X-Git-Url: https://projects.mako.cc/source/selectricity/blobdiff_plain/58548f03d162cdb794b78aa272a7a3ebf1500f97..215cf287e52da41605cb033da236a6b0aeee4f3a:/test/functional/quickvote_controller_test.rb?ds=sidebyside diff --git a/test/functional/quickvote_controller_test.rb b/test/functional/quickvote_controller_test.rb index f2b0c2c..e116c0d 100644 --- a/test/functional/quickvote_controller_test.rb +++ b/test/functional/quickvote_controller_test.rb @@ -1,6 +1,16 @@ require File.dirname(__FILE__) + '/../test_helper' require 'quickvote_controller' +class ActionController::TestSession + def session_id + # Override this so we can set session ID + # pass in the 'test_session_id' session variable to override default + return "12345678" unless @attributes + if @attributes.has_key? 'test_session_id' + return @attributes['test_session_id'] + end + end +end # Re-raise errors caught by the controller. class QuickvoteController; def rescue_action(e) raise e end; end @@ -16,7 +26,129 @@ class QuickvoteControllerTest < Test::Unit::TestCase get :index assert_response 302 end + def test_create_quickvote + post(:create, {'commit' =>"Create Quickvote", 'quickvote' =>{'name' =>"variable", 'description' =>"Favorite variable."}}, nil, {:candidate_names=>["foo", "bar", "foobar"]}) + assert_template "quickvote/success" + get :index, { 'ident' => "variable"} + assert_response :success + end + + def test_create_dupe_quickvote + test_create_quickvote + assert_raise(Test::Unit::AssertionFailedError) do + test_create_quickvote + end + end + + def test_create_quickvote_badname + post(:create, {'commit' => "Create Quickvote", 'quickvote' => {'name' => "has a space", 'description' => "Foobar"}}, nil, {:candidate_names => ["foo", "bar", "foobar"]}) + assert_template "quickvote/_create_sidebar" + end + + def test_create_quickvote_dupe_candidate + post(:create, {'commit' => "Create Quickvote", 'quickvote' => {'name' => "has a space", 'description' => "Foobar"}}, nil, {:candidate_names => ["foo", "bar", "bar", "foobar"]}) + assert_template "quickvote/_create_sidebar" + end + + def test_create_quickvote_nil_candidate + post(:create, {'commit' => "Create Quickvote", 'quickvote' => {'name' => "has a space", 'description' => "Foobar"}}, nil, {:candidate_names => nil}) + assert_template "quickvote/_create_sidebar" + post(:create, {'commit' => "Create Quickvote", 'quickvote' => {'name' => "has a space", 'description' => "Foobar"}}, nil, {:candidate_names => []}) + assert_template "quickvote/_create_sidebar" + end + + def test_get_quickvote_nonexistent + get :index, { 'ident' => "idontexist" } + assert_redirected_to :controller => 'front' + end + + def test_get_result_empty_vote + test_create_quickvote + get :results, { 'ident' => 'variable' } + assert_response :success + end + + def test_get_result_nonexistent + test_create_quickvote + get :results, { 'ident' => 'asdflaksdjf' } + assert_redirected_to :controller => 'front' + end + + def test_get_result_with_a_vote + test_cast_quickvote + get :results, { 'ident' => 'variable' } + assert_response :success + end + + def test_get_result_multi_votes + test_create_quickvote + votes = QuickVote.ident_to_quickvote('variable').candidates.collect { |c| c.id} + 5.times do |time| + get :index, { 'ident' => 'variable' }, { 'test_session_id' => (time+1)*50 } + assert_response :success + post :confirm, { 'ident' => 'variable', 'rankings-list' => votes.sort_by {rand} }, { 'test_session_id' => (time+1)*50 } + assert_template 'quickvote/thanks' + end + get :results, { 'ident' => 'variable' } + assert_response :success + end + + def test_cast_quickvote + test_create_quickvote + votes = QuickVote.ident_to_quickvote('variable').candidates.collect { |c| c.id} + post :confirm, { 'ident' => 'variable', 'rankings-list' => votes.sort_by {rand} } + assert_template 'quickvote/thanks' + end + + def test_cast_dupe_quickvote + test_create_quickvote + votes = QuickVote.ident_to_quickvote('variable').candidates.collect { |c| c.id} + get :index, { 'ident' => 'variable' } + assert_response :success + + post :confirm, { 'ident' => 'variable', 'rankings-list' => votes.sort_by {rand} } + assert_template 'quickvote/thanks' + + get :index, { 'ident' => 'variable' } + assert_response :success + post :confirm, { 'ident' => 'variable', 'rankings-list' => votes.sort_by {rand} } + assert_redirected_to :controller => 'quickvote', :ident => 'variable' + end + + def test_display_tainted_quickvote + # create quickvote with tainted data + test_create_quickvote + qv=QuickVote.ident_to_quickvote('variable') + qv.description="foo" + qv.candidate_names = ["foo", "bar", "", + 'bar'] + qv.save! + + # display the vote/index page and check for bad tags and the ability + # to make an image tag + get :index, { 'ident' => 'variable' } + assert_response :success + assert_no_tag :tag => "object" + assert_no_tag :tag => "foobar" + assert_tag :tag => "img", + :parent => { :tag => "li", :attributes => { :class => "moveable" } } + + # actually vote + votes = QuickVote.ident_to_quickvote('variable').candidates.collect { |c| c.id} + post :confirm, { 'ident' => 'variable', 'rankings-list' => votes.sort_by {rand} } + + # check for bad/good tags + assert_template('quickvote/thanks') + assert_no_tag :tag => "object" + assert_no_tag :tag => "foobar" + assert_tag :tag => "img", :parent => { :tag => "li" } + # get the results page and check for good/bad tags + get :results, { 'ident' => 'variable' } + assert_response :success + assert_no_tag :tag => "object" + assert_no_tag :tag => "foobar" + assert_tag :tag => "img", :parent => { :tag => "li" } end end