aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/test/controller/force_ssl_test.rb
blob: 6758668b7a726ac8bdcb2e03663e848ef7620574 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
require 'abstract_unit'

class ForceSSLController < ActionController::Base
  def banana
    render :text => "monkey"
  end

  def cheeseburger
    render :text => "sikachu"
  end
end

class ForceSSLControllerLevel < ForceSSLController
  force_ssl
end

class ForceSSLCustomDomain < ForceSSLController
  force_ssl :host => "secure.test.host"
end

class ForceSSLOnlyAction < ForceSSLController
  force_ssl :only => :cheeseburger
end

class ForceSSLExceptAction < ForceSSLController
  force_ssl :except => :banana
end

class ForceSSLIfCondition < ForceSSLController
  force_ssl :if => :use_force_ssl?

  def use_force_ssl?
    action_name == 'cheeseburger'
  end
end

class ForceSSLFlash < ForceSSLController
  force_ssl :except => [:banana, :set_flash, :use_flash]

  def set_flash
    flash["that"] = "hello"
    redirect_to '/force_ssl_flash/cheeseburger'
  end

  def use_flash
    @flash_copy = {}.update flash
    @flashy = flash["that"]
    render :inline => "hello"
  end
end

class RedirectToSSL < ForceSSLController
  def banana
    force_ssl_redirect || render(:text => 'monkey')
  end
  def cheeseburger
    force_ssl_redirect('secure.cheeseburger.host') || render(:text => 'ihaz')
  end
end

class ForceSSLControllerLevelTest < ActionController::TestCase
  tests ForceSSLControllerLevel

  def test_banana_redirects_to_https
    get :banana
    assert_response 301
    assert_equal "https://test.host/force_ssl_controller_level/banana", redirect_to_url
  end

  def test_banana_redirects_to_https_with_extra_params
    get :banana, :token => "secret"
    assert_response 301
    assert_equal "https://test.host/force_ssl_controller_level/banana?token=secret", redirect_to_url
  end

  def test_cheeseburger_redirects_to_https
    get :cheeseburger
    assert_response 301
    assert_equal "https://test.host/force_ssl_controller_level/cheeseburger", redirect_to_url
  end
end

class ForceSSLCustomDomainTest < ActionController::TestCase
  tests ForceSSLCustomDomain

  def test_banana_redirects_to_https_with_custom_host
    get :banana
    assert_response 301
    assert_equal "https://secure.test.host/force_ssl_custom_domain/banana", redirect_to_url
  end

  def test_cheeseburger_redirects_to_https_with_custom_host
    get :cheeseburger
    assert_response 301
    assert_equal "https://secure.test.host/force_ssl_custom_domain/cheeseburger", redirect_to_url
  end
end

class ForceSSLOnlyActionTest < ActionController::TestCase
  tests ForceSSLOnlyAction

  def test_banana_not_redirects_to_https
    get :banana
    assert_response 200
  end

  def test_cheeseburger_redirects_to_https
    get :cheeseburger
    assert_response 301
    assert_equal "https://test.host/force_ssl_only_action/cheeseburger", redirect_to_url
  end
end

class ForceSSLExceptActionTest < ActionController::TestCase
  tests ForceSSLExceptAction

  def test_banana_not_redirects_to_https
    get :banana
    assert_response 200
  end

  def test_cheeseburger_redirects_to_https
    get :cheeseburger
    assert_response 301
    assert_equal "https://test.host/force_ssl_except_action/cheeseburger", redirect_to_url
  end
end

class ForceSSLIfConditionTest < ActionController::TestCase
  tests ForceSSLIfCondition

  def test_banana_not_redirects_to_https
    get :banana
    assert_response 200
  end

  def test_cheeseburger_redirects_to_https
    get :cheeseburger
    assert_response 301
    assert_equal "https://test.host/force_ssl_if_condition/cheeseburger", redirect_to_url
  end
end

class ForceSSLFlashTest < ActionController::TestCase
  tests ForceSSLFlash

  def test_cheeseburger_redirects_to_https
    get :set_flash
    assert_response 302
    assert_equal "http://test.host/force_ssl_flash/cheeseburger", redirect_to_url

    get :cheeseburger
    assert_response 301
    assert_equal "https://test.host/force_ssl_flash/cheeseburger", redirect_to_url

    get :use_flash
    assert_equal "hello", assigns["flash_copy"]["that"]
    assert_equal "hello", assigns["flashy"]
  end
end

class RedirectToSSLTest < ActionController::TestCase
  tests RedirectToSSL
  def test_banana_redirects_to_https_if_not_https
    get :banana
    assert_response 301
    assert_equal "https://test.host/redirect_to_ssl/banana", redirect_to_url
  end

  def test_cheeseburgers_redirects_to_https_with_new_host_if_not_https
    get :cheeseburger
    assert_response 301
    assert_equal "https://secure.cheeseburger.host/redirect_to_ssl/cheeseburger", redirect_to_url
  end

  def test_banana_does_not_redirect_if_already_https
    request.env['HTTPS'] = 'on'
    get :cheeseburger
    assert_response 200
    assert_equal 'ihaz', response.body
  end
end