Commit 2c2f7890bff7bf277381b5f4b067fc389c48ed25
1 parent
d240b511
Exists in
staging
and in
42 other branches
ActionItem438: implemented SSL requirements
Changes:
* Implemented require_ssl and refuse_ssl in ApplicationController
* Changed AccountController to require SSL
+ pointing to HTTPS in login forms
* Changed PublicController to refuse SSL, and fixed all controllers
in app/controllers/public to inherit from it (with some
exceptions).
* Changed MyProfileController to require SSL
Side-effects:
* Some controllers had been changed in an unappropriated way for the
new SSL requirement.
* Some tests changed to reflect the new SSL requirements.
* Needed to tweak content_viewer controller to deal with SSL URL's:
+ Fixed detection of user coming from public view that was broke
by the SSL thing.
* adapted enterprise_registration tests
git-svn-id: https://svn.colivre.coop.br/svn/noosfero/trunk@2458 3f533792-8f58-4932-b0fe-aaf55b0a4547
Showing
39 changed files
with
215 additions
and
17 deletions
Show diff stats
app/controllers/application.rb
| ... | ... | @@ -30,6 +30,22 @@ class ApplicationController < ActionController::Base |
| 30 | 30 | include AuthenticatedSystem |
| 31 | 31 | include PermissionCheck |
| 32 | 32 | |
| 33 | + def self.require_ssl(*options) | |
| 34 | + before_filter :check_ssl, *options | |
| 35 | + end | |
| 36 | + def check_ssl | |
| 37 | + return true if (request.ssl? || ENV['RAILS_ENV'] == 'development') | |
| 38 | + redirect_to :protocol => 'https://' | |
| 39 | + end | |
| 40 | + | |
| 41 | + def self.refuse_ssl(*options) | |
| 42 | + before_filter :avoid_ssl, *options | |
| 43 | + end | |
| 44 | + def avoid_ssl | |
| 45 | + return true if (!request.ssl? || ENV['RAILS_ENV'] == 'development') | |
| 46 | + redirect_to :protocol => 'http://' | |
| 47 | + end | |
| 48 | + | |
| 33 | 49 | before_init_gettext :maybe_save_locale |
| 34 | 50 | after_init_gettext :check_locale |
| 35 | 51 | init_gettext 'noosfero' | ... | ... |
app/controllers/my_profile/cms_controller.rb
| ... | ... | @@ -165,7 +165,7 @@ class CmsController < MyProfileController |
| 165 | 165 | |
| 166 | 166 | def record_coming_from_public_view |
| 167 | 167 | referer = request.referer |
| 168 | - if (referer == url_for(@article.url)) || (@article == @profile.home_page && referer == url_for(@profile.url)) | |
| 168 | + if (maybe_ssl(url_for(@article.url)).include?(referer)) || (@article == @profile.home_page && maybe_ssl(url_for(@profile.url)).include?(referer)) | |
| 169 | 169 | @back_to = 'public_view' |
| 170 | 170 | @back_url = @article.url |
| 171 | 171 | end |
| ... | ... | @@ -173,11 +173,15 @@ class CmsController < MyProfileController |
| 173 | 173 | |
| 174 | 174 | def record_creating_from_public_view |
| 175 | 175 | referer = request.referer |
| 176 | - if (referer =~ Regexp.new("^#{url_for(profile.url)}")) | |
| 176 | + if (referer =~ Regexp.new("^#{(url_for(profile.url).sub('https:', 'https?:'))}")) | |
| 177 | 177 | @back_to = 'public_view' |
| 178 | 178 | @back_url = referer |
| 179 | 179 | end |
| 180 | 180 | end |
| 181 | 181 | |
| 182 | + def maybe_ssl(url) | |
| 183 | + [url, url.sub('https:', 'http:')] | |
| 184 | + end | |
| 185 | + | |
| 182 | 186 | end |
| 183 | 187 | ... | ... |
app/controllers/my_profile_controller.rb
app/controllers/public/account_controller.rb
app/controllers/public/catalog_controller.rb
app/controllers/public/content_viewer_controller.rb
| 1 | -class ContentViewerController < PublicController | |
| 1 | +class ContentViewerController < ApplicationController | |
| 2 | 2 | |
| 3 | 3 | needs_profile |
| 4 | 4 | |
| ... | ... | @@ -28,6 +28,11 @@ class ContentViewerController < PublicController |
| 28 | 28 | end |
| 29 | 29 | end |
| 30 | 30 | |
| 31 | + if !@page.public? && !request.ssl? | |
| 32 | + redirect_to :protocol => 'https://' | |
| 33 | + return | |
| 34 | + end | |
| 35 | + | |
| 31 | 36 | if !@page.display_to?(user) |
| 32 | 37 | # FIXME find a nice "access denied" layout |
| 33 | 38 | render :action => 'access_denied', :status => 403, :layout => false | ... | ... |
app/controllers/public/enterprise_registration_controller.rb
app/controllers/public/profile_controller.rb
app/controllers/public/search_controller.rb
app/controllers/public/tag_controller.rb
app/controllers/public_controller.rb
app/helpers/application_helper.rb
| ... | ... | @@ -707,4 +707,10 @@ module ApplicationHelper |
| 707 | 707 | end |
| 708 | 708 | end |
| 709 | 709 | |
| 710 | + def login_url | |
| 711 | + options = { :controller => 'account', :action => 'login' } | |
| 712 | + options.merge!(:protocol => 'https://', :host => request.host) unless ENV['RAILS_ENV'] == 'development' | |
| 713 | + url_for(options) | |
| 714 | + end | |
| 715 | + | |
| 710 | 716 | end | ... | ... |
app/views/account/_login_form.rhtml
| 1 | 1 | <% labelled_form_for :user, @user, |
| 2 | - :url => { :controller => 'account', :action => 'login' }, | |
| 2 | + :url => login_url, | |
| 3 | 3 | :html => { :help => _('If you are a registered user, enter your username and password to be authenticated.')+'<p/>'+_('To join on this environment, click on "<b>I want to be an user!</b>".')+'<p/>'+_('If you forgot your password, click on "<b>I forgot my password!</b>" link.') } do |f| %> |
| 4 | 4 | |
| 5 | 5 | <%= f.text_field :login, | ... | ... |
app/views/account/login.rhtml
| ... | ... | @@ -5,7 +5,7 @@ |
| 5 | 5 | <% @user = User.new unless @user %> |
| 6 | 6 | |
| 7 | 7 | <% labelled_form_for :user, @user, |
| 8 | - :url => { :controller => 'account', :action => 'login' }, | |
| 8 | + :url => login_url, | |
| 9 | 9 | :html => { :help => _('If you are a registered user, enter your username and password to be authenticated.')+'<p/>'+_('To join on this environment, click on "<b>I want to be an user!</b>".')+'<p/>'+_('If you forgot your password, click on "<b>I forgot my password!</b>" link.') } do |f| %> |
| 10 | 10 | |
| 11 | 11 | <%= f.text_field :login, | ... | ... |
app/views/account/login_block.rhtml
| ... | ... | @@ -11,7 +11,7 @@ |
| 11 | 11 | |
| 12 | 12 | <% labelled_form_for :user, @user, |
| 13 | 13 | :html => { :help => _('If you are a registered user, enter your username and password to be authenticated.')+'<p/>'+_('To join on this environment, click on "<b>New user</b>".')+'<p/>'+_('If you forgot your password, click on "<b>I forgot my password!</b>" link.') }, |
| 14 | - :url => { :controller => 'account', :action => 'login' } do |f| %> | |
| 14 | + :url => login_url do |f| %> | |
| 15 | 15 | |
| 16 | 16 | <%= f.text_field :login, |
| 17 | 17 | :help => _('Here goes the nickname that you give on the registration.'), | ... | ... |
test/functional/account_controller_test.rb
| ... | ... | @@ -15,6 +15,8 @@ class AccountControllerTest < Test::Unit::TestCase |
| 15 | 15 | @controller = AccountController.new |
| 16 | 16 | @request = ActionController::TestRequest.new |
| 17 | 17 | @response = ActionController::TestResponse.new |
| 18 | + | |
| 19 | + @request.stubs(:ssl?).returns(true) | |
| 18 | 20 | end |
| 19 | 21 | |
| 20 | 22 | def test_local_files_reference |
| ... | ... | @@ -515,6 +517,29 @@ class AccountControllerTest < Test::Unit::TestCase |
| 515 | 517 | assert_equal 1, assigns(:user).person.boxes[0].blocks.size |
| 516 | 518 | end |
| 517 | 519 | |
| 520 | + should 'force ssl' do | |
| 521 | + @request.expects(:ssl?).returns(false).at_least_once | |
| 522 | + get :index | |
| 523 | + assert_redirected_to :protocol => 'https://' | |
| 524 | + end | |
| 525 | + | |
| 526 | + should 'alllow login_popup without SSL' do | |
| 527 | + @request.expects(:ssl?).returns(false).at_least_once | |
| 528 | + get :login_popup | |
| 529 | + assert_response :success | |
| 530 | + end | |
| 531 | + | |
| 532 | + should 'point to SSL URL in login popup' do | |
| 533 | + get :login_popup | |
| 534 | + assert_tag :tag => 'form', :attributes => { :action => /^https:\/\// } | |
| 535 | + end | |
| 536 | + | |
| 537 | + should 'not point to SSL URL in login popup when in development mode' do | |
| 538 | + ENV.expects(:[]).with('RAILS_ENV').returns('development').at_least_once | |
| 539 | + get :login_popup | |
| 540 | + assert_no_tag :tag => 'form', :attributes => { :action => /^https:\/\// } | |
| 541 | + end | |
| 542 | + | |
| 518 | 543 | protected |
| 519 | 544 | def create_user(options = {}, extra_options ={}) |
| 520 | 545 | post :signup, { :user => { :login => 'quire', | ... | ... |
test/functional/application_controller_test.rb
| ... | ... | @@ -224,4 +224,52 @@ class ApplicationControllerTest < Test::Unit::TestCase |
| 224 | 224 | get :index |
| 225 | 225 | end |
| 226 | 226 | |
| 227 | + should 'require ssl when told to' do | |
| 228 | + @request.expects(:ssl?).returns(false).at_least_once | |
| 229 | + get :sslonly | |
| 230 | + assert_redirected_to :protocol => 'https://' | |
| 231 | + end | |
| 232 | + | |
| 233 | + should 'not force ssl in development mode' do | |
| 234 | + ENV.expects(:[]).with('RAILS_ENV').returns('development') | |
| 235 | + @request.expects(:ssl?).returns(false).at_least_once | |
| 236 | + get :sslonly | |
| 237 | + assert_response :success | |
| 238 | + end | |
| 239 | + | |
| 240 | + should 'not force ssl when not told to' do | |
| 241 | + @request.expects(:ssl?).returns(false).at_least_once | |
| 242 | + get :doesnt_need_ssl | |
| 243 | + assert_response :success | |
| 244 | + end | |
| 245 | + | |
| 246 | + should 'not force ssl when already in ssl' do | |
| 247 | + @request.expects(:ssl?).returns(true).at_least_once | |
| 248 | + get :sslonly | |
| 249 | + assert_response :success | |
| 250 | + end | |
| 251 | + | |
| 252 | + should 'refuse ssl when told to' do | |
| 253 | + @request.expects(:ssl?).returns(true).at_least_once | |
| 254 | + get :nossl | |
| 255 | + assert_redirected_to :protocol => "http://" | |
| 256 | + end | |
| 257 | + | |
| 258 | + should 'not refuse ssl when not told to' do | |
| 259 | + @request.expects(:ssl?).returns(true).at_least_once | |
| 260 | + get :doesnt_refuse_ssl | |
| 261 | + assert_response :success | |
| 262 | + end | |
| 263 | + should 'not refuse ssl while in development mode' do | |
| 264 | + ENV.expects(:[]).with('RAILS_ENV').returns('development') | |
| 265 | + @request.expects(:ssl?).returns(true).at_least_once | |
| 266 | + get :nossl | |
| 267 | + assert_response :success | |
| 268 | + end | |
| 269 | + should 'not refuse ssl when not in ssl' do | |
| 270 | + @request.expects(:ssl?).returns(false).at_least_once | |
| 271 | + get :nossl | |
| 272 | + assert_response :success | |
| 273 | + end | |
| 274 | + | |
| 227 | 275 | end | ... | ... |
test/functional/cms_controller_test.rb
| ... | ... | @@ -11,6 +11,7 @@ class CmsControllerTest < Test::Unit::TestCase |
| 11 | 11 | def setup |
| 12 | 12 | @controller = CmsController.new |
| 13 | 13 | @request = ActionController::TestRequest.new |
| 14 | + @request.stubs(:ssl?).returns(true) | |
| 14 | 15 | @response = ActionController::TestResponse.new |
| 15 | 16 | |
| 16 | 17 | @profile = create_user_with_permission('testinguser', 'post_content') |
| ... | ... | @@ -513,14 +514,14 @@ class CmsControllerTest < Test::Unit::TestCase |
| 513 | 514 | |
| 514 | 515 | get :edit, :profile => 'testinguser', :id => article.id |
| 515 | 516 | assert_tag :tag => 'input', :attributes => { :type => 'hidden', :name => 'back_to', :value => 'public_view' } |
| 516 | - assert_tag :tag => 'a', :descendant => { :content => 'Cancel' }, :attributes => { :href => 'http://colivre.net/testinguser/myarticle' } | |
| 517 | + assert_tag :tag => 'a', :descendant => { :content => 'Cancel' }, :attributes => { :href => /^https?:\/\/colivre.net\/testinguser\/myarticle/ } | |
| 517 | 518 | end |
| 518 | 519 | |
| 519 | 520 | should 'detect when comming from home page' do |
| 520 | 521 | @request.expects(:referer).returns('http://colivre.net/testinguser') |
| 521 | 522 | get :edit, :profile => 'testinguser', :id => @profile.home_page.id |
| 522 | 523 | assert_tag :tag => 'input', :attributes => { :type => 'hidden', :name => 'back_to', :value => 'public_view' } |
| 523 | - assert_tag :tag => 'a', :descendant => { :content => 'Cancel' }, :attributes => { :href => 'http://colivre.net/testinguser/' + @profile.home_page.slug } | |
| 524 | + assert_tag :tag => 'a', :descendant => { :content => 'Cancel' }, :attributes => { :href => /^https?:\/\/colivre.net\/testinguser\/#{@profile.home_page.slug}$/ } | |
| 524 | 525 | end |
| 525 | 526 | |
| 526 | 527 | should 'go back to public view when saving coming from there' do | ... | ... |
test/functional/content_viewer_controller_test.rb
| ... | ... | @@ -370,6 +370,8 @@ class ContentViewerControllerTest < Test::Unit::TestCase |
| 370 | 370 | should 'not give access to private articles if logged off' do |
| 371 | 371 | profile = Profile.create!(:name => 'test profile', :identifier => 'test_profile') |
| 372 | 372 | intranet = Folder.create!(:name => 'my_intranet', :profile => profile, :public_article => false) |
| 373 | + | |
| 374 | + @request.stubs(:ssl?).returns(true) | |
| 373 | 375 | get :view_page, :profile => 'test_profile', :page => [ 'my-intranet' ] |
| 374 | 376 | |
| 375 | 377 | assert_template 'access_denied' |
| ... | ... | @@ -379,6 +381,8 @@ class ContentViewerControllerTest < Test::Unit::TestCase |
| 379 | 381 | login_as('testinguser') |
| 380 | 382 | profile = Profile.create!(:name => 'test profile', :identifier => 'test_profile') |
| 381 | 383 | intranet = Folder.create!(:name => 'my_intranet', :profile => profile, :public_article => false) |
| 384 | + | |
| 385 | + @request.stubs(:ssl?).returns(true) | |
| 382 | 386 | get :view_page, :profile => 'test_profile', :page => [ 'my-intranet' ] |
| 383 | 387 | |
| 384 | 388 | assert_template 'access_denied' |
| ... | ... | @@ -391,6 +395,7 @@ class ContentViewerControllerTest < Test::Unit::TestCase |
| 391 | 395 | profile.affiliate(person, Profile::Roles.member) |
| 392 | 396 | login_as('test_user') |
| 393 | 397 | |
| 398 | + @request.stubs(:ssl?).returns(true) | |
| 394 | 399 | get :view_page, :profile => 'test_profile', :page => [ 'my-intranet' ] |
| 395 | 400 | |
| 396 | 401 | assert_template 'view_page' |
| ... | ... | @@ -412,6 +417,20 @@ class ContentViewerControllerTest < Test::Unit::TestCase |
| 412 | 417 | |
| 413 | 418 | assert_tag :tag => 'a', :attributes => {:href => ('/myprofile/' + profile.identifier + '/cms/publish/' + page.id.to_s)} |
| 414 | 419 | end |
| 420 | + | |
| 421 | + should 'require SSL for viewing non-public articles' do | |
| 422 | + page = profile.articles.create!(:name => 'myarticle', :body => 'top secret', :public_article => false) | |
| 423 | + get :view_page, :profile => 'testinguser', :page => [ 'myarticle' ] | |
| 424 | + assert_redirected_to :protocol => 'https://' | |
| 425 | + end | |
| 426 | + | |
| 427 | + should 'not redirect to SSL if already on SSL' do | |
| 428 | + @request.expects(:ssl?).returns(true).at_least_once | |
| 429 | + page = profile.articles.create!(:name => 'myarticle', :body => 'top secret', :public_article => false) | |
| 430 | + login_as('testinguser') | |
| 431 | + get :view_page, :profile => 'testinguser', :page => [ 'myarticle' ] | |
| 432 | + assert_response :success | |
| 433 | + end | |
| 415 | 434 | |
| 416 | 435 | should 'not show link to publication on view if not on person profile' do |
| 417 | 436 | prof = Community.create!(:name => 'test comm', :identifier => 'test_comm') | ... | ... |
test/functional/enterprise_editor_controller_test.rb
| ... | ... | @@ -8,6 +8,7 @@ class EnterpriseEditorControllerTest < Test::Unit::TestCase |
| 8 | 8 | def setup |
| 9 | 9 | @controller = EnterpriseEditorController.new |
| 10 | 10 | @request = ActionController::TestRequest.new |
| 11 | + @request.stubs(:ssl?).returns(true) | |
| 11 | 12 | @response = ActionController::TestResponse.new |
| 12 | 13 | end |
| 13 | 14 | ... | ... |
test/functional/enterprise_registration_controller_test.rb
test/functional/enterprise_validation_controller_test.rb
| ... | ... | @@ -11,6 +11,7 @@ class EnterpriseValidationControllerTest < Test::Unit::TestCase |
| 11 | 11 | def setup |
| 12 | 12 | @controller = EnterpriseValidationController.new |
| 13 | 13 | @request = ActionController::TestRequest.new |
| 14 | + @request.stubs(:ssl?).returns(true) | |
| 14 | 15 | @response = ActionController::TestResponse.new |
| 15 | 16 | |
| 16 | 17 | login_as 'ze' | ... | ... |
test/functional/favorite_enterprises_controller_test.rb
| ... | ... | @@ -10,6 +10,7 @@ class FavoriteEnterprisesControllerTest < Test::Unit::TestCase |
| 10 | 10 | def setup |
| 11 | 11 | @controller = FavoriteEnterprisesController.new |
| 12 | 12 | @request = ActionController::TestRequest.new |
| 13 | + @request.stubs(:ssl?).returns(true) | |
| 13 | 14 | @response = ActionController::TestResponse.new |
| 14 | 15 | |
| 15 | 16 | self.profile = create_user('testuser').person | ... | ... |
test/functional/friends_controller_test.rb
| ... | ... | @@ -10,6 +10,7 @@ class FriendsControllerTest < Test::Unit::TestCase |
| 10 | 10 | def setup |
| 11 | 11 | @controller = FriendsController.new |
| 12 | 12 | @request = ActionController::TestRequest.new |
| 13 | + @request.stubs(:ssl?).returns(true) | |
| 13 | 14 | @response = ActionController::TestResponse.new |
| 14 | 15 | |
| 15 | 16 | self.profile = create_user('testuser').person | ... | ... |
test/functional/mailconf_controller_test.rb
| ... | ... | @@ -7,6 +7,7 @@ class MailconfControllerTest < Test::Unit::TestCase |
| 7 | 7 | def setup |
| 8 | 8 | @controller = MailconfController.new |
| 9 | 9 | @request = ActionController::TestRequest.new |
| 10 | + @request.stubs(:ssl?).returns(true) | |
| 10 | 11 | @response = ActionController::TestResponse.new |
| 11 | 12 | |
| 12 | 13 | MailConf.stubs(:enabled?).returns(true) | ... | ... |
test/functional/manage_products_controller_test.rb
| ... | ... | @@ -9,6 +9,7 @@ class ManageProductsControllerTest < Test::Unit::TestCase |
| 9 | 9 | def setup |
| 10 | 10 | @controller = ManageProductsController.new |
| 11 | 11 | @request = ActionController::TestRequest.new |
| 12 | + @request.stubs(:ssl?).returns(true) | |
| 12 | 13 | @response = ActionController::TestResponse.new |
| 13 | 14 | @enterprise = Enterprise.create(:name => 'teste', :identifier => 'test_ent') |
| 14 | 15 | @user = create_user_with_permission('test_user', 'manage_products', @enterprise) | ... | ... |
test/functional/memberships_controller_test.rb
| ... | ... | @@ -12,6 +12,7 @@ class MembershipsControllerTest < Test::Unit::TestCase |
| 12 | 12 | def setup |
| 13 | 13 | @controller = MembershipsController.new |
| 14 | 14 | @request = ActionController::TestRequest.new |
| 15 | + @request.stubs(:ssl?).returns(true) | |
| 15 | 16 | @response = ActionController::TestResponse.new |
| 16 | 17 | |
| 17 | 18 | @profile = create_user('testuser').person | ... | ... |
test/functional/my_profile_controller_test.rb
| ... | ... | @@ -17,6 +17,7 @@ class MyProfileControllerTest < Test::Unit::TestCase |
| 17 | 17 | def setup |
| 18 | 18 | @controller = MyProfileController.new |
| 19 | 19 | @request = ActionController::TestRequest.new |
| 20 | + @request.stubs(:ssl?).returns(true) | |
| 20 | 21 | @response = ActionController::TestResponse.new |
| 21 | 22 | end |
| 22 | 23 | |
| ... | ... | @@ -46,4 +47,13 @@ class MyProfileControllerTest < Test::Unit::TestCase |
| 46 | 47 | assert_response 403 # forbidden |
| 47 | 48 | end |
| 48 | 49 | |
| 50 | + should 'require ssl' do | |
| 51 | + @controller = OnlyForPersonTestController.new | |
| 52 | + org = Organization.create!(:identifier => 'hacking_institute', :name => 'Hacking Institute') | |
| 53 | + | |
| 54 | + @request.expects(:ssl?).returns(false).at_least_once | |
| 55 | + get :index, :profile => 'hacking_institute' | |
| 56 | + assert_redirected_to :protocol => 'https://' | |
| 57 | + end | |
| 58 | + | |
| 49 | 59 | end | ... | ... |
test/functional/profile_design_controller_test.rb
| ... | ... | @@ -9,6 +9,7 @@ class ProfileDesignControllerTest < Test::Unit::TestCase |
| 9 | 9 | def setup |
| 10 | 10 | @controller = ProfileDesignController.new |
| 11 | 11 | @request = ActionController::TestRequest.new |
| 12 | + @request.stubs(:ssl?).returns(true) | |
| 12 | 13 | @response = ActionController::TestResponse.new |
| 13 | 14 | |
| 14 | 15 | @holder = create_user('designtestuser').person | ... | ... |
test/functional/profile_editor_controller_test.rb
| ... | ... | @@ -10,6 +10,7 @@ class ProfileEditorControllerTest < Test::Unit::TestCase |
| 10 | 10 | def setup |
| 11 | 11 | @controller = ProfileEditorController.new |
| 12 | 12 | @request = ActionController::TestRequest.new |
| 13 | + @request.stubs(:ssl?).returns(true) | |
| 13 | 14 | @response = ActionController::TestResponse.new |
| 14 | 15 | login_as('ze') |
| 15 | 16 | @profile = Person['ze'] | ... | ... |
test/functional/profile_members_controller_test.rb
| ... | ... | @@ -8,6 +8,7 @@ class ProfileMembersControllerTest < Test::Unit::TestCase |
| 8 | 8 | def setup |
| 9 | 9 | @controller = ProfileMembersController.new |
| 10 | 10 | @request = ActionController::TestRequest.new |
| 11 | + @request.stubs(:ssl?).returns(true) | |
| 11 | 12 | @response = ActionController::TestResponse.new |
| 12 | 13 | end |
| 13 | 14 | ... | ... |
test/functional/public_controller_test.rb
| ... | ... | @@ -6,15 +6,23 @@ class PublicController; def rescue_action(e) raise e end; end |
| 6 | 6 | |
| 7 | 7 | class PublicControllerTest < Test::Unit::TestCase |
| 8 | 8 | |
| 9 | + class TestingPublicStuffController < PublicController | |
| 10 | + def index | |
| 11 | + render :text => 'test', :layout => false | |
| 12 | + end | |
| 13 | + end | |
| 14 | + | |
| 9 | 15 | def setup |
| 10 | - @controller = PublicController.new | |
| 16 | + @controller = TestingPublicStuffController.new | |
| 11 | 17 | @request = ActionController::TestRequest.new |
| 18 | + @request.stubs(:ssl?).returns(true) | |
| 12 | 19 | @response = ActionController::TestResponse.new |
| 13 | 20 | end |
| 14 | 21 | |
| 15 | 22 | # Replace this with your real tests. |
| 16 | - def test_truth | |
| 17 | - assert true | |
| 23 | + should 'refuse SSL' do | |
| 24 | + get :index | |
| 25 | + assert_redirected_to :protocol => 'http://' | |
| 18 | 26 | end |
| 19 | 27 | |
| 20 | 28 | end | ... | ... |
test/functional/tasks_controller_test.rb
| ... | ... | @@ -10,6 +10,7 @@ class TasksControllerTest < Test::Unit::TestCase |
| 10 | 10 | def setup |
| 11 | 11 | @controller = TasksController.new |
| 12 | 12 | @request = ActionController::TestRequest.new |
| 13 | + @request.stubs(:ssl?).returns(true) | |
| 13 | 14 | @response = ActionController::TestResponse.new |
| 14 | 15 | |
| 15 | 16 | self.profile = create_user('testuser').person | ... | ... |
test/functional/themes_controller_test.rb
| ... | ... | @@ -8,6 +8,7 @@ class ThemesControllerTest < Test::Unit::TestCase |
| 8 | 8 | def setup |
| 9 | 9 | @controller = ThemesController.new |
| 10 | 10 | @request = ActionController::TestRequest.new |
| 11 | + @request.stubs(:ssl?).returns(true) | |
| 11 | 12 | @response = ActionController::TestResponse.new |
| 12 | 13 | |
| 13 | 14 | Theme.stubs(:user_themes_dir).returns(TMP_THEMES_DIR) | ... | ... |
test/integration/forgot_password_test.rb
| ... | ... | @@ -2,6 +2,10 @@ require "#{File.dirname(__FILE__)}/../test_helper" |
| 2 | 2 | |
| 3 | 3 | class ForgotPasswordTest < ActionController::IntegrationTest |
| 4 | 4 | |
| 5 | + def setup | |
| 6 | + ActionController::Integration::Session.any_instance.stubs(:https?).returns(true) | |
| 7 | + end | |
| 8 | + | |
| 5 | 9 | def test_forgot_password |
| 6 | 10 | |
| 7 | 11 | User.destroy_all | ... | ... |
test/integration/signup_test.rb
| 1 | 1 | require "#{File.dirname(__FILE__)}/../test_helper" |
| 2 | 2 | |
| 3 | -class AccountTest < ActionController::IntegrationTest | |
| 3 | +class SignupTest < ActionController::IntegrationTest | |
| 4 | 4 | all_fixtures |
| 5 | 5 | |
| 6 | + def setup | |
| 7 | + ActionController::Integration::Session.any_instance.stubs(:https?).returns(true) | |
| 8 | + end | |
| 9 | + | |
| 6 | 10 | def test_should_require_acceptance_of_terms_for_signup |
| 7 | 11 | Environment.default.update_attributes(:terms_of_use => 'You agree to not be annoying.') |
| 8 | 12 | ... | ... |
test/integration/user_registers_at_the_application_test.rb
| ... | ... | @@ -9,6 +9,11 @@ class UserRegistersAtTheApplicationTest < ActionController::IntegrationTest |
| 9 | 9 | assert_can_signup |
| 10 | 10 | |
| 11 | 11 | get '/account/signup' |
| 12 | + | |
| 13 | + # going SSL | |
| 14 | + assert_response :redirect | |
| 15 | + follow_redirect! | |
| 16 | + | |
| 12 | 17 | assert_response :success |
| 13 | 18 | |
| 14 | 19 | post '/account/signup', :user => { :login => 'mylogin', :password => 'mypassword', :password_confirmation => 'mypassword', :email => 'mylogin@example.com' } |
| ... | ... | @@ -30,6 +35,11 @@ class UserRegistersAtTheApplicationTest < ActionController::IntegrationTest |
| 30 | 35 | assert_can_signup |
| 31 | 36 | |
| 32 | 37 | get '/account/signup' |
| 38 | + | |
| 39 | + # going SSL | |
| 40 | + assert_response :redirect | |
| 41 | + follow_redirect! | |
| 42 | + | |
| 33 | 43 | assert_response :success |
| 34 | 44 | |
| 35 | 45 | post '/account/signup', :user => { :login => 'ze', :password => 'mypassword', :password_confirmation => 'mypassword', :email => 'mylogin@example.com' } | ... | ... |
test/mocks/test/test_controller.rb
| ... | ... | @@ -39,4 +39,20 @@ class TestController < ApplicationController |
| 39 | 39 | ' |
| 40 | 40 | end |
| 41 | 41 | |
| 42 | + require_ssl :only => 'sslonly' | |
| 43 | + def sslonly | |
| 44 | + render :text => 'this should be seen only on SSL', :layout => false | |
| 45 | + end | |
| 46 | + def doesnt_need_ssl | |
| 47 | + render :text => 'this should be seen even without SSL', :layout => false | |
| 48 | + end | |
| 49 | + | |
| 50 | + refuse_ssl :only => 'nossl' | |
| 51 | + def nossl | |
| 52 | + render :text => 'this should not be seen over SSL', :layout => false | |
| 53 | + end | |
| 54 | + def doesnt_refuse_ssl | |
| 55 | + render :text => 'this should be seen over SSL or not, whatever', :layout => false | |
| 56 | + end | |
| 57 | + | |
| 42 | 58 | end | ... | ... |
test/test_helper.rb
| ... | ... | @@ -239,6 +239,8 @@ class ActionController::IntegrationTest |
| 239 | 239 | |
| 240 | 240 | |
| 241 | 241 | def login(username, password) |
| 242 | + ActionController::Integration::Session.any_instance.stubs(:https?).returns(true) | |
| 243 | + | |
| 242 | 244 | post '/account/login', :user => { :login => username, :password => password } |
| 243 | 245 | assert_response :redirect |
| 244 | 246 | follow_redirect! | ... | ... |