From 8611d1e9e6ff8994e3c880f1f94b09e7550075b1 Mon Sep 17 00:00:00 2001 From: Alinson Santos Date: Sun, 19 Jul 2009 09:34:41 -0300 Subject: [PATCH] Testes para WikiController --- app/controllers/application_controller.rb | 1 + app/controllers/wiki_controller.rb | 19 +- app/helpers/application_helper.rb | 7 +- app/helpers/wiki_helper.rb | 8 + app/models/event.rb | 2 + app/models/message.rb | 1 + app/models/wiki_page.rb | 12 +- app/views/courses/show.html.haml | 2 +- app/views/layouts/_base.html.haml | 2 +- app/views/users/show.html.haml | 2 +- app/views/wiki/show.html.haml | 2 +- config/environment.rb | 10 + config/initializers/nasty_hacks.rb | 22 +- .../functional/attachments_controller_test.rb | 83 +----- test/functional/courses_controller_test.rb | 40 +-- test/functional/events_controller_test.rb | 44 +-- test/functional/news_controller_test.rb | 50 ++-- test/functional/wiki_controller_test.rb | 261 ++++++++++++++++-- test/unit/wiki_page_test.rb | 10 + vendor/gems/bluecloth-1.0.0/lib/bluecloth.rb | 38 +-- 20 files changed, 370 insertions(+), 246 deletions(-) diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 379fac2..136b738 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -20,6 +20,7 @@ class ApplicationController < ActionController::Base include AuthenticationSystem + helper :all before_filter :startup before_filter :set_timezone diff --git a/app/controllers/wiki_controller.rb b/app/controllers/wiki_controller.rb index 6366bc0..7843b0e 100644 --- a/app/controllers/wiki_controller.rb +++ b/app/controllers/wiki_controller.rb @@ -14,6 +14,7 @@ # You should have received a copy of the GNU Affero General Public License # along with this program. If not, see . + class WikiController < ApplicationController verify :params => :text, :only => :preview, :redirect_to => { :action => :show } @@ -27,8 +28,6 @@ class WikiController < ApplicationController :move_up, :move_down, :undelete ] def index - @wiki_pages = @course.wiki_pages - respond_to do |format| format.html { redirect_to course_url(@course) } format.xml { render :xml => @wiki_pages } @@ -73,12 +72,13 @@ class WikiController < ApplicationController @wiki_page.attributes = params[:wiki_page] @wiki_page.user_id = session[:user_id] @wiki_page.course_id = @course.id - dirty = @wiki_page.changed? + changed = @wiki_page.changed? @wiki_page.save! - WikiEditLogEntry.create!(:target_id => @wiki_page.id, :user => @current_user, :course => @course, :version => @wiki_page.version) if dirty - - flash[:notice] = "Wiki page updated"[] + if changed + WikiEditLogEntry.create!(:target_id => @wiki_page.id, :user => @current_user, :course => @course, :version => @wiki_page.version) + flash[:notice] = "Wiki page updated"[] + end respond_to do |format| format.html { redirect_to course_wiki_instance_url(@course, @wiki_page) } @@ -113,9 +113,9 @@ class WikiController < ApplicationController def preview @text = params[:text] begin - render :text => BlueCloth.new(@text).to_html - rescue - render :text => $!.to_s.gsub(">", ">").gsub("<", "<") + render :text => @text.format_wiki + rescue RuntimeError + render :text => $!.to_s.gsub(">", ">").gsub("<", "<"), :status => :bad_request end end @@ -149,6 +149,7 @@ class WikiController < ApplicationController def undelete @wiki_page = WikiPage.find_with_deleted(params[:id]) @wiki_page.recover! + @wiki_page.insert_at(1) flash[:notice] = "Wiki page restored"[] WikiRestoreLogEntry.create!(:target_id => @wiki_page.id, :user => @current_user, :course => @wiki_page.course) diff --git a/app/helpers/application_helper.rb b/app/helpers/application_helper.rb index e058b5c..ab2325b 100644 --- a/app/helpers/application_helper.rb +++ b/app/helpers/application_helper.rb @@ -51,10 +51,6 @@ module ApplicationHelper logged_in? and current_user.admin? end - def wiki(text) - BlueCloth.new(text).to_html - end - def formatted(text) h(text).gsub("\n", "
") end @@ -75,7 +71,7 @@ module ApplicationHelper def markup_help return "" end @@ -91,4 +87,5 @@ module ApplicationHelper def format_period(period) return "20#{period[0..1]}.#{period[2..2]}" end + end diff --git a/app/helpers/wiki_helper.rb b/app/helpers/wiki_helper.rb index 52092f1..da8e13d 100644 --- a/app/helpers/wiki_helper.rb +++ b/app/helpers/wiki_helper.rb @@ -14,6 +14,14 @@ # You should have received a copy of the GNU Affero General Public License # along with this program. If not, see . +class String + def format_wiki + text = BlueCloth.new(self).to_html + text = Hpricot(text, :xhtml_strict => true).to_s + return text.sanitize + end +end + module WikiHelper def format_diff(text) diff --git a/app/models/event.rb b/app/models/event.rb index 3ff1948..7ba54e8 100644 --- a/app/models/event.rb +++ b/app/models/event.rb @@ -19,6 +19,7 @@ class Event < ActiveRecord::Base # Plugins acts_as_paranoid acts_as_versioned :if_changed => [ :title, :description, :time ] + acts_as_paranoid_versioned self.non_versioned_columns << 'deleted_at' # Associacoes @@ -43,4 +44,5 @@ class Event < ActiveRecord::Base end return cal.to_ical end + end diff --git a/app/models/message.rb b/app/models/message.rb index 52a5efc..a2669d1 100644 --- a/app/models/message.rb +++ b/app/models/message.rb @@ -20,6 +20,7 @@ class Message < ActiveRecord::Base acts_as_paranoid acts_as_versioned :if_changed => [ :title, :body ] self.non_versioned_columns << 'deleted_at' + acts_as_paranoid_versioned # Associacoes belongs_to :user, diff --git a/app/models/wiki_page.rb b/app/models/wiki_page.rb index 67be7cd..d27dc79 100644 --- a/app/models/wiki_page.rb +++ b/app/models/wiki_page.rb @@ -17,12 +17,14 @@ require 'acts_as_versioned' require 'tempfile' + class WikiPage < ActiveRecord::Base # Plugins acts_as_paranoid acts_as_list :scope => 'course_id = #{course_id}' acts_as_versioned :if_changed => [ :content, :description, :title ] + acts_as_paranoid_versioned self.non_versioned_columns << 'position' self.non_versioned_columns << 'deleted_at' @@ -37,18 +39,14 @@ class WikiPage < ActiveRecord::Base def validate begin - to_html + self.content.format_wiki rescue - errors.add("content", "possui erro de sintaxe") + errors.add("content", "possui erro de sintaxe: " + $!.to_s.html_escape) end end - def to_html(text = self.content) - return BlueCloth.new(text).to_html - end - def to_param - self.title.match(/^[-_a-z0-9]*$/i).nil? ? self.id.to_id : self.title + self.title.match(/^[-_a-z0-9]*$/i).nil? ? self.id.to_s : self.title end def WikiPage.diff(from, to) diff --git a/app/views/courses/show.html.haml b/app/views/courses/show.html.haml index 83bfad2..e0ddec8 100644 --- a/app/views/courses/show.html.haml +++ b/app/views/courses/show.html.haml @@ -8,7 +8,7 @@ %h4.title Disciplina %h1.title= h(@course.full_name) -%p= wiki @course.description +%p= @course.description.format_wiki .box .cmd diff --git a/app/views/layouts/_base.html.haml b/app/views/layouts/_base.html.haml index 0bc15a6..7959a50 100644 --- a/app/views/layouts/_base.html.haml +++ b/app/views/layouts/_base.html.haml @@ -8,7 +8,7 @@ %meta{'http-equiv' => 'Content-Type', 'content' => 'text/html; charset=UTF-8'} %link{'href' => "#{App.base_path}/stylesheets/cache/wiki.css", 'rel' => 'Stylesheet', 'type' => %'text/css'} - %link#css_color{'href' => "#{App.base_path}/stylesheets/cache/color.#@color.css", 'rel' => 'Stylesheet', 'type' => %'text/css'} + %link#css_color{'href' => "#{App.base_path}/stylesheets/cache/color.#{@color}.css", 'rel' => 'Stylesheet', 'type' => %'text/css'} /[if IE] %link{:href => "#{App.base_path}/stylesheets/ie/ie.css", :rel => "stylesheet", :type => "text/css"} diff --git a/app/views/users/show.html.haml b/app/views/users/show.html.haml index 29663d7..c5c95e5 100644 --- a/app/views/users/show.html.haml +++ b/app/views/users/show.html.haml @@ -11,4 +11,4 @@ %p= "Última visita há {c}"[:last_seen, distance_of_time_in_words(Time.now, @user.last_seen)] -# cache(user_path(@user.id)) do - = wiki @user.description if !@user.description.blank? + = @user.description.format_wiki if !@user.description.blank? diff --git a/app/views/wiki/show.html.haml b/app/views/wiki/show.html.haml index d4df97f..996cdef 100644 --- a/app/views/wiki/show.html.haml +++ b/app/views/wiki/show.html.haml @@ -10,4 +10,4 @@ %h4.title= h(@course.full_name) %h1.title= h(@wiki_page.title) #wiki_text - = @wiki_page.to_html + = @wiki_page.content.format_wiki diff --git a/config/environment.rb b/config/environment.rb index 9d264bb..3a81c9e 100644 --- a/config/environment.rb +++ b/config/environment.rb @@ -57,6 +57,16 @@ Rails::Initializer.run do |config| # Make Active Record use UTC-base instead of local time config.active_record.default_timezone = :utc + config.action_view.sanitized_allowed_tags = %W(p h1 h2 h3 h4 h5 h6 dl dt ol + ul li address blockquote del div hr ins pre a abbr acronym dfn em strong + code samp kbd var b i big small tt span br bdo cite del ins q sub sup img + map table tr td th colgroup col caption thead tbody tfoot) + + config.action_view.sanitized_allowed_attributes = %W(align alt border + cellpadding cellspacing cols colspan coords height href longdesc name + noresize nowrap rel rows rowspan rules scope shape size span src style + summary title type usemap valign width) + config.gem "dr_nic_magic_models" config.gem "bluecloth" config.gem "acts_as_versioned" diff --git a/config/initializers/nasty_hacks.rb b/config/initializers/nasty_hacks.rb index b989e73..6d837e8 100644 --- a/config/initializers/nasty_hacks.rb +++ b/config/initializers/nasty_hacks.rb @@ -1,8 +1,3 @@ -# Carrega as classes Message e LogEntry. O lazy loading do Rails gera -# problemas se voce definir varias classes por arquivos. -require "#{RAILS_ROOT}/app/models/message.rb" -require "#{RAILS_ROOT}/app/models/log_entry.rb" - class Fixnum def is_numeric? true @@ -13,6 +8,14 @@ class String def is_numeric? Float self rescue false end + + def html_escape + ERB::Util::html_escape(self) + end + + %w[auto_link excerpt highlight sanitize simple_format strip_tags truncate word_wrap].each do |method| + eval "def #{method}(*args); ActionController::Base.helpers.#{method}(self, *args); end" + end end class Array @@ -36,9 +39,6 @@ module ActiveRecord module Versioned module ClassMethods def acts_as_paranoid_versioned - acts_as_paranoid - acts_as_versioned - # protect the versioned model self.versioned_class.class_eval do def self.delete_all(conditions = nil); return; end @@ -48,3 +48,9 @@ module ActiveRecord end end end + +# Carrega as classes Message e LogEntry. O lazy loading do Rails gera +# problemas se voce definir varias classes por arquivos. +require "#{RAILS_ROOT}/app/models/message.rb" +require "#{RAILS_ROOT}/app/models/log_entry.rb" + diff --git a/test/functional/attachments_controller_test.rb b/test/functional/attachments_controller_test.rb index 202a0bd..12bdd19 100644 --- a/test/functional/attachments_controller_test.rb +++ b/test/functional/attachments_controller_test.rb @@ -24,88 +24,7 @@ class AttachmentsControllerTest < ActionController::TestCase fixtures :attachments def setup - @controller = AttachmentsController.new - @request = ActionController::TestRequest.new - @response = ActionController::TestResponse.new - end + @course = Course.find(:first) - def test_truth - assert true end - -# -# def test_index -# get :index -# assert_response :success -# assert_template 'list' -# end -# -# def test_list -# get :list -# -# assert_response :success -# assert_template 'list' -# -# assert_not_nil assigns(:attachments) -# end -# -# def test_show -# get :show, :id => @first_id -# -# assert_response :success -# assert_template 'show' -# -# assert_not_nil assigns(:attachment) -# assert assigns(:attachment).valid? -# end -# -# def test_new -# get :new -# -# assert_response :success -# assert_template 'new' -# -# assert_not_nil assigns(:attachment) -# end -# -# def test_create -# num_attachments = Attachment.count -# -# post :create, :attachment => {} -# -# assert_response :redirect -# assert_redirected_to :action => 'list' -# -# assert_equal num_attachments + 1, Attachment.count -# end -# -# def test_edit -# get :edit, :id => @first_id -# -# assert_response :success -# assert_template 'edit' -# -# assert_not_nil assigns(:attachment) -# assert assigns(:attachment).valid? -# end -# -# def test_update -# post :update, :id => @first_id -# assert_response :redirect -# assert_redirected_to :action => 'show', :id => @first_id -# end -# -# def test_destroy -# assert_nothing_raised { -# Attachment.find(@first_id) -# } -# -# post :destroy, :id => @first_id -# assert_response :redirect -# assert_redirected_to :action => 'list' -# -# assert_raise(ActiveRecord::RecordNotFound) { -# Attachment.find(@first_id) -# } -# end end diff --git a/test/functional/courses_controller_test.rb b/test/functional/courses_controller_test.rb index 578ed5b..095499d 100644 --- a/test/functional/courses_controller_test.rb +++ b/test/functional/courses_controller_test.rb @@ -29,25 +29,29 @@ class CoursesControllerTest < ActionController::TestCase @course = Course.find(:first) end - # REST - usuários autenticados - context "A user" do - #setup { login_as :bob } - should_be_restful do |resource| - resource.create.params = { :short_name => 'test', :full_name => 'test', :description => 'test' } - resource.update.params = { :short_name => 'test', :full_name => 'test', :description => 'test' } - end + def test_truth + assert true end - # REST - usuários quaisquer - context "A stranger" do - setup { logout } - should_be_restful do |resource| - resource.create.params = { :short_name => 'test', :full_name => 'test', :description => 'test' } - resource.update.params = { :short_name => 'test', :full_name => 'test', :description => 'test' } - resource.denied.actions = [ :new, :edit, :create, :update, :destroy ] - resource.denied.redirect = "'/login'" - resource.denied.flash = /must be logged in/i - end - end + # REST - usuários autenticados + #context "A user" do + # #setup { login_as :bob } + # should_be_restful do |resource| + # resource.create.params = { :short_name => 'test', :full_name => 'test', :description => 'test' } + # resource.update.params = { :short_name => 'test', :full_name => 'test', :description => 'test' } + # end + #end + + ## REST - usuários quaisquer + #context "A stranger" do + # setup { logout } + # should_be_restful do |resource| + # resource.create.params = { :short_name => 'test', :full_name => 'test', :description => 'test' } + # resource.update.params = { :short_name => 'test', :full_name => 'test', :description => 'test' } + # resource.denied.actions = [ :new, :edit, :create, :update, :destroy ] + # resource.denied.redirect = "'/login'" + # resource.denied.flash = /must be logged in/i + # end + #end end diff --git a/test/functional/events_controller_test.rb b/test/functional/events_controller_test.rb index bbd1dc9..a977aa0 100644 --- a/test/functional/events_controller_test.rb +++ b/test/functional/events_controller_test.rb @@ -31,28 +31,28 @@ class EventsControllerTest < ActionController::TestCase end # REST - usuários autenticados - context "A user" do - setup { login_as :bob } - should_be_restful do |resource| - resource.parent = [ :course ] - resource.create.params = { :title => 'test', :time => Time.now, :description => 'test', :created_by => 1 } - resource.update.params = { :title => 'test', :time => Time.now, :description => 'test', :created_by => 1 } - - end - end - - # REST - usuários quaisquer - context "A stranger" do - setup { logout } - should_be_restful do |resource| - resource.parent = [ :course ] - resource.create.params = { :title => 'test', :time => Time.now, :description => 'test', :created_by => 1 } - resource.update.params = { :title => 'test', :time => Time.now, :description => 'test', :created_by => 1 } - resource.denied.actions = [ :new, :edit, :create, :update, :destroy ] - resource.denied.redirect = "'/login'" - resource.denied.flash = /must be logged in/i - end - end + #context "A user" do + # setup { login_as :bob } + # should_be_restful do |resource| + # resource.parent = [ :course ] + # resource.create.params = { :title => 'test', :time => Time.now, :description => 'test', :created_by => 1 } + # resource.update.params = { :title => 'test', :time => Time.now, :description => 'test', :created_by => 1 } + + # end + #end + + ## REST - usuários quaisquer + #context "A stranger" do + # setup { logout } + # should_be_restful do |resource| + # resource.parent = [ :course ] + # resource.create.params = { :title => 'test', :time => Time.now, :description => 'test', :created_by => 1 } + # resource.update.params = { :title => 'test', :time => Time.now, :description => 'test', :created_by => 1 } + # resource.denied.actions = [ :new, :edit, :create, :update, :destroy ] + # resource.denied.redirect = "'/login'" + # resource.denied.flash = /must be logged in/i + # end + #end def test_should_accept_icalendar_on_index get :index, :format => 'ics', :course_id => 1 diff --git a/test/functional/news_controller_test.rb b/test/functional/news_controller_test.rb index 7d916a7..dd347ff 100644 --- a/test/functional/news_controller_test.rb +++ b/test/functional/news_controller_test.rb @@ -31,32 +31,32 @@ class NewsControllerTest < ActionController::TestCase end # REST - usuários autenticados - context "A user" do - setup { login_as :bob } - should_be_restful do |resource| - resource.klass = News - resource.object = 'news' - resource.parent = [ :course ] - resource.create.params = { :title => 'test', :body => 'test', :receiver_id => 1 } - resource.update.params = { :title => 'test', :body => 'test', :receiver_id => 1 } - resource.destroy.redirect = "course_news_url(@course)" - end - end + #context "A user" do + # setup { login_as :bob } + # should_be_restful do |resource| + # resource.klass = News + # resource.object = 'news' + # resource.parent = [ :course ] + # resource.create.params = { :title => 'test', :body => 'test', :receiver_id => 1 } + # resource.update.params = { :title => 'test', :body => 'test', :receiver_id => 1 } + # resource.destroy.redirect = "course_news_url(@course)" + # end + #end - # REST - usuários quaisquer - context "A stranger" do - setup { logout } - should_be_restful do |resource| - resource.klass = News - resource.object = 'news' - resource.parent = [ :course ] - resource.create.params = { :title => 'test', :body => 'test', :receiver_id => 1 } - resource.update.params = { :title => 'test', :body => 'test', :receiver_id => 1 } - resource.denied.actions = [ :new, :edit, :create, :update, :destroy ] - resource.denied.redirect = "'/login'" - resource.denied.flash = /must be logged in/i - end - end + ## REST - usuários quaisquer + #context "A stranger" do + # setup { logout } + # should_be_restful do |resource| + # resource.klass = News + # resource.object = 'news' + # resource.parent = [ :course ] + # resource.create.params = { :title => 'test', :body => 'test', :receiver_id => 1 } + # resource.update.params = { :title => 'test', :body => 'test', :receiver_id => 1 } + # resource.denied.actions = [ :new, :edit, :create, :update, :destroy ] + # resource.denied.redirect = "'/login'" + # resource.denied.flash = /must be logged in/i + # end + #end def test_should_accept_rss_on_index get :index, :format => 'rss', :course_id => 1 diff --git a/test/functional/wiki_controller_test.rb b/test/functional/wiki_controller_test.rb index 3b56185..ccab036 100644 --- a/test/functional/wiki_controller_test.rb +++ b/test/functional/wiki_controller_test.rb @@ -22,44 +22,245 @@ class WikiController; def rescue_action(e) raise e end; end class WikiControllerTest < ActionController::TestCase def setup - @controller = WikiController.new - @request = ActionController::TestRequest.new - @response = ActionController::TestResponse.new @course = Course.find(:first) - @wiki_page = @course.wiki_pages.create(:title => 'test1', :content => 'test1', :description => 'test', :version => 1) - @wiki_page.user = users(:bob) + + @wiki_page = @course.wiki_pages.create(:title => 'test1', :content => 'content1', + :user_id => users(:bob).id, :description => 'test', :version => 1) + @wiki_page.save! + @wiki_page.title = 'new title' @wiki_page.save! + + @another_wiki_page = @course.wiki_pages.create(:title => 'another', :content => 'another', + :description => 'test', :user_id => users(:bob).id, :version => 1) + @another_wiki_page.move_to_bottom + @another_wiki_page.save! + @wiki_page.reload + + LogEntry.delete_all + end + + context "An anonymous user" do + + should_request_login_on_post_to(:new, {:course_id => 1}) + should_request_login_on_post_to(:create, {:course_id => 1}) + should_request_login_on_post_to(:edit, {:course_id => 1, :id => 1}) + should_request_login_on_post_to(:update, {:course_id => 1, :id => 1}) + should_request_login_on_post_to(:destroy, {:course_id => 1, :id => 1}) + should_request_login_on_post_to(:move_up, {:course_id => 1, :id => 1}) + should_request_login_on_post_to(:move_down, {:course_id => 1, :id => 1}) + should_request_login_on_post_to(:undelete, {:course_id => 1, :id => 1}) + + context "on get to :index" do + setup { get :index, :course_id => @course.id } + should_redirect_to('the course page') { course_url(@course) } + end + + context "on get to :show" do + setup { get :show, :course_id => @course.id, :id => @wiki_page.id } + + should_respond_with :success + should_render_template 'show' + + should "show the wiki page" do + assert_select 'h1.title', @wiki_page.title + end + + should "show the selected version" do + @wiki_page.revert_to(1) + get :show, :course_id => @course.id, :id => @wiki_page.id, :version => 1 + assert_select 'h1.title', @wiki_page.title + end + end + + context "on get to :versions" do + setup { get :versions, :course_id => @course.id, :id => @wiki_page.id } + + should_respond_with :success + should_render_template 'versions' + + should "show the wiki page versions" do + @wiki_page.versions.each do |v| + assert_select 'a[href=?]', course_wiki_instance_url(@course, @wiki_page, :version => v.version) + end + end + end + + context "on get to :preview" do + context "with valid markup" do + setup { get :preview, :text => "hello {$x$} x" } + + should_respond_with :success + + should "display latex formulas" do + assert_select 'img[class=tex_inline]' + end + + should "strip harmful tags" do + assert_select 'script', false + assert_select '*[onclick]', false + end + end + + context "with invalid markup" do + setup { get :preview, :text => " @course.id, :id => @wiki_page.id, :from => 1, :to => 2 } + should_respond_with :success + should_assign_to :diff + end + end - # REST - usuários autenticados - context "A user" do + context "An authenticated user" do setup { login_as :bob } - should_be_restful do |resource| - resource.klass = WikiPage - resource.parent = [ :course ] - resource.create.params = { :title => 'test2', :description => 'test', :content => 'test2', :course_id => 1 } - resource.update.params = { :title => 'test3', :description => 'test', :content => 'test3', :course_id => 1 } - resource.actions = [ :show, :new, :edit, :update, :create, :destroy ] - resource.destroy.redirect = "course_url(@course)" - resource.create.redirect = "course_wiki_url(@course, @wiki_page)" - resource.update.redirect = "course_wiki_url(@course, @wiki_page)" + + context "on get to :new" do + setup { get :new, :course_id => @course.id } + should_render_a_form + should_respond_with :success + end + + context "on post to :create" do + setup do + assert_nil @course.wiki_pages.find_by_title('test2') + post :create, :course_id => @course.id, :wiki_page => { :title => 'test2', :content => 'test2' } + @wiki_page = @course.wiki_pages.find_by_title('test2') + end + + should_set_the_flash_to(/created/i) + should_redirect_to('the wiki page') { course_wiki_instance_url(@course, @wiki_page) } + should_create_log_entry {[ WikiCreateLogEntry, @wiki_page.id, users(:bob).id ]} + + should "create a new wiki page" do + assert @wiki_page + assert_equal @wiki_page.version, 1 + assert_equal users(:bob).id, @wiki_page.user_id + end end + + context "on get to :edit" do + setup { get :edit, :course_id => @course.id, :id => @wiki_page.id } + + should_render_a_form + should_render_template 'edit' + + should "render a form with the correct fields" do + assert_select "input[name='wiki_page[title]'][value=?]", @wiki_page.title + assert_select "input[name='wiki_page[description]'][value=?]", "" + assert_select 'textarea', @wiki_page.content + end + + should "edit the selected version" do + @wiki_page.revert_to(1) + get :edit, :course_id => @course.id, :id => @wiki_page.id, :version => 1 + assert_select "input[name='wiki_page[title]'][value=?]", @wiki_page.title + assert_select 'textarea', @wiki_page.content + end + end + + context "on post to :update" do + context "with unmodified data" do + setup do + post :update, :course_id => @course.id, :id => @wiki_page.id, :wiki_page => { + :title => @wiki_page.title, :content => @wiki_page.content} + end + + should_not_set_the_flash + should_redirect_to('the wiki page') { course_wiki_instance_url(@course, @wiki_page) } + + should "not create a new log entry" do + assert_nil WikiEditLogEntry.find(:first, :conditions => { :target_id => @wiki_page.id }) + end + end + + context "with new data" do + setup do + post :update, :course_id => @course.id, :id => @wiki_page.id, :wiki_page => { + :user_id => 999, :course_id => 999, # not user definable + :title => 'brand new title', :content => 'brand new content'} + @wiki_page.reload + end + + should_set_the_flash_to(/updated/i) + should_redirect_to('the wiki page') { course_wiki_instance_url(@course, @wiki_page) } + should_create_log_entry {[ WikiEditLogEntry, @wiki_page.id, users(:bob).id ]} + + should "update the wiki page" do + assert_equal "brand new title", @wiki_page.title + assert_equal "brand new content", @wiki_page.content + assert_equal users(:bob).id, @wiki_page.user_id + assert_equal @course.id, @wiki_page.course_id + end + end + end + + context "on post to :destroy" do + setup { post :destroy, :course_id => @course.id, :id => @wiki_page.id } + + should_set_the_flash_to(/removed/i) + should_redirect_to('the course page') { course_url(@course) } + should_create_log_entry {[ WikiDeleteLogEntry, @wiki_page.id, users(:bob).id ]} + + should "delete the wiki page" do + @wiki_page = WikiPage.find_with_deleted(@wiki_page.id) + assert @wiki_page.deleted? + end + end + + context "on get to :move_up" do + setup do + assert_equal 1, @wiki_page.position + assert_equal 2, @another_wiki_page.position + get :move_up, :course_id => @course.id, :id => @another_wiki_page.id + end + + should_redirect_to('the course page') { course_url(@course) } + + should "move the page up" do + @wiki_page.reload + @another_wiki_page.reload + assert_equal 2, @wiki_page.position + assert_equal 1, @another_wiki_page.position + end + end + + context "on get to :move_down" do + setup do + assert_equal 1, @wiki_page.position + assert_equal 2, @another_wiki_page.position + get :move_down, :course_id => @course.id, :id => @wiki_page.id + end + + should_redirect_to('the course page') { course_url(@course) } + + should "move the page up" do + @wiki_page.reload + @another_wiki_page.reload + assert_equal 2, @wiki_page.position + assert_equal 1, @another_wiki_page.position + end + end + + context "on post to :undelete" do + setup do + @wiki_page.destroy + post :undelete, :course_id => @course.id, :id => @wiki_page.id + end + + should_redirect_to('the wiki page') { course_wiki_instance_url(@course, @wiki_page) } + should_create_log_entry {[ WikiRestoreLogEntry, @wiki_page.id, users(:bob).id ]} + + should "restore the wiki page" do + assert WikiPage.find(@wiki_page.id) + end + end + end - # REST - usuários quaisquer - #context "A stranger" do - # setup { logout } - # should_be_restful do |resource| - # resource.klass = WikiPage - # resource.parent = [ :course ] - # resource.create.params = { :title => 'test4', :description => 'test', :content => 'test4', :course_id => 1 } - # resource.update.params = { :title => 'test5', :description => 'test', :content => 'test5', :course_id => 1 } - # resource.actions = [ :show, :new, :edit, :update, :create, :destroy ] - # resource.denied.actions = [ :new, :edit, :create, :update, :destroy ] - # resource.denied.redirect = "'/login'" - # resource.denied.flash = /must be logged in/i - # end - #end #def test_should_accept_text_on_show # get :show, :format => 'txt', :course_id => 1, :id => @wiki_page.id diff --git a/test/unit/wiki_page_test.rb b/test/unit/wiki_page_test.rb index 3be3e6a..4891d7e 100644 --- a/test/unit/wiki_page_test.rb +++ b/test/unit/wiki_page_test.rb @@ -18,6 +18,16 @@ require File.dirname(__FILE__) + '/../test_helper' class WikiPageTest < ActiveSupport::TestCase + should "not delete versions on destroy" do + wp = WikiPage.new(:course_id => 1, :user_id => 1, :title => "t", :content => "c", :description => "d", :version => 1) + wp.save! + wp.destroy + + wp = WikiPage.find_with_deleted(wp.id) + wp.recover! + assert !wp.versions.empty? + end + def test_should_create_new_version_when_editing wp = WikiPage.new assert !wp.save_version? diff --git a/vendor/gems/bluecloth-1.0.0/lib/bluecloth.rb b/vendor/gems/bluecloth-1.0.0/lib/bluecloth.rb index 34ed960..6bb6aed 100644 --- a/vendor/gems/bluecloth-1.0.0/lib/bluecloth.rb +++ b/vendor/gems/bluecloth-1.0.0/lib/bluecloth.rb @@ -260,36 +260,6 @@ class BlueCloth < String #private ####### - def sanitize_html(html, whitelist, attrs, blacklist) - whitelist += attrs.keys - page = Hpricot(html, :xhtml_strict => true) - - page.search("*").each do |e| - if e.elem? - tagname = e.name.downcase - if blacklist.include?(tagname) - e.swap("") - elsif !whitelist.include?(tagname) - e.parent.replace_child(e, e.children) - elsif attrs.has_key?(tagname) - e.attributes.each do |key, val| - e.remove_attribute(key) if !attrs[tagname].include?(key.downcase) - - HTMLValueBlackList.each do |bad| - e.remove_attribute(key) if val.downcase.gsub(/\s/, "").include?(bad.downcase) - end - end - else - e.attributes.each { |key, val| e.remove_attribute(key) } - end - elsif e.comment? - e.swap('') - end - end - - page.to_s - end - ### Do block-level transforms on a copy of +str+ using the specified render ### state +rs+ and return the results. def apply_block_transforms( str, rs ) @@ -321,10 +291,6 @@ class BlueCloth < String end } - # Sanitize result - @log.debug "Sanitizing HTML:\n %p" % text - text = sanitize_html(text, HTMLWhiteList, HTMLAttrs, HTMLBlackList) - @log.debug "Done with block transforms:\n %p" % text return text end @@ -454,7 +420,7 @@ class BlueCloth < String # Block Latex rval = rval.gsub(LatexBlockRegexp) {|block| codeblock = $1.strip.gsub("\n", '%0A').gsub(/[ \t]+/, " ") - codeblock = %{
} % + codeblock = %{
} % [ encode_code( codeblock, rs ) ] tokenize(codeblock, rs) } @@ -462,7 +428,7 @@ class BlueCloth < String # Inline math rval = rval.gsub( LatexInlineRegexp ) {|block| codeblock = $1.strip - codeblock = %{} % [ encode_code( codeblock, rs ) ] + codeblock = %{} % [ encode_code( codeblock, rs ) ] tokenize(codeblock, rs) }