remotipart 1.3.1 → 1.4.4

data/spec/dummy_app/db/schema.rb

@@ -0,0 +1,31 @@
+# encoding: UTF-8
+# This file is auto-generated from the current state of the database. Instead
+# of editing this file, please use the migrations feature of Active Record to
+# incrementally modify your database, and then regenerate this schema definition.
+#
+# Note that this schema.rb definition is the authoritative source for your
+# database schema. If you need to create the application database on another
+# system, you should be using db:schema:load, not running all the migrations
+# from scratch. The latter is a flawed and unsustainable approach (the more migrations
+# you'll amass, the slower it'll run and the greater likelihood for issues).
+#
+# It's strongly recommended to check this file into your version control system.
+
+ActiveRecord::Schema.define(:version => 20110714205346) do
+
+  create_table "comments", :force => true do |t|
+    t.string   "subject"
+    t.text     "body"
+    t.datetime "created_at"
+    t.datetime "updated_at"
+    t.string   "attachment_file_name"
+    t.string   "attachment_content_type"
+    t.integer  "attachment_file_size"
+    t.datetime "attachment_updated_at"
+    t.string   "other_attachment_file_name"
+    t.string   "other_attachment_content_type"
+    t.integer  "other_attachment_file_size"
+    t.datetime "other_attachment_updated_at"
+  end
+
+end

data/spec/dummy_app/db/seeds.rb

@@ -0,0 +1,7 @@
+# This file should contain all the record creation needed to seed the database with its default values.
+# The data can then be loaded with the rake db:seed (or created alongside the db with db:setup).
+#
+# Examples:
+#
+#   cities = City.create([{ :name => 'Chicago' }, { :name => 'Copenhagen' }])
+#   Mayor.create(:name => 'Daley', :city => cities.first)

data/spec/features/comments_spec.rb

@@ -0,0 +1,414 @@
+require 'spec_helper'
+
+describe 'comments', type: :feature do
+  it 'creates a new comment', js: true do
+    visit root_path
+    click_link 'New Comment'
+
+    # New Comment link should disappear
+    expect(page).to have_no_link('New Comment')
+    # Comment form should appear
+    expect(page).to have_field('comment_subject')
+    expect(page).to have_field('comment_body')
+    expect(page).to have_no_field('comment_file')
+
+    # Filling in form and submitting
+    comment_subject = 'A new comment!'
+    comment_body = 'Woo, this is my comment, dude.'
+    fill_in 'comment_subject', with: comment_subject
+    fill_in 'comment_body', with: comment_body
+    click_button 'Create Comment'
+
+    # Comment should appear in the comments table
+    within '#comments' do
+      expect(page).to have_content(comment_subject)
+      expect(page).to have_content(comment_body)
+    end
+    # Form should clear
+    expect(page).to have_field('comment_subject', with: '')
+    expect(page).to have_field('comment_body', with: '')
+    # ...and be replaced by link again
+    expect(page).to have_link('Cancel')
+  end
+
+  it "cancels creating a comment", js: true do
+    visit root_path
+    click_link 'New Comment'
+
+    expect(page).to have_field('comment_subject')
+    expect(page).to have_link('Cancel')
+    click_link 'Cancel'
+
+    # Form should disappear
+    expect(page).to have_no_field('comment_subject')
+    expect(page).to have_link('New Comment')
+  end
+
+  it "deletes a comment", js: true do
+    Comment.create(subject: 'The Great Yogurt', body: 'The Schwarz is strong with this one.')
+    visit root_path
+
+    within '#comments' do
+      expect(page).to have_content('The Great Yogurt')
+      accept_js_confirm do
+        click_link 'Destroy'
+      end
+
+      expect(page).to have_no_content('The Great Yogurt')
+    end
+  end
+
+  it "uploads a file", js: true do
+    visit root_path
+    click_link 'New Comment with Attachment'
+
+    expect(page).to have_field('comment_subject')
+    expect(page).to have_field('comment_body')
+    expect(page).to have_field('comment_attachment')
+    expect(page).to have_field('comment_other_attachment')
+
+    comment_subject = 'Newby'
+    comment_body = 'Woot, a file!'
+    fill_in 'comment_subject', with: comment_subject
+    fill_in 'comment_body', with: comment_body
+
+    # Attach file
+    file_path = File.join(fixture_path, 'qr.jpg')
+    other_file_path = File.join(fixture_path, 'hi.txt')
+    attach_file 'comment_attachment', file_path
+    attach_file 'comment_other_attachment', other_file_path
+
+    page_should_not_redirect do
+      click_button 'Create Comment'
+    end
+
+    within '#comments' do
+      expect(page).to have_selector("td", text: comment_subject)
+      expect(page).to have_selector("td", text: comment_body)
+      expect(page).to have_selector("a", text: File.basename(file_path))
+      expect(page).to have_selector("a", text: File.basename(other_file_path))
+    end
+  end
+
+  it "Disables submit button while submitting", js: true do
+    visit root_path
+
+    click_link 'New Comment'
+    # Needed to make test wait for above to finish
+    form = find('form')
+
+    button = find_button('Create Comment')
+    page.execute_script(%q{$('form').append('<input name="pause" type="hidden" value=1 />');})
+
+    fill_in 'comment_subject', with: 'Hi'
+    fill_in 'comment_body', with: 'there'
+    click_button 'Create Comment'
+
+    expect(button[:disabled]).to be true
+    expect(button.value).to eq "Submitting..."
+
+    sleep 1.5
+
+    expect(button[:disabled]).to be false
+    expect(button.value).to eq "Create Comment"
+  end
+
+  it "triggers ajax:remotipartSubmit event hook", js: true do
+    visit root_path
+    page.execute_script("$(document).delegate('form', 'ajax:remotipartSubmit', function() { $('#comments').after('remotipart!'); });")
+
+    click_link 'New Comment with Attachment'
+
+    fill_in 'comment_subject', with: 'Hi'
+    fill_in 'comment_body', with: 'there'
+    attach_file 'comment_attachment', File.join(fixture_path, 'qr.jpg')
+    click_button 'Create Comment'
+
+    expect(page).to have_content('remotipart!')
+  end
+
+  it "allows remotipart submission to be cancelable via event hook", js: true do
+    visit root_path
+    page.execute_script("$(document).delegate('form', 'ajax:remotipartSubmit', function() { $('#comments').after('remotipart!'); return false; });")
+
+    click_link 'New Comment with Attachment'
+
+    file_path = File.join(fixture_path, 'qr.jpg')
+    fill_in 'comment_subject', with: 'Hi'
+    fill_in 'comment_body', with: 'there'
+    attach_file 'comment_attachment', file_path
+    click_button 'Create Comment'
+
+    expect(page).to have_content('remotipart!')
+
+    within '#comments' do
+      expect(page).to have_no_content('Hi')
+      expect(page).to have_no_content('there')
+      expect(page).to have_no_content(File.basename(file_path))
+    end
+  end
+
+  it "allows custom data-type on form", js: true do
+    visit root_path
+    page.execute_script("$(document).delegate('form', 'ajax:success', function(evt, data, status, xhr) { $('#comments').after(xhr.responseText); });")
+
+    click_link 'New Comment with Attachment'
+
+    # Needed to make test wait for above to finish
+    form = find('form')
+    page.execute_script("$('form').attr('data-type', 'html');")
+
+    file_path = File.join(fixture_path, 'qr.jpg')
+    fill_in 'comment_subject', with: 'Hi'
+    fill_in 'comment_body', with: 'there'
+    attach_file 'comment_attachment', file_path
+    click_button 'Create Comment'
+
+    expect(page).to have_content('HTML response')
+  end
+
+  it "allows users to use ajax response data safely", js: true do
+    visit root_path
+    page.execute_script("$(document).delegate('form', 'ajax:success', function(evt, data, status, xhr) { $('#comments').after(data); });")
+
+    click_link 'New Comment with Attachment'
+
+    # Needed to make test wait for above to finish
+    form = find('form')
+    page.execute_script("$('form').attr('data-type', 'html');")
+
+    file_path = File.join(fixture_path, 'qr.jpg')
+    fill_in 'comment_subject', with: 'Hi'
+    fill_in 'comment_body', with: 'there'
+    attach_file 'comment_attachment', file_path
+    click_button 'Create Comment'
+
+    expect(page).to have_content('HTML response')
+  end
+
+  it "escapes html response content properly", js: true do
+    visit root_path
+    page.execute_script("$(document).delegate('form', 'ajax:success', function(evt, data, status, xhr) { $('#comments').after(xhr.responseText); });")
+
+    click_link 'New Comment with Attachment'
+
+    # Needed to make test wait for above to finish
+    form = find('form')
+    page.execute_script("$('form').attr('data-type', 'html');")
+    page.execute_script("$('form').append('<input type=\"hidden\" name=\"template\" value=\"escape\" />');")
+
+    file_path = File.join(fixture_path, 'qr.jpg')
+    fill_in 'comment_subject', with: 'Hi'
+    fill_in 'comment_body', with: 'there'
+    attach_file 'comment_attachment', file_path
+    click_button 'Create Comment'
+
+    expect(find('input[name="quote"]').value).to eq '"'
+  end
+
+  it "returns the correct response status", js: true do
+    visit root_path
+
+    click_link 'New Comment with Attachment'
+    # Needed to make test wait for above to finish
+    input = find('#comment_subject')
+    page.execute_script("$('#comment_subject').removeAttr('required');")
+
+    file_path = File.join(fixture_path, 'qr.jpg')
+    fill_in 'comment_body', with: 'there'
+    attach_file 'comment_attachment', file_path
+    click_button 'Create Comment'
+
+    #within '#error_explanation' do
+    #  expect(page).to have_content "Subject can't be blank"
+    #end
+    expect(page).to have_content "Error status code: 422"
+    expect(page).to have_content "Error status message: Unprocessable Entity"
+  end
+
+  it "passes the method as _method parameter (rails convention)", js: true do
+    visit root_path
+
+    click_link 'New Comment with Attachment'
+    sleep 0.5
+    page.execute_script(%q{$('form').append('<input name="_method" type="hidden" value="put" />');})
+
+    file_path = File.join(fixture_path, 'qr.jpg')
+    fill_in 'comment_subject', with: 'Hi'
+    fill_in 'comment_body', with: 'there'
+    attach_file 'comment_attachment', file_path
+    click_button 'Create Comment'
+
+    expect(page).to have_content 'PUT request!'
+  end
+
+  it "does not submit via remotipart unless file is present", js: true do
+    visit root_path
+    page.execute_script("$(document).delegate('form', 'ajax:remotipartSubmit', function() { $('#comments').after('remotipart!'); });")
+
+    click_link 'New Comment with Attachment'
+
+    fill_in 'comment_subject', with: 'Hi'
+    fill_in 'comment_body', with: 'there'
+    click_button 'Create Comment'
+
+    expect(page).to have_no_content('remotipart!')
+  end
+
+  it "fires all the ajax callbacks on the form", js: true do
+    visit root_path
+    click_link 'New Comment with Attachment'
+
+    # Needed to make test wait for above to finish
+    form = find('form')
+
+    page.execute_script("$('form').bind('ajax:beforeSend', function() { $('#comments').after('thebefore'); });")
+    page.execute_script("$(document).delegate('form', 'ajax:success', function() { $('#comments').after('success'); });")
+    page.execute_script("$(document).delegate('form', 'ajax:complete', function() { $('#comments').after('complete'); });")
+
+    file_path = File.join(fixture_path, 'qr.jpg')
+    fill_in 'comment_subject', with: 'Hi'
+    fill_in 'comment_body', with: 'there'
+    attach_file 'comment_attachment', file_path
+    click_button 'Create Comment'
+
+    expect(page).to have_content('before')
+    expect(page).to have_content('success')
+    expect(page).to have_content('complete')
+  end
+
+  it "fires the ajax callbacks for json data-type with remotipart", js: true do
+    visit root_path
+    click_link 'New Comment with Attachment'
+
+    # Needed to make test wait for above to finish
+    form = find('form')
+
+    page.execute_script("$('form').data('type', 'json');")
+
+    page.execute_script("$('form').bind('ajax:beforeSend', function() { $('#comments').after('thebefore'); });")
+    page.execute_script("$(document).delegate('form', 'ajax:success', function() { $('#comments').after('success'); });")
+    page.execute_script("$(document).delegate('form', 'ajax:complete', function() { $('#comments').after('complete'); });")
+
+    file_path = File.join(fixture_path, 'qr.jpg')
+    fill_in 'comment_subject', with: 'Hi'
+    fill_in 'comment_body', with: 'there'
+    attach_file 'comment_attachment', file_path
+    click_button 'Create Comment'
+
+    expect(page).to have_content('before')
+    expect(page).to have_content('success')
+    expect(page).to have_content('complete')
+  end
+
+  it "only fires the beforeSend hook once", js: true do
+    visit root_path
+    click_link 'New Comment with Attachment'
+
+    # Needed to make test wait for above to finish
+    form = find('form')
+
+    page.execute_script("$('form').bind('ajax:beforeSend', function() { $('#comments').after('<div class=\"ajax\">ajax!</div>'); });")
+
+    file_path = File.join(fixture_path, 'qr.jpg')
+    fill_in 'comment_subject', with: 'Hi'
+    fill_in 'comment_body', with: 'there'
+    attach_file 'comment_attachment', file_path
+    click_button 'Create Comment'
+
+    expect(page).to have_css("div.ajax", :count => 1)
+  end
+
+  it "cleans up after itself when uploading files", js: true do
+    visit root_path
+    page.execute_script("$(document).delegate('form', 'ajax:remotipartSubmit', function(evt, xhr, data) { if ($(this).data('remotipartSubmitted')) { $('#comments').after('remotipart before!'); } });")
+
+    click_link 'New Comment with Attachment'
+    page.execute_script("$('form').attr('data-type', 'html');")
+
+    file_path = File.join(fixture_path, 'qr.jpg')
+    fill_in 'comment_subject', with: 'Hi'
+    fill_in 'comment_body', with: 'there'
+    attach_file 'comment_attachment', file_path
+    click_button 'Create Comment'
+
+    expect(page).to have_content('remotipart before!')
+
+    page.execute_script("if (!$('form').data('remotipartSubmitted')) { $('#comments').after('no remotipart after!'); } ")
+    expect(page).to have_content('no remotipart after!')
+  end
+
+  it "submits via remotipart when a file upload is present", js: true do
+    visit root_path
+    page.execute_script("$(document).delegate('form', 'ajax:remotipartSubmit', function(evt, xhr, data) { $('#comments').after('<div class=\"remotipart\">remotipart!</div>'); });")
+
+    click_link 'New Comment with Attachment'
+    page.execute_script("$('form').attr('data-type', 'html');")
+
+    file_path = File.join(fixture_path, 'qr.jpg')
+    fill_in 'comment_subject', with: 'Hi'
+    fill_in 'comment_body', with: 'there'
+    attach_file 'comment_attachment', file_path
+    click_button 'Create Comment'
+
+    expect(page).to have_css("div.remotipart")
+  end
+
+  it "does not submit via remotipart when a file upload is not present", js: true do
+    visit root_path
+    page.execute_script("$(document).delegate('form', 'ajax:remotipartSubmit', function(evt, xhr, data) { $('#comments').after('<div class=\"remotipart\">remotipart!</div>'); });")
+
+    click_link 'New Comment with Attachment'
+    page.execute_script("$('form').attr('data-type', 'html');")
+
+    fill_in 'comment_subject', with: 'Hi'
+    fill_in 'comment_body', with: 'there'
+    click_button 'Create Comment'
+
+    expect(page).not_to have_css("div.remotipart")
+  end
+
+  it "Disables submit button while submitting with remotipart", js: true do
+    visit root_path
+
+    click_link 'New Comment with Attachment'
+
+    button = find_button('Create Comment')
+    # clicking 'Create Comment' button causes capybara evaluation freeze until request ends, so perform check by JavaScript
+    page.execute_script("$('form').bind('ajax:remotipartComplete', function(data) { window.commitButtonDisabled = $('input[name=\"commit\"]').is(':disabled'); window.commitButtonValue = $('input[name=\"commit\"]').val(); });")
+
+    file_path = File.join(fixture_path, 'qr.jpg')
+    fill_in 'comment_subject', with: 'Hi'
+    fill_in 'comment_body', with: 'there'
+    attach_file 'comment_attachment', file_path
+    click_button 'Create Comment'
+
+    expect(page.evaluate_script("window.commitButtonDisabled")).to be true
+    expect(page.evaluate_script("window.commitButtonValue")).to eq "Submitting..."
+
+    expect(button[:disabled]).to be false
+    expect(button.value).to eq "Create Comment"
+  end
+
+  it "submits the clicked button with the form like non-file remote form", js: true do
+    visit root_path
+    click_link 'New Comment with Attachment'
+
+    form = find('form')
+    page.execute_script("$('form').bind('ajax:remotipartSubmit', function(e, xhr, settings) { $('#comments').after('<div class=\"params\">' + $.param(settings.data) + '</div>'); });")
+
+    file_path = File.join(fixture_path, 'qr.jpg')
+    fill_in 'comment_subject', with: 'Hi'
+    fill_in 'comment_body', with: 'there'
+    attach_file 'comment_attachment', file_path
+    click_button 'Create Comment'
+
+    expect(page).to have_content('commit=')
+  end
+
+  it "doesn't allow XSS via script injection for text responses", js: true do
+    visit "/say?message=%3C/textarea%3E%3Csvg/onload=alert(domain)%3E&remotipart_submitted=x"
+    expect(page).to have_selector("textarea")
+    expect(find("textarea").value).to eq('</textarea><svg/onload=alert(domain)>')
+  end
+end

data/spec/features/prepended_spec.rb

@@ -0,0 +1,9 @@
+require 'spec_helper'
+
+describe 'prepended', type: :feature do
+  context "when another library overrides #render using prepend" do
+    it "does not break" do
+      expect { visit prepended_path }.not_to raise_error
+    end
+  end
+end

data/spec/fixtures/hi.txt

@@ -0,0 +1 @@
+Smile, you're on candid camera!

data/spec/spec_helper.rb

@@ -0,0 +1,40 @@
+# Configure Rails Envinronment
+ENV['RAILS_ENV'] = 'test'
+require File.expand_path('../dummy_app/config/environment', __FILE__)
+
+require 'rspec/rails'
+require 'capybara/rspec'
+require 'capybara/poltergeist'
+require 'database_cleaner'
+
+Capybara.javascript_driver = :poltergeist
+Capybara.server = :webrick
+Capybara.default_max_wait_time = 5
+
+# Requires supporting ruby files with custom matchers and macros, etc,
+# in spec/support/ and its subdirectories.
+Dir[File.expand_path('../support/**/*.rb', __FILE__)].each {|f| require f }
+
+RSpec.configure do |config|
+  load "#{Rails.root.to_s}/db/schema.rb" # use db agnostic schema by default
+
+  config.mock_with :rspec
+  config.expect_with :rspec do |c|
+    c.syntax = :expect
+  end
+  config.fixture_path = File.expand_path('../fixtures', __FILE__)
+
+  config.include Rails.application.routes.url_helpers
+  config.include RSpec::Matchers
+  config.include Capybara::DSL, type: :feature
+  config.include IntegrationHelper, type: :feature
+
+  config.before do |example|
+    DatabaseCleaner.strategy = :truncation
+    DatabaseCleaner.start
+  end
+
+  config.after(:each) do
+    DatabaseCleaner.clean
+  end
+end

data/spec/support/arel_helper.rb

@@ -0,0 +1,15 @@
+module Arel
+  module Visitors
+    class DepthFirst < Arel::Visitors::Visitor
+      alias :visit_Integer :terminal
+    end
+
+    class Dot < Arel::Visitors::Visitor
+      alias :visit_Integer :visit_String
+    end
+
+    class ToSql < Arel::Visitors::Visitor
+      alias :visit_Integer :literal
+    end
+  end
+end if Rails::VERSION::MAJOR == 3

data/spec/support/connection_helper.rb

@@ -0,0 +1,12 @@
+class ActiveRecord::Base
+  mattr_accessor :shared_connection
+  @@shared_connection = nil
+
+  def self.connection
+    @@shared_connection || retrieve_connection
+  end
+end
+
+# Forces all threads to share the same connection. This works on
+# Capybara because it starts the web server in a thread.
+ActiveRecord::Base.shared_connection = ActiveRecord::Base.connection

data/spec/support/integration_helper.rb

@@ -0,0 +1,28 @@
+module IntegrationHelper
+  # If you do something that triggers a confirm, do it inside an accept_js_confirm or reject_js_confirm block
+  def accept_js_confirm
+    page.evaluate_script 'window.original_confirm_function = window.confirm;'
+    page.evaluate_script 'window.confirm = function(msg) { return true; }'
+    yield
+    page.evaluate_script 'window.confirm = window.original_confirm_function;'
+  end
+
+  # If you do something that triggers a confirm, do it inside an accept_js_confirm or reject_js_confirm block
+  def reject_js_confirm
+    page.evaluate_script 'window.original_confirm_function = window.confirm;'
+    page.evaluate_script 'window.confirm = function(msg) { return false; }'
+    yield
+    page.evaluate_script 'window.confirm = window.original_confirm_function;'
+  end
+
+  # Test that page doesn't redirect (there is probably a much better, built-in way to
+  # test this, I just don't know it.
+  def page_should_not_redirect
+    path = current_path
+    text = "bleep bloop"
+    page.execute_script "var txt = document.createTextNode('#{text}');document.body.appendChild(txt);"
+    yield
+    expect(current_path).to eq path
+    expect(page).to have_content(text)
+  end
+end