require File.dirname(__FILE__) + '/../test_helper'
require 'quickvote_controller'
+class ActionController::TestSession
+ def session_id
+ # Override this so we can set session ID
+ # pass in the 'test_session_id' session variable to override default
+ return "12345678" unless @attributes
+ if @attributes.has_key? 'test_session_id'
+ return @attributes['test_session_id']
+ end
+ end
+end
# Re-raise errors caught by the controller.
class QuickvoteController; def rescue_action(e) raise e end; end
end
# Replace this with your real tests.
- def test_truth
- assert true
+ def test_index
+ get :index
+ assert_response 302
+ end
+
+ def test_create_quickvote
+ post(:create, {'commit' =>"Create Quickvote", 'quickvote' =>{'name' =>"variable", 'description' =>"Favorite variable."}}, nil, {:candidate_names=>["foo", "bar", "foobar"]})
+ assert_template "quickvote/success"
+ get :index, { 'ident' => "variable"}
+ assert_response :success
+ end
+
+ def test_create_dupe_quickvote
+ test_create_quickvote
+ assert_raise(Test::Unit::AssertionFailedError) do
+ test_create_quickvote
+ end
+ end
+
+ def test_create_quickvote_badname
+ post(:create, {'commit' => "Create Quickvote", 'quickvote' => {'name' => "has a space", 'description' => "Foobar"}}, nil, {:candidate_names => ["foo", "bar", "foobar"]})
+ assert_template "quickvote/_create_sidebar"
+ end
+
+ def test_create_quickvote_dupe_candidate
+ post(:create, {'commit' => "Create Quickvote", 'quickvote' => {'name' => "has a space", 'description' => "Foobar"}}, nil, {:candidate_names => ["foo", "bar", "bar", "foobar"]})
+ assert_template "quickvote/_create_sidebar"
+ end
+
+ def test_create_quickvote_nil_candidate
+ post(:create, {'commit' => "Create Quickvote", 'quickvote' => {'name' => "has a space", 'description' => "Foobar"}}, nil, {:candidate_names => nil})
+ assert_template "quickvote/_create_sidebar"
+ post(:create, {'commit' => "Create Quickvote", 'quickvote' => {'name' => "has a space", 'description' => "Foobar"}}, nil, {:candidate_names => []})
+ assert_template "quickvote/_create_sidebar"
+ end
+
+ def test_get_quickvote_nonexistent
+ get :index, { 'ident' => "idontexist" }
+ assert_redirected_to :controller => 'front'
+ end
+
+ def test_get_result_empty_vote
+ test_create_quickvote
+ get :results, { 'ident' => 'variable' }
+ assert_response :success
+ end
+
+ def test_get_result_nonexistent
+ test_create_quickvote
+ get :results, { 'ident' => 'asdflaksdjf' }
+ assert_redirected_to :controller => 'front'
+ end
+
+ def test_get_result_with_a_vote
+ test_cast_quickvote
+ get :results, { 'ident' => 'variable' }
+ assert_response :success
+ end
+
+ def test_get_result_multi_votes
+ test_create_quickvote
+ votes = QuickVote.ident_to_quickvote('variable').candidates.collect { |c| c.id}
+ 5.times do |time|
+ get :index, { 'ident' => 'variable' }, { 'test_session_id' => (time+1)*50 }
+ assert_response :success
+ post :confirm, { 'ident' => 'variable', 'rankings-list' => votes.sort_by {rand} }, { 'test_session_id' => (time+1)*50 }
+ assert_template 'quickvote/thanks'
+ end
+ get :results, { 'ident' => 'variable' }
+ assert_response :success
+ end
+
+ def test_cast_quickvote
+ test_create_quickvote
+ votes = QuickVote.ident_to_quickvote('variable').candidates.collect { |c| c.id}
+ post :confirm, { 'ident' => 'variable', 'rankings-list' => votes.sort_by {rand} }
+ assert_template 'quickvote/thanks'
+ end
+
+ def test_cast_dupe_quickvote
+ test_create_quickvote
+ votes = QuickVote.ident_to_quickvote('variable').candidates.collect { |c| c.id}
+ get :index, { 'ident' => 'variable' }
+ assert_response :success
+
+ post :confirm, { 'ident' => 'variable', 'rankings-list' => votes.sort_by {rand} }
+ assert_template 'quickvote/thanks'
+
+ get :index, { 'ident' => 'variable' }
+ assert_response :success
+ post :confirm, { 'ident' => 'variable', 'rankings-list' => votes.sort_by {rand} }
+ assert_redirected_to :controller => 'quickvote', :ident => 'variable'
+ end
+
+ def test_display_tainted_quickvote
+ # create quickvote with tainted data
+ test_create_quickvote
+ qv=QuickVote.ident_to_quickvote('variable')
+ qv.description="<object>foo</object>"
+ qv.candidate_names = ["<object>foo", "bar<object>", "<foobar>",
+ '<img src="foo" alt="bar" />']
+ qv.save!
+
+ # display the vote/index page and check for bad tags and the ability
+ # to make an image tag
+ get :index, { 'ident' => 'variable' }
+ assert_response :success
+ assert_no_tag :tag => "object"
+ assert_no_tag :tag => "foobar"
+ assert_tag :tag => "img",
+ :parent => { :tag => "li", :attributes => { :class => "moveable" } }
+
+ # actually vote
+ votes = QuickVote.ident_to_quickvote('variable').candidates.collect { |c| c.id}
+ post :confirm, { 'ident' => 'variable', 'rankings-list' => votes.sort_by {rand} }
+
+ # check for bad/good tags
+ assert_template('quickvote/thanks')
+ assert_no_tag :tag => "object"
+ assert_no_tag :tag => "foobar"
+ assert_tag :tag => "img", :parent => { :tag => "li" }
+
+ # get the results page and check for good/bad tags
+ get :results, { 'ident' => 'variable' }
+ assert_response :success
+ assert_no_tag :tag => "object"
+ assert_no_tag :tag => "foobar"
+ assert_tag :tag => "img", :parent => { :tag => "li" }
end
end
projects / selectricity / blobdiff