forme 2.1.0 → 2.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG +10 -0
- data/README.rdoc +3 -3
- data/lib/forme/bs3.rb +7 -7
- data/lib/forme/form.rb +2 -0
- data/lib/forme/transformers/error_handler.rb +10 -10
- data/lib/forme/transformers/formatter.rb +32 -34
- data/lib/forme/version.rb +1 -1
- data/lib/sequel/plugins/forme.rb +8 -6
- data/lib/sequel/plugins/forme_set.rb +2 -4
- data/spec/bs3_reference_spec.rb +288 -311
- data/spec/bs3_sequel_plugin_spec.rb +152 -152
- data/spec/bs3_spec.rb +234 -205
- data/spec/forme_coverage.rb +1 -0
- data/spec/forme_spec.rb +429 -353
- data/spec/rails_integration_spec.rb +13 -1
- data/spec/roda_integration_spec.rb +20 -2
- data/spec/sequel_helper.rb +3 -1
- data/spec/sequel_i18n_plugin_spec.rb +4 -4
- data/spec/sequel_plugin_spec.rb +252 -149
- data/spec/sequel_set_plugin_spec.rb +6 -0
- data/spec/shared_erb_specs.rb +1 -1
- data/spec/sinatra_integration_spec.rb +26 -0
- metadata +2 -2
|
@@ -23,7 +23,7 @@ begin
|
|
|
23
23
|
|
|
24
24
|
class FormeRails < Rails::Application
|
|
25
25
|
routes.append do
|
|
26
|
-
%w'index inputs_block inputs_block_wrapper nest nest_sep nest_inputs nest_seq hash legend combined noblock noblock_post safe_buffer'.each do |action|
|
|
26
|
+
%w'index inputs_block inputs_block_wrapper nest nest_sep nest_inputs nest_seq hash legend combined noblock noblock_post safe_buffer no_forgery_protection'.each do |action|
|
|
27
27
|
get action, :controller=>'forme', :action=>action
|
|
28
28
|
end
|
|
29
29
|
end
|
|
@@ -57,6 +57,14 @@ class FormeController < ActionController::Base
|
|
|
57
57
|
END
|
|
58
58
|
end
|
|
59
59
|
|
|
60
|
+
def no_forgery_protection
|
|
61
|
+
def self.protect_against_forgery?; false end
|
|
62
|
+
render :inline => <<END
|
|
63
|
+
<%= forme(:method=>'POST') do |f| %>
|
|
64
|
+
<% end %>
|
|
65
|
+
END
|
|
66
|
+
end
|
|
67
|
+
|
|
60
68
|
def inputs_block
|
|
61
69
|
render :inline => <<END
|
|
62
70
|
<%= forme([:foo, :bar], :action=>'/baz') do |f| %>
|
|
@@ -270,5 +278,9 @@ describe "Forme Rails integration" do
|
|
|
270
278
|
it "#form should handle Rails SafeBuffers" do
|
|
271
279
|
sin_get('/safe_buffer').must_equal '<form action="/baz"><fieldset class="inputs"><legend><b>foo</b></legend><input id="first" name="first" type="text" value="foo"/></fieldset><input type="submit" value="xyz"/></form>'
|
|
272
280
|
end
|
|
281
|
+
|
|
282
|
+
it "#form should handle case where forgery protection is disabled" do
|
|
283
|
+
sin_get('/no_forgery_protection').must_equal '<form method="POST"> </form>'
|
|
284
|
+
end
|
|
273
285
|
end
|
|
274
286
|
end
|
|
@@ -172,8 +172,9 @@ end if defined?(ERUBI_CAPTURE_BLOCK)
|
|
|
172
172
|
def _forme_set(meth, obj, orig_hash, *form_args, &block)
|
|
173
173
|
hash = {}
|
|
174
174
|
forme_set_block = orig_hash.delete(:forme_set_block)
|
|
175
|
+
handle_params = hash.delete(:handle_params)
|
|
175
176
|
orig_hash.each{|k,v| hash[k.to_s] = v}
|
|
176
|
-
album =
|
|
177
|
+
album = obj
|
|
177
178
|
ret, _, data, hmac = nil
|
|
178
179
|
|
|
179
180
|
@app.route do |r|
|
|
@@ -196,8 +197,9 @@ end if defined?(ERUBI_CAPTURE_BLOCK)
|
|
|
196
197
|
data = $2
|
|
197
198
|
hmac = $3
|
|
198
199
|
data.gsub!(""", '"') if data
|
|
199
|
-
h = {"album"=>hash, "_forme_set_data"=>data, "_forme_set_data_hmac"=>hmac, "_csrf"=>csrf}
|
|
200
|
+
h = {"album"=>hash, "_forme_set_data"=>data, "_forme_set_data_hmac"=>hmac, "_csrf"=>csrf, "body"=>body}
|
|
200
201
|
if data && hmac
|
|
202
|
+
h = handle_params.call(h) if handle_params
|
|
201
203
|
forme_call(h)
|
|
202
204
|
end
|
|
203
205
|
meth == :forme_parse ? ret : h
|
|
@@ -244,6 +246,18 @@ END
|
|
|
244
246
|
@ab.copies_sold.must_be_nil
|
|
245
247
|
end
|
|
246
248
|
|
|
249
|
+
it "#forme_set handle missing csrf" do
|
|
250
|
+
h = forme_set(@ab, :name=>'Foo'){|f| f.input(:name)}
|
|
251
|
+
@ab.name = nil
|
|
252
|
+
data = JSON.parse(h["_forme_set_data"])
|
|
253
|
+
data.delete('csrf')
|
|
254
|
+
data = data.to_json
|
|
255
|
+
hmac = OpenSSL::HMAC.hexdigest(OpenSSL::Digest::SHA512.new, '1'*64, data)
|
|
256
|
+
forme_call(h.merge("_forme_set_data_hmac"=>hmac, "_forme_set_data"=>data))
|
|
257
|
+
@ab.name.must_equal 'Foo'
|
|
258
|
+
@ab.copies_sold.must_be_nil
|
|
259
|
+
end
|
|
260
|
+
|
|
247
261
|
it "#forme_set should handle custom form namespaces" do
|
|
248
262
|
forme_set(@ab, {"album"=>{"name"=>'Foo', 'copies_sold'=>'100'}}, {}, :namespace=>'album'){|f| f.input(:name); f.input(:copies_sold)}
|
|
249
263
|
@ab.name.must_equal 'Foo'
|
|
@@ -517,6 +531,10 @@ END
|
|
|
517
531
|
@ab.forme_validations.merge!(hash[:validations])
|
|
518
532
|
@ab.valid?.must_equal true
|
|
519
533
|
end
|
|
534
|
+
|
|
535
|
+
it "should handle forms with objects that don't support forme_inputs" do
|
|
536
|
+
forme_set(String, {:name=>'Foo'}, {}, :inputs=>[:name])['body'].must_equal '<form><fieldset class="inputs"><input id="name" name="name" type="text" value="String"/></fieldset></form>'
|
|
537
|
+
end
|
|
520
538
|
end
|
|
521
539
|
end
|
|
522
540
|
end
|
data/spec/sequel_helper.rb
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
require 'sequel'
|
|
2
2
|
|
|
3
|
-
db_url =
|
|
3
|
+
db_url = RUBY_ENGINE == 'jruby' ? 'jdbc:sqlite::memory:' : 'sqlite:/'
|
|
4
4
|
DB = Sequel.connect(db_url, :identifier_mangling=>false)
|
|
5
5
|
DB.extension(:freeze_datasets)
|
|
6
6
|
Sequel.default_timezone = :utc
|
|
@@ -17,6 +17,8 @@ DB.create_table(:albums) do
|
|
|
17
17
|
Date :release_date
|
|
18
18
|
DateTime :created_at
|
|
19
19
|
Integer :copies_sold
|
|
20
|
+
Float :fl
|
|
21
|
+
BigDecimal :bd
|
|
20
22
|
end
|
|
21
23
|
DB.create_table(:album_infos) do
|
|
22
24
|
primary_key :id
|
|
@@ -13,19 +13,19 @@ describe "Forme Sequel::Model forms" do
|
|
|
13
13
|
end
|
|
14
14
|
|
|
15
15
|
it "should not change the usual label input if translation is not present" do
|
|
16
|
-
@b.input(:name).
|
|
16
|
+
@b.input(:name).must_equal '<label>Name: <input id="invoice_name" maxlength="255" name="invoice[name]" type="text" value="b"/></label>'
|
|
17
17
|
end
|
|
18
18
|
|
|
19
19
|
it "should use the translation for the label if present" do
|
|
20
|
-
@b.input(:summary).
|
|
20
|
+
@b.input(:summary).must_equal '<label>Brief Description: <input id="invoice_summary" maxlength="255" name="invoice[summary]" type="text" value="a brief summary"/></label>'
|
|
21
21
|
end
|
|
22
22
|
|
|
23
23
|
it "should not change the usual legend for the subform if the translation is not present" do
|
|
24
|
-
Forme.form(Firm[1]){|f| f.subform(:invoices){ f.input(:name) }}.
|
|
24
|
+
Forme.form(Firm[1]){|f| f.subform(:invoices){ f.input(:name) }}.must_equal '<form class="forme firm" method="post"><input id="firm_invoices_attributes_0_id" name="firm[invoices_attributes][0][id]" type="hidden" value="1"/><fieldset class="inputs"><legend>Invoice #1</legend><label>Name: <input id="firm_invoices_attributes_0_name" maxlength="255" name="firm[invoices_attributes][0][name]" type="text" value="b"/></label></fieldset></form>'
|
|
25
25
|
end
|
|
26
26
|
|
|
27
27
|
it "should use the translation for the legend on the subform if present" do
|
|
28
|
-
Forme.form(Firm[1]){|f| f.subform(:clients){ f.input(:name) }}.
|
|
28
|
+
Forme.form(Firm[1]){|f| f.subform(:clients){ f.input(:name) }}.must_equal '<form class="forme firm" method="post"><input id="firm_clients_attributes_0_id" name="firm[clients_attributes][0][id]" type="hidden" value="1"/><fieldset class="inputs"><legend>Clientes</legend><label>Name: <input id="firm_clients_attributes_0_name" maxlength="255" name="firm[clients_attributes][0][name]" type="text" value="a great client"/></label></fieldset></form>'
|
|
29
29
|
end
|
|
30
30
|
end
|
|
31
31
|
end
|