rails3: fix tiny_mce_article tests

PS: still breaking xss_terminate related tests

rails3: fix tiny_mce_article tests
PS: still breaking xss_terminate related tests
Rodrigo Souto
1 parent 94df4822
Showing 1 changed file with 30 additions and 28 deletions Show diff stats
test/unit/tiny_mce_article_test.rb
@@ -23,52 +23,52 @@ class TinyMceArticleTest &lt; ActiveSupport::TestCase
   end
   should 'not sanitize target attribute' do
-    article = TinyMceArticle.create!(:name => 'open link in new window', :body => "open <a href='www.invalid.com' target='_blank'>link</a> in new window", :profile => profile)
+    article = create(TinyMceArticle, :name => 'open link in new window', :body => "open <a href='www.invalid.com' target='_blank'>link</a> in new window", :profile => profile)
     assert_tag_in_string article.body, :tag => 'a', :attributes => {:target => '_blank'}
   end
   should 'not translate & to amp; over times' do
-    article = TinyMceArticle.create!(:name => 'link', :body => "<a href='www.invalid.com?param1=value&param2=value'>link</a>", :profile => profile)
+    article = create(TinyMceArticle, :name => 'link', :body => "<a href='www.invalid.com?param1=value&param2=value'>link</a>", :profile => profile)
     assert article.save
     assert_no_match(/&amp;amp;/, article.body)
     assert_match(/&amp;/, article.body)
   end
   should 'not escape comments from tiny mce article body' do
-    article = TinyMceArticle.create!(:profile => profile, :name => 'article', :abstract => 'abstract', :body => "the <!-- comment --> article ...")
+    article = create(TinyMceArticle, :profile => profile, :name => 'article', :abstract => 'abstract', :body => "the <!-- comment --> article ...")
     assert_equal "the <!-- comment --> article ...", article.body
   end
   should 'convert entities characters to UTF-8 instead of ISO-8859-1' do
-    article = TinyMceArticle.create!(:profile => profile, :name => 'teste ' + Time.now.to_s, :body => '<a title="inform&#225;tica">link</a>')
+    article = create(TinyMceArticle, :profile => profile, :name => 'teste ' + Time.now.to_s, :body => '<a title="inform&#225;tica">link</a>')
     assert(article.body.is_utf8?, "%s expected to be valid UTF-8 content" % article.body.inspect)
   end
   should 'fix tinymce mess with itheora comments for IE from tiny mce article body' do
-    article = TinyMceArticle.create!(:profile => profile, :name => 'article', :abstract => 'abstract', :body => "the <!--–-[if IE]--> just for ie... <!--[endif]-->")
-    assert_equal "the <!–-[if IE]> just for ie... <![endif]-–>", article.body
+    article = create(TinyMceArticle, :profile => profile, :name => 'article', :abstract => 'abstract', :body => "the <!--–-[if IE]--> just for ie... <!--[endif]-->")
+    assert_equal "the <!–-[if IE]> just for ie... <![endif]-–>", article.body.html_safe
   end
   should 'remove iframe if it is not from a trusted site' do
-    article = TinyMceArticle.create!(:profile => profile, :name => 'article', :abstract => 'abstract', :body => "<iframe src='http://anything/videos.ogg'></iframe>")
+    article = create(TinyMceArticle, :profile => profile, :name => 'article', :abstract => 'abstract', :body => "<iframe src='http://anything/videos.ogg'></iframe>")
     assert_equal "", article.body
   end
   should 'not mess with <iframe and </iframe if it is from itheora by default' do
     assert_includes Environment.default.trusted_sites_for_iframe, 'itheora.org'
-    article = TinyMceArticle.create!(:profile => profile, :name => 'article', :abstract => 'abstract', :body => "<iframe src='http://itheora.org/demo/index.php?v=example.ogv'></iframe>")
+    article = create(TinyMceArticle, :profile => profile, :name => 'article', :abstract => 'abstract', :body => "<iframe src='http://itheora.org/demo/index.php?v=example.ogv'></iframe>")
     assert_tag_in_string article.body, :tag => 'iframe', :attributes => { :src => "http://itheora.org/demo/index.php?v=example.ogv"}
   end
   should 'allow iframe if it is from stream.softwarelivre.org by default' do
     assert_includes Environment.default.trusted_sites_for_iframe, 'stream.softwarelivre.org'
-    article = TinyMceArticle.create!(:profile => profile, :name => 'article', :abstract => 'abstract', :body => "<iframe src='http://stream.softwarelivre.org/fisl10/sites/default/files/videos.ogg'></iframe>")
+    article = create(TinyMceArticle, :profile => profile, :name => 'article', :abstract => 'abstract', :body => "<iframe src='http://stream.softwarelivre.org/fisl10/sites/default/files/videos.ogg'></iframe>")
     assert_tag_in_string article.body, :tag => 'iframe', :attributes => { :src => "http://stream.softwarelivre.org/fisl10/sites/default/files/videos.ogg"}
   end
   should 'allow iframe if it is from tv.softwarelivre.org by default' do
     assert_includes Environment.default.trusted_sites_for_iframe, 'tv.softwarelivre.org'
-    article = TinyMceArticle.create!(:profile => profile, :name => 'article', :abstract => 'abstract', :body => "<iframe id='player-base' src='http://tv.softwarelivre.org/embed/1170' width='482' height='406' align='right' frameborder='0' scrolling='no'></iframe>")
+    article = create(TinyMceArticle, :profile => profile, :name => 'article', :abstract => 'abstract', :body => "<iframe id='player-base' src='http://tv.softwarelivre.org/embed/1170' width='482' height='406' align='right' frameborder='0' scrolling='no'></iframe>")
     assert_tag_in_string article.body, :tag => 'iframe', :attributes => { :src => "http://tv.softwarelivre.org/embed/1170", :width => "482", :height => "406", :align => "right", :frameborder => "0", :scrolling => "no"}
   end
@@ -77,12 +77,12 @@ class TinyMceArticleTest &lt; ActiveSupport::TestCase
     env.trusted_sites_for_iframe = ['avideosite.com']
     env.save
     assert_includes Environment.default.trusted_sites_for_iframe, 'avideosite.com'
-    article = TinyMceArticle.create!(:profile => profile, :name => 'article', :abstract => 'abstract', :body => "<iframe src='http://avideosite.com/videos.ogg'></iframe>")
+    article = create(TinyMceArticle, :profile => profile, :name => 'article', :abstract => 'abstract', :body => "<iframe src='http://avideosite.com/videos.ogg'></iframe>")
     assert_tag_in_string article.body, :tag => 'iframe', :attributes => { :src => "http://avideosite.com/videos.ogg"}
   end
   should 'remove only the iframe from untrusted site' do
-    article = TinyMceArticle.create!(:profile => profile, :name => 'article', :abstract => 'abstract', :body => "<iframe src='http://stream.softwarelivre.org/videos.ogg'></iframe><iframe src='http://untrusted_site.com/videos.ogg'></iframe>")
+    article = create(TinyMceArticle, :profile => profile, :name => 'article', :abstract => 'abstract', :body => "<iframe src='http://stream.softwarelivre.org/videos.ogg'></iframe><iframe src='http://untrusted_site.com/videos.ogg'></iframe>")
     assert_tag_in_string article.body, :tag => 'iframe', :attributes => { :src => "http://stream.softwarelivre.org/videos.ogg"}
     assert_no_tag_in_string article.body, :tag => 'iframe', :attributes => { :src => "http://untrusted_site.com/videos.ogg"}
   end
@@ -90,13 +90,13 @@ class TinyMceArticleTest &lt; ActiveSupport::TestCase
   should 'remove iframe if it has 2 or more src' do
     assert_includes Environment.default.trusted_sites_for_iframe, 'itheora.org'
-    article = TinyMceArticle.create!(:profile => profile, :name => 'article', :abstract => 'abstract', :body => "<iframe src='http://itheora.org/videos.ogg' src='http://untrusted_site.com/videos.ogg'></iframe>")
+    article = create(TinyMceArticle, :profile => profile, :name => 'article', :abstract => 'abstract', :body => "<iframe src='http://itheora.org/videos.ogg' src='http://untrusted_site.com/videos.ogg'></iframe>")
     assert_equal '', article.body
   end
   #TinymMCE convert config={"key":(.*)} in config={&quotkey&quot:(.*)}
   should 'not replace &quot with &amp;quot; when adding an Archive.org video' do
-    article = TinyMceArticle.create!(:profile => profile, :name => 'article', :abstract => 'abstract', :body => "<embed flashvars='config={&quot;key&quot;:&quot;\#$b6eb72a0f2f1e29f3d4&quot;}'> </embed>")
+    article = create(TinyMceArticle, :profile => profile, :name => 'article', :abstract => 'abstract', :body => "<embed flashvars='config={&quot;key&quot;:&quot;\#$b6eb72a0f2f1e29f3d4&quot;}'> </embed>")
     assert_equal "<embed flashvars=\"config={&quot;key&quot;:&quot;\#$b6eb72a0f2f1e29f3d4&quot;}\"> </embed>", article.body
   end
@@ -109,12 +109,12 @@ class TinyMceArticleTest &lt; ActiveSupport::TestCase
   end
   should 'not allow XSS on name' do
-    article = TinyMceArticle.create!(:name => 'title with <script>alert("xss")</script>', :profile => profile)
+    article = create(TinyMceArticle, :name => 'title with <script>alert("xss")</script>', :profile => profile)
     assert_no_match /script/, article.name
   end
   should 'not allow XSS on abstract' do
-    article = TinyMceArticle.create!(:name => "test 123", :abstract => 'abstract with <script>alert("xss")</script>', :profile => profile)
+    article = create(TinyMceArticle, :name => "test 123", :abstract => 'abstract with <script>alert("xss")</script>', :profile => profile)
     assert_no_match /script/, article.abstract
   end
@@ -125,23 +125,24 @@ class TinyMceArticleTest &lt; ActiveSupport::TestCase
   should 'notify activity on create' do
     ActionTracker::Record.delete_all
-    TinyMceArticle.create! :name => 'test', :profile_id => fast_create(Profile).id, :published => true
+    create TinyMceArticle, :name => 'test', :profile_id => fast_create(Profile).id, :published => true
     assert_equal 1, ActionTracker::Record.count
   end
   should 'not group trackers activity of article\'s creation' do
     ActionTracker::Record.delete_all
     profile = fast_create(Profile)
-    TinyMceArticle.create! :name => 'bar', :profile_id => profile.id, :published => true
-    TinyMceArticle.create! :name => 'another bar', :profile_id => profile.id, :published => true
+    create TinyMceArticle, :name => 'bar', :profile_id => profile.id, :published => true
+    create TinyMceArticle, :name => 'another bar', :profile_id => profile.id, :published => true
     assert_equal 2, ActionTracker::Record.count
-    TinyMceArticle.create! :name => 'another bar', :profile_id => fast_create(Profile).id, :published => true
+    create TinyMceArticle, :name => 'another bar', :profile_id => fast_create(Profile).id, :published => true
     assert_equal 3, ActionTracker::Record.count
   end
   should 'not update activity on update of an article' do
     ActionTracker::Record.delete_all
     profile = fast_create(Profile)
+    ActionTracker::Record.stubs(:current_user_from_model).returns(fast_create(Person))
     article = create(TinyMceArticle, :profile_id => profile.id)
     time = article.activity.updated_at
     Time.stubs(:now).returns(time + 1.day)
@@ -154,8 +155,8 @@ class TinyMceArticleTest &lt; ActiveSupport::TestCase
   should 'not create trackers activity when updating articles' do
     ActionTracker::Record.delete_all
-    a1 = TinyMceArticle.create! :name => 'bar', :profile_id => fast_create(Profile).id, :published => true
-    a2 = TinyMceArticle.create! :name => 'another bar', :profile_id => fast_create(Profile).id, :published => true
+    a1 = create TinyMceArticle, :name => 'bar', :profile_id => fast_create(Profile).id, :published => true
+    a2 = create TinyMceArticle, :name => 'another bar', :profile_id => fast_create(Profile).id, :published => true
     assert_no_difference ActionTracker::Record, :count do
       a1.name = 'foo';a1.save!
       a2.name = 'another foo';a2.save!
@@ -164,8 +165,8 @@ class TinyMceArticleTest &lt; ActiveSupport::TestCase
   should 'remove activity when an article is destroyed' do
     ActionTracker::Record.delete_all
-    a1 = TinyMceArticle.create! :name => 'bar', :profile_id => fast_create(Profile).id, :published => true
-    a2 = TinyMceArticle.create! :name => 'another bar', :profile_id => fast_create(Profile).id, :published => true
+    a1 = create TinyMceArticle, :name => 'bar', :profile_id => fast_create(Profile).id, :published => true
+    a2 = create TinyMceArticle, :name => 'another bar', :profile_id => fast_create(Profile).id, :published => true
     assert_difference ActionTracker::Record, :count, -2 do
       a1.destroy
       a2.destroy
@@ -178,20 +179,21 @@ end
     p1 = Person.first
     community.add_member(p1)
     assert p1.is_member_of?(community)
-    article = TinyMceArticle.create! :name => 'test', :profile_id => community.id
+    article = create TinyMceArticle, :name => 'test', :profile_id => community.id
     assert_equal article, ActionTracker::Record.last.target
   end
   should "the tracker action target be defined as the article on articles'creation in profile" do
     ActionTracker::Record.delete_all
     person = Person.first
-    article = TinyMceArticle.create! :name => 'test', :profile_id => person.id
+    ActionTracker::Record.stubs(:current_user_from_model).returns(fast_create(Person))
+    article = create TinyMceArticle, :name => 'test', :profile_id => person.id
     assert_equal article, ActionTracker::Record.last.target
   end
   should 'not notify activity if the article is not advertise' do
     ActionTracker::Record.delete_all
-    a = TinyMceArticle.create! :name => 'bar', :profile_id => fast_create(Profile).id, :published => true, :advertise => false
+    a = create TinyMceArticle, :name => 'bar', :profile_id => fast_create(Profile).id, :published => true, :advertise => false
     assert_equal true, a.published?
     assert_equal true, a.notifiable?
     assert_equal false, a.image?
@@ -204,7 +206,7 @@ end
   end
   should "the common trackable conditions return the correct value" do
-    a =  TinyMceArticle.new(:profile => profile)
+    a =  build(TinyMceArticle, :profile => profile)
     a.published = a.advertise = true
     assert_equal true, a.published?
     assert_equal true, a.notifiable?
	@@ -23,52 +23,52 @@ class TinyMceArticleTest < ActiveSupport::TestCase		@@ -23,52 +23,52 @@ class TinyMceArticleTest < ActiveSupport::TestCase
23	end	23	end
24		24
25	should 'not sanitize target attribute' do	25	should 'not sanitize target attribute' do
26	- article = TinyMceArticle.create!(:name => 'open link in new window', :body => "open <a href='www.invalid.com' target='_blank'>link</a> in new window", :profile => profile)	26	+ article = create(TinyMceArticle, :name => 'open link in new window', :body => "open <a href='www.invalid.com' target='_blank'>link</a> in new window", :profile => profile)
27	assert_tag_in_string article.body, :tag => 'a', :attributes => {:target => '_blank'}	27	assert_tag_in_string article.body, :tag => 'a', :attributes => {:target => '_blank'}
28	end	28	end
29		29
30	should 'not translate & to amp; over times' do	30	should 'not translate & to amp; over times' do
31	- article = TinyMceArticle.create!(:name => 'link', :body => "<a href='www.invalid.com?param1=value&param2=value'>link</a>", :profile => profile)	31	+ article = create(TinyMceArticle, :name => 'link', :body => "<a href='www.invalid.com?param1=value&param2=value'>link</a>", :profile => profile)
32	assert article.save	32	assert article.save
33	assert_no_match(/&amp;/, article.body)	33	assert_no_match(/&amp;/, article.body)
34	assert_match(/&/, article.body)	34	assert_match(/&/, article.body)
35	end	35	end
36		36
37	should 'not escape comments from tiny mce article body' do	37	should 'not escape comments from tiny mce article body' do
38	- article = TinyMceArticle.create!(:profile => profile, :name => 'article', :abstract => 'abstract', :body => "the <!-- comment --> article ...")	38	+ article = create(TinyMceArticle, :profile => profile, :name => 'article', :abstract => 'abstract', :body => "the <!-- comment --> article ...")
39	assert_equal "the <!-- comment --> article ...", article.body	39	assert_equal "the <!-- comment --> article ...", article.body
40	end	40	end
41		41
42	should 'convert entities characters to UTF-8 instead of ISO-8859-1' do	42	should 'convert entities characters to UTF-8 instead of ISO-8859-1' do
43	- article = TinyMceArticle.create!(:profile => profile, :name => 'teste ' + Time.now.to_s, :body => '<a title="informática">link</a>')	43	+ article = create(TinyMceArticle, :profile => profile, :name => 'teste ' + Time.now.to_s, :body => '<a title="informática">link</a>')
44	assert(article.body.is_utf8?, "%s expected to be valid UTF-8 content" % article.body.inspect)	44	assert(article.body.is_utf8?, "%s expected to be valid UTF-8 content" % article.body.inspect)
45	end	45	end
46		46
47	should 'fix tinymce mess with itheora comments for IE from tiny mce article body' do	47	should 'fix tinymce mess with itheora comments for IE from tiny mce article body' do
48	- article = TinyMceArticle.create!(:profile => profile, :name => 'article', :abstract => 'abstract', :body => "the <!--–-[if IE]--> just for ie... <!--[endif]-->")
49	- assert_equal "the <!–-[if IE]> just for ie... <![endif]-–>", article.body	48	+ article = create(TinyMceArticle, :profile => profile, :name => 'article', :abstract => 'abstract', :body => "the <!--–-[if IE]--> just for ie... <!--[endif]-->")
		49	+ assert_equal "the <!–-[if IE]> just for ie... <![endif]-–>", article.body.html_safe
50	end	50	end
51		51
52	should 'remove iframe if it is not from a trusted site' do	52	should 'remove iframe if it is not from a trusted site' do
53	- article = TinyMceArticle.create!(:profile => profile, :name => 'article', :abstract => 'abstract', :body => "<iframe src='http://anything/videos.ogg'></iframe>")	53	+ article = create(TinyMceArticle, :profile => profile, :name => 'article', :abstract => 'abstract', :body => "<iframe src='http://anything/videos.ogg'></iframe>")
54	assert_equal "", article.body	54	assert_equal "", article.body
55	end	55	end
56		56
57	should 'not mess with <iframe and </iframe if it is from itheora by default' do	57	should 'not mess with <iframe and </iframe if it is from itheora by default' do
58	assert_includes Environment.default.trusted_sites_for_iframe, 'itheora.org'	58	assert_includes Environment.default.trusted_sites_for_iframe, 'itheora.org'
59	- article = TinyMceArticle.create!(:profile => profile, :name => 'article', :abstract => 'abstract', :body => "<iframe src='http://itheora.org/demo/index.php?v=example.ogv'></iframe>")	59	+ article = create(TinyMceArticle, :profile => profile, :name => 'article', :abstract => 'abstract', :body => "<iframe src='http://itheora.org/demo/index.php?v=example.ogv'></iframe>")
60	assert_tag_in_string article.body, :tag => 'iframe', :attributes => { :src => "http://itheora.org/demo/index.php?v=example.ogv"}	60	assert_tag_in_string article.body, :tag => 'iframe', :attributes => { :src => "http://itheora.org/demo/index.php?v=example.ogv"}
61	end	61	end
62		62
63	should 'allow iframe if it is from stream.softwarelivre.org by default' do	63	should 'allow iframe if it is from stream.softwarelivre.org by default' do
64	assert_includes Environment.default.trusted_sites_for_iframe, 'stream.softwarelivre.org'	64	assert_includes Environment.default.trusted_sites_for_iframe, 'stream.softwarelivre.org'
65	- article = TinyMceArticle.create!(:profile => profile, :name => 'article', :abstract => 'abstract', :body => "<iframe src='http://stream.softwarelivre.org/fisl10/sites/default/files/videos.ogg'></iframe>")	65	+ article = create(TinyMceArticle, :profile => profile, :name => 'article', :abstract => 'abstract', :body => "<iframe src='http://stream.softwarelivre.org/fisl10/sites/default/files/videos.ogg'></iframe>")
66	assert_tag_in_string article.body, :tag => 'iframe', :attributes => { :src => "http://stream.softwarelivre.org/fisl10/sites/default/files/videos.ogg"}	66	assert_tag_in_string article.body, :tag => 'iframe', :attributes => { :src => "http://stream.softwarelivre.org/fisl10/sites/default/files/videos.ogg"}
67	end	67	end
68		68
69	should 'allow iframe if it is from tv.softwarelivre.org by default' do	69	should 'allow iframe if it is from tv.softwarelivre.org by default' do
70	assert_includes Environment.default.trusted_sites_for_iframe, 'tv.softwarelivre.org'	70	assert_includes Environment.default.trusted_sites_for_iframe, 'tv.softwarelivre.org'
71	- article = TinyMceArticle.create!(:profile => profile, :name => 'article', :abstract => 'abstract', :body => "<iframe id='player-base' src='http://tv.softwarelivre.org/embed/1170' width='482' height='406' align='right' frameborder='0' scrolling='no'></iframe>")	71	+ article = create(TinyMceArticle, :profile => profile, :name => 'article', :abstract => 'abstract', :body => "<iframe id='player-base' src='http://tv.softwarelivre.org/embed/1170' width='482' height='406' align='right' frameborder='0' scrolling='no'></iframe>")
72	assert_tag_in_string article.body, :tag => 'iframe', :attributes => { :src => "http://tv.softwarelivre.org/embed/1170", :width => "482", :height => "406", :align => "right", :frameborder => "0", :scrolling => "no"}	72	assert_tag_in_string article.body, :tag => 'iframe', :attributes => { :src => "http://tv.softwarelivre.org/embed/1170", :width => "482", :height => "406", :align => "right", :frameborder => "0", :scrolling => "no"}
73	end	73	end
74		74
	@@ -77,12 +77,12 @@ class TinyMceArticleTest < ActiveSupport::TestCase		@@ -77,12 +77,12 @@ class TinyMceArticleTest < ActiveSupport::TestCase
77	env.trusted_sites_for_iframe = ['avideosite.com']	77	env.trusted_sites_for_iframe = ['avideosite.com']
78	env.save	78	env.save
79	assert_includes Environment.default.trusted_sites_for_iframe, 'avideosite.com'	79	assert_includes Environment.default.trusted_sites_for_iframe, 'avideosite.com'
80	- article = TinyMceArticle.create!(:profile => profile, :name => 'article', :abstract => 'abstract', :body => "<iframe src='http://avideosite.com/videos.ogg'></iframe>")	80	+ article = create(TinyMceArticle, :profile => profile, :name => 'article', :abstract => 'abstract', :body => "<iframe src='http://avideosite.com/videos.ogg'></iframe>")
81	assert_tag_in_string article.body, :tag => 'iframe', :attributes => { :src => "http://avideosite.com/videos.ogg"}	81	assert_tag_in_string article.body, :tag => 'iframe', :attributes => { :src => "http://avideosite.com/videos.ogg"}
82	end	82	end
83		83
84	should 'remove only the iframe from untrusted site' do	84	should 'remove only the iframe from untrusted site' do
85	- article = TinyMceArticle.create!(:profile => profile, :name => 'article', :abstract => 'abstract', :body => "<iframe src='http://stream.softwarelivre.org/videos.ogg'></iframe><iframe src='http://untrusted_site.com/videos.ogg'></iframe>")	85	+ article = create(TinyMceArticle, :profile => profile, :name => 'article', :abstract => 'abstract', :body => "<iframe src='http://stream.softwarelivre.org/videos.ogg'></iframe><iframe src='http://untrusted_site.com/videos.ogg'></iframe>")
86	assert_tag_in_string article.body, :tag => 'iframe', :attributes => { :src => "http://stream.softwarelivre.org/videos.ogg"}	86	assert_tag_in_string article.body, :tag => 'iframe', :attributes => { :src => "http://stream.softwarelivre.org/videos.ogg"}
87	assert_no_tag_in_string article.body, :tag => 'iframe', :attributes => { :src => "http://untrusted_site.com/videos.ogg"}	87	assert_no_tag_in_string article.body, :tag => 'iframe', :attributes => { :src => "http://untrusted_site.com/videos.ogg"}
88	end	88	end
	@@ -90,13 +90,13 @@ class TinyMceArticleTest < ActiveSupport::TestCase		@@ -90,13 +90,13 @@ class TinyMceArticleTest < ActiveSupport::TestCase
90	should 'remove iframe if it has 2 or more src' do	90	should 'remove iframe if it has 2 or more src' do
91	assert_includes Environment.default.trusted_sites_for_iframe, 'itheora.org'	91	assert_includes Environment.default.trusted_sites_for_iframe, 'itheora.org'
92		92
93	- article = TinyMceArticle.create!(:profile => profile, :name => 'article', :abstract => 'abstract', :body => "<iframe src='http://itheora.org/videos.ogg' src='http://untrusted_site.com/videos.ogg'></iframe>")	93	+ article = create(TinyMceArticle, :profile => profile, :name => 'article', :abstract => 'abstract', :body => "<iframe src='http://itheora.org/videos.ogg' src='http://untrusted_site.com/videos.ogg'></iframe>")
94	assert_equal '', article.body	94	assert_equal '', article.body
95	end	95	end
96		96
97	#TinymMCE convert config={"key":(.)} in config={&quotkey&quot:(.)}	97	#TinymMCE convert config={"key":(.)} in config={&quotkey&quot:(.)}
98	should 'not replace &quot with &quot; when adding an Archive.org video' do	98	should 'not replace &quot with &quot; when adding an Archive.org video' do
99	- article = TinyMceArticle.create!(:profile => profile, :name => 'article', :abstract => 'abstract', :body => "<embed flashvars='config={"key":"\#$b6eb72a0f2f1e29f3d4"}'> </embed>")	99	+ article = create(TinyMceArticle, :profile => profile, :name => 'article', :abstract => 'abstract', :body => "<embed flashvars='config={"key":"\#$b6eb72a0f2f1e29f3d4"}'> </embed>")
100	assert_equal "<embed flashvars=\"config={"key":"\#$b6eb72a0f2f1e29f3d4"}\"> </embed>", article.body	100	assert_equal "<embed flashvars=\"config={"key":"\#$b6eb72a0f2f1e29f3d4"}\"> </embed>", article.body
101	end	101	end
102		102
	@@ -109,12 +109,12 @@ class TinyMceArticleTest < ActiveSupport::TestCase		@@ -109,12 +109,12 @@ class TinyMceArticleTest < ActiveSupport::TestCase
109	end	109	end
110		110
111	should 'not allow XSS on name' do	111	should 'not allow XSS on name' do
112	- article = TinyMceArticle.create!(:name => 'title with <script>alert("xss")</script>', :profile => profile)	112	+ article = create(TinyMceArticle, :name => 'title with <script>alert("xss")</script>', :profile => profile)
113	assert_no_match /script/, article.name	113	assert_no_match /script/, article.name
114	end	114	end
115		115
116	should 'not allow XSS on abstract' do	116	should 'not allow XSS on abstract' do
117	- article = TinyMceArticle.create!(:name => "test 123", :abstract => 'abstract with <script>alert("xss")</script>', :profile => profile)	117	+ article = create(TinyMceArticle, :name => "test 123", :abstract => 'abstract with <script>alert("xss")</script>', :profile => profile)
118	assert_no_match /script/, article.abstract	118	assert_no_match /script/, article.abstract
119	end	119	end
120		120
	@@ -125,23 +125,24 @@ class TinyMceArticleTest < ActiveSupport::TestCase		@@ -125,23 +125,24 @@ class TinyMceArticleTest < ActiveSupport::TestCase
125		125
126	should 'notify activity on create' do	126	should 'notify activity on create' do
127	ActionTracker::Record.delete_all	127	ActionTracker::Record.delete_all
128	- TinyMceArticle.create! :name => 'test', :profile_id => fast_create(Profile).id, :published => true	128	+ create TinyMceArticle, :name => 'test', :profile_id => fast_create(Profile).id, :published => true
129	assert_equal 1, ActionTracker::Record.count	129	assert_equal 1, ActionTracker::Record.count
130	end	130	end
131		131
132	should 'not group trackers activity of article\'s creation' do	132	should 'not group trackers activity of article\'s creation' do
133	ActionTracker::Record.delete_all	133	ActionTracker::Record.delete_all
134	profile = fast_create(Profile)	134	profile = fast_create(Profile)
135	- TinyMceArticle.create! :name => 'bar', :profile_id => profile.id, :published => true
136	- TinyMceArticle.create! :name => 'another bar', :profile_id => profile.id, :published => true	135	+ create TinyMceArticle, :name => 'bar', :profile_id => profile.id, :published => true
		136	+ create TinyMceArticle, :name => 'another bar', :profile_id => profile.id, :published => true
137	assert_equal 2, ActionTracker::Record.count	137	assert_equal 2, ActionTracker::Record.count
138	- TinyMceArticle.create! :name => 'another bar', :profile_id => fast_create(Profile).id, :published => true	138	+ create TinyMceArticle, :name => 'another bar', :profile_id => fast_create(Profile).id, :published => true
139	assert_equal 3, ActionTracker::Record.count	139	assert_equal 3, ActionTracker::Record.count
140	end	140	end
141		141
142	should 'not update activity on update of an article' do	142	should 'not update activity on update of an article' do
143	ActionTracker::Record.delete_all	143	ActionTracker::Record.delete_all
144	profile = fast_create(Profile)	144	profile = fast_create(Profile)
		145	+ ActionTracker::Record.stubs(:current_user_from_model).returns(fast_create(Person))
145	article = create(TinyMceArticle, :profile_id => profile.id)	146	article = create(TinyMceArticle, :profile_id => profile.id)
146	time = article.activity.updated_at	147	time = article.activity.updated_at
147	Time.stubs(:now).returns(time + 1.day)	148	Time.stubs(:now).returns(time + 1.day)
	@@ -154,8 +155,8 @@ class TinyMceArticleTest < ActiveSupport::TestCase		@@ -154,8 +155,8 @@ class TinyMceArticleTest < ActiveSupport::TestCase
154		155
155	should 'not create trackers activity when updating articles' do	156	should 'not create trackers activity when updating articles' do
156	ActionTracker::Record.delete_all	157	ActionTracker::Record.delete_all
157	- a1 = TinyMceArticle.create! :name => 'bar', :profile_id => fast_create(Profile).id, :published => true
158	- a2 = TinyMceArticle.create! :name => 'another bar', :profile_id => fast_create(Profile).id, :published => true	158	+ a1 = create TinyMceArticle, :name => 'bar', :profile_id => fast_create(Profile).id, :published => true
		159	+ a2 = create TinyMceArticle, :name => 'another bar', :profile_id => fast_create(Profile).id, :published => true
159	assert_no_difference ActionTracker::Record, :count do	160	assert_no_difference ActionTracker::Record, :count do
160	a1.name = 'foo';a1.save!	161	a1.name = 'foo';a1.save!
161	a2.name = 'another foo';a2.save!	162	a2.name = 'another foo';a2.save!
	@@ -164,8 +165,8 @@ class TinyMceArticleTest < ActiveSupport::TestCase		@@ -164,8 +165,8 @@ class TinyMceArticleTest < ActiveSupport::TestCase
164		165
165	should 'remove activity when an article is destroyed' do	166	should 'remove activity when an article is destroyed' do
166	ActionTracker::Record.delete_all	167	ActionTracker::Record.delete_all
167	- a1 = TinyMceArticle.create! :name => 'bar', :profile_id => fast_create(Profile).id, :published => true
168	- a2 = TinyMceArticle.create! :name => 'another bar', :profile_id => fast_create(Profile).id, :published => true	168	+ a1 = create TinyMceArticle, :name => 'bar', :profile_id => fast_create(Profile).id, :published => true
		169	+ a2 = create TinyMceArticle, :name => 'another bar', :profile_id => fast_create(Profile).id, :published => true
169	assert_difference ActionTracker::Record, :count, -2 do	170	assert_difference ActionTracker::Record, :count, -2 do
170	a1.destroy	171	a1.destroy
171	a2.destroy	172	a2.destroy
	@@ -178,20 +179,21 @@ end		@@ -178,20 +179,21 @@ end
178	p1 = Person.first	179	p1 = Person.first
179	community.add_member(p1)	180	community.add_member(p1)
180	assert p1.is_member_of?(community)	181	assert p1.is_member_of?(community)
181	- article = TinyMceArticle.create! :name => 'test', :profile_id => community.id	182	+ article = create TinyMceArticle, :name => 'test', :profile_id => community.id
182	assert_equal article, ActionTracker::Record.last.target	183	assert_equal article, ActionTracker::Record.last.target
183	end	184	end
184		185
185	should "the tracker action target be defined as the article on articles'creation in profile" do	186	should "the tracker action target be defined as the article on articles'creation in profile" do
186	ActionTracker::Record.delete_all	187	ActionTracker::Record.delete_all
187	person = Person.first	188	person = Person.first
188	- article = TinyMceArticle.create! :name => 'test', :profile_id => person.id	189	+ ActionTracker::Record.stubs(:current_user_from_model).returns(fast_create(Person))
		190	+ article = create TinyMceArticle, :name => 'test', :profile_id => person.id
189	assert_equal article, ActionTracker::Record.last.target	191	assert_equal article, ActionTracker::Record.last.target
190	end	192	end
191		193
192	should 'not notify activity if the article is not advertise' do	194	should 'not notify activity if the article is not advertise' do
193	ActionTracker::Record.delete_all	195	ActionTracker::Record.delete_all
194	- a = TinyMceArticle.create! :name => 'bar', :profile_id => fast_create(Profile).id, :published => true, :advertise => false	196	+ a = create TinyMceArticle, :name => 'bar', :profile_id => fast_create(Profile).id, :published => true, :advertise => false
195	assert_equal true, a.published?	197	assert_equal true, a.published?
196	assert_equal true, a.notifiable?	198	assert_equal true, a.notifiable?
197	assert_equal false, a.image?	199	assert_equal false, a.image?
	@@ -204,7 +206,7 @@ end		@@ -204,7 +206,7 @@ end
204	end	206	end
205		207
206	should "the common trackable conditions return the correct value" do	208	should "the common trackable conditions return the correct value" do
207	- a = TinyMceArticle.new(:profile => profile)	209	+ a = build(TinyMceArticle, :profile => profile)
208	a.published = a.advertise = true	210	a.published = a.advertise = true
209	assert_equal true, a.published?	211	assert_equal true, a.published?
210	assert_equal true, a.notifiable?	212	assert_equal true, a.notifiable?