consul/nairobi
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix conflict

Browse Source
This commit is contained in:
Juanjo Bazán
2015-08-05 14:46:18 +02:00
parent 8d87a69e0f d23ce151a6
commit ae8068f5fd
28 changed files with 363 additions and 159 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
spec/features/debates_spec.rb
View File

@@ -54,21 +54,22 @@ feature 'Debates' do
expect(page).to have_content I18n.l(Date.today)
end
scenario 'JS injection is sanitized' do
scenario 'JS injection is prevented but safe html is respected' do
author = create(:user)
login_as(author)
visit new_debate_path
fill_in 'debate_title', with: 'A test'
fill_in 'debate_description', with: 'This is <script>alert("an attack");</script>'
fill_in 'debate_description', with: '<p>This is <script>alert("an attack");</script></p>'
check 'debate_terms_of_service'
click_button 'Create Debate'
expect(page).to have_content 'Debate was successfully created.'
expect(page).to have_content 'A test'
expect(page).to have_content 'This is alert("an attack");'
expect(page.html).to include '<p>This is alert("an attack");</p>'
expect(page.html).to_not include '<script>alert("an attack");</script>'
expect(page.html).to_not include '&lt;p&gt;This is'
end
scenario 'tagging using dangerous strings' do

240
spec/features/votes_spec.rb
View File

@@ -2,74 +2,194 @@ require 'rails_helper'
feature 'Votes' do
background do
@manuela = create(:user)
@pablo = create(:user)
@debate = create(:debate)
feature 'Debates' do
background do
@manuela = create(:user)
@pablo = create(:user)
@debate = create(:debate)
login_as(@manuela)
visit debate_path(@debate)
end
scenario 'Show' do
vote = create(:vote, voter: @manuela, votable: @debate, vote_flag: true)
vote = create(:vote, voter: @pablo, votable: @debate, vote_flag: false)
visit debate_path(@debate)
expect(page).to have_content "2 votes"
within('#in_favor') do
expect(page).to have_content "50%"
end
within('#against') do
expect(page).to have_content "50%"
end
end
scenario 'Create from debate show', :js do
find('#in_favor a').click
within('#in_favor') do
expect(page).to have_content "100%"
end
within('#against') do
expect(page).to have_content "0%"
end
expect(page).to have_content "1 vote"
end
scenario 'Create from debate featured', :js do
visit debates_path
within("#featured-debates") do
find('#in_favor a').click
within('#in_favor') do
expect(page).to have_content "100%"
end
within('#against') do
expect(page).to have_content "0%"
end
expect(page).to have_content "1 vote"
end
expect(URI.parse(current_url).path).to eq(debates_path)
end
scenario 'Create from debate index', :js do
3.times { create(:debate) }
visit debates_path
within("#debates") do
expect(page).to have_css(".debate", count: 1)
find('#in_favor a').click
within('#in_favor') do
expect(page).to have_content "100%"
end
within('#against') do
expect(page).to have_content "0%"
end
expect(page).to have_content "1 vote"
end
expect(URI.parse(current_url).path).to eq(debates_path)
end
scenario 'Update', :js do
find('#in_favor a').click
find('#against a').click
within('#in_favor') do
expect(page).to have_content "0%"
end
within('#against') do
expect(page).to have_content "100%"
end
expect(page).to have_content "1 vote"
end
scenario 'Trying to vote multiple times', :js do
find('#in_favor a').click
find('#in_favor a').click
within('#in_favor') do
expect(page).to have_content "100%"
end
within('#against') do
expect(page).to have_content "0%"
end
expect(page).to have_content "1 vote"
end
login_as(@manuela)
visit debate_path(@debate)
end
scenario 'Show' do
vote = create(:vote, voter: @manuela, votable: @debate, vote_flag: true)
vote = create(:vote, voter: @pablo, votable: @debate, vote_flag: false)
visit debate_path(@debate)
feature 'Comments' do
expect(page).to have_content "2 votes"
background do
@manuela = create(:user)
@pablo = create(:user)
@debate = create(:debate)
@comment = create(:comment, commentable: @debate)
within('#in_favor') do
expect(page).to have_content "50%"
login_as(@manuela)
visit debate_path(@debate)
end
within('#against') do
expect(page).to have_content "50%"
scenario 'Show' do
vote = create(:vote, voter: @manuela, votable: @comment, vote_flag: true)
vote = create(:vote, voter: @pablo, votable: @comment, vote_flag: false)
visit debate_path(@debate)
within("#comment_#{@comment.id}_votes") do
within(".in_favor") do
expect(page).to have_content "1"
end
within(".against") do
expect(page).to have_content "1"
end
end
end
scenario 'Create', :js do
within("#comment_#{@comment.id}_votes") do
find(".in_favor a").click
within(".in_favor") do
expect(page).to have_content "1"
end
within(".against") do
expect(page).to have_content "0"
end
end
end
scenario 'Update', :js do
within("#comment_#{@comment.id}_votes") do
find('.in_favor a').click
find('.against a').click
within('.in_favor') do
expect(page).to have_content "0"
end
within('.against') do
expect(page).to have_content "1"
end
end
end
scenario 'Trying to vote multiple times', :js do
within("#comment_#{@comment.id}_votes") do
find('.in_favor a').click
find('.in_favor a').click
within('.in_favor') do
expect(page).to have_content "1"
end
within('.against') do
expect(page).to have_content "0"
end
end
end
end
scenario 'Create', :js do
find('#in_favor a').click
within('#in_favor') do
expect(page).to have_content "100%"
end
within('#against') do
expect(page).to have_content "0%"
end
expect(page).to have_content "1 vote"
end
scenario 'Update', :js do
find('#in_favor a').click
find('#against a').click
within('#in_favor') do
expect(page).to have_content "0%"
end
within('#against') do
expect(page).to have_content "100%"
end
expect(page).to have_content "1 vote"
end
scenario 'Trying to vote multiple times', :js do
find('#in_favor a').click
find('#in_favor a').click
within('#in_favor') do
expect(page).to have_content "100%"
end
within('#against') do
expect(page).to have_content "0%"
end
expect(page).to have_content "1 vote"
end
end

23
spec/models/debate_spec.rb
View File

@@ -20,15 +20,22 @@ describe Debate do
expect(@debate).to_not be_valid
end
it "should not be valid without a description" do
@debate.description = nil
expect(@debate).to_not be_valid
end
describe "#description" do
it "should be mandatory" do
@debate.description = nil
expect(@debate).to_not be_valid
end
it "should sanitize the description" do
@debate.description = "<script>alert('danger');</script>"
@debate.valid?
expect(@debate.description).to eq("alert('danger');")
it "should be sanitized" do
@debate.description = "<script>alert('danger');</script>"
@debate.valid?
expect(@debate.description).to eq("alert('danger');")
end
it "should be html_safe" do
@debate.description = "<script>alert('danger');</script>"
expect(@debate.description).to be_html_safe
end
end
it "should sanitize the tag list" do

2
spec/rails_helper.rb
View File

@@ -1,3 +1,5 @@
require 'coveralls'
Coveralls.wear!('rails')
ENV['RAILS_ENV'] ||= 'test'
require File.expand_path('../../config/environment', __FILE__)
abort("The Rails environment is running in production mode!") if Rails.env.production?