kotovalexarian-likes-github
/
heartcombo--simple_form
mirror of https://github.com/heartcombo/simple_form.git
1
0
Fork 0
Code Releases Activity

Merge branch 'sec-fix-master'

This commit is contained in:
Rafael Mendonça França 2014-11-25 19:25:59 -02:00
parent 106e775150 803389b593
commit abcbd0bef7
8 changed files with 72 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
CHANGELOG.md
View File

@ -1,15 +1,7 @@
## master (unreleased) ## 3.1.0
### enhancements ### enhancements
* Update foundation generator to version 5. [@jorge-d](https://github.com/jorge-d) * Update foundation generator to version 5. [@jorge-d](https://github.com/jorge-d)
### bug fix
* Fix `full_error` when the attribute is an association. [@mvdamme](https://github.com/jorge-d)
* Fix suppport to `:namespace` and `:index` options for nested check boxes and radio buttons when the attribute is an association.
## 3.1.0.rc2
### enhancements
* Add mapping to `uuid` columns. * Add mapping to `uuid` columns.
* Add custom namespaces for custom inputs feature. [@vala](https://github.com/vala) * Add custom namespaces for custom inputs feature. [@vala](https://github.com/vala)
* Add `:unless_blank` option to the wrapper API. [@IanVaughan](https://github.com/IanVaughan) * Add `:unless_blank` option to the wrapper API. [@IanVaughan](https://github.com/IanVaughan)
@ -39,6 +31,8 @@
* The default form class can now be overridden with `html: { :class }`. [@rmm5t](https://github.com/rmm5t) * The default form class can now be overridden with `html: { :class }`. [@rmm5t](https://github.com/rmm5t)
### bug fix ### bug fix
* Fix `full_error` when the attribute is an association. [@mvdamme](https://github.com/jorge-d)
* Fix suppport to `:namespace` and `:index` options for nested check boxes and radio buttons when the attribute is an association.
* Collection input that uses automatic collection translation properly sets checked values. * Collection input that uses automatic collection translation properly sets checked values.
Closes [#971](https://github.com/plataformatec/simple_form/issues/971) [@nashby](https://github.com/nashby) Closes [#971](https://github.com/plataformatec/simple_form/issues/971) [@nashby](https://github.com/nashby)
* Collection input generates `required` attribute if it has `prompt` option. [@nashby](https://github.com/nashby) * Collection input generates `required` attribute if it has `prompt` option. [@nashby](https://github.com/nashby)

2
Gemfile.lock
View File

@ -43,7 +43,7 @@ GIT
PATH PATH
remote: . remote: .
specs: specs:
simple_form (3.1.0.rc2) simple_form (3.1.0)
actionpack (~> 4.0) actionpack (~> 4.0)
activemodel (~> 4.0) activemodel (~> 4.0)

6
lib/simple_form/components/errors.rb
View File

@ -18,13 +18,11 @@ module SimpleForm
def error_text def error_text
text = has_custom_error? ? options[:error] : errors.send(error_method) text = has_custom_error? ? options[:error] : errors.send(error_method)
"#{html_escape(options[:error_prefix])} #{text}".lstrip.html_safe "#{html_escape(options[:error_prefix])} #{html_escape(text)}".lstrip.html_safe
end end
def full_error_text def full_error_text
text = has_custom_error? ? options[:error] : full_errors.send(error_method) has_custom_error? ? options[:error] : full_errors.send(error_method)
text.html_safe
end end
def error_method def error_method

2
lib/simple_form/version.rb
View File

@ -1,3 +1,3 @@
module SimpleForm module SimpleForm
VERSION = "3.1.0.rc2".freeze VERSION = "3.1.0".freeze
end end

71
test/form_builder/error_test.rb
View File

@ -32,7 +32,7 @@ class ErrorTest < ActionView::TestCase
test 'error generates messages for attribute with single error' do test 'error generates messages for attribute with single error' do
with_error_for @user, :name with_error_for @user, :name
assert_select 'span.error', "can't be blank" assert_select 'span.error', "cannot be blank"
end end
test 'error generates messages for attribute with one error when using first' do test 'error generates messages for attribute with one error when using first' do
@ -85,9 +85,19 @@ class ErrorTest < ActionView::TestCase
assert_no_select 'span.error b' assert_no_select 'span.error b'
end end
test 'error escapes error text' do
@user.errors.add(:action, 'must not contain <b>markup</b>')
with_error_for @user, :action
assert_select 'span.error'
assert_no_select 'span.error b', 'markup'
end
test 'error generates an error message with raw HTML tags' do test 'error generates an error message with raw HTML tags' do
with_error_for @user, :name, error_prefix: '<b>Name</b>'.html_safe with_error_for @user, :name, error_prefix: '<b>Name</b>'.html_safe
assert_select 'span.error', "Name can't be blank" assert_select 'span.error', "Name cannot be blank"
assert_select 'span.error b', "Name" assert_select 'span.error b', "Name"
end end
@ -95,7 +105,7 @@ class ErrorTest < ActionView::TestCase
test 'full error generates a full error tag for the attribute' do test 'full error generates a full error tag for the attribute' do
with_full_error_for @user, :name with_full_error_for @user, :name
assert_select 'span.error', "Super User Name! can't be blank" assert_select 'span.error', "Super User Name! cannot be blank"
end end
test 'full error generates a full error tag with a clean HTML' do test 'full error generates a full error tag with a clean HTML' do
@ -105,22 +115,31 @@ class ErrorTest < ActionView::TestCase
test 'full error allows passing options to full error tag' do test 'full error allows passing options to full error tag' do
with_full_error_for @user, :name, id: 'name_error', error_prefix: "Your name" with_full_error_for @user, :name, id: 'name_error', error_prefix: "Your name"
assert_select 'span.error#name_error', "Your name can't be blank" assert_select 'span.error#name_error', "Your name cannot be blank"
end end
test 'full error does not modify the options hash' do test 'full error does not modify the options hash' do
options = { id: 'name_error' } options = { id: 'name_error' }
with_full_error_for @user, :name, options with_full_error_for @user, :name, options
assert_select 'span.error#name_error', "Super User Name! can't be blank" assert_select 'span.error#name_error', "Super User Name! cannot be blank"
assert_equal({ id: 'name_error' }, options) assert_equal({ id: 'name_error' }, options)
end end
test 'full error escapes error text' do
@user.errors.add(:action, 'must not contain <b>markup</b>')
with_full_error_for @user, :action
assert_select 'span.error'
assert_no_select 'span.error b', 'markup'
end
# CUSTOM WRAPPERS # CUSTOM WRAPPERS
test 'error with custom wrappers works' do test 'error with custom wrappers works' do
swap_wrapper do swap_wrapper do
with_error_for @user, :name with_error_for @user, :name
assert_select 'span.omg_error', "can't be blank" assert_select 'span.omg_error', "cannot be blank"
end end
end end
@ -158,7 +177,7 @@ class ErrorTest < ActionView::TestCase
# CUSTOM ERRORS # CUSTOM ERRORS
test 'input with custom error works' do test 'input with custom error works' do
error_text = "Super User Name! can't be blank" error_text = "Super User Name! cannot be blank"
with_form_for @user, :name, error: error_text with_form_for @user, :name, error: error_text
assert_select 'span.error', error_text assert_select 'span.error', error_text
@ -167,24 +186,56 @@ class ErrorTest < ActionView::TestCase
test 'input with error option as true does not use custom error' do test 'input with error option as true does not use custom error' do
with_form_for @user, :name, error: true with_form_for @user, :name, error: true
assert_select 'span.error', "can't be blank" assert_select 'span.error', "cannot be blank"
end end
test 'input with custom error does not generate the error if there is no error on the attribute' do test 'input with custom error does not generate the error if there is no error on the attribute' do
with_form_for @user, :active, error: "Super User Active! can't be blank" with_form_for @user, :active, error: "Super User Active! cannot be blank"
assert_no_select 'span.error' assert_no_select 'span.error'
end end
test 'input with custom error works when using full_error component' do test 'input with custom error works when using full_error component' do
swap_wrapper :default, self.custom_wrapper_with_full_error do swap_wrapper :default, self.custom_wrapper_with_full_error do
error_text = "Super User Name! can't be blank" error_text = "Super User Name! cannot be blank"
with_form_for @user, :name, error: error_text with_form_for @user, :name, error: error_text
assert_select 'span.error', error_text assert_select 'span.error', error_text
end end
end end
test 'input with custom error escapes the error text' do
with_form_for @user, :name, error: 'error must not contain <b>markup</b>'
assert_select 'span.error'
assert_no_select 'span.error b', 'markup'
end
test 'input with custom error does not escape the error text if it is safe' do
with_form_for @user, :name, error: 'error must contain <b>markup</b>'.html_safe
assert_select 'span.error'
assert_select 'span.error b', 'markup'
end
test 'input with custom error escapes the error text using full_error component' do
swap_wrapper :default, self.custom_wrapper_with_full_error do
with_form_for @user, :name, error: 'error must not contain <b>markup</b>'
assert_select 'span.error'
assert_no_select 'span.error b', 'markup'
end
end
test 'input with custom error does not escape the error text if it is safe using full_error component' do
swap_wrapper :default, self.custom_wrapper_with_full_error do
with_form_for @user, :name, error: 'error must contain <b>markup</b>'.html_safe
assert_select 'span.error'
assert_select 'span.error b', 'markup'
end
end
test 'input with custom error when using full_error component does not generate the error if there is no error on the attribute' do test 'input with custom error when using full_error component does not generate the error if there is no error on the attribute' do
swap_wrapper :default, self.custom_wrapper_with_full_error do swap_wrapper :default, self.custom_wrapper_with_full_error do
with_form_for @user, :active, error: "Super User Active! can't be blank" with_form_for @user, :active, error: "Super User Active! can't be blank"

4
test/form_builder/general_test.rb
View File

@ -327,7 +327,7 @@ class FormBuilderTest < ActionView::TestCase
test 'builder generates errors for attribute with errors' do test 'builder generates errors for attribute with errors' do
with_form_for @user, :name with_form_for @user, :name
assert_select 'span.error', "can't be blank" assert_select 'span.error', "cannot be blank"
end end
test 'builder is able to disable showing errors for an input' do test 'builder is able to disable showing errors for an input' do
@ -337,7 +337,7 @@ class FormBuilderTest < ActionView::TestCase
test 'builder passes options to errors' do test 'builder passes options to errors' do
with_form_for @user, :name, error_html: { id: "cool" } with_form_for @user, :name, error_html: { id: "cool" }
assert_select 'span.error#cool', "can't be blank" assert_select 'span.error#cool', "cannot be blank"
end end
test 'placeholder does not be generated when set to false' do test 'placeholder does not be generated when set to false' do

2
test/form_builder/wrapper_test.rb
View File

@ -139,7 +139,7 @@ class WrapperTest < ActionView::TestCase
test 'custom wrappers can have full error message on attributes' do test 'custom wrappers can have full error message on attributes' do
swap_wrapper :default, self.custom_wrapper_with_full_error do swap_wrapper :default, self.custom_wrapper_with_full_error do
with_form_for @user, :name with_form_for @user, :name
assert_select 'span.error', "Name can't be blank" assert_select 'span.error', "Name cannot be blank"
end end
end end

2
test/support/models.rb
View File

@ -175,7 +175,7 @@ class User
def errors def errors
@errors ||= begin @errors ||= begin
errors = ActiveModel::Errors.new(self) errors = ActiveModel::Errors.new(self)
errors.add(:name, "can't be blank") errors.add(:name, "cannot be blank")
errors.add(:description, 'must be longer than 15 characters') errors.add(:description, 'must be longer than 15 characters')
errors.add(:age, 'is not a number') errors.add(:age, 'is not a number')
errors.add(:age, 'must be greater than 18') errors.add(:age, 'must be greater than 18')