Name | +Bio | ++ | + | + |
---|---|---|---|---|
<%= user.name %> | +<%= user.bio %> | +<%= link_to 'Show', user %> | +<%= link_to 'Edit', edit_user_path(user) %> | +<%= link_to 'Destroy', user, :method => :delete, :data => { :confirm => 'Are you sure?' } %> | +
<%= notice %>
+ ++ Name: + <%= @user.name %> +
+ ++ Bio: + <%= @user.bio %> +
+ ++ Other Thing: + <%= @user_data %> +
+ + +<%= link_to 'Edit', edit_user_path(@user) %> | +<%= link_to 'Back', users_path %> diff --git a/test/apps/rails3.2/config.ru b/test/apps/rails3.2/config.ru new file mode 100644 index 0000000000000000000000000000000000000000..0ca80f23423adcfaae1eb728dcab2c867be5f5ec --- /dev/null +++ b/test/apps/rails3.2/config.ru @@ -0,0 +1,4 @@ +# This file is used by Rack-based servers to start the application. + +require ::File.expand_path('../config/environment', __FILE__) +run Rails32::Application diff --git a/test/apps/rails3.2/config/application.rb b/test/apps/rails3.2/config/application.rb new file mode 100644 index 0000000000000000000000000000000000000000..c9cb0b805cb4a04e95975dec435c727d61d05721 --- /dev/null +++ b/test/apps/rails3.2/config/application.rb @@ -0,0 +1,62 @@ +require File.expand_path('../boot', __FILE__) + +require 'rails/all' + +if defined?(Bundler) + # If you precompile assets before deploying to production, use this line + Bundler.require(*Rails.groups(:assets => %w(development test))) + # If you want your assets lazily compiled in production, use this line + # Bundler.require(:default, :assets, Rails.env) +end + +module Rails32 + class Application < Rails::Application + # Settings in config/environments/* take precedence over those specified here. + # Application configuration should go into files in config/initializers + # -- all .rb files in that directory are automatically loaded. + + # Custom directories with classes and modules you want to be autoloadable. + # config.autoload_paths += %W(#{config.root}/extras) + + # Only load the plugins named here, in the order given (default is alphabetical). + # :all can be used as a placeholder for all plugins not explicitly named. + # config.plugins = [ :exception_notification, :ssl_requirement, :all ] + + # Activate observers that should always be running. + # config.active_record.observers = :cacher, :garbage_collector, :forum_observer + + # Set Time.zone default to the specified zone and make Active Record auto-convert to this zone. + # Run "rake -D time" for a list of tasks for finding time zone names. Default is UTC. + # config.time_zone = 'Central Time (US & Canada)' + + # The default locale is :en and all translations from config/locales/*.rb,yml are auto loaded. + # config.i18n.load_path += Dir[Rails.root.join('my', 'locales', '*.{rb,yml}').to_s] + # config.i18n.default_locale = :de + + # Configure the default encoding used in templates for Ruby 1.9. + config.encoding = "utf-8" + + # Configure sensitive parameters which will be filtered from the log file. + config.filter_parameters += [:password] + + # Enable escaping HTML in JSON. + config.active_support.escape_html_entities_in_json = true + + # Use SQL instead of Active Record's schema dumper when creating the database. + # This is necessary if your schema can't be completely dumped by the schema dumper, + # like if you have constraints or database-specific column types + # config.active_record.schema_format = :sql + + # Enforce whitelist mode for mass assignment. + # This will create an empty whitelist of attributes available for mass-assignment for all models + # in your app. As such, your models will need to explicitly whitelist or blacklist accessible + # parameters by using an attr_accessible or attr_protected declaration. + config.active_record.whitelist_attributes = true + + # Enable the asset pipeline + config.assets.enabled = true + + # Version of your assets, change this if you want to expire all your assets + config.assets.version = '1.0' + end +end diff --git a/test/apps/rails3.2/config/boot.rb b/test/apps/rails3.2/config/boot.rb new file mode 100644 index 0000000000000000000000000000000000000000..4489e58688ca642d8e0e9489f6896f49f9b89da6 --- /dev/null +++ b/test/apps/rails3.2/config/boot.rb @@ -0,0 +1,6 @@ +require 'rubygems' + +# Set up gems listed in the Gemfile. +ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile', __FILE__) + +require 'bundler/setup' if File.exists?(ENV['BUNDLE_GEMFILE']) diff --git a/test/apps/rails3.2/config/database.yml b/test/apps/rails3.2/config/database.yml new file mode 100644 index 0000000000000000000000000000000000000000..51a4dd459dc12673ad440debb28f499c89550022 --- /dev/null +++ b/test/apps/rails3.2/config/database.yml @@ -0,0 +1,25 @@ +# SQLite version 3.x +# gem install sqlite3 +# +# Ensure the SQLite 3 gem is defined in your Gemfile +# gem 'sqlite3' +development: + adapter: sqlite3 + database: db/development.sqlite3 + pool: 5 + timeout: 5000 + +# Warning: The database defined as "test" will be erased and +# re-generated from your development database when you run "rake". +# Do not set this db to the same as development or production. +test: + adapter: sqlite3 + database: db/test.sqlite3 + pool: 5 + timeout: 5000 + +production: + adapter: sqlite3 + database: db/production.sqlite3 + pool: 5 + timeout: 5000 diff --git a/test/apps/rails3.2/config/environment.rb b/test/apps/rails3.2/config/environment.rb new file mode 100644 index 0000000000000000000000000000000000000000..d9d29cd7e84a9eb5d45c31b0774f824f73c70fe8 --- /dev/null +++ b/test/apps/rails3.2/config/environment.rb @@ -0,0 +1,5 @@ +# Load the rails application +require File.expand_path('../application', __FILE__) + +# Initialize the rails application +Rails32::Application.initialize! diff --git a/test/apps/rails3.2/config/environments/development.rb b/test/apps/rails3.2/config/environments/development.rb new file mode 100644 index 0000000000000000000000000000000000000000..98a1ad0a7df42f03c18ee374102fa6a07126d902 --- /dev/null +++ b/test/apps/rails3.2/config/environments/development.rb @@ -0,0 +1,37 @@ +Rails32::Application.configure do + # Settings specified here will take precedence over those in config/application.rb + + # In the development environment your application's code is reloaded on + # every request. This slows down response time but is perfect for development + # since you don't have to restart the web server when you make code changes. + config.cache_classes = false + + # Log error messages when you accidentally call methods on nil. + config.whiny_nils = true + + # Show full error reports and disable caching + config.consider_all_requests_local = true + config.action_controller.perform_caching = false + + # Don't care if the mailer can't send + config.action_mailer.raise_delivery_errors = false + + # Print deprecation notices to the Rails logger + config.active_support.deprecation = :log + + # Only use best-standards-support built into browsers + config.action_dispatch.best_standards_support = :builtin + + # Raise exception on mass assignment protection for Active Record models + config.active_record.mass_assignment_sanitizer = :strict + + # Log the query plan for queries taking more than this (works + # with SQLite, MySQL, and PostgreSQL) + config.active_record.auto_explain_threshold_in_seconds = 0.5 + + # Do not compress assets + config.assets.compress = false + + # Expands the lines which load the assets + config.assets.debug = true +end diff --git a/test/apps/rails3.2/config/environments/production.rb b/test/apps/rails3.2/config/environments/production.rb new file mode 100644 index 0000000000000000000000000000000000000000..52dd4bfeb79342d2c8db8bf9b6a6ef694bb1a47a --- /dev/null +++ b/test/apps/rails3.2/config/environments/production.rb @@ -0,0 +1,67 @@ +Rails32::Application.configure do + # Settings specified here will take precedence over those in config/application.rb + + # Code is not reloaded between requests + config.cache_classes = true + + # Full error reports are disabled and caching is turned on + config.consider_all_requests_local = false + config.action_controller.perform_caching = true + + # Disable Rails's static asset server (Apache or nginx will already do this) + config.serve_static_assets = false + + # Compress JavaScripts and CSS + config.assets.compress = true + + # Don't fallback to assets pipeline if a precompiled asset is missed + config.assets.compile = false + + # Generate digests for assets URLs + config.assets.digest = true + + # Defaults to nil and saved in location specified by config.assets.prefix + # config.assets.manifest = YOUR_PATH + + # Specifies the header that your server uses for sending files + # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for apache + # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for nginx + + # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies. + # config.force_ssl = true + + # See everything in the log (default is :info) + # config.log_level = :debug + + # Prepend all log lines with the following tags + # config.log_tags = [ :subdomain, :uuid ] + + # Use a different logger for distributed setups + # config.logger = ActiveSupport::TaggedLogging.new(SyslogLogger.new) + + # Use a different cache store in production + # config.cache_store = :mem_cache_store + + # Enable serving of images, stylesheets, and JavaScripts from an asset server + # config.action_controller.asset_host = "http://assets.example.com" + + # Precompile additional assets (application.js, application.css, and all non-JS/CSS are already added) + # config.assets.precompile += %w( search.js ) + + # Disable delivery errors, bad email addresses will be ignored + # config.action_mailer.raise_delivery_errors = false + + # Enable threaded mode + # config.threadsafe! + + # Enable locale fallbacks for I18n (makes lookups for any locale fall back to + # the I18n.default_locale when a translation can not be found) + config.i18n.fallbacks = true + + # Send deprecation notices to registered listeners + config.active_support.deprecation = :notify + + # Log the query plan for queries taking more than this (works + # with SQLite, MySQL, and PostgreSQL) + # config.active_record.auto_explain_threshold_in_seconds = 0.5 +end diff --git a/test/apps/rails3.2/config/environments/test.rb b/test/apps/rails3.2/config/environments/test.rb new file mode 100644 index 0000000000000000000000000000000000000000..b32046438fd48a7413124fd455ce4bc2fc4850f1 --- /dev/null +++ b/test/apps/rails3.2/config/environments/test.rb @@ -0,0 +1,37 @@ +Rails32::Application.configure do + # Settings specified here will take precedence over those in config/application.rb + + # The test environment is used exclusively to run your application's + # test suite. You never need to work with it otherwise. Remember that + # your test database is "scratch space" for the test suite and is wiped + # and recreated between test runs. Don't rely on the data there! + config.cache_classes = true + + # Configure static asset server for tests with Cache-Control for performance + config.serve_static_assets = true + config.static_cache_control = "public, max-age=3600" + + # Log error messages when you accidentally call methods on nil + config.whiny_nils = true + + # Show full error reports and disable caching + config.consider_all_requests_local = true + config.action_controller.perform_caching = false + + # Raise exceptions instead of rendering exception templates + config.action_dispatch.show_exceptions = false + + # Disable request forgery protection in test environment + config.action_controller.allow_forgery_protection = false + + # Tell Action Mailer not to deliver emails to the real world. + # The :test delivery method accumulates sent emails in the + # ActionMailer::Base.deliveries array. + config.action_mailer.delivery_method = :test + + # Raise exception on mass assignment protection for Active Record models + config.active_record.mass_assignment_sanitizer = :strict + + # Print deprecation notices to the stderr + config.active_support.deprecation = :stderr +end diff --git a/test/apps/rails3.2/config/initializers/backtrace_silencers.rb b/test/apps/rails3.2/config/initializers/backtrace_silencers.rb new file mode 100644 index 0000000000000000000000000000000000000000..59385cdf379bd06a8d2326dcd4de6d5cd5d3f5b0 --- /dev/null +++ b/test/apps/rails3.2/config/initializers/backtrace_silencers.rb @@ -0,0 +1,7 @@ +# Be sure to restart your server when you modify this file. + +# You can add backtrace silencers for libraries that you're using but don't wish to see in your backtraces. +# Rails.backtrace_cleaner.add_silencer { |line| line =~ /my_noisy_library/ } + +# You can also remove all the silencers if you're trying to debug a problem that might stem from framework code. +# Rails.backtrace_cleaner.remove_silencers! diff --git a/test/apps/rails3.2/config/initializers/inflections.rb b/test/apps/rails3.2/config/initializers/inflections.rb new file mode 100644 index 0000000000000000000000000000000000000000..5d8d9be237b28d4ebdad9cec9510764ab88154e6 --- /dev/null +++ b/test/apps/rails3.2/config/initializers/inflections.rb @@ -0,0 +1,15 @@ +# Be sure to restart your server when you modify this file. + +# Add new inflection rules using the following format +# (all these examples are active by default): +# ActiveSupport::Inflector.inflections do |inflect| +# inflect.plural /^(ox)$/i, '\1en' +# inflect.singular /^(ox)en/i, '\1' +# inflect.irregular 'person', 'people' +# inflect.uncountable %w( fish sheep ) +# end +# +# These inflection rules are supported but not enabled by default: +# ActiveSupport::Inflector.inflections do |inflect| +# inflect.acronym 'RESTful' +# end diff --git a/test/apps/rails3.2/config/initializers/mime_types.rb b/test/apps/rails3.2/config/initializers/mime_types.rb new file mode 100644 index 0000000000000000000000000000000000000000..72aca7e441e1855f8c7a7ac1f1cbe5d42cd1235b --- /dev/null +++ b/test/apps/rails3.2/config/initializers/mime_types.rb @@ -0,0 +1,5 @@ +# Be sure to restart your server when you modify this file. + +# Add new mime types for use in respond_to blocks: +# Mime::Type.register "text/richtext", :rtf +# Mime::Type.register_alias "text/html", :iphone diff --git a/test/apps/rails3.2/config/initializers/secret_token.rb b/test/apps/rails3.2/config/initializers/secret_token.rb new file mode 100644 index 0000000000000000000000000000000000000000..bed4a48c90c8f4b0ae89203a6264be8da3a91b49 --- /dev/null +++ b/test/apps/rails3.2/config/initializers/secret_token.rb @@ -0,0 +1,7 @@ +# Be sure to restart your server when you modify this file. + +# Your secret key for verifying the integrity of signed cookies. +# If you change this key, all old signed cookies will become invalid! +# Make sure the secret is at least 30 characters and all random, +# no regular words or you'll be exposed to dictionary attacks. +Rails32::Application.config.secret_token = 'e721d0d7e8e912026b379d7219b5947da6a954f6c1b7c09ab7b44b873346ee17a780890e6d034fe6bd5ac52cced7b4ebe1971c3f34d0d1e735302b0bd4a0bd62' diff --git a/test/apps/rails3.2/config/initializers/session_store.rb b/test/apps/rails3.2/config/initializers/session_store.rb new file mode 100644 index 0000000000000000000000000000000000000000..feda3415850a89f90282a280abd2934509ec123d --- /dev/null +++ b/test/apps/rails3.2/config/initializers/session_store.rb @@ -0,0 +1,8 @@ +# Be sure to restart your server when you modify this file. + +Rails32::Application.config.session_store :cookie_store, :key => '_rails3.2_session' + +# Use the database for sessions instead of the cookie-based default, +# which shouldn't be used to store highly confidential information +# (create the session table with "rails generate session_migration") +# Rails32::Application.config.session_store :active_record_store diff --git a/test/apps/rails3.2/config/initializers/wrap_parameters.rb b/test/apps/rails3.2/config/initializers/wrap_parameters.rb new file mode 100644 index 0000000000000000000000000000000000000000..da4fb076f39796af95712e5c4025e9c8505567c4 --- /dev/null +++ b/test/apps/rails3.2/config/initializers/wrap_parameters.rb @@ -0,0 +1,14 @@ +# Be sure to restart your server when you modify this file. +# +# This file contains settings for ActionController::ParamsWrapper which +# is enabled by default. + +# Enable parameter wrapping for JSON. You can disable this by setting :format to an empty array. +ActiveSupport.on_load(:action_controller) do + wrap_parameters :format => [:json] +end + +# Disable root element in JSON by default. +ActiveSupport.on_load(:active_record) do + self.include_root_in_json = false +end diff --git a/test/apps/rails3.2/config/locales/en.yml b/test/apps/rails3.2/config/locales/en.yml new file mode 100644 index 0000000000000000000000000000000000000000..179c14ca52c384fc27f42fa76ea982c4674b3c20 --- /dev/null +++ b/test/apps/rails3.2/config/locales/en.yml @@ -0,0 +1,5 @@ +# Sample localization file for English. Add more files in this directory for other locales. +# See https://github.com/svenfuchs/rails-i18n/tree/master/rails%2Flocale for starting points. + +en: + hello: "Hello world" diff --git a/test/apps/rails3.2/config/routes.rb b/test/apps/rails3.2/config/routes.rb new file mode 100644 index 0000000000000000000000000000000000000000..89994392260a46779b0707898c8450e4be4ec94c --- /dev/null +++ b/test/apps/rails3.2/config/routes.rb @@ -0,0 +1,62 @@ +Rails32::Application.routes.draw do + resources :users + + match 'remove' => 'removal#remove_this_too' + + # The priority is based upon order of creation: + # first created -> highest priority. + + # Sample of regular route: + # match 'products/:id' => 'catalog#view' + # Keep in mind you can assign values other than :controller and :action + + # Sample of named route: + # match 'products/:id/purchase' => 'catalog#purchase', :as => :purchase + # This route can be invoked with purchase_url(:id => product.id) + + # Sample resource route (maps HTTP verbs to controller actions automatically): + # resources :products + + # Sample resource route with options: + # resources :products do + # member do + # get 'short' + # post 'toggle' + # end + # + # collection do + # get 'sold' + # end + # end + + # Sample resource route with sub-resources: + # resources :products do + # resources :comments, :sales + # resource :seller + # end + + # Sample resource route with more complex sub-resources + # resources :products do + # resources :comments + # resources :sales do + # get 'recent', :on => :collection + # end + # end + + # Sample resource route within a namespace: + # namespace :admin do + # # Directs /admin/products/* to Admin::ProductsController + # # (app/controllers/admin/products_controller.rb) + # resources :products + # end + + # You can have the root of your site routed with "root" + # just remember to delete public/index.html. + # root :to => 'welcome#index' + + # See how all your routes lay out with "rake routes" + + # This is a legacy wild controller route that's not recommended for RESTful applications. + # Note: This route will make all actions in every controller accessible via GET requests. + # match ':controller(/:action(/:id))(.:format)' +end diff --git a/test/apps/rails3.2/lib/assets/.gitkeep b/test/apps/rails3.2/lib/assets/.gitkeep new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git a/test/apps/rails3.2/lib/tasks/.gitkeep b/test/apps/rails3.2/lib/tasks/.gitkeep new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git a/test/apps/rails3.2/script/rails b/test/apps/rails3.2/script/rails new file mode 100755 index 0000000000000000000000000000000000000000..f8da2cffd4de029d658fe2f7b9ec88f28dc34a9a --- /dev/null +++ b/test/apps/rails3.2/script/rails @@ -0,0 +1,6 @@ +#!/usr/bin/env ruby +# This command will automatically be run when you run "rails" with Rails 3 gems installed from the root of your application. + +APP_PATH = File.expand_path('../../config/application', __FILE__) +require File.expand_path('../../config/boot', __FILE__) +require 'rails/commands' diff --git a/test/test.rb b/test/test.rb index 7f47a87f8f45d14f3798d88bf0fafafc50ecd260..4dff7379d608cbad8b88dd595ce725ae1937d175 100644 --- a/test/test.rb +++ b/test/test.rb @@ -4,7 +4,12 @@ $LOAD_PATH.unshift "#{TEST_PATH}/../lib" begin require 'simplecov' - SimpleCov.start + SimpleCov.start do + add_filter 'lib/ruby_parser/ruby18_parser.rb' + add_filter 'lib/ruby_parser/ruby19_parser.rb' + add_filter 'lib/ruby_parser/ruby_lexer.rb' + add_filter 'lib/ruby_parser/ruby_parser_extras.rb' + end rescue LoadError => e $stderr.puts "Install simplecov for test coverage report" end @@ -42,7 +47,7 @@ module BrakemanTester::FindWarning warnings = find opts assert_not_equal 0, warnings.length, "No warning found" assert_equal 1, warnings.length, "Matched more than one warning" - end + end def assert_no_warning opts warnings = find opts @@ -94,7 +99,168 @@ module BrakemanTester::CheckExpected end def test_zero_errors - assert_equal 0, report[:errors].length + assert_equal 0, report[:errors].length + end +end + +module BrakemanTester::RescanTestHelper + attr_reader :original, :rescan, :rescanner + + #Takes care of copying files to a temporary directory, scanning the files, + #performing operations in the block (if provided), then rescanning the files + #given in `changed`. + # + #Provide an array of changed files for rescanning. + def before_rescan_of changed + changed = [changed] unless changed.is_a? Array + + Dir.mktmpdir do |dir| + @dir = dir + + FileUtils.cp_r "#{TEST_PATH}/apps/rails3.2/.", dir + @original = Brakeman.run :app_path => dir, :debug => false + + yield dir if block_given? + + @rescanner = Brakeman::Rescanner.new(@original.options, @original.processor, changed) + @rescan = @rescanner.recheck + + assert_existing + end + end + + def fixed + rescan.fixed_warnings + end + + def new + rescan.new_warnings + end + + def existing + rescan.existing_warnings + end + + #Check how many fixed warnings were reported + def assert_fixed expected + assert_equal expected, fixed.length, "Expected #{expected} fixed warnings, but found #{fixed.length}" + end + + #Check how many new warnings were reported + def assert_new expected + assert_equal expected, new.length, "Expected #{expected} new warnings, but found #{new.length}" + end + + #Check how many existing warnings were reported + def assert_existing + expected = (@rescan.old_results.all_warnings.length - fixed.length) + + assert_equal expected, existing.length, "Expected #{expected} existing warnings, but found #{existing.length}" + end + + def assert_changes expected = true + assert_equal expected, rescanner.changes + end + + def assert_reindex *types + if types == [:none] + assert rescanner.reindex.empty? + else + assert_equal Set.new(types), rescanner.reindex + end + end + + def full_path file + File.expand_path file, @dir + end + + def remove file + path = full_path file + + assert File.exist? path + File.delete path + assert_equal false, File.exist?(path) + end + + def append file, code + File.open full_path(file), "a" do |f| + f.puts code + end + end + + def replace_with_sexp file + path = full_path file + parsed = parse File.read path + + output = yield parsed + + File.open path, "w" do |f| + f.puts Ruby2Ruby.new.process output + end + end + + def write_file file, content + File.open full_path(file), "w+" do |f| + f.puts content + end + end + + def remove_method file, method_name + replace_with_sexp file do |parsed| + class_body = parsed.body + + if class_body[1].node_type == :block + class_body[1].reject! do |node| + node.is_a? Sexp and + node.node_type == :defn and + node.method_name == method_name + end + elsif class_body[1].node_type == :defn and + class_body[1].method_name == method_name + + class_body[1] = nil + end + + parsed + end + end + + def add_method file, code + parsed_method = parse code + + replace_with_sexp file do |parsed| + class_body = parsed.body + + if class_body[1].node_type == :block + class_body[1] << parsed_method + elsif class_body[1] + class_body[1] = s(:block, + class_body[1], + parsed_method) + else + class_body[1] = parsed_method + end + + parsed + end + end + + def parse code + if RUBY_VERSION =~ /^1\.9/ + Ruby19Parser.new.parse code + else + RubyParser.new.parse code + end + end +end + +module BrakemanTester::DiffHelper + def assert_fixed expected, diff = @diff + assert_equal expected, diff[:fixed].length, "Expected #{expected} fixed warnings, but found #{diff[:fixed].length}" + end + + def assert_new expected, diff = @diff + assert_equal expected, diff[:new].length, "Expected #{expected} new warnings, but found #{diff[:new].length}" end end diff --git a/test/tests/test_differ.rb b/test/tests/test_differ.rb new file mode 100644 index 0000000000000000000000000000000000000000..0c274ec39da504a6a3e3d8289e8605b9df8f9c5b --- /dev/null +++ b/test/tests/test_differ.rb @@ -0,0 +1,84 @@ +require 'brakeman/differ' + +DiffRun = Brakeman.run :app_path => "#{TEST_PATH}/apps/rails2" + +class DifferTests < Test::Unit::TestCase + include BrakemanTester::DiffHelper + + def setup + @warnings = DiffRun.checks.all_warnings + end + + def diff new, old + @diff = Brakeman::Differ.new(new, old).diff + end + + def assert_fixed expected, diff = @diff + assert_equal expected, diff[:fixed].length, "Expected #{expected} fixed warnings, but found #{diff[:fixed].length}" + end + + def assert_new expected, diff = @diff + assert_equal expected, diff[:new].length, "Expected #{expected} new warnings, but found #{diff[:new].length}" + end + + def test_sanity + diff @warnings, @warnings + + assert_fixed 0 + assert_new 0 + end + + def test_one_fixed + old = @warnings + new = @warnings.dup + new.shift + + diff new, old + + assert_fixed 1 + assert_new 0 + end + + def test_one_new + new = @warnings + old = @warnings.dup + old.shift + + diff new, old + + assert_fixed 0 + assert_new 1 + end + + def test_new_and_fixed + new = @warnings + old = @warnings.dup + + new << old.pop + old << new.shift + + diff new, old + + assert_new 2 + assert_fixed 2 + end + + def test_line_number_change_only + new = @warnings + old = @warnings.dup + + changed = new.pop.dup + if changed.line.nil? + changed.instance_variable_set(:@line, 0) + else + changed.instance_variable_set(:@line, changed.line + 1) + end + + new << changed + + diff new, old + + assert_new 0 + assert_fixed 0 + end +end diff --git a/test/tests/test_json_compare.rb b/test/tests/test_json_compare.rb new file mode 100644 index 0000000000000000000000000000000000000000..6bc77769b82f51e2cc476f261c18b1c66fc8431d --- /dev/null +++ b/test/tests/test_json_compare.rb @@ -0,0 +1,28 @@ +class JSONCompareTests < Test::Unit::TestCase + include BrakemanTester::DiffHelper + + def setup + @path = File.expand_path "#{TEST_PATH}/apps/rails3.2" + @json_path = File.join @path, "report.json" + File.delete @json_path if File.exist? @json_path + Brakeman.run :app_path => @path, :output_files => [@json_path] + @report = JSON.parse File.read(@json_path) + end + + def update_json + File.open @json_path, "w" do |f| + f.puts @report.to_json + end + end + + def diff + @diff = Brakeman.compare :app_path => @path, :previous_results_json => @json_path + end + + def test_sanity + diff + + assert_fixed 0 + assert_new 0 + end +end diff --git a/test/tests/test_rails31.rb b/test/tests/test_rails31.rb index 5474b6dedf823fd5256be3aa94253fcd1942128b..746f0660e16e5ed61416ca872a852443c3dc4d72 100644 --- a/test/tests/test_rails31.rb +++ b/test/tests/test_rails31.rb @@ -1,6 +1,6 @@ abort "Please run using test/test.rb" unless defined? BrakemanTester -Rails31 = BrakemanTester.run_scan "rails3.1", "Rails 3.1", :rails3 => true +Rails31 = BrakemanTester.run_scan "rails3.1", "Rails 3.1", :rails3 => true, :parallel_checks => false class Rails31Tests < Test::Unit::TestCase include BrakemanTester::FindWarning diff --git a/test/tests/test_rake_task.rb b/test/tests/test_rake_task.rb new file mode 100644 index 0000000000000000000000000000000000000000..94a75e925650b33b421ac77999c8dc58713365b6 --- /dev/null +++ b/test/tests/test_rake_task.rb @@ -0,0 +1,62 @@ +require 'fileutils' +require 'tmpdir' + +class RakeTaskTests < Test::Unit::TestCase + def setup + # Brakeman is noisy on errors + @old_stderr = $stderr.dup + $stderr.reopen("/dev/null", "w") + end + + def cleanup + $stderr = old_stderr + end + + def in_temp_app + Dir.mktmpdir do |dir| + FileUtils.cp_r "#{TEST_PATH}/apps/rails3.2/.", dir + + @rake_task = "#{dir}/lib/tasks/brakeman.rake" + @rakefile = "#{dir}/Rakefile" + + current_dir = FileUtils.pwd + FileUtils.cd dir + + yield dir + + FileUtils.cd current_dir + end + end + + def test_create_rake_task + in_temp_app do + assert_nothing_raised SystemExit do + Brakeman.install_rake_task + end + + assert File.exist? @rake_task + end + end + + def test_rake_task_exists + in_temp_app do + assert_nothing_raised SystemExit do + Brakeman.install_rake_task + end + + assert_raise SystemExit do + Brakeman.install_rake_task + end + end + end + + def test_rake_no_Rakefile + in_temp_app do + File.delete @rakefile + + assert_raise SystemExit do + Brakeman.install_rake_task + end + end + end +end