shoulda-matchers 2.5.0 → 2.6.0

data/spec/shoulda/matchers/action_controller/set_the_flash_matcher_spec.rb

@@ -7,144 +7,144 @@ describe Shoulda::Matchers::ActionController::SetTheFlashMatcher do
 
   context 'a controller that sets a flash message' do
     it 'accepts setting any flash message' do
-      controller_with_flash(:notice => 'hi').should set_the_flash
+      expect(controller_with_flash(notice: 'hi')).to set_the_flash
     end
 
     it 'accepts setting the exact flash message' do
-      controller_with_flash(:notice => 'hi').should set_the_flash.to('hi')
+      expect(controller_with_flash(notice: 'hi')).to set_the_flash.to('hi')
     end
 
     it 'accepts setting a matched flash message' do
-      controller_with_flash(:notice => 'hello').should set_the_flash.to(/he/)
+      expect(controller_with_flash(notice: 'hello')).to set_the_flash.to(/he/)
     end
 
     it 'rejects setting a different flash message' do
-      controller_with_flash(:notice => 'hi').
-        should_not set_the_flash.to('other')
+      expect(controller_with_flash(notice: 'hi')).
+        not_to set_the_flash.to('other')
     end
 
     it 'rejects setting a different pattern' do
-      controller_with_flash(:notice => 'hi').
-        should_not set_the_flash.to(/other/)
+      expect(controller_with_flash(notice: 'hi')).
+        not_to set_the_flash.to(/other/)
     end
   end
 
   context 'a controller that sets a flash.now message' do
     it 'rejects setting any flash message' do
-      controller_with_flash_now.should_not set_the_flash
+      expect(controller_with_flash_now).not_to set_the_flash
     end
 
     it 'accepts setting any flash.now message' do
-      controller_with_flash_now.should set_the_flash.now
+      expect(controller_with_flash_now).to set_the_flash.now
     end
 
     it 'accepts setting the exact flash.now message' do
-      controller_with_flash_now(:notice => 'hi').
-        should set_the_flash.now.to('hi')
+      expect(controller_with_flash_now(notice: 'hi')).
+        to set_the_flash.now.to('hi')
     end
 
     it 'accepts setting a matched flash.now message' do
-      controller_with_flash_now(:notice => 'flasher').
-        should set_the_flash.now.to(/lash/)
+      expect(controller_with_flash_now(notice: 'flasher')).
+        to set_the_flash.now.to(/lash/)
     end
 
     it 'rejects setting a different flash.now message' do
-      controller_with_flash_now(:notice => 'hi').
-        should_not set_the_flash.now.to('other')
+      expect(controller_with_flash_now(notice: 'hi')).
+        not_to set_the_flash.now.to('other')
     end
 
     it 'rejects setting a different flash.now pattern' do
-      controller_with_flash_now(:notice => 'hi').
-        should_not set_the_flash.now.to(/other/)
+      expect(controller_with_flash_now(notice: 'hi')).
+        not_to set_the_flash.now.to(/other/)
     end
   end
 
   context 'a controller that sets flash messages for multiple keys' do
     it 'accepts flash message for either key' do
-      controller = controller_with_flash(:notice => 'one', :alert => 'two')
+      controller = controller_with_flash(notice: 'one', alert: 'two')
 
-      controller.should set_the_flash[:notice]
-      controller.should set_the_flash[:alert]
+      expect(controller).to set_the_flash[:notice]
+      expect(controller).to set_the_flash[:alert]
     end
 
     it 'rejects a flash message that is not one of the set keys' do
-      controller_with_flash(:notice => 'one', :alert => 'two').
-        should_not set_the_flash[:warning]
+      expect(controller_with_flash(notice: 'one', alert: 'two')).
+        not_to set_the_flash[:warning]
     end
 
     it 'accepts exact flash message of notice' do
-      controller_with_flash(:notice => 'one', :alert => 'two').
-        should set_the_flash[:notice].to('one')
+      expect(controller_with_flash(notice: 'one', alert: 'two')).
+        to set_the_flash[:notice].to('one')
     end
 
     it 'accepts setting a matched flash message of notice' do
-      controller_with_flash(:notice => 'one', :alert => 'two').
-        should set_the_flash[:notice].to(/on/)
+      expect(controller_with_flash(notice: 'one', alert: 'two')).
+        to set_the_flash[:notice].to(/on/)
     end
 
     it 'rejects setting a different flash message of notice' do
-      controller_with_flash(:notice => 'one', :alert => 'two').
-        should_not set_the_flash[:notice].to('other')
+      expect(controller_with_flash(notice: 'one', alert: 'two')).
+        not_to set_the_flash[:notice].to('other')
     end
 
     it 'rejects setting a different pattern' do
-      controller_with_flash(:notice => 'one', :alert => 'two').
-        should_not set_the_flash[:notice].to(/other/)
+      expect(controller_with_flash(notice: 'one', alert: 'two')).
+        not_to set_the_flash[:notice].to(/other/)
     end
   end
 
   context 'a controller that sets flash and flash.now' do
     it 'accepts setting any flash.now message' do
-      controller = build_response do
+      controller = build_fake_response do
         flash.now[:notice] = 'value'
         flash[:success] = 'great job'
       end
 
-      controller.should set_the_flash.now
-      controller.should set_the_flash
+      expect(controller).to set_the_flash.now
+      expect(controller).to set_the_flash
     end
 
     it 'accepts setting a matched flash.now message' do
-      controller = build_response do
+      controller = build_fake_response do
         flash.now[:notice] = 'value'
         flash[:success] = 'great job'
       end
 
-      controller.should set_the_flash.now.to(/value/)
-      controller.should set_the_flash.to(/great/)
+      expect(controller).to set_the_flash.now.to(/value/)
+      expect(controller).to set_the_flash.to(/great/)
     end
 
     it 'rejects setting a different flash.now message' do
-      controller = build_response do
+      controller = build_fake_response do
         flash.now[:notice] = 'value'
         flash[:success] = 'great job'
       end
 
-      controller.should_not set_the_flash.now.to('other')
-      controller.should_not set_the_flash.to('other')
+      expect(controller).not_to set_the_flash.now.to('other')
+      expect(controller).not_to set_the_flash.to('other')
     end
   end
 
   context 'a controller that does not set a flash message' do
     it 'rejects setting any flash message' do
-      controller_with_no_flashes.should_not set_the_flash
+      expect(controller_with_no_flashes).not_to set_the_flash
     end
   end
 
   def controller_with_no_flashes
-    build_response
+    build_fake_response
   end
 
   def controller_with_flash(flash_hash)
-    build_response do
+    build_fake_response do
       flash_hash.each do |key, value|
         flash[key] = value
       end
     end
   end
 
-  def controller_with_flash_now(flash_hash = { :notice => 'hi' })
-    build_response do
+  def controller_with_flash_now(flash_hash = { notice: 'hi' })
+    build_fake_response do
       flash_hash.each do |key, value|
         flash.now[key] = value
       end

data/spec/shoulda/matchers/action_controller/strong_parameters_matcher_spec.rb

@@ -0,0 +1,205 @@
+require 'spec_helper'
+
+describe Shoulda::Matchers::ActionController do
+  describe "#permit" do
+    it 'matches when the sent parameter is allowed' do
+      controller_class = controller_for_resource_with_strong_parameters(action: :create) do
+        params.require(:user).permit(:name)
+      end
+
+      expect(controller_class).to permit(:name).for(:create)
+    end
+
+    it 'does not match when the sent parameter is not allowed' do
+      controller_class = controller_for_resource_with_strong_parameters(action: :create) do
+        params.require(:user).permit(:name)
+      end
+
+      expect(controller_class).not_to permit(:admin).for(:create)
+    end
+
+    it 'matches against multiple attributes' do
+      controller_class = controller_for_resource_with_strong_parameters(action: :create) do
+        params.require(:user).permit(:name, :age)
+      end
+
+      expect(controller_class).to permit(:name, :age).for(:create)
+    end
+  end
+end
+
+describe Shoulda::Matchers::ActionController::StrongParametersMatcher do
+  describe '#description' do
+    it 'returns the correct string' do
+      options = { action: :create, method: :post }
+      controller_for_resource_with_strong_parameters(options) do
+        params.permit(:name, :age)
+      end
+
+      matcher = described_class.new([:name, :age, :height]).for(:create)
+      expect(matcher.description).
+        to eq 'permit POST #create to receive parameters :name, :age, and :height'
+    end
+
+    context 'when a verb is specified' do
+      it 'returns the correct string' do
+        options = { action: :some_action }
+        controller_for_resource_with_strong_parameters(options) do
+          params.permit(:name, :age)
+        end
+
+        matcher = described_class.new([:name]).
+          for(:some_action, verb: :put)
+        expect(matcher.description).
+          to eq 'permit PUT #some_action to receive parameters :name'
+      end
+    end
+  end
+
+  describe "#matches?" do
+    it "is true for a subset of the allowable attributes" do
+      controller_for_resource_with_strong_parameters(action: :create) do
+        params.require(:user).permit(:name)
+      end
+
+      matcher = described_class.new([:name]).in_context(self).for(:create)
+      expect(matcher.matches?).to be_true
+    end
+
+    it "is true for all the allowable attributes" do
+      controller_for_resource_with_strong_parameters(action: :create) do
+        params.require(:user).permit(:name, :age)
+      end
+
+      matcher = described_class.new([:name, :age]).in_context(self).for(:create)
+      expect(matcher.matches?).to be_true
+    end
+
+    it "is false when any attributes are not allowed" do
+      controller_for_resource_with_strong_parameters(action: :create) do
+        params.require(:user).permit(:name)
+      end
+
+      matcher = described_class.new([:name, :admin]).in_context(self).for(:create)
+      expect(matcher.matches?).to be_false
+    end
+
+    it "is false when permit is not called" do
+      controller_for_resource_with_strong_parameters(action: :create) {}
+
+      matcher = described_class.new([:name]).in_context(self).for(:create)
+      expect(matcher.matches?).to be_false
+    end
+
+    it "requires an action" do
+      matcher = described_class.new([:name])
+      expect { matcher.matches? }
+        .to raise_error(Shoulda::Matchers::ActionController::StrongParametersMatcher::ActionNotDefinedError)
+    end
+
+    it "requires a verb for non-restful action" do
+      matcher = described_class.new([:name]).for(:authorize)
+      expect { matcher.matches? }
+        .to raise_error(Shoulda::Matchers::ActionController::StrongParametersMatcher::VerbNotDefinedError)
+    end
+
+    context 'Stubbing ActionController::Parameters#[]' do
+      it "does not permanently stub []" do
+        controller_for_resource_with_strong_parameters(action: :create) do
+          params.require(:user).permit(:name)
+        end
+
+        described_class.new([:name]).in_context(self).for(:create).matches?
+
+        param = ActionController::Parameters.new(name: 'Ralph')[:name]
+        expect(param.singleton_class).not_to include(
+          Shoulda::Matchers::ActionController::StrongParametersMatcher::StubbedParameters
+        )
+      end
+
+      it 'prevents permanently overwriting [] on error' do
+        stub_controller_with_exception
+
+        begin
+          described_class.new([:name]).in_context(self).for(:create).matches?
+        rescue SimulatedError
+        end
+
+        param = ActionController::Parameters.new(name: 'Ralph')[:name]
+        expect(param.singleton_class).not_to include(
+          Shoulda::Matchers::ActionController::StrongParametersMatcher::StubbedParameters
+        )
+      end
+    end
+  end
+
+  describe "failure message" do
+    it "includes all missing attributes" do
+      controller_class = controller_for_resource_with_strong_parameters(action: :create) do
+        params.require(:user).permit(:name, :age)
+      end
+
+      expect {
+        expect(controller_class).to permit(:name, :age, :city, :country).for(:create)
+      }.to fail_with_message("Expected controller to permit city and country, but it did not.")
+    end
+
+    it "includes all attributes that should not have been allowed but were" do
+      controller_class = controller_for_resource_with_strong_parameters(action: :create) do
+        params.require(:user).permit(:name, :age)
+      end
+
+      expect {
+        expect(controller_class).not_to permit(:name, :age).for(:create)
+      }.to fail_with_message("Expected controller not to permit name and age, but it did.")
+    end
+  end
+
+  describe "#for" do
+    context "when given :create" do
+      it "posts to the controller" do
+        context = stub('context', post: nil)
+        matcher = described_class.new([:name]).in_context(context).for(:create)
+
+        matcher.matches?
+        expect(context).to have_received(:post).with(:create)
+      end
+    end
+
+    context "when given :update" do
+      it "puts to the controller" do
+        context = stub('context', put: nil)
+        matcher = described_class.new([:name]).in_context(context).for(:update)
+
+        matcher.matches?
+        expect(context).to have_received(:put).with(:update)
+      end
+    end
+
+    context "when given a custom action and verb" do
+      it "deletes to the controller" do
+        context = stub('context', delete: nil)
+        matcher = described_class.new([:name]).in_context(context).for(:hide, verb: :delete)
+
+        matcher.matches?
+        expect(context).to have_received(:delete).with(:hide)
+      end
+    end
+  end
+
+  def stub_controller_with_exception
+    controller = define_controller('Examples') do
+      def create
+        raise SimulatedError
+      end
+    end
+
+    setup_rails_controller_test(controller)
+
+    define_routes do
+      get 'examples', to: 'examples#create'
+    end
+  end
+
+  class SimulatedError < StandardError; end
+end

data/spec/shoulda/matchers/active_model/allow_mass_assignment_of_matcher_spec.rb

@@ -4,16 +4,16 @@ describe Shoulda::Matchers::ActiveModel::AllowMassAssignmentOfMatcher do
   context '#description' do
     context 'without a role' do
       it 'includes the attribute name' do
-        described_class.new(:attr).description.
-          should eq 'allow mass assignment of attr'
+        expect(described_class.new(:attr).description).
+          to eq 'allow mass assignment of attr'
       end
     end
 
     if active_model_3_1?
       context 'with a role' do
         it 'includes the attribute name and the role' do
-          described_class.new(:attr).as(:admin).description.
-            should eq 'allow mass assignment of attr as admin'
+          expect(described_class.new(:attr).as(:admin).description).
+            to eq 'allow mass assignment of attr as admin'
         end
       end
     end
@@ -21,71 +21,71 @@ describe Shoulda::Matchers::ActiveModel::AllowMassAssignmentOfMatcher do
 
   context 'an attribute that is blacklisted from mass-assignment' do
     it 'rejects being mass-assignable' do
-      model = define_model(:example, :blacklisted => :string) do
+      model = define_model(:example, blacklisted: :string) do
         attr_protected :blacklisted
       end.new
 
-      model.should_not allow_mass_assignment_of(:blacklisted)
+      expect(model).not_to allow_mass_assignment_of(:blacklisted)
     end
   end
 
   context 'an attribute that is not whitelisted for mass-assignment' do
     it 'rejects being mass-assignable' do
-      model = define_model(:example, :not_whitelisted => :string,
-        :whitelisted => :string) do
+      model = define_model(:example, not_whitelisted: :string,
+        whitelisted: :string) do
         attr_accessible :whitelisted
       end.new
 
-      model.should_not allow_mass_assignment_of(:not_whitelisted)
+      expect(model).not_to allow_mass_assignment_of(:not_whitelisted)
     end
   end
 
   context 'an attribute that is whitelisted for mass-assignment' do
     it 'accepts being mass-assignable' do
-      define_model(:example, :whitelisted => :string) do
+      expect(define_model(:example, whitelisted: :string) do
         attr_accessible :whitelisted
-      end.new.should allow_mass_assignment_of(:whitelisted)
+      end.new).to allow_mass_assignment_of(:whitelisted)
     end
   end
 
   context 'an attribute not included in the mass-assignment blacklist' do
     it 'accepts being mass-assignable' do
-      model = define_model(:example, :not_blacklisted => :string,
-        :blacklisted => :string) do
+      model = define_model(:example, not_blacklisted: :string,
+        blacklisted: :string) do
         attr_protected :blacklisted
       end.new
 
-      model.should allow_mass_assignment_of(:not_blacklisted)
+      expect(model).to allow_mass_assignment_of(:not_blacklisted)
     end
   end
 
   unless active_model_3_2? || active_model_4_0?
     context 'an attribute on a class with no protected attributes' do
       it 'accepts being mass-assignable' do
-        no_protected_attributes.should allow_mass_assignment_of(:attr)
+        expect(no_protected_attributes).to allow_mass_assignment_of(:attr)
       end
 
       it 'assigns a negative failure message' do
         matcher = allow_mass_assignment_of(:attr)
 
-        matcher.matches?(no_protected_attributes).should be_true
+        expect(matcher.matches?(no_protected_attributes)).to eq true
 
-        matcher.failure_message_when_negated.should_not be_nil
+        expect(matcher.failure_message_when_negated).not_to be_nil
       end
     end
 
     def no_protected_attributes
-      define_model(:example, :attr => :string).new
+      define_model(:example, attr: :string).new
     end
   end
 
   context 'an attribute on a class with all protected attributes' do
     it 'rejects being mass-assignable' do
-      all_protected_attributes.should_not allow_mass_assignment_of(:attr)
+      expect(all_protected_attributes).not_to allow_mass_assignment_of(:attr)
     end
 
     def all_protected_attributes
-      define_model(:example, :attr => :string) do
+      define_model(:example, attr: :string) do
         attr_accessible nil
       end.new
     end
@@ -94,16 +94,16 @@ describe Shoulda::Matchers::ActiveModel::AllowMassAssignmentOfMatcher do
   if active_model_3_1?
     context 'an attribute included in the mass-assignment whitelist for admin role only' do
       it 'rejects being mass-assignable' do
-        mass_assignable_as_admin.should_not allow_mass_assignment_of(:attr)
+        expect(mass_assignable_as_admin).not_to allow_mass_assignment_of(:attr)
       end
 
       it 'accepts being mass-assignable for admin' do
-        mass_assignable_as_admin.should allow_mass_assignment_of(:attr).as(:admin)
+        expect(mass_assignable_as_admin).to allow_mass_assignment_of(:attr).as(:admin)
       end
 
       def mass_assignable_as_admin
-        define_model(:example, :attr => :string) do
-          attr_accessible :attr, :as => :admin
+        define_model(:example, attr: :string) do
+          attr_accessible :attr, as: :admin
         end.new
       end
     end