From f0570a3d3fa85ba0153d61c90bad6db648144256 Mon Sep 17 00:00:00 2001
From: Tobias Pfeiffer <tobias.pfeiffer@student.hpi.uni-potsdam.de>
Date: Mon, 24 Feb 2014 17:05:42 +0100
Subject: Honor public/private in ActionView::Helpers::Tags::Base#value

* use public_send instead of send to avoid calling private
  methods in form helpers
---
 actionview/test/template/form_helper_test.rb | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'actionview/test')

diff --git a/actionview/test/template/form_helper_test.rb b/actionview/test/template/form_helper_test.rb
index f2238d1443..36e3e64688 100644
--- a/actionview/test/template/form_helper_test.rb
+++ b/actionview/test/template/form_helper_test.rb
@@ -158,6 +158,12 @@ class FormHelperTest < ActionView::TestCase
     assert_raise(NotImplementedError) { FooTag.new.render }
   end
 
+  def test_tags_base_value_honors_public_private
+    test_object = Class.new { private def my_method ; end }.new
+    tag = ActionView::Helpers::Tags::Base.new 'test_object', :my_method, nil
+    assert_raise(NoMethodError) { tag.send :value, test_object }
+  end
+
   def test_label
     assert_dom_equal('<label for="post_title">Title</label>', label("post", "title"))
     assert_dom_equal(
-- 
cgit v1.2.3


From 1ff67d82861c11cba7896e39536565ce93d0fc08 Mon Sep 17 00:00:00 2001
From: agius <andrew@atevans.com>
Date: Fri, 31 Oct 2014 10:45:45 -0700
Subject: Use public_send for form tags

---
 actionview/test/template/form_helper_test.rb | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)

(limited to 'actionview/test')

diff --git a/actionview/test/template/form_helper_test.rb b/actionview/test/template/form_helper_test.rb
index 36e3e64688..4169408cf9 100644
--- a/actionview/test/template/form_helper_test.rb
+++ b/actionview/test/template/form_helper_test.rb
@@ -154,6 +154,18 @@ class FormHelperTest < ActionView::TestCase
     def initialize; end
   end
 
+  class FooObject
+
+    def method_missing(*args)
+      nil
+    end
+
+    private
+      def private_property
+        raise "This method should not be called."
+      end
+  end
+
   def test_tags_base_child_without_render_method
     assert_raise(NotImplementedError) { FooTag.new.render }
   end
@@ -1791,6 +1803,21 @@ class FormHelperTest < ActionView::TestCase
     assert_dom_equal expected, output_buffer
   end
 
+  def test_form_tags_do_not_call_private_properties_on_form_object
+    obj = FooObject.new
+    form_for(obj, as: "other_name", url: '/', html: { id: "edit-other-name" }) do |f|
+      concat f.hidden_field(:private_property)
+      concat f.submit('Create Foo')
+    end
+
+    expected =  whole_form("/", "edit-other-name", "new_other_name", method: "post") do
+      "<input id='other_name_private_property' name='other_name[private_property]' type='hidden' />" +
+      "<input name='commit' value='Create Foo' type='submit' />"
+    end
+
+    assert_dom_equal expected, output_buffer
+  end
+
   def test_form_for_with_method_as_part_of_html_options
     form_for(@post, url: '/', html: { id: 'create-post', method: :delete }) do |f|
       concat f.text_field(:title)
-- 
cgit v1.2.3


From 0d6a56d63525c708e398eb99bb56eea18444d751 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Rafael=20Mendon=C3=A7a=20Fran=C3=A7a?=
 <rafaelmfranca@gmail.com>
Date: Fri, 31 Oct 2014 16:41:51 -0200
Subject: Improve test of private properties of objects in form tags

---
 actionview/test/template/form_helper_test.rb | 37 +++++++---------------------
 1 file changed, 9 insertions(+), 28 deletions(-)

(limited to 'actionview/test')

diff --git a/actionview/test/template/form_helper_test.rb b/actionview/test/template/form_helper_test.rb
index 4169408cf9..4bbbdf4fb1 100644
--- a/actionview/test/template/form_helper_test.rb
+++ b/actionview/test/template/form_helper_test.rb
@@ -154,28 +154,10 @@ class FormHelperTest < ActionView::TestCase
     def initialize; end
   end
 
-  class FooObject
-
-    def method_missing(*args)
-      nil
-    end
-
-    private
-      def private_property
-        raise "This method should not be called."
-      end
-  end
-
   def test_tags_base_child_without_render_method
     assert_raise(NotImplementedError) { FooTag.new.render }
   end
 
-  def test_tags_base_value_honors_public_private
-    test_object = Class.new { private def my_method ; end }.new
-    tag = ActionView::Helpers::Tags::Base.new 'test_object', :my_method, nil
-    assert_raise(NoMethodError) { tag.send :value, test_object }
-  end
-
   def test_label
     assert_dom_equal('<label for="post_title">Title</label>', label("post", "title"))
     assert_dom_equal(
@@ -1804,18 +1786,17 @@ class FormHelperTest < ActionView::TestCase
   end
 
   def test_form_tags_do_not_call_private_properties_on_form_object
-    obj = FooObject.new
-    form_for(obj, as: "other_name", url: '/', html: { id: "edit-other-name" }) do |f|
-      concat f.hidden_field(:private_property)
-      concat f.submit('Create Foo')
-    end
+    obj = Class.new do
+      private
 
-    expected =  whole_form("/", "edit-other-name", "new_other_name", method: "post") do
-      "<input id='other_name_private_property' name='other_name[private_property]' type='hidden' />" +
-      "<input name='commit' value='Create Foo' type='submit' />"
-    end
+      def private_property
+        raise "This method should not be called."
+      end
+    end.new
 
-    assert_dom_equal expected, output_buffer
+    form_for(obj, as: "other_name", url: '/', html: { id: "edit-other-name" }) do |f|
+      assert_raise(NoMethodError) { f.hidden_field(:private_property) }
+    end
   end
 
   def test_form_for_with_method_as_part_of_html_options
-- 
cgit v1.2.3