##// END OF EJS Templates
jro_apps » redmine
RSS
Fixed that some input fields are escaped on validation failures (#11027)....
Jean-Philippe Lang -
r9528:472d3a00a314
parent child
Show More
Side by Side Unified
Context file:
r9528:472d3a00a314 Loading diff...:
Show file before | Show file after | Hide comments
@@ -1,103 +1,103
1 1 require 'active_record'
2 2
3 3 module ActiveRecord
4 4 class Base
5 5 include Redmine::I18n
6 6 # Translate attribute names for validation errors display
7 7 def self.human_attribute_name(attr, *args)
8 8 l("field_#{attr.to_s.gsub(/_id$/, '')}", :default => attr)
9 9 end
10 10 end
11 11 end
12 12
13 13 module ActionView
14 14 module Helpers
15 15 module DateHelper
16 16 # distance_of_time_in_words breaks when difference is greater than 30 years
17 17 def distance_of_date_in_words(from_date, to_date = 0, options = {})
18 18 from_date = from_date.to_date if from_date.respond_to?(:to_date)
19 19 to_date = to_date.to_date if to_date.respond_to?(:to_date)
20 20 distance_in_days = (to_date - from_date).abs
21 21
22 22 I18n.with_options :locale => options[:locale], :scope => :'datetime.distance_in_words' do |locale|
23 23 case distance_in_days
24 24 when 0..60 then locale.t :x_days, :count => distance_in_days.round
25 25 when 61..720 then locale.t :about_x_months, :count => (distance_in_days / 30).round
26 26 else locale.t :over_x_years, :count => (distance_in_days / 365).floor
27 27 end
28 28 end
29 29 end
30 30 end
31 31 end
32 32
33 33 class Resolver
34 34 def find_all(name, prefix=nil, partial=false, details={}, key=nil, locals=[])
35 35 cached(key, [name, prefix, partial], details, locals) do
36 36 if details[:formats] & [:xml, :json]
37 37 details = details.dup
38 38 details[:formats] = details[:formats].dup + [:api]
39 39 end
40 40 find_templates(name, prefix, partial, details)
41 41 end
42 42 end
43 43 end
44 44 end
45 45
46 ActionView::Base.field_error_proc = Proc.new{ |html_tag, instance| "#{html_tag}" }
46 ActionView::Base.field_error_proc = Proc.new{ |html_tag, instance| html_tag || ''.html_safe }
47 47
48 48 require 'mail'
49 49
50 50 module DeliveryMethods
51 51 class AsyncSMTP < ::Mail::SMTP
52 52 def deliver!(*args)
53 53 Thread.start do
54 54 super *args
55 55 end
56 56 end
57 57 end
58 58
59 59 class AsyncSendmail < ::Mail::Sendmail
60 60 def deliver!(*args)
61 61 Thread.start do
62 62 super *args
63 63 end
64 64 end
65 65 end
66 66
67 67 class TmpFile
68 68 def initialize(*args); end
69 69
70 70 def deliver!(mail)
71 71 dest_dir = File.join(Rails.root, 'tmp', 'emails')
72 72 Dir.mkdir(dest_dir) unless File.directory?(dest_dir)
73 73 File.open(File.join(dest_dir, mail.message_id.gsub(/[<>]/, '') + '.eml'), 'wb') {|f| f.write(mail.encoded) }
74 74 end
75 75 end
76 76 end
77 77
78 78 ActionMailer::Base.add_delivery_method :async_smtp, DeliveryMethods::AsyncSMTP
79 79 ActionMailer::Base.add_delivery_method :async_sendmail, DeliveryMethods::AsyncSendmail
80 80 ActionMailer::Base.add_delivery_method :tmp_file, DeliveryMethods::TmpFile
81 81
82 82 module ActionController
83 83 module MimeResponds
84 84 class Collector
85 85 def api(&block)
86 86 any(:xml, :json, &block)
87 87 end
88 88 end
89 89 end
90 90 end
91 91
92 92 module ActionController
93 93 class Base
94 94 # Displays an explicit message instead of a NoMethodError exception
95 95 # when trying to start Redmine with an old session_store.rb
96 96 # TODO: remove it in a later version
97 97 def self.session=(*args)
98 98 $stderr.puts "Please remove config/initializers/session_store.rb and run `rake generate_secret_token`.\n" +
99 99 "Setting the session secret with ActionController.session= is no longer supported in Rails 3."
100 100 exit 1
101 101 end
102 102 end
103 103 end
Show file before | Show file after | Hide comments
@@ -1,275 +1,276
1 1 # Redmine - project management software
2 2 # Copyright (C) 2006-2012 Jean-Philippe Lang
3 3 #
4 4 # This program is free software; you can redistribute it and/or
5 5 # modify it under the terms of the GNU General Public License
6 6 # as published by the Free Software Foundation; either version 2
7 7 # of the License, or (at your option) any later version.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU General Public License
15 15 # along with this program; if not, write to the Free Software
16 16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
17 17
18 18 require File.expand_path('../../test_helper', __FILE__)
19 19
20 20 class QueriesControllerTest < ActionController::TestCase
21 21 fixtures :projects, :users, :members, :member_roles, :roles, :trackers, :issue_statuses, :issue_categories, :enumerations, :issues, :custom_fields, :custom_values, :queries
22 22
23 23 def setup
24 24 User.current = nil
25 25 end
26 26
27 27 def test_new_project_query
28 28 @request.session[:user_id] = 2
29 29 get :new, :project_id => 1
30 30 assert_response :success
31 31 assert_template 'new'
32 32 assert_tag :tag => 'input', :attributes => { :type => 'checkbox',
33 33 :name => 'query[is_public]',
34 34 :checked => nil }
35 35 assert_tag :tag => 'input', :attributes => { :type => 'checkbox',
36 36 :name => 'query_is_for_all',
37 37 :checked => nil,
38 38 :disabled => nil }
39 39 assert_select 'select[name=?]', 'c[]' do
40 40 assert_select 'option[value=tracker]'
41 41 assert_select 'option[value=subject]'
42 42 end
43 43 end
44 44
45 45 def test_new_global_query
46 46 @request.session[:user_id] = 2
47 47 get :new
48 48 assert_response :success
49 49 assert_template 'new'
50 50 assert_no_tag :tag => 'input', :attributes => { :type => 'checkbox',
51 51 :name => 'query[is_public]' }
52 52 assert_tag :tag => 'input', :attributes => { :type => 'checkbox',
53 53 :name => 'query_is_for_all',
54 54 :checked => 'checked',
55 55 :disabled => nil }
56 56 end
57 57
58 58 def test_new_on_invalid_project
59 59 @request.session[:user_id] = 2
60 60 get :new, :project_id => 'invalid'
61 61 assert_response 404
62 62 end
63 63
64 64 def test_create_project_public_query
65 65 @request.session[:user_id] = 2
66 66 post :create,
67 67 :project_id => 'ecookbook',
68 68 :default_columns => '1',
69 69 :f => ["status_id", "assigned_to_id"],
70 70 :op => {"assigned_to_id" => "=", "status_id" => "o"},
71 71 :v => { "assigned_to_id" => ["1"], "status_id" => ["1"]},
72 72 :query => {"name" => "test_new_project_public_query", "is_public" => "1"}
73 73
74 74 q = Query.find_by_name('test_new_project_public_query')
75 75 assert_redirected_to :controller => 'issues', :action => 'index', :project_id => 'ecookbook', :query_id => q
76 76 assert q.is_public?
77 77 assert q.has_default_columns?
78 78 assert q.valid?
79 79 end
80 80
81 81 def test_create_project_private_query
82 82 @request.session[:user_id] = 3
83 83 post :create,
84 84 :project_id => 'ecookbook',
85 85 :default_columns => '1',
86 86 :fields => ["status_id", "assigned_to_id"],
87 87 :operators => {"assigned_to_id" => "=", "status_id" => "o"},
88 88 :values => { "assigned_to_id" => ["1"], "status_id" => ["1"]},
89 89 :query => {"name" => "test_new_project_private_query", "is_public" => "1"}
90 90
91 91 q = Query.find_by_name('test_new_project_private_query')
92 92 assert_redirected_to :controller => 'issues', :action => 'index', :project_id => 'ecookbook', :query_id => q
93 93 assert !q.is_public?
94 94 assert q.has_default_columns?
95 95 assert q.valid?
96 96 end
97 97
98 98 def test_create_global_private_query_with_custom_columns
99 99 @request.session[:user_id] = 3
100 100 post :create,
101 101 :fields => ["status_id", "assigned_to_id"],
102 102 :operators => {"assigned_to_id" => "=", "status_id" => "o"},
103 103 :values => { "assigned_to_id" => ["me"], "status_id" => ["1"]},
104 104 :query => {"name" => "test_new_global_private_query", "is_public" => "1"},
105 105 :c => ["", "tracker", "subject", "priority", "category"]
106 106
107 107 q = Query.find_by_name('test_new_global_private_query')
108 108 assert_redirected_to :controller => 'issues', :action => 'index', :project_id => nil, :query_id => q
109 109 assert !q.is_public?
110 110 assert !q.has_default_columns?
111 111 assert_equal [:tracker, :subject, :priority, :category], q.columns.collect {|c| c.name}
112 112 assert q.valid?
113 113 end
114 114
115 115 def test_create_global_query_with_custom_filters
116 116 @request.session[:user_id] = 3
117 117 post :create,
118 118 :fields => ["assigned_to_id"],
119 119 :operators => {"assigned_to_id" => "="},
120 120 :values => { "assigned_to_id" => ["me"]},
121 121 :query => {"name" => "test_new_global_query"}
122 122
123 123 q = Query.find_by_name('test_new_global_query')
124 124 assert_redirected_to :controller => 'issues', :action => 'index', :project_id => nil, :query_id => q
125 125 assert !q.has_filter?(:status_id)
126 126 assert_equal ['assigned_to_id'], q.filters.keys
127 127 assert q.valid?
128 128 end
129 129
130 130 def test_create_with_sort
131 131 @request.session[:user_id] = 1
132 132 post :create,
133 133 :default_columns => '1',
134 134 :operators => {"status_id" => "o"},
135 135 :values => {"status_id" => ["1"]},
136 136 :query => {:name => "test_new_with_sort",
137 137 :is_public => "1",
138 138 :sort_criteria => {"0" => ["due_date", "desc"], "1" => ["tracker", ""]}}
139 139
140 140 query = Query.find_by_name("test_new_with_sort")
141 141 assert_not_nil query
142 142 assert_equal [['due_date', 'desc'], ['tracker', 'asc']], query.sort_criteria
143 143 end
144 144
145 145 def test_create_with_failure
146 146 @request.session[:user_id] = 2
147 147 assert_no_difference '::Query.count' do
148 148 post :create, :project_id => 'ecookbook', :query => {:name => ''}
149 149 end
150 150 assert_response :success
151 151 assert_template 'new'
152 assert_select 'input[name=?]', 'query[name]'
152 153 end
153 154
154 155 def test_edit_global_public_query
155 156 @request.session[:user_id] = 1
156 157 get :edit, :id => 4
157 158 assert_response :success
158 159 assert_template 'edit'
159 160 assert_tag :tag => 'input', :attributes => { :type => 'checkbox',
160 161 :name => 'query[is_public]',
161 162 :checked => 'checked' }
162 163 assert_tag :tag => 'input', :attributes => { :type => 'checkbox',
163 164 :name => 'query_is_for_all',
164 165 :checked => 'checked',
165 166 :disabled => 'disabled' }
166 167 end
167 168
168 169 def test_edit_global_private_query
169 170 @request.session[:user_id] = 3
170 171 get :edit, :id => 3
171 172 assert_response :success
172 173 assert_template 'edit'
173 174 assert_no_tag :tag => 'input', :attributes => { :type => 'checkbox',
174 175 :name => 'query[is_public]' }
175 176 assert_tag :tag => 'input', :attributes => { :type => 'checkbox',
176 177 :name => 'query_is_for_all',
177 178 :checked => 'checked',
178 179 :disabled => 'disabled' }
179 180 end
180 181
181 182 def test_edit_project_private_query
182 183 @request.session[:user_id] = 3
183 184 get :edit, :id => 2
184 185 assert_response :success
185 186 assert_template 'edit'
186 187 assert_no_tag :tag => 'input', :attributes => { :type => 'checkbox',
187 188 :name => 'query[is_public]' }
188 189 assert_tag :tag => 'input', :attributes => { :type => 'checkbox',
189 190 :name => 'query_is_for_all',
190 191 :checked => nil,
191 192 :disabled => nil }
192 193 end
193 194
194 195 def test_edit_project_public_query
195 196 @request.session[:user_id] = 2
196 197 get :edit, :id => 1
197 198 assert_response :success
198 199 assert_template 'edit'
199 200 assert_tag :tag => 'input', :attributes => { :type => 'checkbox',
200 201 :name => 'query[is_public]',
201 202 :checked => 'checked'
202 203 }
203 204 assert_tag :tag => 'input', :attributes => { :type => 'checkbox',
204 205 :name => 'query_is_for_all',
205 206 :checked => nil,
206 207 :disabled => 'disabled' }
207 208 end
208 209
209 210 def test_edit_sort_criteria
210 211 @request.session[:user_id] = 1
211 212 get :edit, :id => 5
212 213 assert_response :success
213 214 assert_template 'edit'
214 215 assert_tag :tag => 'select', :attributes => { :name => 'query[sort_criteria][0][]' },
215 216 :child => { :tag => 'option', :attributes => { :value => 'priority',
216 217 :selected => 'selected' } }
217 218 assert_tag :tag => 'select', :attributes => { :name => 'query[sort_criteria][0][]' },
218 219 :child => { :tag => 'option', :attributes => { :value => 'desc',
219 220 :selected => 'selected' } }
220 221 end
221 222
222 223 def test_edit_invalid_query
223 224 @request.session[:user_id] = 2
224 225 get :edit, :id => 99
225 226 assert_response 404
226 227 end
227 228
228 229 def test_udpate_global_private_query
229 230 @request.session[:user_id] = 3
230 231 put :update,
231 232 :id => 3,
232 233 :default_columns => '1',
233 234 :fields => ["status_id", "assigned_to_id"],
234 235 :operators => {"assigned_to_id" => "=", "status_id" => "o"},
235 236 :values => { "assigned_to_id" => ["me"], "status_id" => ["1"]},
236 237 :query => {"name" => "test_edit_global_private_query", "is_public" => "1"}
237 238
238 239 assert_redirected_to :controller => 'issues', :action => 'index', :query_id => 3
239 240 q = Query.find_by_name('test_edit_global_private_query')
240 241 assert !q.is_public?
241 242 assert q.has_default_columns?
242 243 assert q.valid?
243 244 end
244 245
245 246 def test_update_global_public_query
246 247 @request.session[:user_id] = 1
247 248 put :update,
248 249 :id => 4,
249 250 :default_columns => '1',
250 251 :fields => ["status_id", "assigned_to_id"],
251 252 :operators => {"assigned_to_id" => "=", "status_id" => "o"},
252 253 :values => { "assigned_to_id" => ["1"], "status_id" => ["1"]},
253 254 :query => {"name" => "test_edit_global_public_query", "is_public" => "1"}
254 255
255 256 assert_redirected_to :controller => 'issues', :action => 'index', :query_id => 4
256 257 q = Query.find_by_name('test_edit_global_public_query')
257 258 assert q.is_public?
258 259 assert q.has_default_columns?
259 260 assert q.valid?
260 261 end
261 262
262 263 def test_update_with_failure
263 264 @request.session[:user_id] = 1
264 265 put :update, :id => 4, :query => {:name => ''}
265 266 assert_response :success
266 267 assert_template 'edit'
267 268 end
268 269
269 270 def test_destroy
270 271 @request.session[:user_id] = 2
271 272 delete :destroy, :id => 1
272 273 assert_redirected_to :controller => 'issues', :action => 'index', :project_id => 'ecookbook', :set_filter => 1, :query_id => nil
273 274 assert_nil Query.find_by_id(1)
274 275 end
275 276 end
General Comments 0
You need to be logged in to leave comments. Login now