Changesets can be listed by changeset number.
The Git repository is here.
- Revision:
- 13
- Log:
Initial import of Typo 2.6.0 sources from a downloaded Tarball.
Typo is a Ruby On Rails based blog engine.
- Author:
- adh
- Date:
- Sat Jul 22 22:25:02 +0100 2006
- Size:
- 2667 Bytes
1 | require File.dirname(__FILE__) + '/../test_helper' |
2 | |
3 | require 'dns_mock' |
4 | |
5 | class CommentTest < Test::Unit::TestCase |
6 | fixtures :articles, :comments, :blacklist_patterns, :settings |
7 | |
8 | def setup |
9 | config.reload |
10 | end |
11 | |
12 | def test_save_regular |
13 | assert @comment2.save |
14 | assert_equal "http://www.google.com", @comment2.url |
15 | end |
16 | |
17 | def test_save_spam |
18 | assert @spam_comment.save |
19 | assert_equal 'Test <a href="http://fakeurl.co.uk" rel="nofollow">body</a>', @spam_comment.body |
20 | assert_equal "http://fakeurl.com", @spam_comment.url |
21 | end |
22 | |
23 | def test_reject_spam_rbl |
24 | c = Comment.new |
25 | c.author = "Spammer" |
26 | c.body = %{This is just some random text. <a href="http://chinaaircatering.com">without any senses.</a>. Please disregard.} |
27 | c.url = "http://buy-computer.us" |
28 | c.ip = "212.42.230.206" |
29 | |
30 | assert ! c.save |
31 | assert c.errors.invalid?('body') |
32 | assert c.errors.invalid?('url') |
33 | end |
34 | |
35 | def test_reject_spam_pattern |
36 | c = Comment.new |
37 | c.author = "Another Spammer" |
38 | c.body = "Texas hold-em poker crap" |
39 | c.url = "http://texas.hold-em.us" |
40 | |
41 | assert ! c.save |
42 | assert c.errors.invalid?('body') |
43 | end |
44 | |
45 | def test_reject_spam_uri_limit |
46 | c = Comment.new |
47 | c.author = "Yet Another Spammer" |
48 | c.body = %{ <a href="http://www.one.com/">one</a> <a href="http://www.two.com/">two</a> <a href="http://www.three.com/">three</a> <a href="http://www.four.com/">four</a> } |
49 | c.url = "http://www.uri-limit.com" |
50 | c.ip = "123.123.123.123" |
51 | |
52 | assert ! c.save |
53 | assert c.errors.invalid?('body') |
54 | end |
55 | |
56 | def test_reject_article_age |
57 | c = Comment.new |
58 | c.author = "Old Spammer" |
59 | c.body = "Old trackback body" |
60 | c.article = @article3 |
61 | |
62 | assert ! c.save |
63 | assert c.errors.invalid?('article_id') |
64 | |
65 | c.article = @article1 |
66 | |
67 | assert c.save |
68 | assert c.errors.empty? |
69 | end |
70 | |
71 | def test_article_relation |
72 | assert_equal true, @comment2.has_article? |
73 | assert_equal 1, @comment2.article.id |
74 | end |
75 | |
76 | def test_xss_rejection |
77 | c = Comment.new |
78 | c.body = "Test foo <script>do_evil();</script>" |
79 | c.author = 'Bob' |
80 | c.article_id = 1 |
81 | |
82 | # Test each filter to make sure that we don't allow scripts through. |
83 | # Yes, this is ugly. |
84 | ['','textile','markdown','smartypants','markdown smartypants'].each do |filter| |
85 | setting = find_or_create("comment_text_filter") |
86 | setting.value = filter |
87 | setting.save |
88 | |
89 | assert c.save |
90 | assert c.errors.empty? |
91 | |
92 | assert c.body_html !~ /<script>/ |
93 | end |
94 | end |
95 | |
96 | def find_or_create(name) |
97 | unless setting = Setting.find_by_name(name) |
98 | setting = Setting.new("name" => name) |
99 | end |
100 | setting |
101 | end |
102 | end |