RubyGems - glasses - Versions diffs - 1.6.2 → 1.7.0 - Mend

glasses 1.6.2 → 1.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (55) hide show

data/spec/dummy/tmp/cache/assets/development/sprockets/v3.0/-n4kyDOdRxiiiIJEFA9cId9azJmW5g6hmwbs8SJ4qRg.cache ADDED

	@@ -0,0 +1 @@
1	+ I"�file:///Users/otamm/Documents/Code/Ruby/gems/glasses/gem/spec/dummy/app/assets/stylesheets/application.css?type=text/css&pipeline=self&id=4da1c8ce87c7c652239d0e67030d4918f796d37e2f3bce447badc8d2f783aeb1:ET

data/spec/dummy/tmp/cache/assets/development/sprockets/v3.0/2SBt5E86bhaTcl7TkcrIXPVQyQtH9yIRArRC_UxPck4.cache ADDED

	@@ -0,0 +1 @@
1	+ "%֧�NTZq�בH�L��#p3��Jg!��)

data/spec/dummy/tmp/cache/assets/development/sprockets/v3.0/2Tqd0MZWTPMTu8CoqlOCudnpF2UapAVb-1Qd3gZnzWs.cache ADDED

Binary file

data/spec/dummy/tmp/cache/assets/development/sprockets/v3.0/4m7rzZ6NLrCLYY8Klx2qByvjsF9EwTrhkqhffC_ddIU.cache ADDED

	@@ -0,0 +1 @@
1	+ I"�file:///Users/otamm/Documents/Code/Ruby/gems/glasses/gem/spec/dummy/app/assets/stylesheets/application.css?type=text/css&id=6bde0bbabf49d0acbb323983a3903fa84ee1429caee35b736c506b4ad6bf53d4:ET

data/spec/dummy/tmp/cache/assets/development/sprockets/v3.0/4wucpOHsDYdErjU4sC9i1FT33L-WRugEHtfQdiz-CXY.cache ADDED

Binary file

data/spec/dummy/tmp/cache/assets/development/sprockets/v3.0/AE40Tp96RkdOo7EhY00dhAOG17GUBn6QkZxp0HQVRQA.cache ADDED

	@@ -0,0 +1,2 @@
1	+ [o:Set:
2	+ @hash{ I"environment-version:ETTI"environment-paths;TTI">processors:type=text/css&file_type=text/css&pipeline=self;TTI"qfile-digest:///Users/otamm/Documents/Code/Ruby/gems/glasses/gem/spec/dummy/app/assets/stylesheets/search.css;TT

data/spec/dummy/tmp/cache/assets/development/sprockets/v3.0/CtIOdYL64ZUZ8_1ALDOZWNEis9WeBXUYTZ95MGCwJxk.cache ADDED

	@@ -0,0 +1,2 @@
1	+ [o:Set:
2	+ @hash{ I"environment-version:ETTI"environment-paths;TTI"Zprocessors:type=application/javascript&file_type=application/javascript&pipeline=self;TTI"pfile-digest:///Users/otamm/Documents/Code/Ruby/gems/glasses/gem/spec/dummy/app/assets/javascripts/search.js;TT

data/spec/dummy/tmp/cache/assets/development/sprockets/v3.0/DMb_4zR5zBmQGRtZlXIrUCrkOrY-Wzw_ESjc3NoXX6s.cache ADDED

	@@ -0,0 +1 @@
1	+ "%L�m�u��cÀ�]e��m͏��

data/spec/dummy/tmp/cache/assets/development/sprockets/v3.0/FfRbjoX7fHHQqnXiehqlD233T1kj4rzNPybfmQ_GUWI.cache ADDED

	@@ -0,0 +1,2 @@
1	+ [o:Set:
2	+ @hash{I"environment-version:ETTI"environment-paths;TTI">processors:type=text/css&file_type=text/css&pipeline=self;TTI"vfile-digest:///Users/otamm/Documents/Code/Ruby/gems/glasses/gem/spec/dummy/app/assets/stylesheets/application.css;TTI"ffile-digest:///Users/otamm/Documents/Code/Ruby/gems/glasses/gem/spec/dummy/app/assets/stylesheets;TTI"qfile-digest:///Users/otamm/Documents/Code/Ruby/gems/glasses/gem/spec/dummy/app/assets/stylesheets/search.css;TT

data/spec/dummy/tmp/cache/assets/development/sprockets/v3.0/JlLKJj3SMeXmPLYJvdO955A6OPH9wSTWF3QFOvbaT0k.cache ADDED

	@@ -0,0 +1,2 @@
1	+ [o:Set:
2	+ @hash{I"environment-version:ETTI"environment-paths;TTI"Lprocessors:type=application/javascript&file_type=application/javascript;TTI"ufile-digest:///Users/otamm/Documents/Code/Ruby/gems/glasses/gem/spec/dummy/app/assets/javascripts/application.js;TTI"Zprocessors:type=application/javascript&file_type=application/javascript&pipeline=self;TTI"pfile-digest:///Users/otamm/Documents/Code/Ruby/gems/glasses/gem/spec/dummy/app/assets/javascripts/search.js;TTI"ffile-digest:///Users/otamm/Documents/Code/Ruby/gems/glasses/gem/spec/dummy/app/assets/javascripts;TT

data/spec/dummy/tmp/cache/assets/development/sprockets/v3.0/Mo_r4nJu9qt0iEhVH0CXGZkIh_SCKfu3LoDU6GlMT-U.cache ADDED

	@@ -0,0 +1,2 @@
1	+ [o:Set:
2	+ @hash{I"environment-version:ETTI"environment-paths;TTI"Zprocessors:type=application/javascript&file_type=application/javascript&pipeline=self;TTI"ufile-digest:///Users/otamm/Documents/Code/Ruby/gems/glasses/gem/spec/dummy/app/assets/javascripts/application.js;TTI"ffile-digest:///Users/otamm/Documents/Code/Ruby/gems/glasses/gem/spec/dummy/app/assets/javascripts;TTI"pfile-digest:///Users/otamm/Documents/Code/Ruby/gems/glasses/gem/spec/dummy/app/assets/javascripts/search.js;TT

data/spec/dummy/tmp/cache/assets/development/sprockets/v3.0/PjzZwmbYJUPXBPEKfYAIld32mtAk3H0hBz7ONWVqza4.cache ADDED

	@@ -0,0 +1,2 @@
1	+ "%��͹mm�
2	+ a�l�\|a56��v�6}��(&5

data/spec/dummy/tmp/cache/assets/development/sprockets/v3.0/QYBC6SiWic96YuGP27vORM8frM2yoCxYATSeAuu3q3s.cache ADDED

	@@ -0,0 +1,2 @@
1	+ [o:Set:
2	+ @hash{I"environment-version:ETTI"environment-paths;TTI"0processors:type=text/css&file_type=text/css;TTI"vfile-digest:///Users/otamm/Documents/Code/Ruby/gems/glasses/gem/spec/dummy/app/assets/stylesheets/application.css;TTI">processors:type=text/css&file_type=text/css&pipeline=self;TTI"qfile-digest:///Users/otamm/Documents/Code/Ruby/gems/glasses/gem/spec/dummy/app/assets/stylesheets/search.css;TTI"ffile-digest:///Users/otamm/Documents/Code/Ruby/gems/glasses/gem/spec/dummy/app/assets/stylesheets;TT

data/spec/dummy/tmp/cache/assets/development/sprockets/v3.0/QfZ4TPv_vTZ6WmGKJEhbsZ0Ou73XHsnuUlsaYV3ZQEY.cache ADDED

	@@ -0,0 +1 @@
1	+ I"�file:///Users/otamm/Documents/Code/Ruby/gems/glasses/gem/spec/dummy/app/assets/javascripts/application.js?type=application/javascript&pipeline=self&id=7fde357b9eb6873868c89caa44207528dc578512439622fcfd9c3cebcb905cdc:ET

data/spec/dummy/tmp/cache/assets/development/sprockets/v3.0/XIp7H1NvI9qObEEUnVrJoJ0TgF9dsNRmdw7bkMLyf64.cache ADDED

	@@ -0,0 +1 @@
1	+ I"�file:///Users/otamm/Documents/Code/Ruby/gems/glasses/gem/spec/dummy/app/assets/javascripts/search.js?type=application/javascript&pipeline=self&id=fa727172541f6e7d9128e043a1734b40da3e3e7eb3909784614b21b100897cec:ET

data/spec/dummy/tmp/cache/assets/development/sprockets/v3.0/aCkopDHgOZcXcLJcYI3sgc_SuAZhhr9RkRQshzmldF8.cache ADDED

	@@ -0,0 +1 @@
1	+ I"�file:///Users/otamm/Documents/Code/Ruby/gems/glasses/gem/spec/dummy/app/assets/javascripts/application.js?type=application/javascript&id=994fc115aaf0b2f40165a45906d6c62bbfecf910708075a2d5d73e22d9ccfca5:ET

data/spec/dummy/tmp/cache/assets/development/sprockets/v3.0/bkZWDwb871tTLoM-W80twc_qhQ_ziPfInIfbzCcLnpE.cache ADDED

	@@ -0,0 +1 @@
1	+ "%�W\�yho9S��ƫ˥��)\|�~��(��

data/spec/dummy/tmp/cache/assets/development/sprockets/v3.0/gLJlx0p_IOKb7r9m3hjLdN2jGSicQ_Ns4SS1jWlFDAQ.cache ADDED

Binary file

data/spec/dummy/tmp/cache/assets/development/sprockets/v3.0/i9TsnRfu6oqRsV9V2v_6Ulubst2IVveepQEkimUU6QE.cache ADDED

	@@ -0,0 +1 @@
1	+ "%&P�꽠�9�/sB��k�b~LnJo��UJ��

data/spec/dummy/tmp/cache/assets/development/sprockets/v3.0/iEVE5Kzzv15cyQWfQGEbgnKSSO0xiblZzP-sO26AYGQ.cache ADDED

Binary file

data/spec/dummy/tmp/cache/assets/development/sprockets/v3.0/rRXYm5yDdh2lrn8etfERia5zGqWg3_cJ3siQQG6h9UU.cache ADDED

Binary file

data/spec/dummy/tmp/cache/assets/development/sprockets/v3.0/t3hd5M5Qs7xWqz8gFCvXf781-4lYaem1SZCLRh47qCc.cache ADDED

	@@ -0,0 +1 @@
1	+ I"�file:///Users/otamm/Documents/Code/Ruby/gems/glasses/gem/spec/dummy/app/assets/stylesheets/search.css?type=text/css&pipeline=self&id=5a9397f790a4eb98cae05e656658464b83abf79a64d5befc05bc166e496ab495:ET

data/spec/dummy/tmp/cache/assets/development/sprockets/v3.0/yHIJ2OseWB_qclWx7fwHLHPAVYOch64QqS8Y07WHhRk.cache ADDED

Binary file

data/spec/dummy/tmp/cache/assets/development/sprockets/v3.0/yuW5Zfj9wAku7kLsnPBHwLsetLDeWKm9ju_dm_GLgf0.cache ADDED

	@@ -0,0 +1 @@
1	+ "%Ѱč@��6H�uZoX�Z�gbh0W��V

data/spec/features/full_search_form_test.rb ADDED

File without changes

data/spec/features/range_search_form_test.rb ADDED

@@ -0,0 +1,79 @@
+describe "search with a range constraint within web app", type: :feature  do
+	context 'search with params sanitized by ActiveRecord' do
+		before :each do
+			visit 'range_search'
+		end
+		it 'returns all the results with a field bigger than or equal to some arbitrary value' do
+			fill_in 'Minimum Age:', with: '110'
+			click_button "Search"
+			page.should have_content 'GR8 SUCCESS'
+			page.should have_content '3'
+		end
+		it 'returns all the results with a field lesser than or equal to some arbitrary value' do
+			fill_in 'Maximum Age:', with: '110'
+			click_button "Search"
+			page.should have_content 'GR8 SUCCESS'
+			page.should have_content '8'
+		end
+		it 'returns all the results with a field bigger than or equal to some arbitrary value and with another field lesser than or equal to some other arbitrary value' do
+			fill_in 'Minimum Age:', with: '20'
+			fill_in 'Maximum Age:', with: '110'
+			click_button "Search"
+			page.should have_content 'GR8 SUCCESS'
+			page.should have_content '8'
+		end
+		it 'returns all the results which satisfies both "field in the range" and "field with same prefix" conditions' do
+			fill_in 'First Name:', with: 'Jane'
+			fill_in 'Minimum Age:', with: '110'
+			click_button "Search"
+			page.should have_content 'GR8 SUCCESS'
+			page.should have_content '1'
+		end
+	end
+	context 'search without params sanitized by ActiveRecord' do
+		before :each do
+			visit 'raw_range_search'
+		end
+		it 'returns all the results with a field bigger than or equal to some arbitrary value' do
+			fill_in 'Minimum Age:', with: '110'
+			click_button "Search"
+			page.should have_content 'GR8 SUCCESS'
+			page.should have_content '3'
+		end
+		it 'returns all the results with a field lesser than or equal to some arbitrary value' do
+			fill_in 'Maximum Age:', with: '110'
+			click_button "Search"
+			page.should have_content 'GR8 SUCCESS'
+			page.should have_content '8'
+		end
+		it 'returns all the results with a field bigger than or equal to some arbitrary value and with another field lesser than or equal to some other arbitrary value' do
+			fill_in 'Minimum Age:', with: '20'
+			fill_in 'Maximum Age:', with: '110'
+			click_button "Search"
+			page.should have_content 'GR8 SUCCESS'
+			page.should have_content '8'
+		end
+		it 'returns all the results which satisfies both "field in the range" and "field with same prefix" conditions' do
+			fill_in 'First Name:', with: 'Jane'
+			fill_in 'Minimum Age:', with: '110'
+			click_button "Search"
+			page.should have_content 'GR8 SUCCESS'
+			page.should have_content '1'
+		end
+	end
+end

data/spec/features/search_performance_test_in_app.rb ADDED

File without changes

data/spec/features/simple_search_form_test.rb CHANGED

@@ -1,6 +1,6 @@
-describe "a simple search", type: :feature  do
+describe "search within web app", type: :feature  do
-	context "search params not sanitized" do
+	context "search params sanitized in ActiveRecord" do
 		before :each do
 			visit 'simple_search'
@@ -13,15 +13,40 @@ describe "a simple search", type: :feature  do
 			page.should have_content '1'
 		end
-		it "is vulnerable to SQL injections when no defenses are present" do
-			fill_in "First Name:", with: "' OR 1 = 1 ) --"
-			click_button "Search"
-			page.should have_content "GR8 SUCCESS"
-			page.should have_content "10 entries"
-		end
+		#it "is vulnerable to SQL injections when no defenses are present" do
+		#	fill_in "First Name:", with: "' OR 1 = 1 ) --"
+		#	click_button "Search"
+		#	page.should have_content "GR8 SUCCESS"
+		#	page.should have_content "10 entries"
+		#end
+		#context "search with a boolean value as one of the params" do
+			it "correctly return values when a boolean value is passed to the form and there are matches" do
+				fill_in 'First Name:', with: 'Jane'
+				#all('input[type=checkbox]').each { |checkbox| check(checkbox) }
+				# forms checkboxes are checked "true" by default.
+				click_button 'Search'
+				page.should have_content 'GR8 SUCCESS'
+				page.should have_content '1'
+			end
+			it "correctly return values when a boolean value is passed to the form and there are no matches" do
+				fill_in 'First Name:', with: 'Rachel'
+				#all('input[type=checkbox]').each { |checkbox| check(checkbox) }
+				# forms checkboxes are checked "true" by default.
+				click_button 'Search'
+				#puts page.body
+				page.should have_content 'WOPS'
+				page.should have_content '0'
+			end
+		#end
 	end
+=begin
+commented out. This part has become redundant.
 	context "search params sanitized in a search method of this gem with built-in defense" do
 		before :each do
@@ -43,6 +68,7 @@ describe "a simple search", type: :feature  do
 		end
 	end
+=end
 	context "search params sanitized in a controller method" do
@@ -53,7 +79,6 @@ describe "a simple search", type: :feature  do
 		it "correctly searches and displays matches" do
 			fill_in 'First Name:', with: 'Jan'
 			click_button "Search"
-			puts page.body
 			page.should have_content 'GR8 SUCCESS'
 			page.should have_content '1'
 		end

data/spec/glasses_spec.rb CHANGED

@@ -2,5 +2,12 @@ require 'spec_helper'
 #tests in a raw environment with a hash serving as input (the default ruby web app frameworks "params" hash is the emulated input)
 require 'tests/search_test'
 require 'tests/sanitized_search_test'
+require 'tests/full_search_test'
+require 'tests/range_search_test'
+require 'tests/performance_test'
+require 'tests/parameters_priority_test'
 #tests in a simulated webpage environment using Capybara
-require 'features/simple_search_form_test'
+require 'features/simple_search_form_test'
+require 'features/full_search_form_test'
+require 'features/range_search_form_test'
+require 'features/search_performance_test_in_app'

data/spec/test_only_methods/example_only_methods.rb ADDED

@@ -0,0 +1,65 @@
+module BrokenGlasses
+  def search_within_range(model_to_search,params_hash)
+    params_array = params_hash.to_a
+    query = ""
+    consecutive_ints = 0
+    params_array.each_with_index do |pair, index|
+      if !pair[1].empty?
+        if pair[0].to_s[key.size-3,key.size] == "_id" || pair[] ~= /\A[-+]?[0-9]+\z/ # checks if value is basically an integer within quotes
+          possible_query = "#{key} = #{val} AND "
+          consecutive_ints += 1
+          if consecutive_ints % 2 == 0 #check if the case is of an integer field followed by another
+          end
+          query += possible_query
+        else
+          query += "#{key} LIKE '#{val}%' AND " # percent sign matches any string of 0 or more chars.
+        end
+      end
+    end
+    if !query.empty?
+      query = query[0,query.size-5]
+      model_to_search.where(query)
+    else
+      []
+    end
+  end
+  def self.full_search_range(model_to_search, params_hash)
+    query = []
+    query_params = []
+    params_hash.each do |key,val|
+      if !val.empty?
+        key_suffix = key.to_s[key.size-3,key.size]
+        if key_suffix == "min"
+          query.push("#{key[0,key.size-4]} >= ?")
+          query_params.push(val.to_s)
+        elsif key_suffix == "max"
+          query.push("#{key[0,key.size-4]} <= ?")
+          query_params.push(val.to_s)
+        elsif key_suffix == "_id"
+          query.push("#{key} = ?")
+          query_params.push(val.to_s)
+        else
+          query.push("#{key} LIKE ?") # percent sign matches any string of 0 or more chars.
+          query_params.push("%" + val + "%")
+        end
+      end
+    end
+    if !query.empty?
+      if query.size == 1
+        return model_to_search.where(query.pop(), query_params.pop())
+      else
+        results = model_to_search.where(query.pop(), query_params.pop())
+        (results.size).times do |search|
+          results = results.where(query.pop(), query_params.pop()) # important to note that ".where()" is not hitting the database on this line.
+        end
+        return results
+      end
+    else
+      []
+    end
+  end
+end

data/spec/tests/full_search_test.rb ADDED

@@ -0,0 +1,63 @@
+describe 'performs a full search on strings, looking for fragments of text instead of prefixes.' do
+	context 'performs a full search that is sanitized by ActiveRecord' do
+		it 'returns results which contain the fragment' do
+			(Glasses.full_search(Player, {first_name: "bb"}).size).should == 1
+		end
+		it 'returns results which contain the fragment and other parameters' do
+			(Glasses.full_search(Player, {first_name: "bb", email: ".com"}).size).should == 1
+		end
+		it 'does not return anything when no params match any text fragment for that column' do
+			(Glasses.full_search(Player, {first_name: "zidbb"}).size).should == 0
+		end
+		it 'does not return anything when there is no record which matches all the params' do
+			(Glasses.full_search(Player, {first_name: "zidbb", email: "@"}).size).should == 0
+		end
+		it 'returns all the results which satisfies both "field in the range" and "field with text fragment" conditions' do
+			(Glasses.full_search_range(Player, {first_name: 'ane', age_min: '110'}).size).should == 1
+		end
+		context 'performs a full search which includes a range that is not sanitized by ActiveRecord' do
+			it 'returns all the results which satisfies both "field in the range" and "field with text fragment" conditions' do
+				(Glasses.full_search_range(Player, {first_name: 'ane', age_min: '110'}).size).should == 1
+			end
+		end
+	end
+	context 'performs a full search that is not sanitized by ActiveRecord' do
+		it 'returns results which contain the fragment' do
+			(Glasses.full_raw_search(Player, {first_name: "bb"}).size).should == 1
+		end
+		it 'returns results which contain the fragment and other parameters' do
+			(Glasses.full_raw_search(Player, {first_name: "bb", email: ".com"}).size).should == 1
+		end
+		it 'does not return anything when no params match any text fragment for that column' do
+			(Glasses.full_raw_search(Player, {first_name: "zidbb"}).size).should == 0
+		end
+		it 'does not return anything when there is no record which matches all the params' do
+			(Glasses.full_raw_search(Player, {first_name: "zidbb", email: "@"}).size).should == 0
+		end
+		context 'performs a full search which includes a range that is not sanitized by ActiveRecord' do
+			it 'returns all the results which satisfies both "field in the range" and "field with text fragment" conditions' do
+				(Glasses.full_raw_search_range(Player, {first_name: 'ane', age_min: '110'}).size).should == 1
+			end
+		end
+	end
+end

data/spec/tests/parameters_priority_test.rb ADDED

@@ -0,0 +1,51 @@
+describe "search params are reordered in a way to give first entrance to quicker queries; the arrays will be .pop()ed, so 'prioritized' == 'last_element' here." do
+	context "params include strings and ints/bools" do
+		it "puts integers before strings" do
+			Glasses.prioritize_ints_over_strings(["user_id = ?","first_name LIKE ?", "last_name LIKE ?"], ["666", "Johnny", "Rotten"]).should == [["last_name LIKE ?", "first_name LIKE ?", "user_id = ?"],["Rotten", "Johnny", "666"]]
+		end
+		it "puts booleans before strings" do
+			Glasses.prioritize_ints_over_strings(["is_cokehead_bool = ?", "first_name LIKE ?", "last_name LIKE ?"], ["1", "Johnny", "Rotten"]).should == [["last_name LIKE ?", "first_name LIKE ?", "is_cokehead_bool = ?"],["Rotten", "Johnny", "1"]]
+		end
+		it "puts both integers and booleans before strings" do
+			Glasses.prioritize_ints_over_strings(["user_id = ?", "is_cokehead_bool = ?", "first_name LIKE ?", "last_name LIKE ?"], ["666", "1", "Johnny", "Rotten"]).should == [["last_name LIKE ?", "first_name LIKE ?", "user_id = ?", "is_cokehead_bool = ?"],["Rotten", "Johnny", "666", "1"]]
+		end
+		it "returns the same query with inverted params if it does not contain more than one kind of input (strings)" do
+			Glasses.prioritize_ints_over_strings(["first_name LIKE ?", "last_name LIKE ?"], ["Johnny", "Rotten"]).should == [["last_name LIKE ?", "first_name LIKE ?"], ["Rotten", "Johnny"]]
+		end
+	end
+	context "params include strings, ints/bools and ranges" do
+		it "puts integers before strings" do
+			Glasses.prioritize_ints_over_strings_and_ranges(["user_id = ?","first_name LIKE ?", "last_name LIKE ?"], ["666", "Johnny", "Rotten"]).should == [["last_name LIKE ?", "first_name LIKE ?", "user_id = ?"],["Rotten", "Johnny", "666"]]
+		end
+		it "puts booleans before strings" do
+			Glasses.prioritize_ints_over_strings_and_ranges(["is_cokehead_bool = ?", "first_name LIKE ?", "last_name LIKE ?"], ["1", "Johnny", "Rotten"]).should == [["last_name LIKE ?", "first_name LIKE ?", "is_cokehead_bool = ?"],["Rotten", "Johnny", "1"]]
+		end
+		it "puts both integers and booleans before strings" do
+			Glasses.prioritize_ints_over_strings_and_ranges(["user_id = ?", "is_cokehead_bool = ?", "first_name LIKE ?", "last_name LIKE ?"], ["666", "1", "Johnny", "Rotten"]).should == [["last_name LIKE ?", "first_name LIKE ?", "user_id = ?", "is_cokehead_bool = ?"],["Rotten", "Johnny", "666", "1"]]
+		end
+		it "puts integers, booleans and ranges before strings" do
+			Glasses.prioritize_ints_over_strings_and_ranges(["user_id = ?", "is_cokehead_bool = ?", "age_min >= ?", "age_max <= ?", "first_name LIKE ?", "last_name LIKE ?"], ["666", "1", "2", "456", "Johnny", "Rotten"]).should == [["last_name LIKE ?", "first_name LIKE ?", "age_max <= ?", "age_min >= ?", "user_id = ?", "is_cokehead_bool = ?"],["Rotten", "Johnny", "456", "2", "666", "1"]]
+		end
+		it "puts ints/booleans before ranges" do
+			Glasses.prioritize_ints_over_strings_and_ranges(["user_id = ?", "is_cokehead_bool = ?", "age_min >= ?", "age_max <= ?"], ["666", "1", "2", "456"]).should == [["age_max <= ?", "age_min >= ?", "user_id = ?", "is_cokehead_bool = ?"],["456", "2", "666", "1"]]
+		end
+		it "returns the same query with inverted params if it does not contain more than one kind of input (strings)" do
+			Glasses.prioritize_ints_over_strings_and_ranges(["first_name LIKE ?", "last_name LIKE ?"], ["Johnny", "Rotten"]).should == [["last_name LIKE ?", "first_name LIKE ?"], ["Rotten", "Johnny"]]
+		end
+	end
+end

data/spec/tests/performance_test.rb ADDED

File without changes

data/spec/tests/range_search_test.rb ADDED

@@ -0,0 +1,43 @@
+describe 'search entries which have a value within a specific range' do
+	context 'search with params sanitized by ActiveRecord' do
+		it 'returns all the results with a field bigger than or equal to some arbitrary value' do
+			(Glasses.search_range(Player, {age_min: '110'}).size).should == 3
+		end
+		it 'returns all the results with a field lesser than or equal to some arbitrary value' do
+			(Glasses.search_range(Player, {age_max: '110'}).size).should == 8
+		end
+		it 'returns all the results with a field bigger than or equal to some arbitrary value and with another field lesser than or equal to some other arbitrary value' do
+			(Glasses.search_range(Player, {age_min: '20', age_max: '110'}).size).should == 4
+		end
+		it 'returns all the results which satisfies both "field in the range" and "field with same prefix" conditions' do
+			(Glasses.search_range(Player, {first_name: 'Jane', age_min: '110'}).size).should == 1
+		end
+	end
+	context 'search without params sanitized by ActiveRecord' do
+		it 'returns all the results with a field bigger than or equal to some arbitrary value' do
+			(Glasses.raw_search_range(Player, {age_min: '110'}).size).should == 3
+		end
+		it 'returns all the results with a field lesser than or equal to some arbitrary value' do
+			(Glasses.raw_search_range(Player, {age_max: '110'}).size).should == 8
+		end
+		it 'returns all the results with a field bigger than or equal to some arbitrary value and with another field lesser than or equal to some other arbitrary value' do
+			(Glasses.raw_search_range(Player, {age_min: '20', age_max: '110'}).size).should == 4
+		end
+		it 'returns all the results which satisfies both "field in the range" and "field with same prefix" conditions' do
+			(Glasses.raw_search_range(Player, {first_name: 'Jane', age_min: '110'}).size).should == 1
+		end
+	end
+end