debian-mirror-gitlab/spec/controllers/concerns/continue_params_spec.rb

59 lines
1.6 KiB
Ruby
Raw Normal View History

2019-07-31 22:56:46 +05:30
# frozen_string_literal: true
2018-10-15 14:42:47 +05:30
require 'spec_helper'
2020-06-23 00:09:42 +05:30
RSpec.describe ContinueParams do
2018-10-15 14:42:47 +05:30
let(:controller_class) do
2022-10-11 01:57:18 +05:30
# rubocop:disable Rails/ApplicationController
2018-10-15 14:42:47 +05:30
Class.new(ActionController::Base) do
include ContinueParams
def request
@request ||= Struct.new(:host, :port).new('test.host', 80)
end
end
2022-10-11 01:57:18 +05:30
# rubocop:enable Rails/ApplicationController
2018-10-15 14:42:47 +05:30
end
2020-03-13 15:44:24 +05:30
2018-10-15 14:42:47 +05:30
subject(:controller) { controller_class.new }
def strong_continue_params(params)
ActionController::Parameters.new(continue: params)
end
2019-09-30 21:07:59 +05:30
it 'returns an empty hash if params are not present' do
allow(controller).to receive(:params) do
ActionController::Parameters.new
end
expect(controller.continue_params).to eq({})
end
2018-10-15 14:42:47 +05:30
it 'cleans up any params that are not allowed' do
allow(controller).to receive(:params) do
strong_continue_params(to: '/hello',
notice: 'world',
notice_now: '!',
something: 'else')
end
expect(controller.continue_params.keys).to contain_exactly(*%w(to notice notice_now))
end
it 'does not allow cross host redirection' do
allow(controller).to receive(:params) do
strong_continue_params(to: '//example.com')
end
expect(controller.continue_params[:to]).to be_nil
end
it 'allows redirecting to a path with querystring' do
allow(controller).to receive(:params) do
strong_continue_params(to: '/hello/world?query=string')
end
expect(controller.continue_params[:to]).to eq('/hello/world?query=string')
end
end