forme 2.1.0 → 2.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG +10 -0
- data/README.rdoc +3 -3
- data/lib/forme/bs3.rb +7 -7
- data/lib/forme/form.rb +2 -0
- data/lib/forme/transformers/error_handler.rb +10 -10
- data/lib/forme/transformers/formatter.rb +32 -34
- data/lib/forme/version.rb +1 -1
- data/lib/sequel/plugins/forme.rb +8 -6
- data/lib/sequel/plugins/forme_set.rb +2 -4
- data/spec/bs3_reference_spec.rb +288 -311
- data/spec/bs3_sequel_plugin_spec.rb +152 -152
- data/spec/bs3_spec.rb +234 -205
- data/spec/forme_coverage.rb +1 -0
- data/spec/forme_spec.rb +429 -353
- data/spec/rails_integration_spec.rb +13 -1
- data/spec/roda_integration_spec.rb +20 -2
- data/spec/sequel_helper.rb +3 -1
- data/spec/sequel_i18n_plugin_spec.rb +4 -4
- data/spec/sequel_plugin_spec.rb +252 -149
- data/spec/sequel_set_plugin_spec.rb +6 -0
- data/spec/shared_erb_specs.rb +1 -1
- data/spec/sinatra_integration_spec.rb +26 -0
- metadata +2 -2
@@ -23,7 +23,7 @@ begin
|
|
23
23
|
|
24
24
|
class FormeRails < Rails::Application
|
25
25
|
routes.append do
|
26
|
-
%w'index inputs_block inputs_block_wrapper nest nest_sep nest_inputs nest_seq hash legend combined noblock noblock_post safe_buffer'.each do |action|
|
26
|
+
%w'index inputs_block inputs_block_wrapper nest nest_sep nest_inputs nest_seq hash legend combined noblock noblock_post safe_buffer no_forgery_protection'.each do |action|
|
27
27
|
get action, :controller=>'forme', :action=>action
|
28
28
|
end
|
29
29
|
end
|
@@ -57,6 +57,14 @@ class FormeController < ActionController::Base
|
|
57
57
|
END
|
58
58
|
end
|
59
59
|
|
60
|
+
def no_forgery_protection
|
61
|
+
def self.protect_against_forgery?; false end
|
62
|
+
render :inline => <<END
|
63
|
+
<%= forme(:method=>'POST') do |f| %>
|
64
|
+
<% end %>
|
65
|
+
END
|
66
|
+
end
|
67
|
+
|
60
68
|
def inputs_block
|
61
69
|
render :inline => <<END
|
62
70
|
<%= forme([:foo, :bar], :action=>'/baz') do |f| %>
|
@@ -270,5 +278,9 @@ describe "Forme Rails integration" do
|
|
270
278
|
it "#form should handle Rails SafeBuffers" do
|
271
279
|
sin_get('/safe_buffer').must_equal '<form action="/baz"><fieldset class="inputs"><legend><b>foo</b></legend><input id="first" name="first" type="text" value="foo"/></fieldset><input type="submit" value="xyz"/></form>'
|
272
280
|
end
|
281
|
+
|
282
|
+
it "#form should handle case where forgery protection is disabled" do
|
283
|
+
sin_get('/no_forgery_protection').must_equal '<form method="POST"> </form>'
|
284
|
+
end
|
273
285
|
end
|
274
286
|
end
|
@@ -172,8 +172,9 @@ end if defined?(ERUBI_CAPTURE_BLOCK)
|
|
172
172
|
def _forme_set(meth, obj, orig_hash, *form_args, &block)
|
173
173
|
hash = {}
|
174
174
|
forme_set_block = orig_hash.delete(:forme_set_block)
|
175
|
+
handle_params = hash.delete(:handle_params)
|
175
176
|
orig_hash.each{|k,v| hash[k.to_s] = v}
|
176
|
-
album =
|
177
|
+
album = obj
|
177
178
|
ret, _, data, hmac = nil
|
178
179
|
|
179
180
|
@app.route do |r|
|
@@ -196,8 +197,9 @@ end if defined?(ERUBI_CAPTURE_BLOCK)
|
|
196
197
|
data = $2
|
197
198
|
hmac = $3
|
198
199
|
data.gsub!(""", '"') if data
|
199
|
-
h = {"album"=>hash, "_forme_set_data"=>data, "_forme_set_data_hmac"=>hmac, "_csrf"=>csrf}
|
200
|
+
h = {"album"=>hash, "_forme_set_data"=>data, "_forme_set_data_hmac"=>hmac, "_csrf"=>csrf, "body"=>body}
|
200
201
|
if data && hmac
|
202
|
+
h = handle_params.call(h) if handle_params
|
201
203
|
forme_call(h)
|
202
204
|
end
|
203
205
|
meth == :forme_parse ? ret : h
|
@@ -244,6 +246,18 @@ END
|
|
244
246
|
@ab.copies_sold.must_be_nil
|
245
247
|
end
|
246
248
|
|
249
|
+
it "#forme_set handle missing csrf" do
|
250
|
+
h = forme_set(@ab, :name=>'Foo'){|f| f.input(:name)}
|
251
|
+
@ab.name = nil
|
252
|
+
data = JSON.parse(h["_forme_set_data"])
|
253
|
+
data.delete('csrf')
|
254
|
+
data = data.to_json
|
255
|
+
hmac = OpenSSL::HMAC.hexdigest(OpenSSL::Digest::SHA512.new, '1'*64, data)
|
256
|
+
forme_call(h.merge("_forme_set_data_hmac"=>hmac, "_forme_set_data"=>data))
|
257
|
+
@ab.name.must_equal 'Foo'
|
258
|
+
@ab.copies_sold.must_be_nil
|
259
|
+
end
|
260
|
+
|
247
261
|
it "#forme_set should handle custom form namespaces" do
|
248
262
|
forme_set(@ab, {"album"=>{"name"=>'Foo', 'copies_sold'=>'100'}}, {}, :namespace=>'album'){|f| f.input(:name); f.input(:copies_sold)}
|
249
263
|
@ab.name.must_equal 'Foo'
|
@@ -517,6 +531,10 @@ END
|
|
517
531
|
@ab.forme_validations.merge!(hash[:validations])
|
518
532
|
@ab.valid?.must_equal true
|
519
533
|
end
|
534
|
+
|
535
|
+
it "should handle forms with objects that don't support forme_inputs" do
|
536
|
+
forme_set(String, {:name=>'Foo'}, {}, :inputs=>[:name])['body'].must_equal '<form><fieldset class="inputs"><input id="name" name="name" type="text" value="String"/></fieldset></form>'
|
537
|
+
end
|
520
538
|
end
|
521
539
|
end
|
522
540
|
end
|
data/spec/sequel_helper.rb
CHANGED
@@ -1,6 +1,6 @@
|
|
1
1
|
require 'sequel'
|
2
2
|
|
3
|
-
db_url =
|
3
|
+
db_url = RUBY_ENGINE == 'jruby' ? 'jdbc:sqlite::memory:' : 'sqlite:/'
|
4
4
|
DB = Sequel.connect(db_url, :identifier_mangling=>false)
|
5
5
|
DB.extension(:freeze_datasets)
|
6
6
|
Sequel.default_timezone = :utc
|
@@ -17,6 +17,8 @@ DB.create_table(:albums) do
|
|
17
17
|
Date :release_date
|
18
18
|
DateTime :created_at
|
19
19
|
Integer :copies_sold
|
20
|
+
Float :fl
|
21
|
+
BigDecimal :bd
|
20
22
|
end
|
21
23
|
DB.create_table(:album_infos) do
|
22
24
|
primary_key :id
|
@@ -13,19 +13,19 @@ describe "Forme Sequel::Model forms" do
|
|
13
13
|
end
|
14
14
|
|
15
15
|
it "should not change the usual label input if translation is not present" do
|
16
|
-
@b.input(:name).
|
16
|
+
@b.input(:name).must_equal '<label>Name: <input id="invoice_name" maxlength="255" name="invoice[name]" type="text" value="b"/></label>'
|
17
17
|
end
|
18
18
|
|
19
19
|
it "should use the translation for the label if present" do
|
20
|
-
@b.input(:summary).
|
20
|
+
@b.input(:summary).must_equal '<label>Brief Description: <input id="invoice_summary" maxlength="255" name="invoice[summary]" type="text" value="a brief summary"/></label>'
|
21
21
|
end
|
22
22
|
|
23
23
|
it "should not change the usual legend for the subform if the translation is not present" do
|
24
|
-
Forme.form(Firm[1]){|f| f.subform(:invoices){ f.input(:name) }}.
|
24
|
+
Forme.form(Firm[1]){|f| f.subform(:invoices){ f.input(:name) }}.must_equal '<form class="forme firm" method="post"><input id="firm_invoices_attributes_0_id" name="firm[invoices_attributes][0][id]" type="hidden" value="1"/><fieldset class="inputs"><legend>Invoice #1</legend><label>Name: <input id="firm_invoices_attributes_0_name" maxlength="255" name="firm[invoices_attributes][0][name]" type="text" value="b"/></label></fieldset></form>'
|
25
25
|
end
|
26
26
|
|
27
27
|
it "should use the translation for the legend on the subform if present" do
|
28
|
-
Forme.form(Firm[1]){|f| f.subform(:clients){ f.input(:name) }}.
|
28
|
+
Forme.form(Firm[1]){|f| f.subform(:clients){ f.input(:name) }}.must_equal '<form class="forme firm" method="post"><input id="firm_clients_attributes_0_id" name="firm[clients_attributes][0][id]" type="hidden" value="1"/><fieldset class="inputs"><legend>Clientes</legend><label>Name: <input id="firm_clients_attributes_0_name" maxlength="255" name="firm[clients_attributes][0][name]" type="text" value="a great client"/></label></fieldset></form>'
|
29
29
|
end
|
30
30
|
end
|
31
31
|
end
|