From dfc361df364c0c01a244355fe39f5871fb5b00f9 Mon Sep 17 00:00:00 2001 From: Pierre Schambacher Date: Wed, 26 Apr 2017 19:00:33 -0700 Subject: Added a shared section to config/database.yml that will be loaded for all environments --- railties/test/application/configuration_test.rb | 34 +++++++++++++++++++++++++ 1 file changed, 34 insertions(+) (limited to 'railties/test/application') diff --git a/railties/test/application/configuration_test.rb b/railties/test/application/configuration_test.rb index 07c6afed7f..06767167a9 100644 --- a/railties/test/application/configuration_test.rb +++ b/railties/test/application/configuration_test.rb @@ -1407,6 +1407,40 @@ module ApplicationTests assert_match "config/database", err.message end + test "loads database.yml using shared keys" do + app_file "config/database.yml", <<-YAML + shared: + username: bobby + adapter: sqlite3 + + development: + database: 'dev_db' + YAML + + app "development" + + ar_config = Rails.application.config.database_configuration + assert_equal "sqlite3", ar_config["development"]["adapter"] + assert_equal "bobby", ar_config["development"]["username"] + assert_equal "dev_db", ar_config["development"]["database"] + end + + test "loads database.yml using shared keys for undefined environments" do + app_file "config/database.yml", <<-YAML + shared: + username: bobby + adapter: sqlite3 + database: 'dev_db' + YAML + + app "development" + + ar_config = Rails.application.config.database_configuration + assert_equal "sqlite3", ar_config["development"]["adapter"] + assert_equal "bobby", ar_config["development"]["username"] + assert_equal "dev_db", ar_config["development"]["database"] + end + test "config.action_mailer.show_previews defaults to true in development" do app "development" -- cgit v1.2.3 From 15a4d3c383e6120bb0670fe2f9f07f72a5825027 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rafael=20Mendon=C3=A7a=20Fran=C3=A7a?= Date: Thu, 27 Apr 2017 10:21:15 -0700 Subject: Also raise error when VERSION is nil Fix #28905 --- railties/test/application/rake/migrations_test.rb | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'railties/test/application') diff --git a/railties/test/application/rake/migrations_test.rb b/railties/test/application/rake/migrations_test.rb index 2c9770e147..51dfe2ef98 100644 --- a/railties/test/application/rake/migrations_test.rb +++ b/railties/test/application/rake/migrations_test.rb @@ -48,8 +48,14 @@ module ApplicationTests output = `bin/rails db:migrate:up VERSION= 2>&1` assert_match(/VERSION is required/, output) + output = `bin/rails db:migrate:up 2>&1` + assert_match(/VERSION is required/, output) + output = `bin/rails db:migrate:down VERSION= 2>&1` assert_match(/VERSION is required - To go down one migration, use db:rollback/, output) + + output = `bin/rails db:migrate:down 2>&1` + assert_match(/VERSION is required - To go down one migration, use db:rollback/, output) end end -- cgit v1.2.3 From c776b6470875fd40885b181ff8467a2c2cc3ec70 Mon Sep 17 00:00:00 2001 From: "yuuji.yaginuma" Date: Fri, 5 May 2017 15:54:38 +0900 Subject: Allow irb options to be passed from `rails console` command Fixes #28988 --- railties/test/application/console_test.rb | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) (limited to 'railties/test/application') diff --git a/railties/test/application/console_test.rb b/railties/test/application/console_test.rb index 72f340df34..057d473870 100644 --- a/railties/test/application/console_test.rb +++ b/railties/test/application/console_test.rb @@ -136,9 +136,9 @@ class FullStackConsoleTest < ActiveSupport::TestCase assert_output "> " end - def spawn_console + def spawn_console(options) Process.spawn( - "#{app_path}/bin/rails console --sandbox", + "#{app_path}/bin/rails console #{options}", in: @slave, out: @slave, err: @slave ) @@ -146,18 +146,26 @@ class FullStackConsoleTest < ActiveSupport::TestCase end def test_sandbox - spawn_console + spawn_console("--sandbox") write_prompt "Post.count", "=> 0" write_prompt "Post.create" write_prompt "Post.count", "=> 1" @master.puts "quit" - spawn_console + spawn_console("--sandbox") write_prompt "Post.count", "=> 0" write_prompt "Post.transaction { Post.create; raise }" write_prompt "Post.count", "=> 0" @master.puts "quit" end + + def test_environment_option_and_irb_option + spawn_console("test -- --verbose") + + write_prompt "a = 1", "a = 1" + write_prompt "puts Rails.env", "puts Rails.env\r\ntest" + @master.puts "quit" + end end -- cgit v1.2.3 From 75fa8dd309a84e125b59d01bf182d88419631eaa Mon Sep 17 00:00:00 2001 From: David Heinemeier Hansson Date: Thu, 18 May 2017 18:12:32 +0200 Subject: Use recyclable cache keys (#29092) --- railties/test/application/per_request_digest_cache_test.rb | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'railties/test/application') diff --git a/railties/test/application/per_request_digest_cache_test.rb b/railties/test/application/per_request_digest_cache_test.rb index 6c003e9bcc..6e6996a6ba 100644 --- a/railties/test/application/per_request_digest_cache_test.rb +++ b/railties/test/application/per_request_digest_cache_test.rb @@ -18,6 +18,10 @@ class PerRequestDigestCacheTest < ActiveSupport::TestCase class Customer < Struct.new(:name, :id) extend ActiveModel::Naming include ActiveModel::Conversion + + def cache_key + [ name, id ].join("/") + end end RUBY -- cgit v1.2.3 From 5a3ba63d9abad86b7f6dd36a92cfaf722e52760b Mon Sep 17 00:00:00 2001 From: Michael Coyne Date: Thu, 23 Feb 2017 13:54:17 -0500 Subject: AEAD encrypted cookies and sessions This commit changes encrypted cookies from AES in CBC HMAC mode to Authenticated Encryption using AES-GCM. It also provides a cookie jar to transparently upgrade encrypted cookies to this new scheme. Some other notable changes include: - There is a new application configuration value: +use_authenticated_cookie_encryption+. When enabled, AEAD encrypted cookies will be used. - +cookies.signed+ does not raise a +TypeError+ now if the name of an encrypted cookie is used. Encrypted cookies using the same key as signed cookies would be verified and serialization would then fail due the message still be encrypted. --- .../test/application/middleware/session_test.rb | 93 +++++++++++++++++++--- 1 file changed, 84 insertions(+), 9 deletions(-) (limited to 'railties/test/application') diff --git a/railties/test/application/middleware/session_test.rb b/railties/test/application/middleware/session_test.rb index 959a629ede..a14ea589ed 100644 --- a/railties/test/application/middleware/session_test.rb +++ b/railties/test/application/middleware/session_test.rb @@ -162,6 +162,11 @@ module ApplicationTests end RUBY + add_to_config <<-RUBY + # Enable AEAD cookies + config.action_dispatch.use_authenticated_cookie_encryption = true + RUBY + require "#{app_path}/config/environment" get "/foo/write_session" @@ -171,9 +176,9 @@ module ApplicationTests get "/foo/read_encrypted_cookie" assert_equal "1", last_response.body - secret = app.key_generator.generate_key("encrypted cookie") - sign_secret = app.key_generator.generate_key("signed encrypted cookie") - encryptor = ActiveSupport::MessageEncryptor.new(secret[0, ActiveSupport::MessageEncryptor.key_len], sign_secret) + cipher = "aes-256-gcm" + secret = app.key_generator.generate_key("authenticated encrypted cookie") + encryptor = ActiveSupport::MessageEncryptor.new(secret[0, ActiveSupport::MessageEncryptor.key_len(cipher)], cipher: cipher) get "/foo/read_raw_cookie" assert_equal 1, encryptor.decrypt_and_verify(last_response.body)["foo"] @@ -209,6 +214,9 @@ module ApplicationTests add_to_config <<-RUBY secrets.secret_token = "3b7cd727ee24e8444053437c36cc66c4" + + # Enable AEAD cookies + config.action_dispatch.use_authenticated_cookie_encryption = true RUBY require "#{app_path}/config/environment" @@ -220,9 +228,9 @@ module ApplicationTests get "/foo/read_encrypted_cookie" assert_equal "1", last_response.body - secret = app.key_generator.generate_key("encrypted cookie") - sign_secret = app.key_generator.generate_key("signed encrypted cookie") - encryptor = ActiveSupport::MessageEncryptor.new(secret[0, ActiveSupport::MessageEncryptor.key_len], sign_secret) + cipher = "aes-256-gcm" + secret = app.key_generator.generate_key("authenticated encrypted cookie") + encryptor = ActiveSupport::MessageEncryptor.new(secret[0, ActiveSupport::MessageEncryptor.key_len(cipher)], cipher: cipher) get "/foo/read_raw_cookie" assert_equal 1, encryptor.decrypt_and_verify(last_response.body)["foo"] @@ -264,6 +272,73 @@ module ApplicationTests add_to_config <<-RUBY secrets.secret_token = "3b7cd727ee24e8444053437c36cc66c4" + + # Enable AEAD cookies + config.action_dispatch.use_authenticated_cookie_encryption = true + RUBY + + require "#{app_path}/config/environment" + + get "/foo/write_raw_session" + get "/foo/read_session" + assert_equal "1", last_response.body + + get "/foo/write_session" + get "/foo/read_session" + assert_equal "2", last_response.body + + get "/foo/read_encrypted_cookie" + assert_equal "2", last_response.body + + cipher = "aes-256-gcm" + secret = app.key_generator.generate_key("authenticated encrypted cookie") + encryptor = ActiveSupport::MessageEncryptor.new(secret[0, ActiveSupport::MessageEncryptor.key_len(cipher)], cipher: cipher) + + get "/foo/read_raw_cookie" + assert_equal 2, encryptor.decrypt_and_verify(last_response.body)["foo"] + end + + test "session upgrading from AES-CBC-HMAC encryption to AES-GCM encryption" do + app_file "config/routes.rb", <<-RUBY + Rails.application.routes.draw do + get ':controller(/:action)' + end + RUBY + + controller :foo, <<-RUBY + class FooController < ActionController::Base + def write_raw_session + # AES-256-CBC with SHA1 HMAC + # {"session_id"=>"1965d95720fffc123941bdfb7d2e6870", "foo"=>1} + cookies[:_myapp_session] = "TlgrdS85aUpDd1R2cDlPWlR6K0FJeGExckwySjZ2Z0pkR3d2QnRObGxZT25aalJWYWVvbFVLcHF4d0VQVDdSaFF2QjFPbG9MVjJzeWp3YjcyRUlKUUU2ZlR4bXlSNG9ZUkJPRUtld0E3dVU9LS0xNDZXbGpRZ3NjdW43N2haUEZJSUNRPT0=--3639b5ce54c09495cfeaae928cd5634e0c4b2e96" + head :ok + end + + def write_session + session[:foo] = session[:foo] + 1 + head :ok + end + + def read_session + render plain: session[:foo] + end + + def read_encrypted_cookie + render plain: cookies.encrypted[:_myapp_session]['foo'] + end + + def read_raw_cookie + render plain: cookies[:_myapp_session] + end + end + RUBY + + add_to_config <<-RUBY + # Use a static key + secrets.secret_key_base = "known key base" + + # Enable AEAD cookies + config.action_dispatch.use_authenticated_cookie_encryption = true RUBY require "#{app_path}/config/environment" @@ -279,9 +354,9 @@ module ApplicationTests get "/foo/read_encrypted_cookie" assert_equal "2", last_response.body - secret = app.key_generator.generate_key("encrypted cookie") - sign_secret = app.key_generator.generate_key("signed encrypted cookie") - encryptor = ActiveSupport::MessageEncryptor.new(secret[0, ActiveSupport::MessageEncryptor.key_len], sign_secret) + cipher = "aes-256-gcm" + secret = app.key_generator.generate_key("authenticated encrypted cookie") + encryptor = ActiveSupport::MessageEncryptor.new(secret[0, ActiveSupport::MessageEncryptor.key_len(cipher)], cipher: cipher) get "/foo/read_raw_cookie" assert_equal 2, encryptor.decrypt_and_verify(last_response.body)["foo"] -- cgit v1.2.3 From 40bdbce191ad90dfea43dad51fac5c4726b89392 Mon Sep 17 00:00:00 2001 From: bogdanvlviv Date: Mon, 15 May 2017 14:17:28 +0000 Subject: Define path with __dir__ ".. with __dir__ we can restore order in the Universe." - by @fxn Related to 5b8738c2df003a96f0e490c43559747618d10f5f --- railties/test/application/test_runner_test.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'railties/test/application') diff --git a/railties/test/application/test_runner_test.rb b/railties/test/application/test_runner_test.rb index 23b259b503..8e0712fca2 100644 --- a/railties/test/application/test_runner_test.rb +++ b/railties/test/application/test_runner_test.rb @@ -469,7 +469,7 @@ module ApplicationTests def test_run_app_without_rails_loaded # Simulate a real Rails app boot. app_file "config/boot.rb", <<-RUBY - ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile', __FILE__) + ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../Gemfile', __dir__) require 'bundler/setup' # Set up gems listed in the Gemfile. RUBY -- cgit v1.2.3 From 24a864437e845febe91e3646ca008e8dc7f76b56 Mon Sep 17 00:00:00 2001 From: David Heinemeier Hansson Date: Fri, 26 May 2017 20:00:27 +0200 Subject: ActiveSupport::CurrentAttributes provides a thread-isolated attributes singleton (#29180) * Add ActiveSupport::CurrentAttributes to provide a thread-isolated attributes singleton * Need to require first * Move stubs into test namespace. Thus they won't conflict with other Current and Person stubs. * End of the line for you, whitespace! * Support super in attribute methods. Define instance level accessors in an included module such that `super` in an overriden accessor works, akin to Active Model. * Spare users the manual require. Follow the example of concerns, autoload in the top level Active Support file. * Add bidelegation support * Rename #expose to #set. Simpler, clearer * Automatically reset every instance. Skips the need for users to actively embed something that resets their CurrentAttributes instances. * Fix test name; add tangible name value when blank. * Try to ensure we run after a request as well. * Delegate all missing methods to the instance This allows regular `delegate` to serve, so we don't need bidelegate. * Properly test resetting after execution cycle. Also remove the stale puts debugging. * Update documentation to match new autoreset --- .../current_attributes_integration_test.rb | 88 ++++++++++++++++++++++ 1 file changed, 88 insertions(+) create mode 100644 railties/test/application/current_attributes_integration_test.rb (limited to 'railties/test/application') diff --git a/railties/test/application/current_attributes_integration_test.rb b/railties/test/application/current_attributes_integration_test.rb new file mode 100644 index 0000000000..eea2a791a2 --- /dev/null +++ b/railties/test/application/current_attributes_integration_test.rb @@ -0,0 +1,88 @@ +require "isolation/abstract_unit" +require "rack/test" + +class CurrentAttributesIntegrationTest < ActiveSupport::TestCase + include ActiveSupport::Testing::Isolation + include Rack::Test::Methods + + setup do + build_app + + app_file "app/services/current.rb", <<-RUBY + class Current < ActiveSupport::CurrentAttributes + attribute :customer + + resets { Time.zone = "UTC" } + + def customer=(customer) + super + Time.zone = customer.try(:time_zone) + end + end + RUBY + + app_file "app/models/customer.rb", <<-RUBY + class Customer < Struct.new(:name) + def time_zone + "Copenhagen" + end + end + RUBY + + app_file "config/routes.rb", <<-RUBY + Rails.application.routes.draw do + get "/customers/:action", controller: :customers + end + RUBY + + app_file "app/controllers/customers_controller.rb", <<-RUBY + class CustomersController < ApplicationController + def set_current_customer + Current.customer = Customer.new("david") + render :index + end + + def set_no_customer + render :index + end + end + RUBY + + app_file "app/views/customers/index.html.erb", <<-RUBY + <%= Current.customer.try(:name) || 'noone' %>,<%= Time.zone.name %> + RUBY + + app_file "app/executor_intercept.rb", <<-RUBY + check_state = -> { puts [ Current.customer.try(:name) || "noone", Time.zone.name ].join(",") } + + check_state.call + + Rails.application.executor.wrap do + Current.customer = Customer.new("david") + check_state.call + end + + check_state.call + RUBY + + require "#{app_path}/config/environment" + end + + teardown :teardown_app + + test "current customer is assigned and cleared" do + get "/customers/set_current_customer" + assert_equal 200, last_response.status + assert_match(/david,Copenhagen/, last_response.body) + + get "/customers/set_no_customer" + assert_equal 200, last_response.status + assert_match(/noone,UTC/, last_response.body) + end + + test "resets after execution" do + Dir.chdir(app_path) do + assert_equal "noone,UTC\ndavid,Copenhagen\nnoone,UTC\n", `bin/rails runner app/executor_intercept.rb` + end + end +end -- cgit v1.2.3 From 9dc1871acb467abb18ba4e452d2a7c8039799bcd Mon Sep 17 00:00:00 2001 From: Kasper Timm Hansen Date: Sat, 27 May 2017 14:34:13 +0200 Subject: Use models to match the docs. --- railties/test/application/current_attributes_integration_test.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'railties/test/application') diff --git a/railties/test/application/current_attributes_integration_test.rb b/railties/test/application/current_attributes_integration_test.rb index eea2a791a2..b6659f296a 100644 --- a/railties/test/application/current_attributes_integration_test.rb +++ b/railties/test/application/current_attributes_integration_test.rb @@ -8,7 +8,7 @@ class CurrentAttributesIntegrationTest < ActiveSupport::TestCase setup do build_app - app_file "app/services/current.rb", <<-RUBY + app_file "app/models/current.rb", <<-RUBY class Current < ActiveSupport::CurrentAttributes attribute :customer -- cgit v1.2.3 From 96be81303e2f5d19c1246ca0fdc4d0029b0b4a8f Mon Sep 17 00:00:00 2001 From: Kasper Timm Hansen Date: Sun, 28 May 2017 10:19:32 +0200 Subject: Make reset execution assertions easier to read. The app is booted by then, so there's no need to stash the code away in some other script. --- .../current_attributes_integration_test.rb | 26 +++++++++------------- 1 file changed, 11 insertions(+), 15 deletions(-) (limited to 'railties/test/application') diff --git a/railties/test/application/current_attributes_integration_test.rb b/railties/test/application/current_attributes_integration_test.rb index b6659f296a..5653ec0be1 100644 --- a/railties/test/application/current_attributes_integration_test.rb +++ b/railties/test/application/current_attributes_integration_test.rb @@ -52,19 +52,6 @@ class CurrentAttributesIntegrationTest < ActiveSupport::TestCase <%= Current.customer.try(:name) || 'noone' %>,<%= Time.zone.name %> RUBY - app_file "app/executor_intercept.rb", <<-RUBY - check_state = -> { puts [ Current.customer.try(:name) || "noone", Time.zone.name ].join(",") } - - check_state.call - - Rails.application.executor.wrap do - Current.customer = Customer.new("david") - check_state.call - end - - check_state.call - RUBY - require "#{app_path}/config/environment" end @@ -81,8 +68,17 @@ class CurrentAttributesIntegrationTest < ActiveSupport::TestCase end test "resets after execution" do - Dir.chdir(app_path) do - assert_equal "noone,UTC\ndavid,Copenhagen\nnoone,UTC\n", `bin/rails runner app/executor_intercept.rb` + assert_nil Current.customer + assert_equal "UTC", Time.zone.name + + Rails.application.executor.wrap do + Current.customer = Customer.new("david") + + assert_equal "david", Current.customer.name + assert_equal "Copenhagen", Time.zone.name end + + assert_nil Current.customer + assert_equal "UTC", Time.zone.name end end -- cgit v1.2.3