Revert "Remove 'strong_parameters' matcher"
This reverts commit 7e7fb14677
.
This commit is contained in:
parent
cb858b961e
commit
d7eec9ccc9
|
@ -3,6 +3,7 @@ PATH
|
|||
specs:
|
||||
shoulda-matchers (2.5.0)
|
||||
activesupport (>= 3.0.0)
|
||||
bourne (~> 1.3)
|
||||
|
||||
GEM
|
||||
remote: https://rubygems.org/
|
||||
|
@ -139,7 +140,6 @@ DEPENDENCIES
|
|||
activerecord-jdbcsqlite3-adapter
|
||||
appraisal (~> 1.0.0.beta2)
|
||||
aruba
|
||||
bourne (~> 1.3)
|
||||
bundler (~> 1.1)
|
||||
cucumber (~> 1.1)
|
||||
jdbc-sqlite3
|
||||
|
|
|
@ -3,6 +3,7 @@ PATH
|
|||
specs:
|
||||
shoulda-matchers (2.5.0)
|
||||
activesupport (>= 3.0.0)
|
||||
bourne (~> 1.3)
|
||||
|
||||
GEM
|
||||
remote: https://rubygems.org/
|
||||
|
@ -132,7 +133,6 @@ DEPENDENCIES
|
|||
activerecord-jdbcsqlite3-adapter
|
||||
appraisal (~> 1.0.0.beta2)
|
||||
aruba
|
||||
bourne (~> 1.3)
|
||||
bundler (~> 1.1)
|
||||
cucumber (~> 1.1)
|
||||
jdbc-sqlite3
|
||||
|
|
|
@ -3,6 +3,7 @@ PATH
|
|||
specs:
|
||||
shoulda-matchers (2.5.0)
|
||||
activesupport (>= 3.0.0)
|
||||
bourne (~> 1.3)
|
||||
|
||||
GEM
|
||||
remote: https://rubygems.org/
|
||||
|
|
|
@ -3,6 +3,7 @@ PATH
|
|||
specs:
|
||||
shoulda-matchers (2.5.0)
|
||||
activesupport (>= 3.0.0)
|
||||
bourne (~> 1.3)
|
||||
|
||||
GEM
|
||||
remote: https://rubygems.org/
|
||||
|
|
|
@ -9,6 +9,7 @@ require 'shoulda/matchers/action_controller/redirect_to_matcher'
|
|||
require 'shoulda/matchers/action_controller/render_template_matcher'
|
||||
require 'shoulda/matchers/action_controller/rescue_from_matcher'
|
||||
require 'shoulda/matchers/action_controller/callback_matcher'
|
||||
require 'shoulda/matchers/action_controller/strong_parameters_matcher'
|
||||
|
||||
module Shoulda
|
||||
module Matchers
|
||||
|
|
|
@ -0,0 +1,121 @@
|
|||
require 'bourne'
|
||||
require 'active_support/deprecation'
|
||||
begin
|
||||
require 'strong_parameters'
|
||||
rescue LoadError
|
||||
end
|
||||
|
||||
module Shoulda
|
||||
module Matchers
|
||||
module ActionController
|
||||
def permit(*attributes)
|
||||
attributes_and_context = attributes + [self]
|
||||
StrongParametersMatcher.new(*attributes_and_context)
|
||||
end
|
||||
|
||||
class StrongParametersMatcher
|
||||
def initialize(*attributes_and_context)
|
||||
ActiveSupport::Deprecation.warn 'The strong_parameters matcher is deprecated and will be removed in 2.0'
|
||||
@attributes = attributes_and_context[0...-1]
|
||||
@context = attributes_and_context.last
|
||||
@permitted_params = []
|
||||
end
|
||||
|
||||
def for(action, options = {})
|
||||
@action = action
|
||||
@verb = options[:verb] || verb_for_action
|
||||
self
|
||||
end
|
||||
|
||||
def in_context(context)
|
||||
@context = context
|
||||
self
|
||||
end
|
||||
|
||||
def matches?(controller = nil)
|
||||
simulate_controller_action && parameters_difference.empty?
|
||||
end
|
||||
|
||||
def does_not_match?(controller = nil)
|
||||
simulate_controller_action && parameters_difference.present?
|
||||
end
|
||||
|
||||
def failure_message
|
||||
"Expected controller to permit #{parameters_difference.to_sentence}, but it did not."
|
||||
end
|
||||
|
||||
def negative_failure_message
|
||||
"Expected controller not to permit #{parameters_difference.to_sentence}, but it did."
|
||||
end
|
||||
|
||||
private
|
||||
attr_reader :verb, :action, :attributes, :context
|
||||
attr_accessor :permitted_params
|
||||
|
||||
def simulate_controller_action
|
||||
ensure_action_and_verb_present!
|
||||
model_attrs = stubbed_model_attributes
|
||||
|
||||
context.send(verb, action)
|
||||
|
||||
verify_permit_call(model_attrs)
|
||||
end
|
||||
|
||||
def verify_permit_call(model_attrs)
|
||||
matcher = Mocha::API::HaveReceived.new(:permit).with do |*params|
|
||||
self.permitted_params = params
|
||||
end
|
||||
|
||||
matcher.matches?(model_attrs)
|
||||
rescue Mocha::ExpectationError
|
||||
false
|
||||
end
|
||||
|
||||
def parameters_difference
|
||||
attributes - permitted_params
|
||||
end
|
||||
|
||||
def stubbed_model_attributes
|
||||
extend Mocha::API
|
||||
|
||||
model_attrs = ::ActionController::Parameters.new(arbitrary_attributes)
|
||||
model_attrs.stubs(:permit)
|
||||
::ActionController::Parameters.any_instance.stubs(:[]).returns(model_attrs)
|
||||
|
||||
model_attrs
|
||||
end
|
||||
|
||||
def ensure_action_and_verb_present!
|
||||
if action.blank?
|
||||
raise ActionNotDefinedError
|
||||
end
|
||||
if verb.blank?
|
||||
raise VerbNotDefinedError
|
||||
end
|
||||
end
|
||||
|
||||
def arbitrary_attributes
|
||||
{:any_key => 'any_value'}
|
||||
end
|
||||
|
||||
def verb_for_action
|
||||
verb_lookup = { :create => :post, :update => :put }
|
||||
verb_lookup[action]
|
||||
end
|
||||
end
|
||||
|
||||
class StrongParametersMatcher::ActionNotDefinedError < StandardError
|
||||
def message
|
||||
'You must specify the controller action using the #for method.'
|
||||
end
|
||||
end
|
||||
|
||||
class StrongParametersMatcher::VerbNotDefinedError < StandardError
|
||||
def message
|
||||
'You must specify an HTTP verb when using a non-RESTful action.' +
|
||||
' e.g. for(:authorize, :verb => :post)'
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
|
@ -0,0 +1,142 @@
|
|||
require 'spec_helper'
|
||||
|
||||
describe Shoulda::Matchers::ActionController do
|
||||
describe ".permit" do
|
||||
it "is true when the sent parameter is allowed" do
|
||||
controller_class = controller_for_resource_with_strong_parameters do
|
||||
params.require(:user).permit(:name)
|
||||
end
|
||||
|
||||
controller_class.should permit(:name).for(:create)
|
||||
end
|
||||
|
||||
it "is false when the sent parameter is not allowed" do
|
||||
controller_class = controller_for_resource_with_strong_parameters do
|
||||
params.require(:user).permit(:name)
|
||||
end
|
||||
|
||||
controller_class.should_not permit(:admin).for(:create)
|
||||
end
|
||||
|
||||
it "allows multiple attributes" do
|
||||
controller_class = controller_for_resource_with_strong_parameters do
|
||||
params.require(:user).permit(:name, :age)
|
||||
end
|
||||
|
||||
controller_class.should permit(:name, :age).for(:create)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
describe Shoulda::Matchers::ActionController::StrongParametersMatcher do
|
||||
before do
|
||||
controller_for_resource_with_strong_parameters do
|
||||
params.require(:user).permit(:name, :age)
|
||||
end
|
||||
end
|
||||
|
||||
describe "#matches?" do
|
||||
it "is true for a subset of the allowable attributes" do
|
||||
matcher = Shoulda::Matchers::ActionController::StrongParametersMatcher.new(:name, self).for(:create)
|
||||
matcher.matches?.should be_true
|
||||
end
|
||||
|
||||
it "is true for all the allowable attributes" do
|
||||
matcher = Shoulda::Matchers::ActionController::StrongParametersMatcher.new(:name, :age, self).for(:create)
|
||||
matcher.matches?.should be_true
|
||||
end
|
||||
|
||||
it "is false when any attributes are not allowed" do
|
||||
matcher = Shoulda::Matchers::ActionController::StrongParametersMatcher.new(:name, :admin, self).for(:create)
|
||||
matcher.matches?.should be_false
|
||||
end
|
||||
|
||||
it "is false when permit is not called" do
|
||||
matcher = Shoulda::Matchers::ActionController::StrongParametersMatcher.new(:name, self).for(:new, :verb => :get)
|
||||
matcher.matches?.should be_false
|
||||
end
|
||||
|
||||
it "requires an action" do
|
||||
matcher = Shoulda::Matchers::ActionController::StrongParametersMatcher.new(:name, self)
|
||||
expect{ matcher.matches? }.to raise_error(Shoulda::Matchers::ActionController::StrongParametersMatcher::ActionNotDefinedError)
|
||||
end
|
||||
|
||||
it "requires a verb for non-restful action" do
|
||||
matcher = Shoulda::Matchers::ActionController::StrongParametersMatcher.new(:name, self).for(:authorize)
|
||||
expect{ matcher.matches? }.to raise_error(Shoulda::Matchers::ActionController::StrongParametersMatcher::VerbNotDefinedError)
|
||||
end
|
||||
end
|
||||
|
||||
describe "#does_not_match?" do
|
||||
it "it is true if any of the given attributes are allowed" do
|
||||
matcher = Shoulda::Matchers::ActionController::StrongParametersMatcher.new(:name, :admin, self).for(:create)
|
||||
matcher.does_not_match?.should be_true
|
||||
end
|
||||
|
||||
it "it is false if all of the given attribtues are allowed" do
|
||||
matcher = Shoulda::Matchers::ActionController::StrongParametersMatcher.new(:name, :age, self).for(:create)
|
||||
matcher.does_not_match?.should be_false
|
||||
end
|
||||
end
|
||||
|
||||
describe "#failure_message" do
|
||||
it "includes all missing attributes" do
|
||||
matcher = Shoulda::Matchers::ActionController::StrongParametersMatcher.new(:name, :age, :city, :country, self).for(:create)
|
||||
matcher.matches?
|
||||
|
||||
matcher.failure_message.should eq("Expected controller to permit city and country, but it did not.")
|
||||
end
|
||||
end
|
||||
|
||||
describe "#negative_failure_message" do
|
||||
it "includes all attributes that should not have been allowed but were" do
|
||||
matcher = Shoulda::Matchers::ActionController::StrongParametersMatcher.new(:name, :age, :city, :country, self).for(:create)
|
||||
matcher.does_not_match?.should be_true
|
||||
|
||||
matcher.negative_failure_message.should eq("Expected controller not to permit city and country, but it did.")
|
||||
end
|
||||
end
|
||||
|
||||
describe "#for" do
|
||||
context "when given :create" do
|
||||
it "posts to the controller" do
|
||||
context = stub('context', :post => nil)
|
||||
matcher = Shoulda::Matchers::ActionController::StrongParametersMatcher.new(:name, context).for(:create)
|
||||
|
||||
matcher.matches?
|
||||
context.should have_received(:post).with(:create)
|
||||
end
|
||||
end
|
||||
|
||||
context "when given :update" do
|
||||
it "puts to the controller" do
|
||||
context = stub('context', :put => nil)
|
||||
matcher = Shoulda::Matchers::ActionController::StrongParametersMatcher.new(:name, context).for(:update)
|
||||
|
||||
matcher.matches?
|
||||
context.should have_received(:put).with(:update)
|
||||
end
|
||||
end
|
||||
|
||||
context "when given a custom action and verb" do
|
||||
it "puts to the controller" do
|
||||
context = stub('context', :delete => nil)
|
||||
matcher = Shoulda::Matchers::ActionController::StrongParametersMatcher.new(:name, context).for(:hide, :verb => :delete)
|
||||
|
||||
matcher.matches?
|
||||
context.should have_received(:delete).with(:hide)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
describe "#in_context" do
|
||||
it 'sets the object the controller action is sent to' do
|
||||
context = stub('context', :post => nil)
|
||||
matcher = Shoulda::Matchers::ActionController::StrongParametersMatcher.new(:name, nil).for(:create).in_context(context)
|
||||
|
||||
matcher.matches?
|
||||
|
||||
context.should have_received(:post).with(:create)
|
||||
end
|
||||
end
|
||||
end
|
|
@ -58,6 +58,30 @@ module ControllerBuilder
|
|||
$test_app.create_temp_view(path, contents)
|
||||
end
|
||||
|
||||
def controller_for_resource_with_strong_parameters(&block)
|
||||
define_model "User"
|
||||
controller_class = define_controller "Users" do
|
||||
def new
|
||||
@user = User.new
|
||||
render :nothing => true
|
||||
end
|
||||
|
||||
def create
|
||||
@user = User.create(user_params)
|
||||
render :nothing => true
|
||||
end
|
||||
|
||||
private
|
||||
define_method :user_params, &block
|
||||
end
|
||||
|
||||
setup_rails_controller_test(controller_class)
|
||||
|
||||
define_routes { resources :users }
|
||||
|
||||
controller_class
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def delete_temporary_views
|
||||
|
|
Loading…
Reference in New Issue