remotipart 1.3.1 → 1.4.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/.travis.yml +35 -0
- data/Appraisals +25 -0
- data/Gemfile +14 -1
- data/History.rdoc +23 -0
- data/README.rdoc +2 -0
- data/Rakefile +5 -7
- data/gemfiles/rails_3.2.gemfile +26 -0
- data/gemfiles/rails_4.2.gemfile +24 -0
- data/gemfiles/rails_5.2.gemfile +24 -0
- data/gemfiles/rails_6.0.gemfile +24 -0
- data/lib/remotipart/middleware.rb +2 -2
- data/lib/remotipart/rails/engine.rb +8 -4
- data/lib/remotipart/rails/railtie.rb +8 -4
- data/lib/remotipart/rails/version.rb +2 -2
- data/lib/remotipart/render_overrides.rb +28 -8
- data/lib/remotipart/request_helper.rb +2 -0
- data/lib/remotipart/view_helper.rb +2 -0
- data/remotipart.gemspec +94 -18
- data/spec/dummy_app/.gitignore +17 -0
- data/spec/dummy_app/Rakefile +7 -0
- data/spec/dummy_app/app/assets/config/manifest.js +4 -0
- data/spec/dummy_app/app/assets/images/rails.png +0 -0
- data/spec/dummy_app/app/assets/javascripts/application.js.erb +8 -0
- data/spec/dummy_app/app/assets/javascripts/comments.js +28 -0
- data/spec/dummy_app/app/assets/stylesheets/application.css +6 -0
- data/spec/dummy_app/app/assets/stylesheets/scaffold.css +65 -0
- data/spec/dummy_app/app/controllers/application_controller.rb +3 -0
- data/spec/dummy_app/app/controllers/comments_controller.rb +72 -0
- data/spec/dummy_app/app/controllers/prepended_controller.rb +9 -0
- data/spec/dummy_app/app/helpers/application_helper.rb +2 -0
- data/spec/dummy_app/app/helpers/comments_helper.rb +2 -0
- data/spec/dummy_app/app/models/comment.rb +7 -0
- data/spec/dummy_app/app/views/comments/_comment.html.erb +9 -0
- data/spec/dummy_app/app/views/comments/_form.html.erb +40 -0
- data/spec/dummy_app/app/views/comments/_new_comment_links.html.erb +5 -0
- data/spec/dummy_app/app/views/comments/create.html.erb +7 -0
- data/spec/dummy_app/app/views/comments/create.js.erb +20 -0
- data/spec/dummy_app/app/views/comments/destroy.js.erb +1 -0
- data/spec/dummy_app/app/views/comments/edit.html.erb +6 -0
- data/spec/dummy_app/app/views/comments/escape_test.html.erb +1 -0
- data/spec/dummy_app/app/views/comments/index.html.erb +19 -0
- data/spec/dummy_app/app/views/comments/new.html.erb +7 -0
- data/spec/dummy_app/app/views/comments/show.html.erb +15 -0
- data/spec/dummy_app/app/views/layouts/application.html.erb +14 -0
- data/spec/dummy_app/app/views/prepended/show.html.erb +1 -0
- data/spec/dummy_app/bin/bundle +3 -0
- data/spec/dummy_app/bin/rails +4 -0
- data/spec/dummy_app/bin/rake +4 -0
- data/spec/dummy_app/bin/setup +34 -0
- data/spec/dummy_app/bin/update +29 -0
- data/spec/dummy_app/config/application.rb +18 -0
- data/spec/dummy_app/config/boot.rb +3 -0
- data/spec/dummy_app/config/database.yml +7 -0
- data/spec/dummy_app/config/environment.rb +5 -0
- data/spec/dummy_app/config/environments/development.rb +54 -0
- data/spec/dummy_app/config/environments/test.rb +53 -0
- data/spec/dummy_app/config/initializers/secret_token.rb +3 -0
- data/spec/dummy_app/config/routes.rb +7 -0
- data/spec/dummy_app/config/secrets.yml +5 -0
- data/spec/dummy_app/config.ru +4 -0
- data/spec/dummy_app/db/migrate/20110209210252_create_comments.rb +14 -0
- data/spec/dummy_app/db/migrate/20110209210315_add_attachment_to_comment.rb +15 -0
- data/spec/dummy_app/db/migrate/20110714205346_add_other_attachment_to_comment.rb +8 -0
- data/spec/dummy_app/db/schema.rb +31 -0
- data/spec/dummy_app/db/seeds.rb +7 -0
- data/spec/features/comments_spec.rb +414 -0
- data/spec/features/prepended_spec.rb +9 -0
- data/spec/fixtures/hi.txt +1 -0
- data/spec/fixtures/qr.jpg +0 -0
- data/spec/spec_helper.rb +40 -0
- data/spec/support/arel_helper.rb +15 -0
- data/spec/support/connection_helper.rb +12 -0
- data/spec/support/integration_helper.rb +28 -0
- data/vendor/assets/javascripts/jquery.iframe-transport.js +38 -27
- data/vendor/assets/javascripts/jquery.remotipart.js +1 -1
- metadata +134 -4
@@ -0,0 +1,31 @@
|
|
1
|
+
# encoding: UTF-8
|
2
|
+
# This file is auto-generated from the current state of the database. Instead
|
3
|
+
# of editing this file, please use the migrations feature of Active Record to
|
4
|
+
# incrementally modify your database, and then regenerate this schema definition.
|
5
|
+
#
|
6
|
+
# Note that this schema.rb definition is the authoritative source for your
|
7
|
+
# database schema. If you need to create the application database on another
|
8
|
+
# system, you should be using db:schema:load, not running all the migrations
|
9
|
+
# from scratch. The latter is a flawed and unsustainable approach (the more migrations
|
10
|
+
# you'll amass, the slower it'll run and the greater likelihood for issues).
|
11
|
+
#
|
12
|
+
# It's strongly recommended to check this file into your version control system.
|
13
|
+
|
14
|
+
ActiveRecord::Schema.define(:version => 20110714205346) do
|
15
|
+
|
16
|
+
create_table "comments", :force => true do |t|
|
17
|
+
t.string "subject"
|
18
|
+
t.text "body"
|
19
|
+
t.datetime "created_at"
|
20
|
+
t.datetime "updated_at"
|
21
|
+
t.string "attachment_file_name"
|
22
|
+
t.string "attachment_content_type"
|
23
|
+
t.integer "attachment_file_size"
|
24
|
+
t.datetime "attachment_updated_at"
|
25
|
+
t.string "other_attachment_file_name"
|
26
|
+
t.string "other_attachment_content_type"
|
27
|
+
t.integer "other_attachment_file_size"
|
28
|
+
t.datetime "other_attachment_updated_at"
|
29
|
+
end
|
30
|
+
|
31
|
+
end
|
@@ -0,0 +1,7 @@
|
|
1
|
+
# This file should contain all the record creation needed to seed the database with its default values.
|
2
|
+
# The data can then be loaded with the rake db:seed (or created alongside the db with db:setup).
|
3
|
+
#
|
4
|
+
# Examples:
|
5
|
+
#
|
6
|
+
# cities = City.create([{ :name => 'Chicago' }, { :name => 'Copenhagen' }])
|
7
|
+
# Mayor.create(:name => 'Daley', :city => cities.first)
|
@@ -0,0 +1,414 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
describe 'comments', type: :feature do
|
4
|
+
it 'creates a new comment', js: true do
|
5
|
+
visit root_path
|
6
|
+
click_link 'New Comment'
|
7
|
+
|
8
|
+
# New Comment link should disappear
|
9
|
+
expect(page).to have_no_link('New Comment')
|
10
|
+
# Comment form should appear
|
11
|
+
expect(page).to have_field('comment_subject')
|
12
|
+
expect(page).to have_field('comment_body')
|
13
|
+
expect(page).to have_no_field('comment_file')
|
14
|
+
|
15
|
+
# Filling in form and submitting
|
16
|
+
comment_subject = 'A new comment!'
|
17
|
+
comment_body = 'Woo, this is my comment, dude.'
|
18
|
+
fill_in 'comment_subject', with: comment_subject
|
19
|
+
fill_in 'comment_body', with: comment_body
|
20
|
+
click_button 'Create Comment'
|
21
|
+
|
22
|
+
# Comment should appear in the comments table
|
23
|
+
within '#comments' do
|
24
|
+
expect(page).to have_content(comment_subject)
|
25
|
+
expect(page).to have_content(comment_body)
|
26
|
+
end
|
27
|
+
# Form should clear
|
28
|
+
expect(page).to have_field('comment_subject', with: '')
|
29
|
+
expect(page).to have_field('comment_body', with: '')
|
30
|
+
# ...and be replaced by link again
|
31
|
+
expect(page).to have_link('Cancel')
|
32
|
+
end
|
33
|
+
|
34
|
+
it "cancels creating a comment", js: true do
|
35
|
+
visit root_path
|
36
|
+
click_link 'New Comment'
|
37
|
+
|
38
|
+
expect(page).to have_field('comment_subject')
|
39
|
+
expect(page).to have_link('Cancel')
|
40
|
+
click_link 'Cancel'
|
41
|
+
|
42
|
+
# Form should disappear
|
43
|
+
expect(page).to have_no_field('comment_subject')
|
44
|
+
expect(page).to have_link('New Comment')
|
45
|
+
end
|
46
|
+
|
47
|
+
it "deletes a comment", js: true do
|
48
|
+
Comment.create(subject: 'The Great Yogurt', body: 'The Schwarz is strong with this one.')
|
49
|
+
visit root_path
|
50
|
+
|
51
|
+
within '#comments' do
|
52
|
+
expect(page).to have_content('The Great Yogurt')
|
53
|
+
accept_js_confirm do
|
54
|
+
click_link 'Destroy'
|
55
|
+
end
|
56
|
+
|
57
|
+
expect(page).to have_no_content('The Great Yogurt')
|
58
|
+
end
|
59
|
+
end
|
60
|
+
|
61
|
+
it "uploads a file", js: true do
|
62
|
+
visit root_path
|
63
|
+
click_link 'New Comment with Attachment'
|
64
|
+
|
65
|
+
expect(page).to have_field('comment_subject')
|
66
|
+
expect(page).to have_field('comment_body')
|
67
|
+
expect(page).to have_field('comment_attachment')
|
68
|
+
expect(page).to have_field('comment_other_attachment')
|
69
|
+
|
70
|
+
comment_subject = 'Newby'
|
71
|
+
comment_body = 'Woot, a file!'
|
72
|
+
fill_in 'comment_subject', with: comment_subject
|
73
|
+
fill_in 'comment_body', with: comment_body
|
74
|
+
|
75
|
+
# Attach file
|
76
|
+
file_path = File.join(fixture_path, 'qr.jpg')
|
77
|
+
other_file_path = File.join(fixture_path, 'hi.txt')
|
78
|
+
attach_file 'comment_attachment', file_path
|
79
|
+
attach_file 'comment_other_attachment', other_file_path
|
80
|
+
|
81
|
+
page_should_not_redirect do
|
82
|
+
click_button 'Create Comment'
|
83
|
+
end
|
84
|
+
|
85
|
+
within '#comments' do
|
86
|
+
expect(page).to have_selector("td", text: comment_subject)
|
87
|
+
expect(page).to have_selector("td", text: comment_body)
|
88
|
+
expect(page).to have_selector("a", text: File.basename(file_path))
|
89
|
+
expect(page).to have_selector("a", text: File.basename(other_file_path))
|
90
|
+
end
|
91
|
+
end
|
92
|
+
|
93
|
+
it "Disables submit button while submitting", js: true do
|
94
|
+
visit root_path
|
95
|
+
|
96
|
+
click_link 'New Comment'
|
97
|
+
# Needed to make test wait for above to finish
|
98
|
+
form = find('form')
|
99
|
+
|
100
|
+
button = find_button('Create Comment')
|
101
|
+
page.execute_script(%q{$('form').append('<input name="pause" type="hidden" value=1 />');})
|
102
|
+
|
103
|
+
fill_in 'comment_subject', with: 'Hi'
|
104
|
+
fill_in 'comment_body', with: 'there'
|
105
|
+
click_button 'Create Comment'
|
106
|
+
|
107
|
+
expect(button[:disabled]).to be true
|
108
|
+
expect(button.value).to eq "Submitting..."
|
109
|
+
|
110
|
+
sleep 1.5
|
111
|
+
|
112
|
+
expect(button[:disabled]).to be false
|
113
|
+
expect(button.value).to eq "Create Comment"
|
114
|
+
end
|
115
|
+
|
116
|
+
it "triggers ajax:remotipartSubmit event hook", js: true do
|
117
|
+
visit root_path
|
118
|
+
page.execute_script("$(document).delegate('form', 'ajax:remotipartSubmit', function() { $('#comments').after('remotipart!'); });")
|
119
|
+
|
120
|
+
click_link 'New Comment with Attachment'
|
121
|
+
|
122
|
+
fill_in 'comment_subject', with: 'Hi'
|
123
|
+
fill_in 'comment_body', with: 'there'
|
124
|
+
attach_file 'comment_attachment', File.join(fixture_path, 'qr.jpg')
|
125
|
+
click_button 'Create Comment'
|
126
|
+
|
127
|
+
expect(page).to have_content('remotipart!')
|
128
|
+
end
|
129
|
+
|
130
|
+
it "allows remotipart submission to be cancelable via event hook", js: true do
|
131
|
+
visit root_path
|
132
|
+
page.execute_script("$(document).delegate('form', 'ajax:remotipartSubmit', function() { $('#comments').after('remotipart!'); return false; });")
|
133
|
+
|
134
|
+
click_link 'New Comment with Attachment'
|
135
|
+
|
136
|
+
file_path = File.join(fixture_path, 'qr.jpg')
|
137
|
+
fill_in 'comment_subject', with: 'Hi'
|
138
|
+
fill_in 'comment_body', with: 'there'
|
139
|
+
attach_file 'comment_attachment', file_path
|
140
|
+
click_button 'Create Comment'
|
141
|
+
|
142
|
+
expect(page).to have_content('remotipart!')
|
143
|
+
|
144
|
+
within '#comments' do
|
145
|
+
expect(page).to have_no_content('Hi')
|
146
|
+
expect(page).to have_no_content('there')
|
147
|
+
expect(page).to have_no_content(File.basename(file_path))
|
148
|
+
end
|
149
|
+
end
|
150
|
+
|
151
|
+
it "allows custom data-type on form", js: true do
|
152
|
+
visit root_path
|
153
|
+
page.execute_script("$(document).delegate('form', 'ajax:success', function(evt, data, status, xhr) { $('#comments').after(xhr.responseText); });")
|
154
|
+
|
155
|
+
click_link 'New Comment with Attachment'
|
156
|
+
|
157
|
+
# Needed to make test wait for above to finish
|
158
|
+
form = find('form')
|
159
|
+
page.execute_script("$('form').attr('data-type', 'html');")
|
160
|
+
|
161
|
+
file_path = File.join(fixture_path, 'qr.jpg')
|
162
|
+
fill_in 'comment_subject', with: 'Hi'
|
163
|
+
fill_in 'comment_body', with: 'there'
|
164
|
+
attach_file 'comment_attachment', file_path
|
165
|
+
click_button 'Create Comment'
|
166
|
+
|
167
|
+
expect(page).to have_content('HTML response')
|
168
|
+
end
|
169
|
+
|
170
|
+
it "allows users to use ajax response data safely", js: true do
|
171
|
+
visit root_path
|
172
|
+
page.execute_script("$(document).delegate('form', 'ajax:success', function(evt, data, status, xhr) { $('#comments').after(data); });")
|
173
|
+
|
174
|
+
click_link 'New Comment with Attachment'
|
175
|
+
|
176
|
+
# Needed to make test wait for above to finish
|
177
|
+
form = find('form')
|
178
|
+
page.execute_script("$('form').attr('data-type', 'html');")
|
179
|
+
|
180
|
+
file_path = File.join(fixture_path, 'qr.jpg')
|
181
|
+
fill_in 'comment_subject', with: 'Hi'
|
182
|
+
fill_in 'comment_body', with: 'there'
|
183
|
+
attach_file 'comment_attachment', file_path
|
184
|
+
click_button 'Create Comment'
|
185
|
+
|
186
|
+
expect(page).to have_content('HTML response')
|
187
|
+
end
|
188
|
+
|
189
|
+
it "escapes html response content properly", js: true do
|
190
|
+
visit root_path
|
191
|
+
page.execute_script("$(document).delegate('form', 'ajax:success', function(evt, data, status, xhr) { $('#comments').after(xhr.responseText); });")
|
192
|
+
|
193
|
+
click_link 'New Comment with Attachment'
|
194
|
+
|
195
|
+
# Needed to make test wait for above to finish
|
196
|
+
form = find('form')
|
197
|
+
page.execute_script("$('form').attr('data-type', 'html');")
|
198
|
+
page.execute_script("$('form').append('<input type=\"hidden\" name=\"template\" value=\"escape\" />');")
|
199
|
+
|
200
|
+
file_path = File.join(fixture_path, 'qr.jpg')
|
201
|
+
fill_in 'comment_subject', with: 'Hi'
|
202
|
+
fill_in 'comment_body', with: 'there'
|
203
|
+
attach_file 'comment_attachment', file_path
|
204
|
+
click_button 'Create Comment'
|
205
|
+
|
206
|
+
expect(find('input[name="quote"]').value).to eq '"'
|
207
|
+
end
|
208
|
+
|
209
|
+
it "returns the correct response status", js: true do
|
210
|
+
visit root_path
|
211
|
+
|
212
|
+
click_link 'New Comment with Attachment'
|
213
|
+
# Needed to make test wait for above to finish
|
214
|
+
input = find('#comment_subject')
|
215
|
+
page.execute_script("$('#comment_subject').removeAttr('required');")
|
216
|
+
|
217
|
+
file_path = File.join(fixture_path, 'qr.jpg')
|
218
|
+
fill_in 'comment_body', with: 'there'
|
219
|
+
attach_file 'comment_attachment', file_path
|
220
|
+
click_button 'Create Comment'
|
221
|
+
|
222
|
+
#within '#error_explanation' do
|
223
|
+
# expect(page).to have_content "Subject can't be blank"
|
224
|
+
#end
|
225
|
+
expect(page).to have_content "Error status code: 422"
|
226
|
+
expect(page).to have_content "Error status message: Unprocessable Entity"
|
227
|
+
end
|
228
|
+
|
229
|
+
it "passes the method as _method parameter (rails convention)", js: true do
|
230
|
+
visit root_path
|
231
|
+
|
232
|
+
click_link 'New Comment with Attachment'
|
233
|
+
sleep 0.5
|
234
|
+
page.execute_script(%q{$('form').append('<input name="_method" type="hidden" value="put" />');})
|
235
|
+
|
236
|
+
file_path = File.join(fixture_path, 'qr.jpg')
|
237
|
+
fill_in 'comment_subject', with: 'Hi'
|
238
|
+
fill_in 'comment_body', with: 'there'
|
239
|
+
attach_file 'comment_attachment', file_path
|
240
|
+
click_button 'Create Comment'
|
241
|
+
|
242
|
+
expect(page).to have_content 'PUT request!'
|
243
|
+
end
|
244
|
+
|
245
|
+
it "does not submit via remotipart unless file is present", js: true do
|
246
|
+
visit root_path
|
247
|
+
page.execute_script("$(document).delegate('form', 'ajax:remotipartSubmit', function() { $('#comments').after('remotipart!'); });")
|
248
|
+
|
249
|
+
click_link 'New Comment with Attachment'
|
250
|
+
|
251
|
+
fill_in 'comment_subject', with: 'Hi'
|
252
|
+
fill_in 'comment_body', with: 'there'
|
253
|
+
click_button 'Create Comment'
|
254
|
+
|
255
|
+
expect(page).to have_no_content('remotipart!')
|
256
|
+
end
|
257
|
+
|
258
|
+
it "fires all the ajax callbacks on the form", js: true do
|
259
|
+
visit root_path
|
260
|
+
click_link 'New Comment with Attachment'
|
261
|
+
|
262
|
+
# Needed to make test wait for above to finish
|
263
|
+
form = find('form')
|
264
|
+
|
265
|
+
page.execute_script("$('form').bind('ajax:beforeSend', function() { $('#comments').after('thebefore'); });")
|
266
|
+
page.execute_script("$(document).delegate('form', 'ajax:success', function() { $('#comments').after('success'); });")
|
267
|
+
page.execute_script("$(document).delegate('form', 'ajax:complete', function() { $('#comments').after('complete'); });")
|
268
|
+
|
269
|
+
file_path = File.join(fixture_path, 'qr.jpg')
|
270
|
+
fill_in 'comment_subject', with: 'Hi'
|
271
|
+
fill_in 'comment_body', with: 'there'
|
272
|
+
attach_file 'comment_attachment', file_path
|
273
|
+
click_button 'Create Comment'
|
274
|
+
|
275
|
+
expect(page).to have_content('before')
|
276
|
+
expect(page).to have_content('success')
|
277
|
+
expect(page).to have_content('complete')
|
278
|
+
end
|
279
|
+
|
280
|
+
it "fires the ajax callbacks for json data-type with remotipart", js: true do
|
281
|
+
visit root_path
|
282
|
+
click_link 'New Comment with Attachment'
|
283
|
+
|
284
|
+
# Needed to make test wait for above to finish
|
285
|
+
form = find('form')
|
286
|
+
|
287
|
+
page.execute_script("$('form').data('type', 'json');")
|
288
|
+
|
289
|
+
page.execute_script("$('form').bind('ajax:beforeSend', function() { $('#comments').after('thebefore'); });")
|
290
|
+
page.execute_script("$(document).delegate('form', 'ajax:success', function() { $('#comments').after('success'); });")
|
291
|
+
page.execute_script("$(document).delegate('form', 'ajax:complete', function() { $('#comments').after('complete'); });")
|
292
|
+
|
293
|
+
file_path = File.join(fixture_path, 'qr.jpg')
|
294
|
+
fill_in 'comment_subject', with: 'Hi'
|
295
|
+
fill_in 'comment_body', with: 'there'
|
296
|
+
attach_file 'comment_attachment', file_path
|
297
|
+
click_button 'Create Comment'
|
298
|
+
|
299
|
+
expect(page).to have_content('before')
|
300
|
+
expect(page).to have_content('success')
|
301
|
+
expect(page).to have_content('complete')
|
302
|
+
end
|
303
|
+
|
304
|
+
it "only fires the beforeSend hook once", js: true do
|
305
|
+
visit root_path
|
306
|
+
click_link 'New Comment with Attachment'
|
307
|
+
|
308
|
+
# Needed to make test wait for above to finish
|
309
|
+
form = find('form')
|
310
|
+
|
311
|
+
page.execute_script("$('form').bind('ajax:beforeSend', function() { $('#comments').after('<div class=\"ajax\">ajax!</div>'); });")
|
312
|
+
|
313
|
+
file_path = File.join(fixture_path, 'qr.jpg')
|
314
|
+
fill_in 'comment_subject', with: 'Hi'
|
315
|
+
fill_in 'comment_body', with: 'there'
|
316
|
+
attach_file 'comment_attachment', file_path
|
317
|
+
click_button 'Create Comment'
|
318
|
+
|
319
|
+
expect(page).to have_css("div.ajax", :count => 1)
|
320
|
+
end
|
321
|
+
|
322
|
+
it "cleans up after itself when uploading files", js: true do
|
323
|
+
visit root_path
|
324
|
+
page.execute_script("$(document).delegate('form', 'ajax:remotipartSubmit', function(evt, xhr, data) { if ($(this).data('remotipartSubmitted')) { $('#comments').after('remotipart before!'); } });")
|
325
|
+
|
326
|
+
click_link 'New Comment with Attachment'
|
327
|
+
page.execute_script("$('form').attr('data-type', 'html');")
|
328
|
+
|
329
|
+
file_path = File.join(fixture_path, 'qr.jpg')
|
330
|
+
fill_in 'comment_subject', with: 'Hi'
|
331
|
+
fill_in 'comment_body', with: 'there'
|
332
|
+
attach_file 'comment_attachment', file_path
|
333
|
+
click_button 'Create Comment'
|
334
|
+
|
335
|
+
expect(page).to have_content('remotipart before!')
|
336
|
+
|
337
|
+
page.execute_script("if (!$('form').data('remotipartSubmitted')) { $('#comments').after('no remotipart after!'); } ")
|
338
|
+
expect(page).to have_content('no remotipart after!')
|
339
|
+
end
|
340
|
+
|
341
|
+
it "submits via remotipart when a file upload is present", js: true do
|
342
|
+
visit root_path
|
343
|
+
page.execute_script("$(document).delegate('form', 'ajax:remotipartSubmit', function(evt, xhr, data) { $('#comments').after('<div class=\"remotipart\">remotipart!</div>'); });")
|
344
|
+
|
345
|
+
click_link 'New Comment with Attachment'
|
346
|
+
page.execute_script("$('form').attr('data-type', 'html');")
|
347
|
+
|
348
|
+
file_path = File.join(fixture_path, 'qr.jpg')
|
349
|
+
fill_in 'comment_subject', with: 'Hi'
|
350
|
+
fill_in 'comment_body', with: 'there'
|
351
|
+
attach_file 'comment_attachment', file_path
|
352
|
+
click_button 'Create Comment'
|
353
|
+
|
354
|
+
expect(page).to have_css("div.remotipart")
|
355
|
+
end
|
356
|
+
|
357
|
+
it "does not submit via remotipart when a file upload is not present", js: true do
|
358
|
+
visit root_path
|
359
|
+
page.execute_script("$(document).delegate('form', 'ajax:remotipartSubmit', function(evt, xhr, data) { $('#comments').after('<div class=\"remotipart\">remotipart!</div>'); });")
|
360
|
+
|
361
|
+
click_link 'New Comment with Attachment'
|
362
|
+
page.execute_script("$('form').attr('data-type', 'html');")
|
363
|
+
|
364
|
+
fill_in 'comment_subject', with: 'Hi'
|
365
|
+
fill_in 'comment_body', with: 'there'
|
366
|
+
click_button 'Create Comment'
|
367
|
+
|
368
|
+
expect(page).not_to have_css("div.remotipart")
|
369
|
+
end
|
370
|
+
|
371
|
+
it "Disables submit button while submitting with remotipart", js: true do
|
372
|
+
visit root_path
|
373
|
+
|
374
|
+
click_link 'New Comment with Attachment'
|
375
|
+
|
376
|
+
button = find_button('Create Comment')
|
377
|
+
# clicking 'Create Comment' button causes capybara evaluation freeze until request ends, so perform check by JavaScript
|
378
|
+
page.execute_script("$('form').bind('ajax:remotipartComplete', function(data) { window.commitButtonDisabled = $('input[name=\"commit\"]').is(':disabled'); window.commitButtonValue = $('input[name=\"commit\"]').val(); });")
|
379
|
+
|
380
|
+
file_path = File.join(fixture_path, 'qr.jpg')
|
381
|
+
fill_in 'comment_subject', with: 'Hi'
|
382
|
+
fill_in 'comment_body', with: 'there'
|
383
|
+
attach_file 'comment_attachment', file_path
|
384
|
+
click_button 'Create Comment'
|
385
|
+
|
386
|
+
expect(page.evaluate_script("window.commitButtonDisabled")).to be true
|
387
|
+
expect(page.evaluate_script("window.commitButtonValue")).to eq "Submitting..."
|
388
|
+
|
389
|
+
expect(button[:disabled]).to be false
|
390
|
+
expect(button.value).to eq "Create Comment"
|
391
|
+
end
|
392
|
+
|
393
|
+
it "submits the clicked button with the form like non-file remote form", js: true do
|
394
|
+
visit root_path
|
395
|
+
click_link 'New Comment with Attachment'
|
396
|
+
|
397
|
+
form = find('form')
|
398
|
+
page.execute_script("$('form').bind('ajax:remotipartSubmit', function(e, xhr, settings) { $('#comments').after('<div class=\"params\">' + $.param(settings.data) + '</div>'); });")
|
399
|
+
|
400
|
+
file_path = File.join(fixture_path, 'qr.jpg')
|
401
|
+
fill_in 'comment_subject', with: 'Hi'
|
402
|
+
fill_in 'comment_body', with: 'there'
|
403
|
+
attach_file 'comment_attachment', file_path
|
404
|
+
click_button 'Create Comment'
|
405
|
+
|
406
|
+
expect(page).to have_content('commit=')
|
407
|
+
end
|
408
|
+
|
409
|
+
it "doesn't allow XSS via script injection for text responses", js: true do
|
410
|
+
visit "/say?message=%3C/textarea%3E%3Csvg/onload=alert(domain)%3E&remotipart_submitted=x"
|
411
|
+
expect(page).to have_selector("textarea")
|
412
|
+
expect(find("textarea").value).to eq('</textarea><svg/onload=alert(domain)>')
|
413
|
+
end
|
414
|
+
end
|
@@ -0,0 +1 @@
|
|
1
|
+
Smile, you're on candid camera!
|
Binary file
|
data/spec/spec_helper.rb
ADDED
@@ -0,0 +1,40 @@
|
|
1
|
+
# Configure Rails Envinronment
|
2
|
+
ENV['RAILS_ENV'] = 'test'
|
3
|
+
require File.expand_path('../dummy_app/config/environment', __FILE__)
|
4
|
+
|
5
|
+
require 'rspec/rails'
|
6
|
+
require 'capybara/rspec'
|
7
|
+
require 'capybara/poltergeist'
|
8
|
+
require 'database_cleaner'
|
9
|
+
|
10
|
+
Capybara.javascript_driver = :poltergeist
|
11
|
+
Capybara.server = :webrick
|
12
|
+
Capybara.default_max_wait_time = 5
|
13
|
+
|
14
|
+
# Requires supporting ruby files with custom matchers and macros, etc,
|
15
|
+
# in spec/support/ and its subdirectories.
|
16
|
+
Dir[File.expand_path('../support/**/*.rb', __FILE__)].each {|f| require f }
|
17
|
+
|
18
|
+
RSpec.configure do |config|
|
19
|
+
load "#{Rails.root.to_s}/db/schema.rb" # use db agnostic schema by default
|
20
|
+
|
21
|
+
config.mock_with :rspec
|
22
|
+
config.expect_with :rspec do |c|
|
23
|
+
c.syntax = :expect
|
24
|
+
end
|
25
|
+
config.fixture_path = File.expand_path('../fixtures', __FILE__)
|
26
|
+
|
27
|
+
config.include Rails.application.routes.url_helpers
|
28
|
+
config.include RSpec::Matchers
|
29
|
+
config.include Capybara::DSL, type: :feature
|
30
|
+
config.include IntegrationHelper, type: :feature
|
31
|
+
|
32
|
+
config.before do |example|
|
33
|
+
DatabaseCleaner.strategy = :truncation
|
34
|
+
DatabaseCleaner.start
|
35
|
+
end
|
36
|
+
|
37
|
+
config.after(:each) do
|
38
|
+
DatabaseCleaner.clean
|
39
|
+
end
|
40
|
+
end
|
@@ -0,0 +1,15 @@
|
|
1
|
+
module Arel
|
2
|
+
module Visitors
|
3
|
+
class DepthFirst < Arel::Visitors::Visitor
|
4
|
+
alias :visit_Integer :terminal
|
5
|
+
end
|
6
|
+
|
7
|
+
class Dot < Arel::Visitors::Visitor
|
8
|
+
alias :visit_Integer :visit_String
|
9
|
+
end
|
10
|
+
|
11
|
+
class ToSql < Arel::Visitors::Visitor
|
12
|
+
alias :visit_Integer :literal
|
13
|
+
end
|
14
|
+
end
|
15
|
+
end if Rails::VERSION::MAJOR == 3
|
@@ -0,0 +1,12 @@
|
|
1
|
+
class ActiveRecord::Base
|
2
|
+
mattr_accessor :shared_connection
|
3
|
+
@@shared_connection = nil
|
4
|
+
|
5
|
+
def self.connection
|
6
|
+
@@shared_connection || retrieve_connection
|
7
|
+
end
|
8
|
+
end
|
9
|
+
|
10
|
+
# Forces all threads to share the same connection. This works on
|
11
|
+
# Capybara because it starts the web server in a thread.
|
12
|
+
ActiveRecord::Base.shared_connection = ActiveRecord::Base.connection
|
@@ -0,0 +1,28 @@
|
|
1
|
+
module IntegrationHelper
|
2
|
+
# If you do something that triggers a confirm, do it inside an accept_js_confirm or reject_js_confirm block
|
3
|
+
def accept_js_confirm
|
4
|
+
page.evaluate_script 'window.original_confirm_function = window.confirm;'
|
5
|
+
page.evaluate_script 'window.confirm = function(msg) { return true; }'
|
6
|
+
yield
|
7
|
+
page.evaluate_script 'window.confirm = window.original_confirm_function;'
|
8
|
+
end
|
9
|
+
|
10
|
+
# If you do something that triggers a confirm, do it inside an accept_js_confirm or reject_js_confirm block
|
11
|
+
def reject_js_confirm
|
12
|
+
page.evaluate_script 'window.original_confirm_function = window.confirm;'
|
13
|
+
page.evaluate_script 'window.confirm = function(msg) { return false; }'
|
14
|
+
yield
|
15
|
+
page.evaluate_script 'window.confirm = window.original_confirm_function;'
|
16
|
+
end
|
17
|
+
|
18
|
+
# Test that page doesn't redirect (there is probably a much better, built-in way to
|
19
|
+
# test this, I just don't know it.
|
20
|
+
def page_should_not_redirect
|
21
|
+
path = current_path
|
22
|
+
text = "bleep bloop"
|
23
|
+
page.execute_script "var txt = document.createTextNode('#{text}');document.body.appendChild(txt);"
|
24
|
+
yield
|
25
|
+
expect(current_path).to eq path
|
26
|
+
expect(page).to have_content(text)
|
27
|
+
end
|
28
|
+
end
|