18 insertions(+), 265 deletions(-) (limited to 'actionpack') diff --git a/actionpack/lib/action_view/helpers/prototype_helper.rb b/actionpack/lib/action_view/helpers/prototype_helper.rb index 818412c345..1fa2fed460 100644 --- a/actionpack/lib/action_view/helpers/prototype_helper.rb +++ b/actionpack/lib/action_view/helpers/prototype_helper.rb @@ -102,115 +102,6 @@ module ActionView :form, :with, :update, :script, :type ]).merge(CALLBACKS) end - # Returns a form tag that will submit using XMLHttpRequest in the - # background instead of the regular reloading POST arrangement. Even - # though it's using JavaScript to serialize the form elements, the form - # submission will work just like a regular submission as viewed by the - # receiving side (all elements available in params). The options for - # specifying the target with :url and defining callbacks is the same as - # +link_to_remote+. - # - # A "fall-through" target for browsers that doesn't do JavaScript can be - # specified with the :action/:method options on :html. - # - # Example: - # # Generates: - # #
- # form_remote_tag :html => { :action => - # url_for(:controller => "some", :action => "place") } - # - # The Hash passed to the :html key is equivalent to the options (2nd) - # argument in the FormTagHelper.form_tag method. - # - # By default the fall-through action is the same as the one specified in - # the :url (and the default method is :post). - # - # form_remote_tag also takes a block, like form_tag: - # # Generates: - # #
- # #
- # <% form_remote_tag :url => '/posts' do -%> - #
<%= submit_tag 'Save' %>
- # <% end -%> - def form_remote_tag(options = {}, &block) - options[:form] = true - - options[:html] ||= {} - options[:html][:onsubmit] = - (options[:html][:onsubmit] ? options[:html][:onsubmit] + "; " : "") + - "#{remote_function(options)}; return false;" - - form_tag(options[:html].delete(:action) || url_for(options[:url]), options[:html], &block) - end - - # Creates a form that will submit using XMLHttpRequest in the background - # instead of the regular reloading POST arrangement and a scope around a - # specific resource that is used as a base for questioning about - # values for the fields. - # - # === Resource - # - # Example: - # <% remote_form_for(@post) do |f| %> - # ... - # <% end %> - # - # This will expand to be the same as: - # - # <% remote_form_for :post, @post, :url => post_path(@post), :html => { :method => :put, :class => "edit_post", :id => "edit_post_45" } do |f| %> - # ... - # <% end %> - # - # === Nested Resource - # - # Example: - # <% remote_form_for([@post, @comment]) do |f| %> - # ... - # <% end %> - # - # This will expand to be the same as: - # - # <% remote_form_for :comment, @comment, :url => post_comment_path(@post, @comment), :html => { :method => :put, :class => "edit_comment", :id => "edit_comment_45" } do |f| %> - # ... - # <% end %> - # - # If you don't need to attach a form to a resource, then check out form_remote_tag. - # - # See FormHelper#form_for for additional semantics. - def remote_form_for(record_or_name_or_array, *args, &proc) - options = args.extract_options! - - case record_or_name_or_array - when String, Symbol - object_name = record_or_name_or_array - when Array - object = record_or_name_or_array.last - object_name = ActionController::RecordIdentifier.singular_class_name(object) - apply_form_for_options!(record_or_name_or_array, options) - args.unshift object - else - object = record_or_name_or_array - object_name = ActionController::RecordIdentifier.singular_class_name(record_or_name_or_array) - apply_form_for_options!(object, options) - args.unshift object - end - - concat(form_remote_tag(options)) - fields_for(object_name, *(args << options), &proc) - concat(''.html_safe!) - end - alias_method :form_remote_for, :remote_form_for - - # Returns 'eval(request.responseText)' which is the JavaScript function - # that +form_remote_tag+ can call in :complete to evaluate a multiple - # update return document using +update_element_function+ calls. - def evaluate_remote_response - "eval(request.responseText)" - end - # Returns the JavaScript needed for a remote function. # Takes the same arguments as link_to_remote. # diff --git a/actionpack/test/controller/request_forgery_protection_test.rb b/actionpack/test/controller/request_forgery_protection_test.rb index 09003adf73..b2a0e2e2a3 100644 --- a/actionpack/test/controller/request_forgery_protection_test.rb +++ b/actionpack/test/controller/request_forgery_protection_test.rb @@ -6,14 +6,10 @@ module RequestForgeryProtectionActions def index render :inline => "<%= form_tag('/') {} %>" end - + def show_button render :inline => "<%= button_to('New', '/') {} %>" end - - def remote_form - render :inline => "<% form_remote_tag(:url => '/') {} %>" - end def unsafe render :text => 'pwn' @@ -30,11 +26,11 @@ end class FreeCookieController < RequestForgeryProtectionController self.allow_forgery_protection = false - + def index render :inline => "<%= form_tag('/') {} %>" end - + def show_button render :inline => "<%= button_to('New', '/') {} %>" end @@ -65,11 +61,6 @@ module RequestForgeryProtectionTests assert_select 'form>div>input[name=?][value=?]', 'authenticity_token', @token end - def test_should_render_remote_form_with_only_one_token_parameter - get :remote_form - assert_equal 1, @response.body.scan(@token).size - end - def test_should_allow_get get :index assert_response :success @@ -84,12 +75,12 @@ module RequestForgeryProtectionTests @request.env['CONTENT_TYPE'] = Mime::URL_ENCODED_FORM.to_s assert_raise(ActionController::InvalidAuthenticityToken) { post :index, :format => :html } end - + def test_should_not_allow_html_put_without_token @request.env['CONTENT_TYPE'] = Mime::URL_ENCODED_FORM.to_s assert_raise(ActionController::InvalidAuthenticityToken) { put :index, :format => :html } end - + def test_should_not_allow_html_delete_without_token @request.env['CONTENT_TYPE'] = Mime::URL_ENCODED_FORM.to_s assert_raise(ActionController::InvalidAuthenticityToken) { delete :index, :format => :html } @@ -154,51 +145,51 @@ module RequestForgeryProtectionTests delete :index, :format => 'xml' end end - + def test_should_allow_xhr_post_without_token assert_nothing_raised { xhr :post, :index } end - + def test_should_allow_xhr_put_without_token assert_nothing_raised { xhr :put, :index } end - + def test_should_allow_xhr_delete_without_token assert_nothing_raised { xhr :delete, :index } end - + def test_should_allow_xhr_post_with_encoded_form_content_type_without_token @request.env['CONTENT_TYPE'] = Mime::URL_ENCODED_FORM.to_s assert_nothing_raised { xhr :post, :index } end - + def test_should_allow_post_with_token post :index, :authenticity_token => @token assert_response :success end - + def test_should_allow_put_with_token put :index, :authenticity_token => @token assert_response :success end - + def test_should_allow_delete_with_token delete :index, :authenticity_token => @token assert_response :success end - + def test_should_allow_post_with_xml @request.env['CONTENT_TYPE'] = Mime::XML.to_s post :index, :format => 'xml' assert_response :success end - + def test_should_allow_put_with_xml @request.env['CONTENT_TYPE'] = Mime::XML.to_s put :index, :format => 'xml' assert_response :success end - + def test_should_allow_delete_with_xml @request.env['CONTENT_TYPE'] = Mime::XML.to_s delete :index, :format => 'xml' @@ -231,17 +222,17 @@ class FreeCookieControllerTest < ActionController::TestCase ActiveSupport::SecureRandom.stubs(:base64).returns(@token) end - + def test_should_not_render_form_with_token_tag get :index assert_select 'form>div>input[name=?][value=?]', 'authenticity_token', @token, false end - + def test_should_not_render_button_to_with_token_tag get :show_button assert_select 'form>div>input[name=?][value=?]', 'authenticity_token', @token, false end - + def test_should_allow_all_methods_without_token [:post, :put, :delete].each do |method| assert_nothing_raised { send(method, :index)} diff --git a/actionpack/test/template/form_helper_test.rb b/actionpack/test/template/form_helper_test.rb index 0c5c5d17ee..c97343fbe5 100644 --- a/actionpack/test/template/form_helper_test.rb +++ b/actionpack/test/template/form_helper_test.rb @@ -1230,26 +1230,6 @@ class FormHelperTest < ActionView::TestCase end - # Perhaps this test should be moved to prototype helper tests. - def test_remote_form_for_with_labelled_builder - self.extend ActionView::Helpers::PrototypeHelper - - remote_form_for(:post, @post, :builder => LabelledFormBuilder) do |f| - concat f.text_field(:title) - concat f.text_area(:body) - concat f.check_box(:secret) - end - - expected = - %(
) + - "
" + - "
" + - "
" + - "
" - - assert_dom_equal expected, output_buffer - end - def test_fields_for_with_labelled_builder fields_for(:post, @post, :builder => LabelledFormBuilder) do |f| concat f.text_field(:title) @@ -1396,15 +1376,6 @@ class FormHelperTest < ActionView::TestCase assert_equal expected, output_buffer end - def test_remote_form_for_with_html_options_adds_options_to_form_tag - self.extend ActionView::Helpers::PrototypeHelper - - remote_form_for(:post, @post, :html => {:id => 'some_form', :class => 'some_class'}) do |f| end - expected = "
" - - assert_dom_equal expected, output_buffer - end - protected def comments_path(post) "/posts/#{post.id}/comments" diff --git a/actionpack/test/template/prototype_helper_test.rb b/actionpack/test/template/prototype_helper_test.rb index 51a03d25a4..d95bdc2b90 100644 --- a/actionpack/test/template/prototype_helper_test.rb +++ b/actionpack/test/template/prototype_helper_test.rb @@ -82,106 +82,6 @@ class PrototypeHelperTest < PrototypeHelperBaseTest super end - def test_form_remote_tag - assert_dom_equal %(
), - form_remote_tag(:update => "glass_of_beer", :url => { :action => :fast }) - assert_dom_equal %(), - form_remote_tag(:update => { :success => "glass_of_beer" }, :url => { :action => :fast }) - assert_dom_equal %(), - form_remote_tag(:update => { :failure => "glass_of_water" }, :url => { :action => :fast }) - assert_dom_equal %(), - form_remote_tag(:update => { :success => 'glass_of_beer', :failure => "glass_of_water" }, :url => { :action => :fast }) - end - - def test_form_remote_tag_with_method - assert_dom_equal %(
), - form_remote_tag(:update => "glass_of_beer", :url => { :action => :fast }, :html => { :method => :put }) - end - - def test_form_remote_tag_with_block_in_erb - __in_erb_template = '' - form_remote_tag(:update => "glass_of_beer", :url => { :action => :fast }) { concat "Hello world!" } - assert_dom_equal %(Hello world!
), output_buffer - end - - def test_remote_form_for_with_record_identification_with_new_record - remote_form_for(@record, {:html => { :id => 'create-author' }}) {} - - expected = %(
) - assert_dom_equal expected, output_buffer - end - - def test_remote_form_for_with_record_identification_without_html_options - remote_form_for(@record) {} - - expected = %(
) - assert_dom_equal expected, output_buffer - end - - def test_remote_form_for_with_record_identification_with_existing_record - @record.save - remote_form_for(@record) {} - - expected = %(
) - assert_dom_equal expected, output_buffer - end - - def test_remote_form_for_with_new_object_in_list - remote_form_for([@author, @article]) {} - - expected = %(
) - assert_dom_equal expected, output_buffer - end - - def test_remote_form_for_with_existing_object_in_list - @author.save - @article.save - remote_form_for([@author, @article]) {} - - expected = %(
) - assert_dom_equal expected, output_buffer - end - - def test_on_callbacks - callbacks = [:uninitialized, :loading, :loaded, :interactive, :complete, :success, :failure] - callbacks.each do |callback| - assert_dom_equal %(
), - form_remote_tag(:update => "glass_of_beer", :url => { :action => :fast }, callback=>"monkeys();") - assert_dom_equal %(), - form_remote_tag(:update => { :success => "glass_of_beer" }, :url => { :action => :fast }, callback=>"monkeys();") - assert_dom_equal %(), - form_remote_tag(:update => { :failure => "glass_of_beer" }, :url => { :action => :fast }, callback=>"monkeys();") - assert_dom_equal %(), - form_remote_tag(:update => { :success => "glass_of_beer", :failure => "glass_of_water" }, :url => { :action => :fast }, callback=>"monkeys();") - end - - #HTTP status codes 200 up to 599 have callbacks - #these should work - 100.upto(599) do |callback| - assert_dom_equal %(), - form_remote_tag(:update => "glass_of_beer", :url => { :action => :fast }, callback=>"monkeys();") - end - - #test 200 and 404 - assert_dom_equal %(), - form_remote_tag(:update => "glass_of_beer", :url => { :action => :fast }, 200=>"monkeys();", 404=>"bananas();") - - #these shouldn't - 1.upto(99) do |callback| - assert_dom_equal %(), - form_remote_tag(:update => "glass_of_beer", :url => { :action => :fast }, callback=>"monkeys();") - end - 600.upto(999) do |callback| - assert_dom_equal %(), - form_remote_tag(:update => "glass_of_beer", :url => { :action => :fast }, callback=>"monkeys();") - end - - #test ultimate combo - assert_dom_equal %(), - form_remote_tag(:update => "glass_of_beer", :url => { :action => :fast }, :loading => "c1()", :success => "s()", :failure => "f();", :complete => "c();", 200=>"monkeys();", 404=>"bananas();") - - end - def test_update_page old_output_buffer = output_buffer -- cgit v1.2.3