diff --git a/.coveralls.yml b/.coveralls.yml new file mode 100644 index 000000000..6e649991e --- /dev/null +++ b/.coveralls.yml @@ -0,0 +1 @@ +service_name: travis-ci \ No newline at end of file diff --git a/.gitignore b/.gitignore index 05906bf13..eb917c637 100644 --- a/.gitignore +++ b/.gitignore @@ -19,3 +19,5 @@ /spec/examples.txt /config/database.yml /config/secrets.yml + +/coverage diff --git a/Gemfile b/Gemfile index 73325d81d..a0e612360 100644 --- a/Gemfile +++ b/Gemfile @@ -56,5 +56,6 @@ end group :test do gem 'database_cleaner' gem 'poltergeist' + gem 'coveralls', require: false end diff --git a/Gemfile.lock b/Gemfile.lock index 9dad0c3ec..e1390d4ab 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -75,6 +75,12 @@ GEM execjs coffee-script-source (1.9.1.1) columnize (0.9.0) + coveralls (0.8.2) + json (~> 1.8) + rest-client (>= 1.6.8, < 2) + simplecov (~> 0.10.0) + term-ansicolor (~> 1.3) + thor (~> 0.19.1) database_cleaner (1.4.1) debug_inspector (0.0.2) devise (3.5.1) @@ -85,6 +91,9 @@ GEM thread_safe (~> 0.1) warden (~> 1.2.3) diff-lcs (1.2.5) + docile (1.1.5) + domain_name (0.5.24) + unf (>= 0.0.5, < 1.0.0) erubis (2.7.0) execjs (2.5.2) factory_girl (4.5.0) @@ -97,6 +106,8 @@ GEM sass (>= 3.3.0, < 3.5) globalid (0.3.5) activesupport (>= 4.1.0) + http-cookie (1.0.2) + domain_name (~> 0.5) i18n (0.7.0) jbuilder (2.3.1) activesupport (>= 3.0.0, < 5) @@ -121,6 +132,7 @@ GEM mini_portile (0.6.2) minitest (5.7.0) multi_json (1.11.2) + netrc (0.10.3) nokogiri (1.6.6.2) mini_portile (~> 0.6.0) orm_adapter (0.5.0) @@ -164,6 +176,10 @@ GEM recaptcha (0.4.0) responders (2.1.0) railties (>= 4.2.0, < 5) + rest-client (1.8.0) + http-cookie (>= 1.0.2, < 2.0) + mime-types (>= 1.16, < 3.0) + netrc (~> 0.7) rspec-core (3.3.1) rspec-support (~> 3.3.0) rspec-expectations (3.3.0) @@ -191,6 +207,11 @@ GEM sdoc (0.4.1) json (~> 1.7, >= 1.7.7) rdoc (~> 4.0) + simplecov (0.10.0) + docile (~> 1.1.0) + json (~> 1.8) + simplecov-html (~> 0.10.0) + simplecov-html (0.10.0) spring (1.3.6) sprockets (3.2.0) rack (~> 1.0) @@ -198,9 +219,12 @@ GEM actionpack (>= 3.0) activesupport (>= 3.0) sprockets (>= 2.8, < 4.0) + term-ansicolor (1.3.2) + tins (~> 1.0) thor (0.19.1) thread_safe (0.3.5) tilt (1.4.1) + tins (1.5.4) turbolinks (2.5.3) coffee-rails tzinfo (1.2.2) @@ -208,6 +232,9 @@ GEM uglifier (2.7.1) execjs (>= 0.3.0) json (>= 1.8.0) + unf (0.1.4) + unf_ext + unf_ext (0.0.7.1) warden (1.2.3) rack (>= 1.0) web-console (2.2.1) @@ -232,6 +259,7 @@ DEPENDENCIES capybara ckeditor coffee-rails (~> 4.1.0) + coveralls database_cleaner devise factory_girl_rails diff --git a/README.md b/README.md index 648cefd8d..1df4987c8 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,10 @@ # Aplicación de Participación Ciudadana del Ayuntamiento de Madrid +[![Build Status](https://travis-ci.org/AyuntamientoMadrid/participacion.svg?branch=master)](https://travis-ci.org/AyuntamientoMadrid/participacion) +[![Code Climate](https://codeclimate.com/github/AyuntamientoMadrid/participacion/badges/gpa.svg)](https://codeclimate.com/github/AyuntamientoMadrid/participacion) +[![Dependency Status](https://gemnasium.com/AyuntamientoMadrid/participacion.svg)](https://gemnasium.com/AyuntamientoMadrid/participacion) +[![Coverage Status](https://coveralls.io/repos/AyuntamientoMadrid/participacion/badge.svg?branch=master&service=github)](https://coveralls.io/github/AyuntamientoMadrid/participacion?branch=master) + Este es el repositorio de código abierto de la Aplicación de Participación Ciudadana del Ayuntamiento de Madrid. ## Estado del proyecto @@ -22,8 +27,8 @@ cd participacion bundle install cp config/database.yml.example config/database.yml cp config/secrets.yml.example config/secrets.yml -bundle exec bin/rake db:create db:schema_load -RAILS_ENV=test bundle exec rake db:create db:schema_load +bundle exec bin/rake db:create db:schema:load +RAILS_ENV=test bundle exec rake db:create db:schema:load ``` Para ejecutar la aplicación en local: diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index b64f11bb4..d6cda45be 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -7,4 +7,9 @@ class ApplicationController < ActionController::Base # Prevent CSRF attacks by raising an exception. # For APIs, you may want to use :null_session instead. protect_from_forgery with: :exception + + def verify_captcha?(resource) + return true unless recaptcha_keys? + verify_recaptcha(model: resource) + end end diff --git a/app/controllers/comments_controller.rb b/app/controllers/comments_controller.rb index 00fd20653..409bb7c9b 100644 --- a/app/controllers/comments_controller.rb +++ b/app/controllers/comments_controller.rb @@ -1,6 +1,6 @@ class CommentsController < ApplicationController before_action :authenticate_user! - before_action :set_debate, :set_parent + before_action :set_debate, :set_parent, only: :create respond_to :html, :js def create @@ -10,6 +10,12 @@ class CommentsController < ApplicationController respond_with @comment end + def vote + @comment = Comment.find(params[:id]) + @comment.vote_by(voter: current_user, vote: params[:value]) + respond_with @comment + end + private def comment_params params.require(:comments).permit(:commentable_type, :commentable_id, :body) diff --git a/app/controllers/debates_controller.rb b/app/controllers/debates_controller.rb index 23ab36a32..8ccf33f6a 100644 --- a/app/controllers/debates_controller.rb +++ b/app/controllers/debates_controller.rb @@ -1,7 +1,7 @@ class DebatesController < ApplicationController include RecaptchaHelper - before_action :set_debate, only: [:show, :edit, :update] - before_action :authenticate_user!, except: [:show, :index] + before_action :set_debate, only: [:show, :edit, :update, :vote] + before_action :authenticate_user!, except: [:index, :show] before_action :validate_ownership, only: [:edit, :update] def index @@ -26,7 +26,7 @@ class DebatesController < ApplicationController def create @debate = Debate.new(debate_params) @debate.author = current_user - if verify_captcha? and @debate.save + if verify_captcha?(@debate) and @debate.save redirect_to @debate, notice: t('flash.actions.create.notice', resource_name: 'Debate') else render :new @@ -38,6 +38,10 @@ class DebatesController < ApplicationController respond_with @debate end + def vote + @debate.vote_by(voter: current_user, vote: params[:value]) + end + private def set_debate @@ -51,10 +55,4 @@ class DebatesController < ApplicationController def validate_ownership raise ActiveRecord::RecordNotFound unless @debate.editable_by?(current_user) end - - def verify_captcha? - return true unless recaptcha_keys? - verify_recaptcha(model: @debate) - end - end diff --git a/app/controllers/registrations_controller.rb b/app/controllers/registrations_controller.rb index 07b347cdc..c0113de42 100644 --- a/app/controllers/registrations_controller.rb +++ b/app/controllers/registrations_controller.rb @@ -1,15 +1,16 @@ class RegistrationsController < Devise::RegistrationsController + include RecaptchaHelper def create - if verify_recaptcha + if verify_captcha?(resource) super else build_resource(sign_up_params) flash.now[:alert] = t('recaptcha.errors.verification_failed') render :new - end + end end - + private diff --git a/app/controllers/votes_controller.rb b/app/controllers/votes_controller.rb deleted file mode 100644 index e93968f35..000000000 --- a/app/controllers/votes_controller.rb +++ /dev/null @@ -1,21 +0,0 @@ -class VotesController < ApplicationController - before_action :set_debate - before_action :authenticate_user! - respond_to :html, :js - - def create - register_vote - notice = @debate.vote_registered? ? I18n.t("votes.notice_thanks") : I18n.t("votes.notice_already_registered") - respond_with @debate - end - - private - - def set_debate - @debate = Debate.find(params[:debate_id]) - end - - def register_vote - @debate.vote_by voter: current_user, vote: params[:value] - end -end diff --git a/app/models/comment.rb b/app/models/comment.rb index 91d7447c0..e99ef15e3 100644 --- a/app/models/comment.rb +++ b/app/models/comment.rb @@ -1,5 +1,6 @@ class Comment < ActiveRecord::Base acts_as_nested_set scope: [:commentable_id, :commentable_type] + acts_as_votable validates :body, presence: true validates :user, presence: true diff --git a/app/models/debate.rb b/app/models/debate.rb index d82cfb8ac..836e3bf34 100644 --- a/app/models/debate.rb +++ b/app/models/debate.rb @@ -35,6 +35,10 @@ class Debate < ActiveRecord::Base editable? && author == user end + def description + super.try :html_safe + end + protected def sanitize_description diff --git a/app/views/comments/_comment.html.erb b/app/views/comments/_comment.html.erb index 31b448088..6e4e02f19 100644 --- a/app/views/comments/_comment.html.erb +++ b/app/views/comments/_comment.html.erb @@ -7,14 +7,19 @@ <%= comment.user.name %> • <%= time_ago_in_words(comment.created_at) %> -

<%= comment.body %>

- <% if user_signed_in? %> -

<%= render 'comments/form', {parent: comment, toggeable: true} %>

- <% end %> - +

<%= comment.body %>

-
- <%= render comment.children %> -
+ + <%= render 'comments/votes', comment: comment %> + + + <% if user_signed_in? %> +

<%= render 'comments/form', {parent: comment, toggeable: true} %>

+ <% end %> + + +
+ <%= render comment.children %> +
\ No newline at end of file diff --git a/app/views/comments/_votes.html.erb b/app/views/comments/_votes.html.erb new file mode 100644 index 000000000..2f92ff246 --- /dev/null +++ b/app/views/comments/_votes.html.erb @@ -0,0 +1,11 @@ + + <%= link_to "up", vote_comment_path(comment, value: 'yes'), + method: "post", remote: true %> + <%= comment.get_likes.size %> + + + + <%= link_to "down", vote_comment_path(comment, value: 'no'), + method: "post", remote: true %> + <%= comment.get_dislikes.size %> + \ No newline at end of file diff --git a/app/views/comments/vote.js.erb b/app/views/comments/vote.js.erb new file mode 100644 index 000000000..11f0ad905 --- /dev/null +++ b/app/views/comments/vote.js.erb @@ -0,0 +1 @@ +$("#<%= dom_id(@comment) %>_votes").html('<%= j render("comments/votes", comment: @comment) %>'); \ No newline at end of file diff --git a/app/views/debates/_debate.html.erb b/app/views/debates/_debate.html.erb index 93d4ad209..86f58f9e0 100644 --- a/app/views/debates/_debate.html.erb +++ b/app/views/debates/_debate.html.erb @@ -10,30 +10,16 @@

 <%= pluralize(debate.comment_threads.count, t("debates.debate.comment"), t("debates.debate.comments")) %>

-

<%= sanitize(truncate(debate.description, length: 200).html_safe) %>

+ <%= debate.description %> <%= render "shared/tags", debate: debate %> -
-
- <%= link_to debate_votes_path(debate, value: 'yes'), class: "like inline-block", title: t('votes.agree'), method: "post" do %> - - <%= percentage('likes', debate) %> - <% end %> - - - <%= link_to debate_votes_path(debate, value: 'no'), class: "unlike inline-block", title: t('votes.disagree'), method: "post" do %> - - <%= percentage('dislikes', debate) %> - <% end %> -
- - <%= pluralize(debate.total_votes, t("debates.debate.vote"), t("debates.debate.votes")) %> - -
+
+ <%= render 'debates/votes_min', debate: debate %>
+
- \ No newline at end of file + diff --git a/app/views/debates/_featured_debate.html.erb b/app/views/debates/_featured_debate.html.erb index 6f74b0ed7..e4f8cb3ad 100644 --- a/app/views/debates/_featured_debate.html.erb +++ b/app/views/debates/_featured_debate.html.erb @@ -16,22 +16,8 @@
-
- <%= link_to debate_votes_path(featured_debate, value: "yes"), class: "like", title: t('votes.agree'), method: "post" do %> - - <%= percentage('likes', featured_debate) %> - <% end %> - - - - <%= link_to debate_votes_path(featured_debate, value: "no"), class: "unlike", title: t('votes.disagree'), method: "post" do %> - - <%= percentage('dislikes', featured_debate) %> - <% end %> - - - <%= pluralize(featured_debate.total_votes, t("debates.debate.vote"), t("debates.debate.votes")) %> - +
+ <%= render 'debates/featured_debate_votes', debate: featured_debate %>
diff --git a/app/views/debates/_featured_debate_votes.html.erb b/app/views/debates/_featured_debate_votes.html.erb new file mode 100644 index 000000000..f216aad77 --- /dev/null +++ b/app/views/debates/_featured_debate_votes.html.erb @@ -0,0 +1,21 @@ + + <%= link_to vote_debate_path(debate, value: 'yes', partial: 'featured_debate_votes'), + class: "like", title: t('votes.agree'), method: "post", remote: true do %> + + <%= percentage('likes', debate) %> + <% end %> + + + + + + <%= link_to vote_debate_path(debate, value: 'no', partial: 'featured_debate_votes'), + class: "unlike", title: t('votes.disagree'), method: "post", remote: true do %> + + <%= percentage('dislikes', debate) %> + <% end %> + + + + <%= pluralize(debate.total_votes, t("debates.debate.vote"), t("debates.debate.votes")) %> + \ No newline at end of file diff --git a/app/views/votes/_votes.html.erb b/app/views/debates/_votes.html.erb similarity index 63% rename from app/views/votes/_votes.html.erb rename to app/views/debates/_votes.html.erb index b88de32a9..c4339572a 100644 --- a/app/views/votes/_votes.html.erb +++ b/app/views/debates/_votes.html.erb @@ -7,7 +7,8 @@
- <%= link_to debate_votes_path(@debate, value: 'yes'), class: "like", title: t('votes.agree'), method: "post", remote: true do %> + <%= link_to vote_debate_path(@debate, value: 'yes', partial: 'votes'), + class: "like", title: t('votes.agree'), method: "post", remote: true do %> <%= percentage('likes', @debate) %> <% end %> @@ -16,7 +17,8 @@
- <%= link_to debate_votes_path(@debate, value: 'no'), class: "unlike", title: t('votes.disagree'), method: "post", remote: true do %> + <%= link_to vote_debate_path(@debate, value: 'no', partial: 'votes'), + class: "unlike", title: t('votes.disagree'), method: "post", remote: true do %> <%= percentage('dislikes', @debate) %> <% end %> diff --git a/app/views/debates/_votes_min.html.erb b/app/views/debates/_votes_min.html.erb new file mode 100644 index 000000000..204890293 --- /dev/null +++ b/app/views/debates/_votes_min.html.erb @@ -0,0 +1,22 @@ +
+ + <%= link_to vote_debate_path(debate, value: 'yes', partial: 'votes_min'), + class: "like inline-block", title: t('votes.agree'), method: "post", remote: true do %> + + <%= percentage('likes', debate) %> + <% end %> + + + + + <%= link_to vote_debate_path(debate, value: 'no', partial: 'votes_min'), + class: "unlike inline-block", title: t('votes.disagree'), method: "post", remote: true do %> + + <%= percentage('dislikes', debate) %> + <% end %> + +
+ + <%= pluralize(debate.total_votes, t("debates.debate.vote"), t("debates.debate.votes")) %> + +
\ No newline at end of file diff --git a/app/views/debates/show.html.erb b/app/views/debates/show.html.erb index e1bc3ba20..54c4ff7ee 100644 --- a/app/views/debates/show.html.erb +++ b/app/views/debates/show.html.erb @@ -7,11 +7,11 @@ <%= @debate.author.name %> •  <%= l @debate.created_at.to_date %>  •  <%= pluralize(@debate.comment_threads.count, t("debates.show.comment"), t("debates.show.comments")) %>

<%= @debate.title %>

-

<%= @debate.description %>

+ <%= @debate.description %>

<%= render 'shared/tags', debate: @debate %>

-
- <%= render 'votes/votes' %> +
+ <%= render 'debates/votes' %>
<% if user_signed_in? %> <%= link_to t("debates.show.leave_comment"), "#comments", class: "leave-comment" %> @@ -39,4 +39,4 @@ <%= link_to t("debates.show.edit_debate_link"), edit_debate_path(@debate), :class => 'button radius right' %> <% end %>
- \ No newline at end of file + diff --git a/app/views/debates/vote.js.erb b/app/views/debates/vote.js.erb new file mode 100644 index 000000000..e98725bb2 --- /dev/null +++ b/app/views/debates/vote.js.erb @@ -0,0 +1 @@ +$("#<%= dom_id(@debate) %>_votes").html('<%= j render("debates/#{params[:partial]}", debate: @debate) %>'); \ No newline at end of file diff --git a/app/views/votes/create.js.erb b/app/views/votes/create.js.erb deleted file mode 100644 index 5e855e40e..000000000 --- a/app/views/votes/create.js.erb +++ /dev/null @@ -1 +0,0 @@ -$("#votes").html("<%= j render('votes') %>"); \ No newline at end of file diff --git a/config/routes.rb b/config/routes.rb index cd95b8461..73a77f60e 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -6,9 +6,18 @@ Rails.application.routes.draw do # You can have the root of your site routed with "root" root 'debates#index' + resources :debates do - resources :votes, only: :create - resources :comments, only: :create + member do + post :vote + end + + resources :comments, only: :create, shallow: true do + member do + post :vote + end + end + end resource :account, controller: "account", only: [:show, :update] diff --git a/spec/features/debates_spec.rb b/spec/features/debates_spec.rb index cebbda781..ebf8bc10e 100644 --- a/spec/features/debates_spec.rb +++ b/spec/features/debates_spec.rb @@ -54,21 +54,22 @@ feature 'Debates' do expect(page).to have_content I18n.l(Date.today) end - scenario 'JS injection is sanitized' do + scenario 'JS injection is prevented but safe html is respected' do author = create(:user) login_as(author) visit new_debate_path fill_in 'debate_title', with: 'A test' - fill_in 'debate_description', with: 'This is ' + fill_in 'debate_description', with: '

This is

' check 'debate_terms_of_service' click_button 'Create Debate' expect(page).to have_content 'Debate was successfully created.' expect(page).to have_content 'A test' - expect(page).to have_content 'This is alert("an attack");' + expect(page.html).to include '

This is alert("an attack");

' expect(page.html).to_not include '' + expect(page.html).to_not include '<p>This is' end scenario 'tagging using dangerous strings' do diff --git a/spec/features/votes_spec.rb b/spec/features/votes_spec.rb index d1aabd84a..3e44f4f0e 100644 --- a/spec/features/votes_spec.rb +++ b/spec/features/votes_spec.rb @@ -2,74 +2,194 @@ require 'rails_helper' feature 'Votes' do - background do - @manuela = create(:user) - @pablo = create(:user) - @debate = create(:debate) + feature 'Debates' do + + background do + @manuela = create(:user) + @pablo = create(:user) + @debate = create(:debate) + + login_as(@manuela) + visit debate_path(@debate) + end + + scenario 'Show' do + vote = create(:vote, voter: @manuela, votable: @debate, vote_flag: true) + vote = create(:vote, voter: @pablo, votable: @debate, vote_flag: false) + + visit debate_path(@debate) + + expect(page).to have_content "2 votes" + + within('#in_favor') do + expect(page).to have_content "50%" + end + + within('#against') do + expect(page).to have_content "50%" + end + end + + scenario 'Create from debate show', :js do + find('#in_favor a').click + + within('#in_favor') do + expect(page).to have_content "100%" + end + + within('#against') do + expect(page).to have_content "0%" + end + + expect(page).to have_content "1 vote" + end + + scenario 'Create from debate featured', :js do + visit debates_path + + within("#featured-debates") do + find('#in_favor a').click + + within('#in_favor') do + expect(page).to have_content "100%" + end + + within('#against') do + expect(page).to have_content "0%" + end + + expect(page).to have_content "1 vote" + end + expect(URI.parse(current_url).path).to eq(debates_path) + end + + scenario 'Create from debate index', :js do + 3.times { create(:debate) } + visit debates_path + + within("#debates") do + expect(page).to have_css(".debate", count: 1) + + find('#in_favor a').click + + within('#in_favor') do + expect(page).to have_content "100%" + end + + within('#against') do + expect(page).to have_content "0%" + end + + expect(page).to have_content "1 vote" + end + expect(URI.parse(current_url).path).to eq(debates_path) + end + + scenario 'Update', :js do + find('#in_favor a').click + find('#against a').click + + within('#in_favor') do + expect(page).to have_content "0%" + end + + within('#against') do + expect(page).to have_content "100%" + end + + expect(page).to have_content "1 vote" + end + + scenario 'Trying to vote multiple times', :js do + find('#in_favor a').click + find('#in_favor a').click + + within('#in_favor') do + expect(page).to have_content "100%" + end + + within('#against') do + expect(page).to have_content "0%" + end + + expect(page).to have_content "1 vote" + end - login_as(@manuela) - visit debate_path(@debate) end - scenario 'Show' do - vote = create(:vote, voter: @manuela, votable: @debate, vote_flag: true) - vote = create(:vote, voter: @pablo, votable: @debate, vote_flag: false) - visit debate_path(@debate) + feature 'Comments' do - expect(page).to have_content "2 votes" + background do + @manuela = create(:user) + @pablo = create(:user) + @debate = create(:debate) + @comment = create(:comment, commentable: @debate) - within('#in_favor') do - expect(page).to have_content "50%" + login_as(@manuela) + visit debate_path(@debate) end - within('#against') do - expect(page).to have_content "50%" + scenario 'Show' do + vote = create(:vote, voter: @manuela, votable: @comment, vote_flag: true) + vote = create(:vote, voter: @pablo, votable: @comment, vote_flag: false) + + visit debate_path(@debate) + + within("#comment_#{@comment.id}_votes") do + within(".in_favor") do + expect(page).to have_content "1" + end + + within(".against") do + expect(page).to have_content "1" + end + end end + + scenario 'Create', :js do + within("#comment_#{@comment.id}_votes") do + find(".in_favor a").click + + within(".in_favor") do + expect(page).to have_content "1" + end + + within(".against") do + expect(page).to have_content "0" + end + end + end + + scenario 'Update', :js do + within("#comment_#{@comment.id}_votes") do + find('.in_favor a').click + find('.against a').click + + within('.in_favor') do + expect(page).to have_content "0" + end + + within('.against') do + expect(page).to have_content "1" + end + end + end + + scenario 'Trying to vote multiple times', :js do + within("#comment_#{@comment.id}_votes") do + find('.in_favor a').click + find('.in_favor a').click + + within('.in_favor') do + expect(page).to have_content "1" + end + + within('.against') do + expect(page).to have_content "0" + end + end + end + end - - scenario 'Create', :js do - find('#in_favor a').click - - within('#in_favor') do - expect(page).to have_content "100%" - end - - within('#against') do - expect(page).to have_content "0%" - end - - expect(page).to have_content "1 vote" - end - - scenario 'Update', :js do - find('#in_favor a').click - find('#against a').click - - within('#in_favor') do - expect(page).to have_content "0%" - end - - within('#against') do - expect(page).to have_content "100%" - end - - expect(page).to have_content "1 vote" - end - - scenario 'Trying to vote multiple times', :js do - find('#in_favor a').click - find('#in_favor a').click - - within('#in_favor') do - expect(page).to have_content "100%" - end - - within('#against') do - expect(page).to have_content "0%" - end - - expect(page).to have_content "1 vote" - end - end \ No newline at end of file diff --git a/spec/models/debate_spec.rb b/spec/models/debate_spec.rb index f2af2cf0a..00f6217bd 100644 --- a/spec/models/debate_spec.rb +++ b/spec/models/debate_spec.rb @@ -20,15 +20,22 @@ describe Debate do expect(@debate).to_not be_valid end - it "should not be valid without a description" do - @debate.description = nil - expect(@debate).to_not be_valid - end + describe "#description" do + it "should be mandatory" do + @debate.description = nil + expect(@debate).to_not be_valid + end - it "should sanitize the description" do - @debate.description = "" - @debate.valid? - expect(@debate.description).to eq("alert('danger');") + it "should be sanitized" do + @debate.description = "" + @debate.valid? + expect(@debate.description).to eq("alert('danger');") + end + + it "should be html_safe" do + @debate.description = "" + expect(@debate.description).to be_html_safe + end end it "should sanitize the tag list" do diff --git a/spec/rails_helper.rb b/spec/rails_helper.rb index 06687fa9e..d073cc173 100644 --- a/spec/rails_helper.rb +++ b/spec/rails_helper.rb @@ -1,3 +1,5 @@ +require 'coveralls' +Coveralls.wear!('rails') ENV['RAILS_ENV'] ||= 'test' require File.expand_path('../../config/environment', __FILE__) abort("The Rails environment is running in production mode!") if Rails.env.production?