locomotivecms_steam 1.4.1 → 1.5.0.beta1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +1 -1
- data/Gemfile.lock +31 -25
- data/Rakefile +2 -2
- data/config/locales/pt-BR.yml +43 -13
- data/lib/locomotive/steam.rb +9 -4
- data/lib/locomotive/steam/adapters/filesystem.rb +2 -7
- data/lib/locomotive/steam/adapters/filesystem/sanitizer.rb +0 -2
- data/lib/locomotive/steam/adapters/filesystem/sanitizers/page.rb +11 -0
- data/lib/locomotive/steam/adapters/filesystem/sanitizers/section.rb +37 -0
- data/lib/locomotive/steam/adapters/filesystem/sanitizers/site.rb +18 -0
- data/lib/locomotive/steam/adapters/filesystem/yaml_loaders/content_entry.rb +4 -3
- data/lib/locomotive/steam/adapters/filesystem/yaml_loaders/content_type.rb +4 -3
- data/lib/locomotive/steam/adapters/filesystem/yaml_loaders/section.rb +40 -0
- data/lib/locomotive/steam/adapters/filesystem/yaml_loaders/snippet.rb +0 -1
- data/lib/locomotive/steam/adapters/memory.rb +1 -1
- data/lib/locomotive/steam/entities/content_entry.rb +15 -3
- data/lib/locomotive/steam/entities/content_type.rb +2 -1
- data/lib/locomotive/steam/entities/page.rb +21 -19
- data/lib/locomotive/steam/entities/section.rb +24 -0
- data/lib/locomotive/steam/entities/site.rb +3 -1
- data/lib/locomotive/steam/liquid.rb +2 -0
- data/lib/locomotive/steam/liquid/drops/page.rb +4 -2
- data/lib/locomotive/steam/liquid/drops/params.rb +51 -0
- data/lib/locomotive/steam/liquid/drops/section.rb +56 -0
- data/lib/locomotive/steam/liquid/drops/section_block.rb +47 -0
- data/lib/locomotive/steam/liquid/drops/section_content_proxy.rb +97 -0
- data/lib/locomotive/steam/liquid/drops/section_editor_setting_data.rb +65 -0
- data/lib/locomotive/steam/liquid/drops/site.rb +2 -1
- data/lib/locomotive/steam/liquid/errors.rb +2 -0
- data/lib/locomotive/steam/liquid/filters/base.rb +3 -3
- data/lib/locomotive/steam/liquid/filters/date.rb +1 -1
- data/lib/locomotive/steam/liquid/filters/html.rb +7 -2
- data/lib/locomotive/steam/liquid/filters/json.rb +3 -1
- data/lib/locomotive/steam/liquid/tags/action.rb +2 -2
- data/lib/locomotive/steam/liquid/tags/alt_page_links.rb +63 -0
- data/lib/locomotive/steam/liquid/tags/concerns/i18n_page.rb +1 -1
- data/lib/locomotive/steam/liquid/tags/concerns/section.rb +117 -0
- data/lib/locomotive/steam/liquid/tags/global_section.rb +32 -0
- data/lib/locomotive/steam/liquid/tags/model_form.rb +1 -1
- data/lib/locomotive/steam/liquid/tags/section.rb +87 -0
- data/lib/locomotive/steam/liquid/tags/sections_dropzone.rb +56 -0
- data/lib/locomotive/steam/liquid/tags/snippet.rb +3 -2
- data/lib/locomotive/steam/liquid/template.rb +0 -5
- data/lib/locomotive/steam/middlewares.rb +1 -1
- data/lib/locomotive/steam/middlewares/auth.rb +29 -13
- data/lib/locomotive/steam/middlewares/concerns/helpers.rb +59 -0
- data/lib/locomotive/steam/middlewares/concerns/liquid_context.rb +94 -0
- data/lib/locomotive/steam/middlewares/encoded_link_redirection.rb +45 -0
- data/lib/locomotive/steam/middlewares/entry_submission.rb +1 -1
- data/lib/locomotive/steam/middlewares/favicon.rb +1 -1
- data/lib/locomotive/steam/middlewares/locale.rb +63 -15
- data/lib/locomotive/steam/middlewares/locale_redirection.rb +18 -6
- data/lib/locomotive/steam/middlewares/logging.rb +1 -1
- data/lib/locomotive/steam/middlewares/page.rb +35 -6
- data/lib/locomotive/steam/middlewares/path.rb +1 -1
- data/lib/locomotive/steam/middlewares/private_access.rb +1 -1
- data/lib/locomotive/steam/middlewares/redirection.rb +1 -1
- data/lib/locomotive/steam/middlewares/renderer.rb +2 -82
- data/lib/locomotive/steam/middlewares/robots.rb +1 -1
- data/lib/locomotive/steam/middlewares/section.rb +56 -0
- data/lib/locomotive/steam/middlewares/site.rb +1 -1
- data/lib/locomotive/steam/middlewares/sitemap.rb +58 -45
- data/lib/locomotive/steam/middlewares/templatized_page.rb +1 -1
- data/lib/locomotive/steam/middlewares/thread_safe.rb +85 -2
- data/lib/locomotive/steam/middlewares/timezone.rb +1 -1
- data/lib/locomotive/steam/middlewares/url_redirection.rb +1 -1
- data/lib/locomotive/steam/models/entity.rb +0 -2
- data/lib/locomotive/steam/models/mapper.rb +5 -3
- data/lib/locomotive/steam/models/scope.rb +8 -0
- data/lib/locomotive/steam/repositories.rb +4 -0
- data/lib/locomotive/steam/repositories/content_entry_repository.rb +6 -2
- data/lib/locomotive/steam/repositories/page_repository.rb +4 -1
- data/lib/locomotive/steam/repositories/section_repository.rb +14 -0
- data/lib/locomotive/steam/repositories/site_repository.rb +1 -1
- data/lib/locomotive/steam/repositories/snippet_repository.rb +0 -3
- data/lib/locomotive/steam/server.rb +3 -1
- data/lib/locomotive/steam/services.rb +17 -1
- data/lib/locomotive/steam/services/action_service.rb +10 -0
- data/lib/locomotive/steam/services/concerns/decorator.rb +0 -2
- data/lib/locomotive/steam/services/image_resizer_service.rb +1 -1
- data/lib/locomotive/steam/services/page_finder_service.rb +6 -0
- data/lib/locomotive/steam/services/section_finder_service.rb +17 -0
- data/lib/locomotive/steam/services/url_builder_service.rb +31 -17
- data/lib/locomotive/steam/services/url_finder_service.rb +87 -0
- data/lib/locomotive/steam/version.rb +2 -2
- data/locomotivecms_steam.gemspec +1 -1
- data/spec/fixtures/default/app/views/pages/tags/section.liquid.haml +11 -0
- data/spec/fixtures/default/app/views/sections/carousel.liquid +20 -0
- data/spec/fixtures/default/app/views/sections/footer.liquid +48 -0
- data/spec/fixtures/default/app/views/sections/header.liquid +54 -0
- data/spec/fixtures/default/config/deploy.yml +1 -1
- data/spec/fixtures/errors/section_bad_json_content.liquid +9 -0
- data/spec/fixtures/errors/section_bad_json_header.liquid +8 -0
- data/spec/fixtures/mongodb/locomotive_accounts.bson +0 -0
- data/spec/fixtures/mongodb/locomotive_accounts.metadata.json +1 -1
- data/spec/fixtures/mongodb/locomotive_activities.bson +0 -0
- data/spec/fixtures/mongodb/locomotive_activities.metadata.json +1 -1
- data/spec/fixtures/mongodb/locomotive_content_assets.bson +0 -0
- data/spec/fixtures/mongodb/locomotive_content_assets.metadata.json +1 -1
- data/spec/fixtures/mongodb/locomotive_content_entries.bson +0 -0
- data/spec/fixtures/mongodb/locomotive_content_entries.metadata.json +1 -1
- data/spec/fixtures/mongodb/locomotive_content_types.bson +0 -0
- data/spec/fixtures/mongodb/locomotive_content_types.metadata.json +1 -1
- data/spec/fixtures/mongodb/locomotive_pages.bson +0 -0
- data/spec/fixtures/mongodb/locomotive_pages.metadata.json +1 -1
- data/spec/fixtures/mongodb/locomotive_sections.bson +0 -0
- data/spec/fixtures/mongodb/{sessions.metadata.json → locomotive_sections.metadata.json} +1 -1
- data/spec/fixtures/mongodb/locomotive_sites.bson +0 -0
- data/spec/fixtures/mongodb/locomotive_sites.metadata.json +1 -1
- data/spec/fixtures/mongodb/locomotive_snippets.bson +0 -0
- data/spec/fixtures/mongodb/locomotive_snippets.metadata.json +1 -1
- data/spec/fixtures/mongodb/locomotive_theme_assets.bson +0 -0
- data/spec/fixtures/mongodb/locomotive_theme_assets.metadata.json +1 -1
- data/spec/fixtures/mongodb/locomotive_translations.bson +0 -0
- data/spec/fixtures/mongodb/locomotive_translations.metadata.json +1 -1
- data/spec/integration/repositories/content_entry_repository_spec.rb +1 -1
- data/spec/integration/repositories/page_repository_spec.rb +1 -1
- data/spec/integration/repositories/theme_asset_repository_spec.rb +1 -1
- data/spec/integration/server/auth_spec.rb +0 -4
- data/spec/integration/server/basic_spec.rb +8 -0
- data/spec/integration/server/contact_form_spec.rb +15 -2
- data/spec/integration/server/sitemap_spec.rb +5 -3
- data/spec/integration/services/content_entry_service_spec.rb +1 -1
- data/spec/support/helpers.rb +3 -3
- data/spec/unit/adapters/filesystem/sanitizers/section_spec.rb +65 -0
- data/spec/unit/adapters/filesystem/sanitizers/site_spec.rb +28 -2
- data/spec/unit/adapters/filesystem/yaml_loaders/content_entry_spec.rb +8 -4
- data/spec/unit/adapters/filesystem/yaml_loaders/content_type_spec.rb +2 -2
- data/spec/unit/adapters/filesystem/yaml_loaders/page_spec.rb +1 -1
- data/spec/unit/adapters/filesystem/yaml_loaders/section_spec.rb +27 -0
- data/spec/unit/entities/section_spec.rb +29 -0
- data/spec/unit/liquid/drops/params_spec.rb +38 -0
- data/spec/unit/liquid/drops/section_content_proxy_spec.rb +88 -0
- data/spec/unit/liquid/drops/section_spec.rb +26 -0
- data/spec/unit/liquid/filters/html_spec.rb +198 -170
- data/spec/unit/liquid/filters/json_spec.rb +7 -0
- data/spec/unit/liquid/tags/action_spec.rb +12 -2
- data/spec/unit/liquid/tags/alt_page_links_spec.rb +58 -0
- data/spec/unit/liquid/tags/global_section_spec.rb +130 -0
- data/spec/unit/liquid/tags/link_to_spec.rb +1 -1
- data/spec/unit/liquid/tags/locale_switcher_spec.rb +1 -1
- data/spec/unit/liquid/tags/model_form_spec.rb +8 -0
- data/spec/unit/liquid/tags/path_to_spec.rb +26 -3
- data/spec/unit/liquid/tags/section_spec.rb +231 -0
- data/spec/unit/liquid/tags/sections_dropzone_spec.rb +107 -0
- data/spec/unit/middlewares/auth_spec.rb +9 -2
- data/spec/unit/middlewares/encoded_link_redirection_spec.rb +73 -0
- data/spec/unit/middlewares/entry_submission_spec.rb +1 -1
- data/spec/unit/middlewares/helpers_spec.rb +3 -64
- data/spec/unit/middlewares/locale_redirection_spec.rb +13 -2
- data/spec/unit/middlewares/locale_spec.rb +52 -10
- data/spec/unit/middlewares/page_spec.rb +57 -16
- data/spec/unit/middlewares/private_access_spec.rb +1 -1
- data/spec/unit/middlewares/redirection_spec.rb +1 -1
- data/spec/unit/middlewares/renderer_spec.rb +2 -1
- data/spec/unit/middlewares/section_spec.rb +70 -0
- data/spec/unit/middlewares/site_spec.rb +1 -1
- data/spec/unit/middlewares/sitemap_spec.rb +4 -42
- data/spec/unit/middlewares/url_redirection_spec.rb +1 -1
- data/spec/unit/repositories/content_entry_repository_spec.rb +13 -13
- data/spec/unit/repositories/section_repository_spec.rb +38 -0
- data/spec/unit/repositories/snippet_repository_spec.rb +0 -3
- data/spec/unit/services/action_service_spec.rb +19 -1
- data/spec/unit/services/asset_host_service_spec.rb +8 -0
- data/spec/unit/services/parent_finder_service_spec.rb +1 -2
- data/spec/unit/services/section_finder_service_spec.rb +28 -0
- data/spec/unit/services/url_builder_service_spec.rb +14 -4
- data/spec/unit/services/url_finder_service_spec.rb +100 -0
- data/spec/unit/services_spec.rb +34 -20
- metadata +72 -11
- data/lib/locomotive/steam/middlewares/helpers.rb +0 -140
- data/spec/fixtures/mongodb/sessions.bson +0 -0
@@ -0,0 +1,87 @@
|
|
1
|
+
module Locomotive
|
2
|
+
module Steam
|
3
|
+
|
4
|
+
# This service is used for the following use cases:
|
5
|
+
# - get an url of a link encoded by the RichTextEditor component in the engine
|
6
|
+
# - get an url of a link created through the UrlPicker component in the engine
|
7
|
+
#
|
8
|
+
class UrlFinderService
|
9
|
+
|
10
|
+
attr_accessor_initialize :url_builder, :page_finder, :content_entry_finder
|
11
|
+
|
12
|
+
# Return an array with the following elements: [<URL>, <NEW_WINDOW>]
|
13
|
+
#
|
14
|
+
# Example:
|
15
|
+
# url_for({
|
16
|
+
# 'type' => 'page',
|
17
|
+
# 'value' => '42', # id of the home page
|
18
|
+
# 'locale' => 'en',
|
19
|
+
# 'new_window' => true
|
20
|
+
# })
|
21
|
+
#
|
22
|
+
# will return: ['/', true]
|
23
|
+
#
|
24
|
+
def url_for(resource)
|
25
|
+
return [resource, false] if resource.is_a?(String)
|
26
|
+
|
27
|
+
_resource = resource || {}
|
28
|
+
page_or_url = find_page(_resource['type'], _resource['value']) || page_finder.find('404')
|
29
|
+
|
30
|
+
[
|
31
|
+
page_or_url.is_a?(String) ? page_or_url : url_builder.url_for(page_or_url),
|
32
|
+
_resource['new_window'] || false
|
33
|
+
]
|
34
|
+
end
|
35
|
+
|
36
|
+
# Same behavior as for url_for except the parameter is a
|
37
|
+
# JSON string encoded in Base64
|
38
|
+
def decode_url_for(encoded_value)
|
39
|
+
url_for(decode_link(encoded_value))
|
40
|
+
end
|
41
|
+
|
42
|
+
# Apply the decode_url_for method for each link of a text
|
43
|
+
def decode_urls_for(text)
|
44
|
+
return text if text.blank?
|
45
|
+
|
46
|
+
text.gsub(Locomotive::Steam::SECTIONS_LINK_TARGET_REGEXP) do
|
47
|
+
decode_url_for($~[:link])[0]
|
48
|
+
end
|
49
|
+
end
|
50
|
+
|
51
|
+
# Decode a link
|
52
|
+
def decode_link(encoded_value)
|
53
|
+
decoded_value = Base64.decode64(encoded_value)
|
54
|
+
JSON.parse(decoded_value)
|
55
|
+
end
|
56
|
+
|
57
|
+
private
|
58
|
+
|
59
|
+
# Based on the type of the resource, it returns either:
|
60
|
+
# - a simple page
|
61
|
+
# - a templatized page with its related content entry attached
|
62
|
+
# - nil if external url
|
63
|
+
def find_page(type, value)
|
64
|
+
case type
|
65
|
+
when 'page'
|
66
|
+
page_finder.find_by_id(value)
|
67
|
+
when 'content_entry'
|
68
|
+
# find the page template
|
69
|
+
page_finder.find_by_id(value['page_id']).tap do |_page|
|
70
|
+
entry = content_entry_finder.find(value['content_type_slug'], value['id'])
|
71
|
+
|
72
|
+
return nil if _page.nil? || entry.nil?
|
73
|
+
|
74
|
+
# attach the template to the content entry
|
75
|
+
_page.content_entry = entry
|
76
|
+
end
|
77
|
+
when '_external'
|
78
|
+
value
|
79
|
+
else
|
80
|
+
nil
|
81
|
+
end
|
82
|
+
end
|
83
|
+
|
84
|
+
end
|
85
|
+
|
86
|
+
end
|
87
|
+
end
|
@@ -1,8 +1,8 @@
|
|
1
1
|
# http://semver.org/
|
2
2
|
# MAJOR.MINOR.PATCH format.
|
3
|
-
# 1.0.0
|
3
|
+
# 1.0.0.alpha < 1.0.0.alpha1 < 1.0.0.beta < 1.0.0.beta2 < 1.0.0.beta11 < 1.0.0.rc1 < 1.0.0
|
4
4
|
module Locomotive
|
5
5
|
module Steam
|
6
|
-
VERSION = '1.
|
6
|
+
VERSION = '1.5.0.beta1'
|
7
7
|
end
|
8
8
|
end
|
data/locomotivecms_steam.gemspec
CHANGED
@@ -49,7 +49,7 @@ Gem::Specification.new do |spec|
|
|
49
49
|
spec.add_dependency 'pony', '~> 1.12'
|
50
50
|
|
51
51
|
spec.add_dependency 'locomotivecms-solid', '~> 4.0.1'
|
52
|
-
spec.add_dependency 'locomotivecms_common', '~> 0.3.
|
52
|
+
spec.add_dependency 'locomotivecms_common', '~> 0.3.1'
|
53
53
|
|
54
54
|
spec.required_ruby_version = '>= 2.0'
|
55
55
|
end
|
@@ -0,0 +1,20 @@
|
|
1
|
+
---
|
2
|
+
{
|
3
|
+
"name": "carousel",
|
4
|
+
"category": "carousel",
|
5
|
+
"class": "section-carousel",
|
6
|
+
"settings":
|
7
|
+
[
|
8
|
+
{
|
9
|
+
"id": "brand",
|
10
|
+
"type": "text",
|
11
|
+
"label": "Text to display in the carousel",
|
12
|
+
"default": "Header"
|
13
|
+
}
|
14
|
+
]
|
15
|
+
}
|
16
|
+
---
|
17
|
+
|
18
|
+
<h2>
|
19
|
+
FOOTER PLAIN TEXT
|
20
|
+
</h2>
|
@@ -0,0 +1,48 @@
|
|
1
|
+
---
|
2
|
+
{
|
3
|
+
"name": "footer",
|
4
|
+
"category": "footer",
|
5
|
+
"class": "section-footer",
|
6
|
+
"settings":
|
7
|
+
[
|
8
|
+
{
|
9
|
+
"id": "brand",
|
10
|
+
"type": "text",
|
11
|
+
"label": "Text to display in the footer",
|
12
|
+
"default": "Header"
|
13
|
+
}
|
14
|
+
],
|
15
|
+
"default":
|
16
|
+
{
|
17
|
+
"settings":
|
18
|
+
{
|
19
|
+
"brand": "MY COMPANY"
|
20
|
+
},
|
21
|
+
"blocks":
|
22
|
+
[
|
23
|
+
{
|
24
|
+
"type": "link",
|
25
|
+
"settings":
|
26
|
+
{
|
27
|
+
"label": "Link #1",
|
28
|
+
"url": "https://www.nocoffee.fr",
|
29
|
+
"new_tab": "true"
|
30
|
+
}
|
31
|
+
},
|
32
|
+
{
|
33
|
+
"type": "link",
|
34
|
+
"settings":
|
35
|
+
{
|
36
|
+
"label": "Link #2",
|
37
|
+
"url": "https://www.nocoffee.fr",
|
38
|
+
"new_tab": "true"
|
39
|
+
}
|
40
|
+
}
|
41
|
+
]
|
42
|
+
}
|
43
|
+
}
|
44
|
+
---
|
45
|
+
|
46
|
+
<h2>
|
47
|
+
FOOTER PLAIN TEXT
|
48
|
+
</h2>
|
@@ -0,0 +1,54 @@
|
|
1
|
+
---
|
2
|
+
{
|
3
|
+
"name": "header",
|
4
|
+
"category": "header",
|
5
|
+
"class": "section-header",
|
6
|
+
"settings":
|
7
|
+
[
|
8
|
+
{
|
9
|
+
"id": "brand",
|
10
|
+
"type": "text",
|
11
|
+
"label": "Text to display in the header",
|
12
|
+
"default": "Header"
|
13
|
+
}
|
14
|
+
],
|
15
|
+
"default":
|
16
|
+
{
|
17
|
+
"settings":
|
18
|
+
{
|
19
|
+
"brand": "MY COMPANY"
|
20
|
+
},
|
21
|
+
"blocks":
|
22
|
+
[
|
23
|
+
{
|
24
|
+
"type": "link",
|
25
|
+
"settings":
|
26
|
+
{
|
27
|
+
"label": "Link #1",
|
28
|
+
"url": "https://www.nocoffee.fr",
|
29
|
+
"new_tab": "true"
|
30
|
+
}
|
31
|
+
},
|
32
|
+
{
|
33
|
+
"type": "link",
|
34
|
+
"settings":
|
35
|
+
{
|
36
|
+
"label": "Link #2",
|
37
|
+
"url": "https://www.nocoffee.fr",
|
38
|
+
"new_tab": "true"
|
39
|
+
}
|
40
|
+
}
|
41
|
+
]
|
42
|
+
}
|
43
|
+
}
|
44
|
+
---
|
45
|
+
<h1> {{ section.settings.brand }} </h1>
|
46
|
+
<ul>
|
47
|
+
{% for block in section.blocks %}
|
48
|
+
<li>
|
49
|
+
<a href="{{ block.settings.url }}" target="{% if block.settings.new_tab %}_blank{% endif %}">
|
50
|
+
{{ block.settings.label }}
|
51
|
+
</a>
|
52
|
+
</li>
|
53
|
+
{% endfor %}
|
54
|
+
</ul>
|
Binary file
|
@@ -1 +1 @@
|
|
1
|
-
{"options":{},"indexes":[{"v":2,"key":{"_id":1},"name":"_id_","ns":"
|
1
|
+
{"options":{},"indexes":[{"v":2,"key":{"_id":1},"name":"_id_","ns":"locomotiveapp_steam_specs.locomotive_accounts"}]}
|
Binary file
|
@@ -1 +1 @@
|
|
1
|
-
{"options":{},"indexes":[{"v":2,"key":{"_id":1},"name":"_id_","ns":"
|
1
|
+
{"options":{},"indexes":[{"v":2,"key":{"_id":1},"name":"_id_","ns":"locomotiveapp_steam_specs.locomotive_activities"}]}
|
Binary file
|
@@ -1 +1 @@
|
|
1
|
-
{"options":{},"indexes":[{"v":2,"key":{"_id":1},"name":"_id_","ns":"
|
1
|
+
{"options":{},"indexes":[{"v":2,"key":{"_id":1},"name":"_id_","ns":"locomotiveapp_steam_specs.locomotive_content_assets"}]}
|
Binary file
|
@@ -1 +1 @@
|
|
1
|
-
{"options":{},"indexes":[{"v":2,"key":{"_id":1},"name":"_id_","ns":"
|
1
|
+
{"options":{},"indexes":[{"v":2,"key":{"_id":1},"name":"_id_","ns":"locomotiveapp_steam_specs.locomotive_content_entries"}]}
|
Binary file
|
@@ -1 +1 @@
|
|
1
|
-
{"options":{},"indexes":[{"v":2,"key":{"_id":1},"name":"_id_","ns":"
|
1
|
+
{"options":{},"indexes":[{"v":2,"key":{"_id":1},"name":"_id_","ns":"locomotiveapp_steam_specs.locomotive_content_types"}]}
|
Binary file
|
@@ -1 +1 @@
|
|
1
|
-
{"options":{},"indexes":[{"v":2,"key":{"_id":1},"name":"_id_","ns":"
|
1
|
+
{"options":{},"indexes":[{"v":2,"key":{"_id":1},"name":"_id_","ns":"locomotiveapp_steam_specs.locomotive_pages"}]}
|
Binary file
|
@@ -1 +1 @@
|
|
1
|
-
{"options":{},"indexes":[{"v":2,"key":{"_id":1},"name":"_id_","ns":"
|
1
|
+
{"options":{},"indexes":[{"v":2,"key":{"_id":1},"name":"_id_","ns":"locomotiveapp_steam_specs.locomotive_sections"}]}
|
Binary file
|
@@ -1 +1 @@
|
|
1
|
-
{"options":{},"indexes":[{"v":2,"key":{"_id":1},"name":"_id_","ns":"
|
1
|
+
{"options":{},"indexes":[{"v":2,"key":{"_id":1},"name":"_id_","ns":"locomotiveapp_steam_specs.locomotive_sites"}]}
|
Binary file
|
@@ -1 +1 @@
|
|
1
|
-
{"options":{},"indexes":[{"v":2,"key":{"_id":1},"name":"_id_","ns":"
|
1
|
+
{"options":{},"indexes":[{"v":2,"key":{"_id":1},"name":"_id_","ns":"locomotiveapp_steam_specs.locomotive_snippets"}]}
|
Binary file
|
@@ -1 +1 @@
|
|
1
|
-
{"options":{},"indexes":[{"v":2,"key":{"_id":1},"name":"_id_","ns":"
|
1
|
+
{"options":{},"indexes":[{"v":2,"key":{"_id":1},"name":"_id_","ns":"locomotiveapp_steam_specs.locomotive_theme_assets"}]}
|
Binary file
|
@@ -1 +1 @@
|
|
1
|
-
{"options":{},"indexes":[{"v":2,"key":{"_id":1},"name":"_id_","ns":"
|
1
|
+
{"options":{},"indexes":[{"v":2,"key":{"_id":1},"name":"_id_","ns":"locomotiveapp_steam_specs.locomotive_translations"}]}
|
@@ -116,7 +116,7 @@ describe Locomotive::Steam::ContentEntryRepository do
|
|
116
116
|
|
117
117
|
let(:site_id) { mongodb_site_id }
|
118
118
|
let(:adapter) { Locomotive::Steam::MongoDBAdapter.new(database: mongodb_database, hosts: ['127.0.0.1:27017']) }
|
119
|
-
let(:entry_id) { BSON::ObjectId.from_string('
|
119
|
+
let(:entry_id) { BSON::ObjectId.from_string('5baf7d38a953300567956448') }
|
120
120
|
|
121
121
|
end
|
122
122
|
|
@@ -14,7 +14,7 @@ describe Locomotive::Steam::PageRepository do
|
|
14
14
|
describe '#all' do
|
15
15
|
let(:conditions) { {} }
|
16
16
|
subject { repository.all(conditions) }
|
17
|
-
it { expect(subject.size).to eq
|
17
|
+
it { expect(subject.size).to eq 35 }
|
18
18
|
|
19
19
|
context 'with conditions' do
|
20
20
|
let(:conditions) { { fullpath: 'index', 'slug.ne' => '404' } }
|
@@ -26,7 +26,7 @@ describe Locomotive::Steam::ThemeAssetRepository do
|
|
26
26
|
describe '#checksums' do
|
27
27
|
subject { repository.checksums }
|
28
28
|
it { expect(subject.size).to eq 16 }
|
29
|
-
it { expect(subject['stylesheets/application.css']).to eq '
|
29
|
+
it { expect(subject['stylesheets/application.css']).to eq 'bcf663fd61d87846a60496249854d81a' }
|
30
30
|
end
|
31
31
|
|
32
32
|
end
|
@@ -171,11 +171,7 @@ describe 'Authentication' do
|
|
171
171
|
auth_id: email,
|
172
172
|
auth_reset_password_url: 'http://acme.com/account/reset-password',
|
173
173
|
auth_callback: '/account/sign-in',
|
174
|
-
auth_email_from: 'support@acme.com',
|
175
174
|
auth_email_handle: 'reset_password_instructions',
|
176
|
-
auth_email_smtp_address: 'smtp.nowhere.net',
|
177
|
-
auth_email_smtp_user_name: 'jane',
|
178
|
-
auth_email_smtp_password: 'easyone'
|
179
175
|
} }
|
180
176
|
|
181
177
|
it 'renders the forgot password page with an error message' do
|
@@ -191,4 +191,12 @@ describe Locomotive::Steam::Server do
|
|
191
191
|
|
192
192
|
end
|
193
193
|
|
194
|
+
describe 'prevent XSS attacks' do
|
195
|
+
|
196
|
+
subject { get '/events?some_variable=%3Cscript%3Ealert(document.cookie)%3C/script%3E'; last_response.body }
|
197
|
+
|
198
|
+
it { is_expected.not_to include '<script>alert(document.cookie)</script>' }
|
199
|
+
|
200
|
+
end
|
201
|
+
|
194
202
|
end
|
@@ -135,8 +135,8 @@ describe 'ContactForm' do
|
|
135
135
|
|
136
136
|
describe 'submit a new entry (new version)' do
|
137
137
|
|
138
|
-
let(:url)
|
139
|
-
let(:params)
|
138
|
+
let(:url) { '/events' }
|
139
|
+
let(:params) { {
|
140
140
|
'content_type_slug' => 'messages',
|
141
141
|
'some_variable' => '42',
|
142
142
|
'entry' => { 'name' => 'John', 'email' => 'j@doe.net', 'message' => 'Bla bla' } } }
|
@@ -155,6 +155,19 @@ describe 'ContactForm' do
|
|
155
155
|
expect(response.body.to_s).to include "can't be blank"
|
156
156
|
end
|
157
157
|
|
158
|
+
describe 'XSS attack' do
|
159
|
+
|
160
|
+
let(:params) { {
|
161
|
+
'content_type_slug' => 'messages',
|
162
|
+
'entry' => { 'name' => '<script>alert(document.cookie)</script>' }
|
163
|
+
} }
|
164
|
+
|
165
|
+
it "doesn't let people to insert malicious JS code" do
|
166
|
+
expect(response.body.to_s).not_to include "<script>alert(document.cookie)</script>"
|
167
|
+
end
|
168
|
+
|
169
|
+
end
|
170
|
+
|
158
171
|
end
|
159
172
|
|
160
173
|
context 'when valid' do
|
@@ -21,13 +21,15 @@ describe Locomotive::Steam::Server do
|
|
21
21
|
|
22
22
|
it 'checks if it looks valid' do
|
23
23
|
expect(Nokogiri::XML(subject).errors.empty?).to eq true
|
24
|
-
expect(subject.scan(/<url>/).size).to eq
|
24
|
+
expect(subject.scan(/<url>/).size).to eq 22
|
25
25
|
expect(subject).to match("<loc>http://example.org/songs/song-number-2/band</loc>")
|
26
|
+
expect(subject).to match(%(<xhtml:link rel="alternate" hreflang="fr" href="http://example.org/fr/a-notre-sujet" />))
|
26
27
|
expect(subject).to match((<<-EOF
|
27
28
|
<url>
|
28
|
-
<loc>http://example.org/
|
29
|
+
<loc>http://example.org/about-us</loc>
|
29
30
|
<lastmod>2015-03-25</lastmod>
|
30
|
-
<
|
31
|
+
<xhtml:link rel="alternate" hreflang="fr" href="http://example.org/fr/a-notre-sujet" />
|
32
|
+
<xhtml:link rel="alternate" hreflang="nb" href="http://example.org/nb/om-oss" />
|
31
33
|
</url>
|
32
34
|
EOF
|
33
35
|
).strip)
|