Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
CoCo_Code_Op2
brakeman
提交
1d9d3aa3
B
brakeman
项目概览
CoCo_Code_Op2
/
brakeman
通知
1
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
B
brakeman
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
1d9d3aa3
编写于
9月 30, 2013
作者:
G
Geoffrey Hichborn
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Add test to ensure brakeman scans engines
上级
1549dcf3
变更
76
隐藏空白更改
内联
并排
Showing
76 changed file
with
1100 addition
and
0 deletion
+1100
-0
test/apps/rails4_with_engines/Gemfile
test/apps/rails4_with_engines/Gemfile
+38
-0
test/apps/rails4_with_engines/README.rdoc
test/apps/rails4_with_engines/README.rdoc
+28
-0
test/apps/rails4_with_engines/Rakefile
test/apps/rails4_with_engines/Rakefile
+6
-0
test/apps/rails4_with_engines/app/assets/images/rails.png
test/apps/rails4_with_engines/app/assets/images/rails.png
+0
-0
test/apps/rails4_with_engines/app/assets/javascripts/application.js
...rails4_with_engines/app/assets/javascripts/application.js
+16
-0
test/apps/rails4_with_engines/app/assets/stylesheets/application.css
...ails4_with_engines/app/assets/stylesheets/application.css
+13
-0
test/apps/rails4_with_engines/app/controllers/application_controller.rb
...s4_with_engines/app/controllers/application_controller.rb
+5
-0
test/apps/rails4_with_engines/app/controllers/concerns/.keep
test/apps/rails4_with_engines/app/controllers/concerns/.keep
+0
-0
test/apps/rails4_with_engines/app/helpers/application_helper.rb
...pps/rails4_with_engines/app/helpers/application_helper.rb
+2
-0
test/apps/rails4_with_engines/app/mailers/.keep
test/apps/rails4_with_engines/app/mailers/.keep
+0
-0
test/apps/rails4_with_engines/app/models/.keep
test/apps/rails4_with_engines/app/models/.keep
+0
-0
test/apps/rails4_with_engines/app/models/concerns/.keep
test/apps/rails4_with_engines/app/models/concerns/.keep
+0
-0
test/apps/rails4_with_engines/app/views/layouts/application.html.erb
...ails4_with_engines/app/views/layouts/application.html.erb
+14
-0
test/apps/rails4_with_engines/bin/bundle
test/apps/rails4_with_engines/bin/bundle
+3
-0
test/apps/rails4_with_engines/bin/rails
test/apps/rails4_with_engines/bin/rails
+4
-0
test/apps/rails4_with_engines/bin/rake
test/apps/rails4_with_engines/bin/rake
+4
-0
test/apps/rails4_with_engines/config.ru
test/apps/rails4_with_engines/config.ru
+4
-0
test/apps/rails4_with_engines/config/application.rb
test/apps/rails4_with_engines/config/application.rb
+22
-0
test/apps/rails4_with_engines/config/boot.rb
test/apps/rails4_with_engines/config/boot.rb
+4
-0
test/apps/rails4_with_engines/config/database.yml
test/apps/rails4_with_engines/config/database.yml
+25
-0
test/apps/rails4_with_engines/config/environment.rb
test/apps/rails4_with_engines/config/environment.rb
+5
-0
test/apps/rails4_with_engines/config/environments/development.rb
...ps/rails4_with_engines/config/environments/development.rb
+27
-0
test/apps/rails4_with_engines/config/environments/production.rb
...pps/rails4_with_engines/config/environments/production.rb
+80
-0
test/apps/rails4_with_engines/config/environments/test.rb
test/apps/rails4_with_engines/config/environments/test.rb
+36
-0
test/apps/rails4_with_engines/config/initializers/backtrace_silencers.rb
...4_with_engines/config/initializers/backtrace_silencers.rb
+7
-0
test/apps/rails4_with_engines/config/initializers/filter_parameter_logging.rb
...h_engines/config/initializers/filter_parameter_logging.rb
+4
-0
test/apps/rails4_with_engines/config/initializers/inflections.rb
...ps/rails4_with_engines/config/initializers/inflections.rb
+16
-0
test/apps/rails4_with_engines/config/initializers/mime_types.rb
...pps/rails4_with_engines/config/initializers/mime_types.rb
+5
-0
test/apps/rails4_with_engines/config/initializers/secret_token.rb
...s/rails4_with_engines/config/initializers/secret_token.rb
+12
-0
test/apps/rails4_with_engines/config/initializers/session_store.rb
.../rails4_with_engines/config/initializers/session_store.rb
+3
-0
test/apps/rails4_with_engines/config/initializers/wrap_parameters.rb
...ails4_with_engines/config/initializers/wrap_parameters.rb
+14
-0
test/apps/rails4_with_engines/config/locales/en.yml
test/apps/rails4_with_engines/config/locales/en.yml
+23
-0
test/apps/rails4_with_engines/config/routes.rb
test/apps/rails4_with_engines/config/routes.rb
+49
-0
test/apps/rails4_with_engines/db/seeds.rb
test/apps/rails4_with_engines/db/seeds.rb
+7
-0
test/apps/rails4_with_engines/engines/user_removal/app/assets/javascripts/users.js.coffee
...gines/user_removal/app/assets/javascripts/users.js.coffee
+3
-0
test/apps/rails4_with_engines/engines/user_removal/app/assets/stylesheets/users.css.scss
...ngines/user_removal/app/assets/stylesheets/users.css.scss
+3
-0
test/apps/rails4_with_engines/engines/user_removal/app/controllers/removal_controller.rb
...ngines/user_removal/app/controllers/removal_controller.rb
+27
-0
test/apps/rails4_with_engines/engines/user_removal/app/controllers/users_controller.rb
.../engines/user_removal/app/controllers/users_controller.rb
+91
-0
test/apps/rails4_with_engines/engines/user_removal/app/helpers/application_helper.rb
...es/engines/user_removal/app/helpers/application_helper.rb
+2
-0
test/apps/rails4_with_engines/engines/user_removal/app/helpers/users_helper.rb
..._engines/engines/user_removal/app/helpers/users_helper.rb
+2
-0
test/apps/rails4_with_engines/engines/user_removal/app/models/.gitkeep
...ls4_with_engines/engines/user_removal/app/models/.gitkeep
+0
-0
test/apps/rails4_with_engines/engines/user_removal/app/models/account.rb
...4_with_engines/engines/user_removal/app/models/account.rb
+3
-0
test/apps/rails4_with_engines/engines/user_removal/app/models/no_protection.rb
..._engines/engines/user_removal/app/models/no_protection.rb
+3
-0
test/apps/rails4_with_engines/engines/user_removal/app/models/user.rb
...ils4_with_engines/engines/user_removal/app/models/user.rb
+3
-0
test/apps/rails4_with_engines/engines/user_removal/app/views/removal/_partial.html.erb
.../engines/user_removal/app/views/removal/_partial.html.erb
+1
-0
test/apps/rails4_with_engines/engines/user_removal/app/views/removal/controller_removed.html.erb
...ser_removal/app/views/removal/controller_removed.html.erb
+3
-0
test/apps/rails4_with_engines/engines/user_removal/app/views/removal/implicit_render.html.erb
...s/user_removal/app/views/removal/implicit_render.html.erb
+2
-0
test/apps/rails4_with_engines/engines/user_removal/app/views/users/_form.html.erb
...gines/engines/user_removal/app/views/users/_form.html.erb
+27
-0
test/apps/rails4_with_engines/engines/user_removal/app/views/users/_slimmer.html.slim
...s/engines/user_removal/app/views/users/_slimmer.html.slim
+14
-0
test/apps/rails4_with_engines/engines/user_removal/app/views/users/edit.html.erb
...ngines/engines/user_removal/app/views/users/edit.html.erb
+6
-0
test/apps/rails4_with_engines/engines/user_removal/app/views/users/index.html.erb
...gines/engines/user_removal/app/views/users/index.html.erb
+25
-0
test/apps/rails4_with_engines/engines/user_removal/app/views/users/mixed_in.html.erb
...es/engines/user_removal/app/views/users/mixed_in.html.erb
+1
-0
test/apps/rails4_with_engines/engines/user_removal/app/views/users/new.html.erb
...engines/engines/user_removal/app/views/users/new.html.erb
+5
-0
test/apps/rails4_with_engines/engines/user_removal/app/views/users/sanitized.html.erb
...s/engines/user_removal/app/views/users/sanitized.html.erb
+3
-0
test/apps/rails4_with_engines/engines/user_removal/app/views/users/show.html.erb
...ngines/engines/user_removal/app/views/users/show.html.erb
+24
-0
test/apps/rails4_with_engines/engines/user_removal/app/views/users/slimming.html.slim
...s/engines/user_removal/app/views/users/slimming.html.slim
+6
-0
test/apps/rails4_with_engines/engines/user_removal/config/routes.rb
...rails4_with_engines/engines/user_removal/config/routes.rb
+65
-0
test/apps/rails4_with_engines/engines/user_removal/lib/user_removal.rb
...ls4_with_engines/engines/user_removal/lib/user_removal.rb
+9
-0
test/apps/rails4_with_engines/lib/assets/.keep
test/apps/rails4_with_engines/lib/assets/.keep
+0
-0
test/apps/rails4_with_engines/lib/tasks/.keep
test/apps/rails4_with_engines/lib/tasks/.keep
+0
-0
test/apps/rails4_with_engines/log/.keep
test/apps/rails4_with_engines/log/.keep
+0
-0
test/apps/rails4_with_engines/public/404.html
test/apps/rails4_with_engines/public/404.html
+27
-0
test/apps/rails4_with_engines/public/422.html
test/apps/rails4_with_engines/public/422.html
+26
-0
test/apps/rails4_with_engines/public/500.html
test/apps/rails4_with_engines/public/500.html
+26
-0
test/apps/rails4_with_engines/public/favicon.ico
test/apps/rails4_with_engines/public/favicon.ico
+0
-0
test/apps/rails4_with_engines/public/robots.txt
test/apps/rails4_with_engines/public/robots.txt
+5
-0
test/apps/rails4_with_engines/test/controllers/.keep
test/apps/rails4_with_engines/test/controllers/.keep
+0
-0
test/apps/rails4_with_engines/test/fixtures/.keep
test/apps/rails4_with_engines/test/fixtures/.keep
+0
-0
test/apps/rails4_with_engines/test/helpers/.keep
test/apps/rails4_with_engines/test/helpers/.keep
+0
-0
test/apps/rails4_with_engines/test/integration/.keep
test/apps/rails4_with_engines/test/integration/.keep
+0
-0
test/apps/rails4_with_engines/test/mailers/.keep
test/apps/rails4_with_engines/test/mailers/.keep
+0
-0
test/apps/rails4_with_engines/test/models/.keep
test/apps/rails4_with_engines/test/models/.keep
+0
-0
test/apps/rails4_with_engines/test/test_helper.rb
test/apps/rails4_with_engines/test/test_helper.rb
+15
-0
test/apps/rails4_with_engines/vendor/assets/javascripts/.keep
.../apps/rails4_with_engines/vendor/assets/javascripts/.keep
+0
-0
test/apps/rails4_with_engines/vendor/assets/stylesheets/.keep
.../apps/rails4_with_engines/vendor/assets/stylesheets/.keep
+0
-0
test/tests/rails4_with_engines.rb
test/tests/rails4_with_engines.rb
+197
-0
未找到文件。
test/apps/rails4_with_engines/Gemfile
0 → 100644
浏览文件 @
1d9d3aa3
source
'https://rubygems.org'
# Bundle edge Rails instead: gem 'rails', github: 'rails/rails'
gem
'rails'
,
'4.0.0.beta1'
gem
'sqlite3'
# Gems used only for assets and not required
# in production environments by default.
group
:assets
do
gem
'sass-rails'
,
'~> 4.0.0.beta1'
gem
'coffee-rails'
,
'~> 4.0.0.beta1'
# See https://github.com/sstephenson/execjs#readme for more supported runtimes
# gem 'therubyracer', platforms: :ruby
gem
'uglifier'
,
'>= 1.0.3'
end
gem
'jquery-rails'
# Turbolinks makes following links in your web application faster. Read more: https://github.com/rails/turbolinks
gem
'turbolinks'
# Build JSON APIs with ease. Read more: https://github.com/rails/jbuilder
gem
'jbuilder'
,
'~> 1.0.1'
# To use ActiveModel has_secure_password
# gem 'bcrypt-ruby', '~> 3.0.0'
# Use unicorn as the app server
# gem 'unicorn'
# Deploy with Capistrano
# gem 'capistrano', group: :development
# To use debugger
# gem 'debugger'
test/apps/rails4_with_engines/README.rdoc
0 → 100644
浏览文件 @
1d9d3aa3
== README
This README would normally document whatever steps are necessary to get the
application up and running.
Things you may want to cover:
* Ruby version
* System dependencies
* Configuration
* Database creation
* Database initialization
* How to run the test suite
* Services (job queues, cache servers, search engines, etc.)
* Deployment instructions
* ...
Please feel free to use a different markup language if you do not plan to run
<tt>rake doc:app</tt>.
test/apps/rails4_with_engines/Rakefile
0 → 100644
浏览文件 @
1d9d3aa3
# Add your own tasks in files placed in lib/tasks ending in .rake,
# for example lib/tasks/capistrano.rake, and they will automatically be available to Rake.
require
File
.
expand_path
(
'../config/application'
,
__FILE__
)
Rails4
::
Application
.
load_tasks
test/apps/rails4_with_engines/app/assets/images/rails.png
0 → 100644
浏览文件 @
1d9d3aa3
6.5 KB
test/apps/rails4_with_engines/app/assets/javascripts/application.js
0 → 100644
浏览文件 @
1d9d3aa3
// This is a manifest file that'll be compiled into application.js, which will include all the files
// listed below.
//
// Any JavaScript/Coffee file within this directory, lib/assets/javascripts, vendor/assets/javascripts,
// or vendor/assets/javascripts of plugins, if any, can be referenced here using a relative path.
//
// It's not advisable to add code directly here, but if you do, it'll appear at the bottom of the
// compiled file.
//
// WARNING: THE FIRST BLANK LINE MARKS THE END OF WHAT'S TO BE PROCESSED, ANY BLANK LINE SHOULD
// GO AFTER THE REQUIRES BELOW.
//
//= require jquery
//= require jquery_ujs
//= require turbolinks
//= require_tree .
test/apps/rails4_with_engines/app/assets/stylesheets/application.css
0 → 100644
浏览文件 @
1d9d3aa3
/*
* This is a manifest file that'll be compiled into application.css, which will include all the files
* listed below.
*
* Any CSS and SCSS file within this directory, lib/assets/stylesheets, vendor/assets/stylesheets,
* or vendor/assets/stylesheets of plugins, if any, can be referenced here using a relative path.
*
* You're free to add application-wide styles to this file and they'll appear at the top of the
* compiled file, but it's generally better to create a new file per style scope.
*
*= require_self
*= require_tree .
*/
test/apps/rails4_with_engines/app/controllers/application_controller.rb
0 → 100644
浏览文件 @
1d9d3aa3
class
ApplicationController
<
ActionController
::
Base
# Prevent CSRF attacks by raising an exception.
# For APIs, you may want to use :null_session instead.
protect_from_forgery
with: :exception
end
test/apps/rails4_with_engines/app/controllers/concerns/.keep
0 → 100644
浏览文件 @
1d9d3aa3
test/apps/rails4_with_engines/app/helpers/application_helper.rb
0 → 100644
浏览文件 @
1d9d3aa3
module
ApplicationHelper
end
test/apps/rails4_with_engines/app/mailers/.keep
0 → 100644
浏览文件 @
1d9d3aa3
test/apps/rails4_with_engines/app/models/.keep
0 → 100644
浏览文件 @
1d9d3aa3
test/apps/rails4_with_engines/app/models/concerns/.keep
0 → 100644
浏览文件 @
1d9d3aa3
test/apps/rails4_with_engines/app/views/layouts/application.html.erb
0 → 100644
浏览文件 @
1d9d3aa3
<!DOCTYPE html>
<html>
<head>
<title>
Rails4
</title>
<%=
stylesheet_link_tag
"application"
,
media:
"all"
,
"data-turbolinks-track"
=>
true
%>
<%=
javascript_include_tag
"application"
,
"data-turbolinks-track"
=>
true
%>
<%=
csrf_meta_tags
%>
</head>
<body>
<%=
yield
%>
</body>
</html>
test/apps/rails4_with_engines/bin/bundle
0 → 100755
浏览文件 @
1d9d3aa3
#!/usr/bin/env ruby
ENV
[
'BUNDLE_GEMFILE'
]
||=
File
.
expand_path
(
'../../Gemfile'
,
__FILE__
)
load
Gem
.
bin_path
(
'bundler'
,
'bundle'
)
test/apps/rails4_with_engines/bin/rails
0 → 100755
浏览文件 @
1d9d3aa3
#!/usr/bin/env ruby
APP_PATH
=
File
.
expand_path
(
'../../config/application'
,
__FILE__
)
require_relative
'../config/boot'
require
'rails/commands'
test/apps/rails4_with_engines/bin/rake
0 → 100755
浏览文件 @
1d9d3aa3
#!/usr/bin/env ruby
require_relative
'../config/boot'
require
'rake'
Rake
.
application
.
run
test/apps/rails4_with_engines/config.ru
0 → 100644
浏览文件 @
1d9d3aa3
# This file is used by Rack-based servers to start the application.
require
::
File
.
expand_path
(
'../config/environment'
,
__FILE__
)
run
Rails4
::
Application
test/apps/rails4_with_engines/config/application.rb
0 → 100644
浏览文件 @
1d9d3aa3
require
File
.
expand_path
(
'../boot'
,
__FILE__
)
require
'rails/all'
# Assets should be precompiled for production (so we don't need the gems loaded then)
Bundler
.
require
(
*
Rails
.
groups
(
assets:
%w(development test)
))
module
Rails4
class
Application
<
Rails
::
Application
# Settings in config/environments/* take precedence over those specified here.
# Application configuration should go into files in config/initializers
# -- all .rb files in that directory are automatically loaded.
# Set Time.zone default to the specified zone and make Active Record auto-convert to this zone.
# Run "rake -D time" for a list of tasks for finding time zone names. Default is UTC.
# config.time_zone = 'Central Time (US & Canada)'
# The default locale is :en and all translations from config/locales/*.rb,yml are auto loaded.
# config.i18n.load_path += Dir[Rails.root.join('my', 'locales', '*.{rb,yml}').to_s]
# config.i18n.default_locale = :de
end
end
test/apps/rails4_with_engines/config/boot.rb
0 → 100644
浏览文件 @
1d9d3aa3
# Set up gems listed in the Gemfile.
ENV
[
'BUNDLE_GEMFILE'
]
||=
File
.
expand_path
(
'../../Gemfile'
,
__FILE__
)
require
'bundler/setup'
if
File
.
exists?
(
ENV
[
'BUNDLE_GEMFILE'
])
test/apps/rails4_with_engines/config/database.yml
0 → 100644
浏览文件 @
1d9d3aa3
# SQLite version 3.x
# gem install sqlite3
#
# Ensure the SQLite 3 gem is defined in your Gemfile
# gem 'sqlite3'
development
:
adapter
:
sqlite3
database
:
db/development.sqlite3
pool
:
5
timeout
:
5000
# Warning: The database defined as "test" will be erased and
# re-generated from your development database when you run "rake".
# Do not set this db to the same as development or production.
test
:
adapter
:
sqlite3
database
:
db/test.sqlite3
pool
:
5
timeout
:
5000
production
:
adapter
:
sqlite3
database
:
db/production.sqlite3
pool
:
5
timeout
:
5000
test/apps/rails4_with_engines/config/environment.rb
0 → 100644
浏览文件 @
1d9d3aa3
# Load the rails application.
require
File
.
expand_path
(
'../application'
,
__FILE__
)
# Initialize the rails application.
Rails4
::
Application
.
initialize!
test/apps/rails4_with_engines/config/environments/development.rb
0 → 100644
浏览文件 @
1d9d3aa3
Rails4
::
Application
.
configure
do
# Settings specified here will take precedence over those in config/application.rb.
# In the development environment your application's code is reloaded on
# every request. This slows down response time but is perfect for development
# since you don't have to restart the web server when you make code changes.
config
.
cache_classes
=
false
# Do not eager load code on boot.
config
.
eager_load
=
false
# Show full error reports and disable caching.
config
.
consider_all_requests_local
=
true
config
.
action_controller
.
perform_caching
=
false
# Don't care if the mailer can't send.
config
.
action_mailer
.
raise_delivery_errors
=
false
# Print deprecation notices to the Rails logger.
config
.
active_support
.
deprecation
=
:log
# Raise an error on page load if there are pending migrations
config
.
active_record
.
migration_error
=
:page_load
# Debug mode disables concatenation and preprocessing of assets.
config
.
assets
.
debug
=
true
end
test/apps/rails4_with_engines/config/environments/production.rb
0 → 100644
浏览文件 @
1d9d3aa3
Rails4
::
Application
.
configure
do
# Settings specified here will take precedence over those in config/application.rb.
# Code is not reloaded between requests.
config
.
cache_classes
=
true
# Eager load code on boot. This eager loads most of Rails and
# your application in memory, allowing both thread web servers
# and those relying on copy on write to perform better.
# Rake tasks automatically ignore this option for performance.
config
.
eager_load
=
true
# Full error reports are disabled and caching is turned on.
config
.
consider_all_requests_local
=
false
config
.
action_controller
.
perform_caching
=
true
# Enable Rack::Cache to put a simple HTTP cache in front of your application
# Add `rack-cache` to your Gemfile before enabling this.
# For large-scale production use, consider using a caching reverse proxy like nginx, varnish or squid.
# config.action_dispatch.rack_cache = true
# Disable Rails's static asset server (Apache or nginx will already do this).
config
.
serve_static_assets
=
false
# Compress JavaScripts and CSS.
config
.
assets
.
js_compressor
=
:uglifier
# config.assets.css_compressor = :sass
# Whether to fallback to assets pipeline if a precompiled asset is missed.
config
.
assets
.
compile
=
false
# Generate digests for assets URLs.
config
.
assets
.
digest
=
true
# Version of your assets, change this if you want to expire all your assets.
config
.
assets
.
version
=
'1.0'
# Specifies the header that your server uses for sending files.
# config.action_dispatch.x_sendfile_header = "X-Sendfile" # for apache
# config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for nginx
# Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
# config.force_ssl = true
# Set to :debug to see everything in the log.
config
.
log_level
=
:info
# Prepend all log lines with the following tags.
# config.log_tags = [ :subdomain, :uuid ]
# Use a different logger for distributed setups.
# config.logger = ActiveSupport::TaggedLogging.new(SyslogLogger.new)
# Use a different cache store in production.
# config.cache_store = :mem_cache_store
# Enable serving of images, stylesheets, and JavaScripts from an asset server.
# config.action_controller.asset_host = "http://assets.example.com"
# Precompile additional assets.
# application.js, application.css, and all non-JS/CSS in app/assets folder are already added.
# config.assets.precompile += %w( search.js )
# Ignore bad email addresses and do not raise email delivery errors.
# Set this to true and configure the email server for immediate delivery to raise delivery errors.
# config.action_mailer.raise_delivery_errors = false
# Enable locale fallbacks for I18n (makes lookups for any locale fall back to
# the I18n.default_locale when a translation can not be found).
config
.
i18n
.
fallbacks
=
true
# Send deprecation notices to registered listeners.
config
.
active_support
.
deprecation
=
:notify
# Disable automatic flushing of the log to improve performance.
# config.autoflush_log = false
# Use default logging formatter so that PID and timestamp are not suppressed.
config
.
log_formatter
=
::
Logger
::
Formatter
.
new
end
test/apps/rails4_with_engines/config/environments/test.rb
0 → 100644
浏览文件 @
1d9d3aa3
Rails4
::
Application
.
configure
do
# Settings specified here will take precedence over those in config/application.rb.
# The test environment is used exclusively to run your application's
# test suite. You never need to work with it otherwise. Remember that
# your test database is "scratch space" for the test suite and is wiped
# and recreated between test runs. Don't rely on the data there!
config
.
cache_classes
=
true
# Do not eager load code on boot. This avoids loading your whole application
# just for the purpose of running a single test. If you are using a tool that
# preloads Rails for running tests, you may have to set it to true.
config
.
eager_load
=
false
# Configure static asset server for tests with Cache-Control for performance.
config
.
serve_static_assets
=
true
config
.
static_cache_control
=
"public, max-age=3600"
# Show full error reports and disable caching.
config
.
consider_all_requests_local
=
true
config
.
action_controller
.
perform_caching
=
false
# Raise exceptions instead of rendering exception templates.
config
.
action_dispatch
.
show_exceptions
=
false
# Disable request forgery protection in test environment.
config
.
action_controller
.
allow_forgery_protection
=
false
# Tell Action Mailer not to deliver emails to the real world.
# The :test delivery method accumulates sent emails in the
# ActionMailer::Base.deliveries array.
config
.
action_mailer
.
delivery_method
=
:test
# Print deprecation notices to the stderr.
config
.
active_support
.
deprecation
=
:stderr
end
test/apps/rails4_with_engines/config/initializers/backtrace_silencers.rb
0 → 100644
浏览文件 @
1d9d3aa3
# Be sure to restart your server when you modify this file.
# You can add backtrace silencers for libraries that you're using but don't wish to see in your backtraces.
# Rails.backtrace_cleaner.add_silencer { |line| line =~ /my_noisy_library/ }
# You can also remove all the silencers if you're trying to debug a problem that might stem from framework code.
# Rails.backtrace_cleaner.remove_silencers!
test/apps/rails4_with_engines/config/initializers/filter_parameter_logging.rb
0 → 100644
浏览文件 @
1d9d3aa3
# Be sure to restart your server when you modify this file.
# Configure sensitive parameters which will be filtered from the log file.
Rails
.
application
.
config
.
filter_parameters
+=
[
:password
]
test/apps/rails4_with_engines/config/initializers/inflections.rb
0 → 100644
浏览文件 @
1d9d3aa3
# Be sure to restart your server when you modify this file.
# Add new inflection rules using the following format. Inflections
# are locale specific, and you may define rules for as many different
# locales as you wish. All of these examples are active by default:
# ActiveSupport::Inflector.inflections(:en) do |inflect|
# inflect.plural /^(ox)$/i, '\1en'
# inflect.singular /^(ox)en/i, '\1'
# inflect.irregular 'person', 'people'
# inflect.uncountable %w( fish sheep )
# end
# These inflection rules are supported but not enabled by default:
# ActiveSupport::Inflector.inflections(:en) do |inflect|
# inflect.acronym 'RESTful'
# end
test/apps/rails4_with_engines/config/initializers/mime_types.rb
0 → 100644
浏览文件 @
1d9d3aa3
# Be sure to restart your server when you modify this file.
# Add new mime types for use in respond_to blocks:
# Mime::Type.register "text/richtext", :rtf
# Mime::Type.register_alias "text/html", :iphone
test/apps/rails4_with_engines/config/initializers/secret_token.rb
0 → 100644
浏览文件 @
1d9d3aa3
# Be sure to restart your server when you modify this file.
# Your secret key for verifying the integrity of signed cookies.
# If you change this key, all old signed cookies will become invalid!
# Make sure the secret is at least 30 characters and all random,
# no regular words or you'll be exposed to dictionary attacks.
# You can use `rake secret` to generate a secure secret key.
# Make sure your secret_key_base is kept private
# if you're sharing your code publicly.
Rails4
::
Application
.
config
.
secret_key_base
=
'3d90f727dcc14992232b9461fac5d31cf2bc184854e0afd90ae67e0ae48f22b676ee2529c84d4c23bc2a9c7be6eeefcf202b91ccb8d04e7b87a85c852f6784d6'
test/apps/rails4_with_engines/config/initializers/session_store.rb
0 → 100644
浏览文件 @
1d9d3aa3
# Be sure to restart your server when you modify this file.
Rails4
::
Application
.
config
.
session_store
:encrypted_cookie_store
,
key:
'_rails4_session'
test/apps/rails4_with_engines/config/initializers/wrap_parameters.rb
0 → 100644
浏览文件 @
1d9d3aa3
# Be sure to restart your server when you modify this file.
# This file contains settings for ActionController::ParamsWrapper which
# is enabled by default.
# Enable parameter wrapping for JSON. You can disable this by setting :format to an empty array.
ActiveSupport
.
on_load
(
:action_controller
)
do
wrap_parameters
format:
[
:json
]
if
respond_to?
(
:wrap_parameters
)
end
# To enable root element in JSON for ActiveRecord objects.
# ActiveSupport.on_load(:active_record) do
# self.include_root_in_json = true
# end
test/apps/rails4_with_engines/config/locales/en.yml
0 → 100644
浏览文件 @
1d9d3aa3
# Files in the config/locales directory are used for internationalization
# and are automatically loaded by Rails. If you want to use locales other
# than English, add the necessary files in this directory.
#
# To use the locales, use `I18n.t`:
#
# I18n.t 'hello'
#
# In views, this is aliased to just `t`:
#
# <%= t('hello') %>
#
# To use a different locale, set it with `I18n.locale`:
#
# I18n.locale = :es
#
# This would use the information in config/locales/es.yml.
#
# To learn more, please read the Rails Internationalization guide
# available at http://guides.rubyonrails.org/i18n.html.
en
:
hello
:
"
Hello
world"
test/apps/rails4_with_engines/config/routes.rb
0 → 100644
浏览文件 @
1d9d3aa3
Rails4
::
Application
.
routes
.
draw
do
# The priority is based upon order of creation: first created -> highest priority.
# See how all your routes lay out with "rake routes".
# You can have the root of your site routed with "root"
# root to: 'welcome#index'
# Example of regular route:
# get 'products/:id' => 'catalog#view'
# Example of named route that can be invoked with purchase_url(id: product.id)
# get 'products/:id/purchase' => 'catalog#purchase', as: :purchase
# Example resource route (maps HTTP verbs to controller actions automatically):
# resources :products
# Example resource route with options:
# resources :products do
# member do
# get 'short'
# post 'toggle'
# end
#
# collection do
# get 'sold'
# end
# end
# Example resource route with sub-resources:
# resources :products do
# resources :comments, :sales
# resource :seller
# end
# Example resource route with more complex sub-resources:
# resources :products do
# resources :comments
# resources :sales do
# get 'recent', on: :collection
# end
# end
# Example resource route within a namespace:
# namespace :admin do
# # Directs /admin/products/* to Admin::ProductsController
# # (app/controllers/admin/products_controller.rb)
# resources :products
# end
end
test/apps/rails4_with_engines/db/seeds.rb
0 → 100644
浏览文件 @
1d9d3aa3
# This file should contain all the record creation needed to seed the database with its default values.
# The data can then be loaded with the rake db:seed (or created alongside the db with db:setup).
#
# Examples:
#
# cities = City.create([{ name: 'Chicago' }, { name: 'Copenhagen' }])
# Mayor.create(name: 'Emanuel', city: cities.first)
test/apps/rails4_with_engines/engines/user_removal/app/assets/javascripts/users.js.coffee
0 → 100644
浏览文件 @
1d9d3aa3
# Place all the behaviors and hooks related to the matching controller here.
# All this logic will automatically be available in application.js.
# You can use CoffeeScript in this file: http://jashkenas.github.com/coffee-script/
test/apps/rails4_with_engines/engines/user_removal/app/assets/stylesheets/users.css.scss
0 → 100644
浏览文件 @
1d9d3aa3
// Place all the styles related to the Users controller here.
// They will automatically be included in application.css.
// You can use Sass (SCSS) here: http://sass-lang.com/
test/apps/rails4_with_engines/engines/user_removal/app/controllers/removal_controller.rb
0 → 100644
浏览文件 @
1d9d3aa3
class
RemovalController
<
ApplicationController
def
change_lines
<<-
X
this
method
is
here
for line
numbers
X
end
def
remove_this
redirect_to
params
[
:url
]
end
def
remove_this_too
@some_input
=
raw
params
[
:input
]
@some_other_input
=
Account
.
first
.
name
render
'removal/controller_removed'
end
def
implicit_render
@bad_stuff
=
raw
params
[
:bad_stuff
]
end
end
test/apps/rails4_with_engines/engines/user_removal/app/controllers/users_controller.rb
0 → 100644
浏览文件 @
1d9d3aa3
class
UsersController
<
ApplicationController
include
UserControllerMixin
# GET /users
# GET /users.json
def
index
@users
=
User
.
all
respond_to
do
|
format
|
format
.
html
# index.html.erb
format
.
json
{
render
:json
=>
@users
}
end
end
# GET /users/1
# GET /users/1.json
def
show
@user
=
User
.
find
(
params
[
:id
])
@user_data
=
raw
params
[
:user_data
]
respond_to
do
|
format
|
format
.
html
# show.html.erb
format
.
json
{
render
:json
=>
@user
}
end
end
# GET /users/new
# GET /users/new.json
def
new
@user
=
User
.
new
respond_to
do
|
format
|
format
.
html
# new.html.erb
format
.
json
{
render
:json
=>
@user
}
end
end
# GET /users/1/edit
def
edit
@user
=
User
.
find
(
params
[
:id
])
end
# POST /users
# POST /users.json
def
create
@user
=
User
.
new
(
params
[
:user
])
respond_to
do
|
format
|
if
@user
.
save
format
.
html
{
redirect_to
@user
,
:notice
=>
'User was successfully created.'
}
format
.
json
{
render
:json
=>
@user
,
:status
=>
:created
,
:location
=>
@user
}
else
format
.
html
{
render
:action
=>
"new"
}
format
.
json
{
render
:json
=>
@user
.
errors
,
:status
=>
:unprocessable_entity
}
end
end
end
# PUT /users/1
# PUT /users/1.json
def
update
@user
=
User
.
find
(
params
[
:id
])
respond_to
do
|
format
|
if
@user
.
update_attributes
(
params
[
:user
])
format
.
html
{
redirect_to
@user
,
:notice
=>
'User was successfully updated.'
}
format
.
json
{
head
:no_content
}
else
format
.
html
{
render
:action
=>
"edit"
}
format
.
json
{
render
:json
=>
@user
.
errors
,
:status
=>
:unprocessable_entity
}
end
end
end
# DELETE /users/1
# DELETE /users/1.json
def
destroy
@user
=
User
.
find
(
params
[
:id
])
@user
.
destroy
respond_to
do
|
format
|
format
.
html
{
redirect_to
users_url
}
format
.
json
{
head
:no_content
}
end
end
def
slimming
@user
=
User
.
find
(
params
[
:id
])
@query
=
params
[
:query
]
end
end
test/apps/rails4_with_engines/engines/user_removal/app/helpers/application_helper.rb
0 → 100644
浏览文件 @
1d9d3aa3
module
ApplicationHelper
end
test/apps/rails4_with_engines/engines/user_removal/app/helpers/users_helper.rb
0 → 100644
浏览文件 @
1d9d3aa3
module
UsersHelper
end
test/apps/rails4_with_engines/engines/user_removal/app/models/.gitkeep
0 → 100644
浏览文件 @
1d9d3aa3
test/apps/rails4_with_engines/engines/user_removal/app/models/account.rb
0 → 100644
浏览文件 @
1d9d3aa3
class
Account
<
ActiveRecord
::
Base
attr_accessible
:plan_id
,
:banned
end
test/apps/rails4_with_engines/engines/user_removal/app/models/no_protection.rb
0 → 100644
浏览文件 @
1d9d3aa3
class
NoProtection
<
ActiveRecord
::
Base
# Leave this class empty for Rescanner tests
end
test/apps/rails4_with_engines/engines/user_removal/app/models/user.rb
0 → 100644
浏览文件 @
1d9d3aa3
class
User
<
ActiveRecord
::
Base
attr_accessible
:bio
,
:name
,
:account_id
,
:admin
,
:status_id
end
test/apps/rails4_with_engines/engines/user_removal/app/views/removal/_partial.html.erb
0 → 100644
浏览文件 @
1d9d3aa3
<%=
raw
@some_other_input
%>
test/apps/rails4_with_engines/engines/user_removal/app/views/removal/controller_removed.html.erb
0 → 100644
浏览文件 @
1d9d3aa3
<%=
@some_input
%>
<%=
render
'partial'
%>
test/apps/rails4_with_engines/engines/user_removal/app/views/removal/implicit_render.html.erb
0 → 100644
浏览文件 @
1d9d3aa3
<%=
@bad_stuff
%>
test/apps/rails4_with_engines/engines/user_removal/app/views/users/_form.html.erb
0 → 100644
浏览文件 @
1d9d3aa3
You:
<span>
<%=
about
%>
</span>
<%=
form_for
(
@user
)
do
|
f
|
%>
<%
if
@user
.
errors
.
any?
%>
<div
id=
"error_explanation"
>
<h2>
<%=
pluralize
(
@user
.
errors
.
count
,
"error"
)
%>
prohibited this user from being saved:
</h2>
<ul>
<%
@user
.
errors
.
full_messages
.
each
do
|
msg
|
%>
<li>
<%=
msg
%>
</li>
<%
end
%>
</ul>
</div>
<%
end
%>
<div
class=
"field"
>
<%=
f
.
label
:name
%>
<br
/>
<%=
f
.
text_field
:name
%>
</div>
<div
class=
"field"
>
<%=
f
.
label
:bio
%>
<br
/>
<%=
f
.
text_field
:bio
%>
</div>
<div
class=
"actions"
>
<%=
f
.
submit
%>
</div>
<%
end
%>
test/apps/rails4_with_engines/engines/user_removal/app/views/users/_slimmer.html.slim
0 → 100644
浏览文件 @
1d9d3aa3
-
if
some_value
div
=
params
[
:escaped
]
-
else
span
==
params
[
:unescaped
]
p
=
=
@user
.
profile
-
if
x
=
params
[
:unescaped
]
-
else
=
params
[
:escaped
]
test/apps/rails4_with_engines/engines/user_removal/app/views/users/edit.html.erb
0 → 100644
浏览文件 @
1d9d3aa3
<h1>
Editing user
</h1>
<%=
render
'form'
,
:locals
=>
{
:about
=>
raw
(
@user
.
bio
)
}
%>
<%=
link_to
'Show'
,
@user
%>
|
<%=
link_to
'Back'
,
users_path
%>
test/apps/rails4_with_engines/engines/user_removal/app/views/users/index.html.erb
0 → 100644
浏览文件 @
1d9d3aa3
<h1>
Listing users
</h1>
<table>
<tr>
<th>
Name
</th>
<th>
Bio
</th>
<th></th>
<th></th>
<th></th>
</tr>
<%
@users
.
each
do
|
user
|
%>
<tr>
<td>
<%=
user
.
name
%>
</td>
<td>
<%=
user
.
bio
%>
</td>
<td>
<%=
link_to
'Show'
,
user
%>
</td>
<td>
<%=
link_to
'Edit'
,
edit_user_path
(
user
)
%>
</td>
<td>
<%=
link_to
'Destroy'
,
user
,
:method
=>
:delete
,
:data
=>
{
:confirm
=>
'Are you sure?'
}
%>
</td>
</tr>
<%
end
%>
</table>
<br
/>
<%=
link_to
'New User'
,
new_user_path
%>
test/apps/rails4_with_engines/engines/user_removal/app/views/users/mixed_in.html.erb
0 → 100644
浏览文件 @
1d9d3aa3
<%=
raw
@user
.
something
%>
test/apps/rails4_with_engines/engines/user_removal/app/views/users/new.html.erb
0 → 100644
浏览文件 @
1d9d3aa3
<h1>
New user
</h1>
<%=
render
'form'
%>
<%=
link_to
'Back'
,
users_path
%>
test/apps/rails4_with_engines/engines/user_removal/app/views/users/sanitized.html.erb
0 → 100644
浏览文件 @
1d9d3aa3
<style>
<%=
sanitize_css
params
[
:css
]
%>
</style>
test/apps/rails4_with_engines/engines/user_removal/app/views/users/show.html.erb
0 → 100644
浏览文件 @
1d9d3aa3
<p
id=
"notice"
>
<%=
notice
%>
</p>
<p>
<b>
Name:
</b>
<%=
@user
.
name
%>
</p>
<p>
<b>
Bio:
</b>
<%=
@user
.
bio
%>
</p>
<p>
<b>
Other Thing:
</b>
<%=
@user_data
%>
</p>
<%=
link_to
'Edit'
,
edit_user_path
(
@user
)
%>
|
<%=
link_to
'Back'
,
users_path
%>
<script>
var
thing
=
<%=
raw
params
.
to_json
%>
;
</script>
test/apps/rails4_with_engines/engines/user_removal/app/views/users/slimming.html.slim
0 → 100644
浏览文件 @
1d9d3aa3
#content
.container
h2
Search
for:
#{
{
@query
}
}
p
=
=
@user
.
name
==
render
'slimmer'
test/apps/rails4_with_engines/engines/user_removal/config/routes.rb
0 → 100644
浏览文件 @
1d9d3aa3
Rails32
::
Application
.
routes
.
draw
do
resources
:users
do
get
'mixed_in'
end
match
'remove'
=>
'removal#remove_this_too'
match
'implicit'
=>
'removal#implicit_render'
# The priority is based upon order of creation:
# first created -> highest priority.
# Sample of regular route:
# match 'products/:id' => 'catalog#view'
# Keep in mind you can assign values other than :controller and :action
# Sample of named route:
# match 'products/:id/purchase' => 'catalog#purchase', :as => :purchase
# This route can be invoked with purchase_url(:id => product.id)
# Sample resource route (maps HTTP verbs to controller actions automatically):
# resources :products
# Sample resource route with options:
# resources :products do
# member do
# get 'short'
# post 'toggle'
# end
#
# collection do
# get 'sold'
# end
# end
# Sample resource route with sub-resources:
# resources :products do
# resources :comments, :sales
# resource :seller
# end
# Sample resource route with more complex sub-resources
# resources :products do
# resources :comments
# resources :sales do
# get 'recent', :on => :collection
# end
# end
# Sample resource route within a namespace:
# namespace :admin do
# # Directs /admin/products/* to Admin::ProductsController
# # (app/controllers/admin/products_controller.rb)
# resources :products
# end
# You can have the root of your site routed with "root"
# just remember to delete public/index.html.
# root :to => 'welcome#index'
# See how all your routes lay out with "rake routes"
# This is a legacy wild controller route that's not recommended for RESTful applications.
# Note: This route will make all actions in every controller accessible via GET requests.
# match ':controller(/:action(/:id))(.:format)'
end
test/apps/rails4_with_engines/engines/user_removal/lib/user_removal.rb
0 → 100644
浏览文件 @
1d9d3aa3
module
UserRemoval
class
Engine
<
Rails
::
Engine
initializer
:assets
do
|
config
|
Rails
.
application
.
config
.
assets
.
precompile
+=
Dir
.
glob
(
root
.
join
(
'app/assets/stylesheets/**/*.css*'
)).
collect
{
|
f
|
f
.
gsub
(
%r{.*/app/assets/stylesheets/}
,
""
).
gsub
(
/\.css.*/
,
'.css'
)
}
Rails
.
application
.
config
.
assets
.
precompile
+=
Dir
.
glob
(
root
.
join
(
'app/assets/javascripts/**/*.js'
)).
collect
{
|
f
|
f
.
gsub
(
%r{.*/app/assets/javascripts/}
,
""
)
}
end
end
end
test/apps/rails4_with_engines/lib/assets/.keep
0 → 100644
浏览文件 @
1d9d3aa3
test/apps/rails4_with_engines/lib/tasks/.keep
0 → 100644
浏览文件 @
1d9d3aa3
test/apps/rails4_with_engines/log/.keep
0 → 100644
浏览文件 @
1d9d3aa3
test/apps/rails4_with_engines/public/404.html
0 → 100644
浏览文件 @
1d9d3aa3
<!DOCTYPE html>
<html>
<head>
<title>
The page you were looking for doesn't exist (404)
</title>
<style>
body
{
background-color
:
#fff
;
color
:
#666
;
text-align
:
center
;
font-family
:
arial
,
sans-serif
;
}
div
.dialog
{
width
:
25em
;
padding
:
0
4em
;
margin
:
4em
auto
0
auto
;
border
:
1px
solid
#ccc
;
border-right-color
:
#999
;
border-bottom-color
:
#999
;
}
h1
{
font-size
:
100%
;
color
:
#f00
;
line-height
:
1.5em
;
}
</style>
</head>
<body>
<!-- This file lives in public/404.html -->
<div
class=
"dialog"
>
<h1>
The page you were looking for doesn't exist.
</h1>
<p>
You may have mistyped the address or the page may have moved.
</p>
</div>
<p>
If you are the application owner check the logs for more information.
</p>
</body>
</html>
test/apps/rails4_with_engines/public/422.html
0 → 100644
浏览文件 @
1d9d3aa3
<!DOCTYPE html>
<html>
<head>
<title>
The change you wanted was rejected (422)
</title>
<style>
body
{
background-color
:
#fff
;
color
:
#666
;
text-align
:
center
;
font-family
:
arial
,
sans-serif
;
}
div
.dialog
{
width
:
25em
;
padding
:
0
4em
;
margin
:
4em
auto
0
auto
;
border
:
1px
solid
#ccc
;
border-right-color
:
#999
;
border-bottom-color
:
#999
;
}
h1
{
font-size
:
100%
;
color
:
#f00
;
line-height
:
1.5em
;
}
</style>
</head>
<body>
<!-- This file lives in public/422.html -->
<div
class=
"dialog"
>
<h1>
The change you wanted was rejected.
</h1>
<p>
Maybe you tried to change something you didn't have access to.
</p>
</div>
</body>
</html>
test/apps/rails4_with_engines/public/500.html
0 → 100644
浏览文件 @
1d9d3aa3
<!DOCTYPE html>
<html>
<head>
<title>
We're sorry, but something went wrong (500)
</title>
<style>
body
{
background-color
:
#fff
;
color
:
#666
;
text-align
:
center
;
font-family
:
arial
,
sans-serif
;
}
div
.dialog
{
width
:
25em
;
padding
:
0
4em
;
margin
:
4em
auto
0
auto
;
border
:
1px
solid
#ccc
;
border-right-color
:
#999
;
border-bottom-color
:
#999
;
}
h1
{
font-size
:
100%
;
color
:
#f00
;
line-height
:
1.5em
;
}
</style>
</head>
<body>
<!-- This file lives in public/500.html -->
<div
class=
"dialog"
>
<h1>
We're sorry, but something went wrong.
</h1>
</div>
<p>
If you are the application owner check the logs for more information.
</p>
</body>
</html>
test/apps/rails4_with_engines/public/favicon.ico
0 → 100644
浏览文件 @
1d9d3aa3
test/apps/rails4_with_engines/public/robots.txt
0 → 100644
浏览文件 @
1d9d3aa3
# See http://www.robotstxt.org/wc/norobots.html for documentation on how to use the robots.txt file
#
# To ban all spiders from the entire site uncomment the next two lines:
# User-agent: *
# Disallow: /
test/apps/rails4_with_engines/test/controllers/.keep
0 → 100644
浏览文件 @
1d9d3aa3
test/apps/rails4_with_engines/test/fixtures/.keep
0 → 100644
浏览文件 @
1d9d3aa3
test/apps/rails4_with_engines/test/helpers/.keep
0 → 100644
浏览文件 @
1d9d3aa3
test/apps/rails4_with_engines/test/integration/.keep
0 → 100644
浏览文件 @
1d9d3aa3
test/apps/rails4_with_engines/test/mailers/.keep
0 → 100644
浏览文件 @
1d9d3aa3
test/apps/rails4_with_engines/test/models/.keep
0 → 100644
浏览文件 @
1d9d3aa3
test/apps/rails4_with_engines/test/test_helper.rb
0 → 100644
浏览文件 @
1d9d3aa3
ENV
[
"RAILS_ENV"
]
=
"test"
require
File
.
expand_path
(
'../../config/environment'
,
__FILE__
)
require
'rails/test_help'
class
ActiveSupport::TestCase
ActiveRecord::Migration
.
check_pending!
# Setup all fixtures in test/fixtures/*.yml for all tests in alphabetical order.
#
# Note: You'll currently still have to declare fixtures explicitly in integration tests
# -- they do not yet inherit this setting
fixtures
:all
# Add more helper methods to be used by all tests here...
end
test/apps/rails4_with_engines/vendor/assets/javascripts/.keep
0 → 100644
浏览文件 @
1d9d3aa3
test/apps/rails4_with_engines/vendor/assets/stylesheets/.keep
0 → 100644
浏览文件 @
1d9d3aa3
test/tests/rails4_with_engines.rb
0 → 100644
浏览文件 @
1d9d3aa3
abort
"Please run using test/test.rb"
unless
defined?
BrakemanTester
Rails4WithEngines
=
BrakemanTester
.
run_scan
"rails4_with_engines"
,
"Rails4WithEngines"
class
Rails4WithEnginesTests
<
Test
::
Unit
::
TestCase
include
BrakemanTester
::
FindWarning
include
BrakemanTester
::
CheckExpected
def
expected
@expected
||=
{
:controller
=>
0
,
:model
=>
5
,
:template
=>
9
,
:generic
=>
2
}
end
def
report
Rails4WithEngines
end
def
test_redirect_1
assert_warning
:type
=>
:generic
,
:warning_code
=>
18
,
:fingerprint
=>
"6d27826e07e583ba9c6ae1f33843089fd1d8b1a2c359e00bf636e64a85a47feb"
,
:warning_type
=>
"Redirect"
,
:line
=>
14
,
:message
=>
/^Possible\ unprotected\ redirect/
,
:confidence
=>
0
,
:relative_path
=>
"engines/user_removal/app/controllers/removal_controller.rb"
end
def
test_session_setting_2
assert_warning
:type
=>
:generic
,
:warning_code
=>
29
,
:fingerprint
=>
"715ad9c0d76f57a6a657192574d528b620176a80fec969e2f63c88eacab0b984"
,
:warning_type
=>
"Session Setting"
,
:line
=>
12
,
:message
=>
/^Session\ secret\ should\ not\ be\ included\ in/
,
:confidence
=>
0
,
:relative_path
=>
"config/initializers/secret_token.rb"
end
def
test_cross_site_scripting_3
assert_warning
:type
=>
:template
,
:warning_code
=>
2
,
:fingerprint
=>
"598b957fea4a202a75e1d8101a8c21332b10b2c0e9ca4ffad6c18407bde6615d"
,
:warning_type
=>
"Cross Site Scripting"
,
:line
=>
1
,
:message
=>
/^Unescaped\ model\ attribute/
,
:confidence
=>
0
,
:relative_path
=>
"engines/user_removal/app/views/removal/_partial.html.erb"
end
def
test_cross_site_scripting_4
assert_warning
:type
=>
:template
,
:warning_code
=>
2
,
:fingerprint
=>
"011d330ea62763eb61684cccc4169518b0876eadbab2b469e3526548f3da3795"
,
:warning_type
=>
"Cross Site Scripting"
,
:line
=>
1
,
:message
=>
/^Unescaped\ parameter\ value/
,
:confidence
=>
0
,
:relative_path
=>
"engines/user_removal/app/views/removal/controller_removed.html.erb"
end
def
test_cross_site_scripting_5
assert_warning
:type
=>
:template
,
:warning_code
=>
2
,
:fingerprint
=>
"26da712dc3289b873b7928b54bde6da038cbf891ec11076897e062f32939863e"
,
:warning_type
=>
"Cross Site Scripting"
,
:line
=>
2
,
:message
=>
/^Unescaped\ parameter\ value/
,
:confidence
=>
0
,
:relative_path
=>
"engines/user_removal/app/views/removal/implicit_render.html.erb"
end
def
test_cross_site_scripting_6
assert_warning
:type
=>
:template
,
:warning_code
=>
2
,
:fingerprint
=>
"52c513069319d44e03c5ac21806d47c1f05393fe35a5026314c8064f70ff0375"
,
:warning_type
=>
"Cross Site Scripting"
,
:line
=>
1
,
:message
=>
/^Unescaped\ model\ attribute/
,
:confidence
=>
0
,
:relative_path
=>
"engines/user_removal/app/views/users/_form.html.erb"
end
def
test_cross_site_scripting_7
assert_warning
:type
=>
:template
,
:warning_code
=>
2
,
:fingerprint
=>
"9d94ba6993f761ff688b5a8d428c793486cd8bf42f487a44d895a96f658dca50"
,
:warning_type
=>
"Cross Site Scripting"
,
:line
=>
6
,
:message
=>
/^Unescaped\ parameter\ value/
,
:confidence
=>
0
,
:relative_path
=>
"engines/user_removal/app/views/users/_slimmer.html.slim"
end
def
test_cross_site_scripting_8
assert_warning
:type
=>
:template
,
:warning_code
=>
2
,
:fingerprint
=>
"9d576795978cf6681a0cd17f7250ea267ab2ac7888dd5f6100331d5c0684beb3"
,
:warning_type
=>
"Cross Site Scripting"
,
:line
=>
8
,
:message
=>
/^Unescaped\ model\ attribute/
,
:confidence
=>
0
,
:relative_path
=>
"engines/user_removal/app/views/users/_slimmer.html.slim"
end
def
test_cross_site_scripting_9
assert_warning
:type
=>
:template
,
:warning_code
=>
2
,
:fingerprint
=>
"822a9a031ab38ae9e2b3580ce6eb28e6372852f289c9e65b347a9182c918d551"
,
:warning_type
=>
"Cross Site Scripting"
,
:line
=>
15
,
:message
=>
/^Unescaped\ parameter\ value/
,
:confidence
=>
0
,
:relative_path
=>
"engines/user_removal/app/views/users/show.html.erb"
end
def
test_cross_site_scripting_10
assert_warning
:type
=>
:template
,
:warning_code
=>
2
,
:fingerprint
=>
"aa06d3e4d8e00ccf6169d9293b1ef90365917c46fa21678d248494f7767d1d15"
,
:warning_type
=>
"Cross Site Scripting"
,
:line
=>
3
,
:message
=>
/^Unescaped\ parameter\ value/
,
:confidence
=>
0
,
:relative_path
=>
"engines/user_removal/app/views/users/slimming.html.slim"
end
def
test_cross_site_scripting_11
assert_warning
:type
=>
:template
,
:warning_code
=>
2
,
:fingerprint
=>
"6628d5e2059d14b31e7c37251ac7380ddbe44e937d78d4e955763d5d53df08fc"
,
:warning_type
=>
"Cross Site Scripting"
,
:line
=>
4
,
:message
=>
/^Unescaped\ model\ attribute/
,
:confidence
=>
0
,
:relative_path
=>
"engines/user_removal/app/views/users/slimming.html.slim"
end
def
test_mass_assignment_12
assert_warning
:type
=>
:model
,
:warning_code
=>
60
,
:fingerprint
=>
"18df17e4364b62c4ba1c6e2849f8302592c68d196ab43f753639f9043c1e4014"
,
:warning_type
=>
"Mass Assignment"
,
#noline,
:message
=>
/^Potentially\ dangerous\ attribute\ 'plan_id/
,
:confidence
=>
2
,
:relative_path
=>
"engines/user_removal/app/models/account.rb"
end
def
test_mass_assignment_13
assert_warning
:type
=>
:model
,
:warning_code
=>
60
,
:fingerprint
=>
"e2fb5b0d650caf257ef86e32b101f9488738388e91039cc130c365a8df9b83fb"
,
:warning_type
=>
"Mass Assignment"
,
#noline,
:message
=>
/^Potentially\ dangerous\ attribute\ 'banned'/
,
:confidence
=>
1
,
:relative_path
=>
"engines/user_removal/app/models/account.rb"
end
def
test_mass_assignment_14
assert_warning
:type
=>
:model
,
:warning_code
=>
60
,
:fingerprint
=>
"6276c85369c13ed06f18ca1dd9a7ef076077154e98f0c29b7938b5649a7d115d"
,
:warning_type
=>
"Mass Assignment"
,
#noline,
:message
=>
/^Potentially\ dangerous\ attribute\ 'account/
,
:confidence
=>
0
,
:relative_path
=>
"engines/user_removal/app/models/user.rb"
end
def
test_mass_assignment_15
assert_warning
:type
=>
:model
,
:warning_code
=>
60
,
:fingerprint
=>
"6276c85369c13ed06f18ca1dd9a7ef076077154e98f0c29b7938b5649a7d115d"
,
:warning_type
=>
"Mass Assignment"
,
#noline,
:message
=>
/^Potentially\ dangerous\ attribute\ 'admin'\ /
,
:confidence
=>
0
,
:relative_path
=>
"engines/user_removal/app/models/user.rb"
end
def
test_mass_assignment_16
assert_warning
:type
=>
:model
,
:warning_code
=>
60
,
:fingerprint
=>
"6fd655a6dcf618e378d5f7e7b3a9c038ed9b29d66ab89f9c28343265b2ff6d75"
,
:warning_type
=>
"Mass Assignment"
,
#noline,
:message
=>
/^Potentially\ dangerous\ attribute\ 'status_/
,
:confidence
=>
2
,
:relative_path
=>
"engines/user_removal/app/models/user.rb"
end
end
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录