Module: Intermodal::RSpec::Sanitization::ClassMethods
- Defined in:
- lib/intermodal/rspec/models/sanitization.rb
Instance Method Summary collapse
- #expects_sanitization_of(_field, _options, &additional_examples) ⇒ Object
- #expects_stripping_of(_field, &additional_examples) ⇒ Object
Instance Method Details
#expects_sanitization_of(_field, _options, &additional_examples) ⇒ Object
7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 |
# File 'lib/intermodal/rspec/models/sanitization.rb', line 7 def expects_sanitization_of(_field, , &additional_examples) # We are not trying to retest the sanitizer so much as lightly demonstrating # idempotence. That is, repeated calls to the sanitizer should produce the # same output context _field.inspect do subject { resource.update_attributes!(updated_attributes); resource } let(:updated_attributes) { { _field => value } } let(:accepted_tags) { [:accepted_tags] } let(:rejected_tags) { [:rejected_tags] } context 'with a random string' do let(:value) { SecureRandom.hex(16) } it 'should leave it alone' do expect(subject).not_to be_changed # Check update has persisted expect(subject.send(_field)).to eql(value) end end context 'with approved html tag' do let(:tag) { .sample } let(:content) { SecureRandom.hex(16) } let(:value) { "<#{tag}>#{content}</#{tag}>" } it 'should leave it alone' do expect(subject).not_to be_changed # Check update has persisted expect(subject.send(_field)).to eql(value) end end context 'with tag not on whitelist' do let(:tag) { .sample } let(:content) { SecureRandom.hex(16) } let(:value) { "<#{tag}>#{content}</#{tag}>" } it 'should sanitize tag' do expect(subject).not_to be_changed # Check update has persisted expect(subject.send(_field)).to eql(content) end end instance_eval(&additional_examples) if additional_examples end end |
#expects_stripping_of(_field, &additional_examples) ⇒ Object
50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 |
# File 'lib/intermodal/rspec/models/sanitization.rb', line 50 def expects_stripping_of(_field, &additional_examples) # We are not trying to retest the sanitizer so much as lightly demonstrating # idempotence. That is, repeated calls to the sanitizer should produce the # same output context _field.inspect do subject { resource.update_attributes!(updated_attributes); resource } let(:updated_attributes) { { _field => value } } let(:rejected_tags) { %w(p div span ol ul li em strong) } context 'with a random string' do let(:value) { SecureRandom.hex(16) } it 'should leave it alone' do expect(subject).not_to be_changed # Check update has persisted expect(subject.send(_field)).to eql(value) end end context 'with any tag' do let(:tag) { .sample } let(:content) { SecureRandom.hex(16) } let(:value) { "<#{tag}>#{content}</#{tag}>" } it 'should sanitize tag' do expect(subject).not_to be_changed # Check update has persisted expect(subject.send(_field)).to eql(content) end end instance_eval(&additional_examples) if additional_examples end end |