2017-08-14 17:08:09 +00:00
# frozen_string_literal: true
2009-10-09 01:12:28 +00:00
require " isolation/abstract_unit "
2016-08-06 17:16:09 +00:00
require " rack/test "
require " env_helpers "
2018-09-10 13:58:56 +00:00
require " set "
2009-10-09 01:12:28 +00:00
2011-04-02 08:51:47 +00:00
class :: MyMailInterceptor
def self . delivering_email ( email ) ; email ; end
end
class :: MyOtherMailInterceptor < :: MyMailInterceptor ; end
2014-06-15 12:13:34 +00:00
class :: MyPreviewMailInterceptor
def self . previewing_email ( email ) ; email ; end
end
class :: MyOtherPreviewMailInterceptor < :: MyPreviewMailInterceptor ; end
2011-04-02 08:51:47 +00:00
class :: MyMailObserver
def self . delivered_email ( email ) ; email ; end
end
class :: MyOtherMailObserver < :: MyMailObserver ; end
2009-10-09 01:12:28 +00:00
module ApplicationTests
2012-01-06 01:30:17 +00:00
class ConfigurationTest < ActiveSupport :: TestCase
2009-10-09 01:12:28 +00:00
include ActiveSupport :: Testing :: Isolation
2011-12-21 22:03:43 +00:00
include Rack :: Test :: Methods
2012-12-20 22:41:52 +00:00
include EnvHelpers
2009-10-09 01:12:28 +00:00
2009-12-23 01:03:23 +00:00
def new_app
File . expand_path ( " #{ app_path } /../new_app " )
end
def copy_app
FileUtils . cp_r ( app_path , new_app )
end
2016-08-06 17:16:09 +00:00
def app ( env = " development " )
2015-09-27 21:34:13 +00:00
@app || = begin
2016-08-06 17:16:09 +00:00
ENV [ " RAILS_ENV " ] = env
2015-09-27 21:34:13 +00:00
2017-09-01 06:41:30 +00:00
require " #{ app_path } /config/environment "
2015-09-27 21:34:13 +00:00
Rails . application
ensure
2016-08-06 17:16:09 +00:00
ENV . delete " RAILS_ENV "
2015-09-27 21:34:13 +00:00
end
2010-01-27 16:46:55 +00:00
end
2009-10-09 01:12:28 +00:00
def setup
build_app
2017-02-06 01:00:18 +00:00
suppress_default_config
2009-10-09 01:12:28 +00:00
end
2011-06-06 12:54:05 +00:00
def teardown
teardown_app
2010-01-27 20:20:32 +00:00
FileUtils . rm_rf ( new_app ) if File . directory? ( new_app )
end
2017-02-06 01:00:18 +00:00
def suppress_default_config
2014-12-19 22:16:29 +00:00
FileUtils . mv ( " #{ app_path } /config/environments " , " #{ app_path } /config/__environments__ " )
end
def restore_default_config
FileUtils . rm_rf ( " #{ app_path } /config/environments " )
FileUtils . mv ( " #{ app_path } /config/__environments__ " , " #{ app_path } /config/environments " )
end
2012-12-20 22:41:52 +00:00
test " Rails.env does not set the RAILS_ENV environment variable which would leak out into rake tasks " do
require " rails "
switch_env " RAILS_ENV " , nil do
Rails . env = " development "
assert_equal " development " , Rails . env
2016-08-06 17:16:09 +00:00
assert_nil ENV [ " RAILS_ENV " ]
2012-12-20 22:41:52 +00:00
end
end
2016-12-19 01:45:14 +00:00
test " Rails.env falls back to development if RAILS_ENV is blank and RACK_ENV is nil " do
with_rails_env ( " " ) do
assert_equal " development " , Rails . env
end
end
test " Rails.env falls back to development if RACK_ENV is blank and RAILS_ENV is nil " do
with_rack_env ( " " ) do
assert_equal " development " , Rails . env
end
end
2016-01-06 21:04:36 +00:00
test " By default logs tags are not set in development " do
restore_default_config
with_rails_env " development " do
2016-08-06 17:16:09 +00:00
app " development "
2018-01-25 23:14:09 +00:00
assert_predicate Rails . application . config . log_tags , :blank?
2016-01-06 21:04:36 +00:00
end
end
test " By default logs are tagged with :request_id in production " do
restore_default_config
with_rails_env " production " do
2016-08-06 17:16:09 +00:00
app " production "
2016-01-06 21:04:36 +00:00
assert_equal [ :request_id ] , Rails . application . config . log_tags
end
end
2014-11-04 22:14:03 +00:00
test " lib dir is on LOAD_PATH during config " do
2016-08-06 17:16:09 +00:00
app_file " lib/my_logger.rb " , <<-RUBY
2014-11-04 22:14:03 +00:00
require " logger "
class MyLogger < :: Logger
end
RUBY
add_to_top_of_config <<-RUBY
2014-11-04 22:54:52 +00:00
require 'my_logger'
2014-11-04 22:14:03 +00:00
config . logger = MyLogger . new STDOUT
RUBY
2015-09-27 21:34:13 +00:00
2016-08-06 17:16:09 +00:00
app " development "
2015-09-27 21:34:13 +00:00
2016-08-06 17:16:09 +00:00
assert_equal " MyLogger " , Rails . application . config . logger . class . name
2014-11-04 22:14:03 +00:00
end
2018-09-20 18:56:07 +00:00
test " raises an error if cache does not support recyclable cache keys " do
build_app ( initializers : true )
add_to_env_config " production " , " config.cache_store = Class.new {}.new "
add_to_env_config " production " , " config.active_record.cache_versioning = true "
error = assert_raise ( RuntimeError ) do
app " production "
end
2018-09-21 01:40:31 +00:00
assert_match ( / You're using a cache / , error . message )
2018-09-20 18:56:07 +00:00
end
2012-06-06 20:47:03 +00:00
test " a renders exception on pending migration " do
add_to_config <<-RUBY
config . active_record . migration_error = :page_load
config . consider_all_requests_local = true
config . action_dispatch . show_exceptions = true
RUBY
2016-08-06 17:16:09 +00:00
app_file " db/migrate/20140708012246_create_user.rb " , <<-RUBY
2015-12-05 20:14:22 +00:00
class CreateUser < ActiveRecord :: Migration :: Current
2014-07-08 01:46:39 +00:00
def change
create_table :users
end
end
RUBY
2016-08-06 17:16:09 +00:00
app " development "
2012-06-06 20:47:03 +00:00
2014-07-08 01:46:39 +00:00
ActiveRecord :: Migrator . migrations_paths = [ " #{ app_path } /db/migrate " ]
begin
get " /foo "
assert_equal 500 , last_response . status
assert_match " ActiveRecord::PendingMigrationError " , last_response . body
ensure
ActiveRecord :: Migrator . migrations_paths = nil
end
2012-06-06 20:47:03 +00:00
end
2011-06-21 11:02:47 +00:00
test " Rails.groups returns available groups " do
require " rails "
Rails . env = " development "
assert_equal [ :default , " development " ] , Rails . groups
2012-06-23 10:42:00 +00:00
assert_equal [ :default , " development " , :assets ] , Rails . groups ( assets : [ :development ] )
assert_equal [ :default , " development " , :another , :assets ] , Rails . groups ( :another , assets : %w( development ) )
2011-06-21 11:02:47 +00:00
Rails . env = " test "
2012-06-23 10:42:00 +00:00
assert_equal [ :default , " test " ] , Rails . groups ( assets : [ :development ] )
2011-06-21 11:02:47 +00:00
ENV [ " RAILS_GROUPS " ] = " javascripts,stylesheets "
assert_equal [ :default , " test " , " javascripts " , " stylesheets " ] , Rails . groups
end
2010-07-19 15:53:14 +00:00
test " Rails.application is nil until app is initialized " do
2016-08-06 17:16:09 +00:00
require " rails "
2010-07-19 15:53:14 +00:00
assert_nil Rails . application
2016-08-06 17:16:09 +00:00
app " development "
2010-07-19 15:53:14 +00:00
assert_equal AppTemplate :: Application . instance , Rails . application
2010-01-26 11:14:48 +00:00
end
2010-07-19 15:53:14 +00:00
test " Rails.application responds to all instance methods " do
2016-08-06 17:16:09 +00:00
app " development "
2010-07-19 15:53:14 +00:00
assert_equal Rails . application . routes_reloader , AppTemplate :: Application . routes_reloader
2010-01-30 11:30:15 +00:00
end
test " Rails::Application responds to paths " do
2016-08-06 17:16:09 +00:00
app " development "
2014-08-26 15:53:19 +00:00
assert_equal [ " #{ app_path } /app/views " ] , AppTemplate :: Application . paths [ " app/views " ] . expanded
2010-01-27 20:20:32 +00:00
end
2009-10-09 01:12:28 +00:00
test " the application root is set correctly " do
2016-08-06 17:16:09 +00:00
app " development "
2009-10-16 19:49:39 +00:00
assert_equal Pathname . new ( app_path ) , Rails . application . root
2009-10-14 23:13:45 +00:00
end
2010-01-03 06:49:40 +00:00
test " the application root can be seen from the application singleton " do
2016-08-06 17:16:09 +00:00
app " development "
2010-01-03 06:49:40 +00:00
assert_equal Pathname . new ( app_path ) , AppTemplate :: Application . root
end
2009-10-14 23:13:45 +00:00
test " the application root can be set " do
2009-12-23 01:03:23 +00:00
copy_app
2009-10-14 23:13:45 +00:00
add_to_config <<-RUBY
2009-12-23 01:03:23 +00:00
config . root = '#{new_app}'
2009-10-14 23:13:45 +00:00
RUBY
2010-01-22 15:24:44 +00:00
2009-12-23 01:03:23 +00:00
use_frameworks [ ]
2010-01-22 15:24:44 +00:00
2016-08-06 17:16:09 +00:00
app " development "
2015-09-27 21:34:13 +00:00
2009-12-23 01:03:23 +00:00
assert_equal Pathname . new ( new_app ) , Rails . application . root
2009-10-14 23:13:45 +00:00
end
test " the application root is Dir.pwd if there is no config.ru " do
File . delete ( " #{ app_path } /config.ru " )
2009-12-23 01:03:23 +00:00
use_frameworks [ ]
Dir . chdir ( " #{ app_path } " ) do
2016-08-06 17:16:09 +00:00
app " development "
2009-12-23 01:03:23 +00:00
assert_equal Pathname . new ( " #{ app_path } " ) , Rails . application . root
2009-10-14 23:13:45 +00:00
end
2009-10-09 01:12:28 +00:00
end
2009-12-02 18:14:02 +00:00
2010-01-26 12:57:11 +00:00
test " Rails.root should be a Pathname " do
add_to_config <<-RUBY
config . root = " #{ app_path } "
RUBY
2015-09-27 21:34:13 +00:00
2016-08-06 17:16:09 +00:00
app " development "
2015-09-27 21:34:13 +00:00
2010-01-26 12:57:11 +00:00
assert_instance_of Pathname , Rails . root
2009-12-02 18:14:02 +00:00
end
2009-12-16 06:07:12 +00:00
2012-10-03 00:44:02 +00:00
test " Rails.public_path should be a Pathname " do
add_to_config <<-RUBY
config . paths [ " public " ] = " somewhere "
RUBY
2015-09-27 21:34:13 +00:00
2016-08-06 17:16:09 +00:00
app " development "
2015-09-27 21:34:13 +00:00
2012-10-03 00:44:02 +00:00
assert_instance_of Pathname , Rails . public_path
end
2017-06-24 14:57:36 +00:00
test " does not eager load controller actions in development " do
app_file " app/controllers/posts_controller.rb " , <<-RUBY
class PostsController < ActionController :: Base
def index ; end
def show ; end
end
RUBY
app " development "
assert_nil PostsController . instance_variable_get ( :@action_methods )
end
test " eager loads controller actions in production " do
app_file " app/controllers/posts_controller.rb " , <<-RUBY
class PostsController < ActionController :: Base
def index ; end
def show ; end
end
RUBY
add_to_config <<-RUBY
config . eager_load = true
config . cache_classes = true
RUBY
app " production "
assert_equal %w( index show ) . to_set , PostsController . instance_variable_get ( :@action_methods )
end
test " does not eager load mailer actions in development " do
app_file " app/mailers/posts_mailer.rb " , <<-RUBY
class PostsMailer < ActionMailer :: Base
def noop_email ; end
end
RUBY
app " development "
assert_nil PostsMailer . instance_variable_get ( :@action_methods )
end
test " eager loads mailer actions in production " do
app_file " app/mailers/posts_mailer.rb " , <<-RUBY
class PostsMailer < ActionMailer :: Base
def noop_email ; end
end
RUBY
add_to_config <<-RUBY
config . eager_load = true
config . cache_classes = true
RUBY
app " production "
assert_equal %w( noop_email ) . to_set , PostsMailer . instance_variable_get ( :@action_methods )
end
2018-09-24 02:20:35 +00:00
test " does not eager load attribute methods in development " do
app_file " app/models/post.rb " , <<-RUBY
class Post < ActiveRecord :: Base
end
RUBY
app_file " config/initializers/active_record.rb " , <<-RUBY
ActiveRecord :: Base . establish_connection ( adapter : " sqlite3 " , database : " :memory: " )
ActiveRecord :: Migration . verbose = false
ActiveRecord :: Schema . define ( version : 1 ) do
create_table :posts do | t |
t . string :title
end
end
RUBY
app " development "
assert_not_includes Post . instance_methods , :title
end
test " eager loads attribute methods in production " do
app_file " app/models/post.rb " , <<-RUBY
class Post < ActiveRecord :: Base
end
RUBY
app_file " config/initializers/active_record.rb " , <<-RUBY
ActiveRecord :: Base . establish_connection ( adapter : " sqlite3 " , database : " :memory: " )
ActiveRecord :: Migration . verbose = false
ActiveRecord :: Schema . define ( version : 1 ) do
create_table :posts do | t |
t . string :title
end
end
RUBY
add_to_config <<-RUBY
config . eager_load = true
config . cache_classes = true
RUBY
app " production "
assert_includes Post . instance_methods , :title
end
2012-08-01 19:10:55 +00:00
test " initialize an eager loaded, cache classes app " do
2009-12-16 06:07:12 +00:00
add_to_config <<-RUBY
2012-08-01 19:10:55 +00:00
config . eager_load = true
config . cache_classes = true
2009-12-16 06:07:12 +00:00
RUBY
2016-08-06 17:16:09 +00:00
app " development "
2015-09-27 21:34:13 +00:00
assert_equal :require , ActiveSupport :: Dependencies . mechanism
2009-12-16 06:07:12 +00:00
end
2012-08-01 19:10:55 +00:00
test " application is always added to eager_load namespaces " do
2016-08-06 17:16:09 +00:00
app " development "
2014-09-21 21:36:00 +00:00
assert_includes Rails . application . config . eager_load_namespaces , AppTemplate :: Application
2012-06-15 18:36:21 +00:00
end
2012-08-01 19:10:55 +00:00
test " the application can be eager loaded even when there are no frameworks " do
2017-09-02 18:45:25 +00:00
FileUtils . rm_rf ( " #{ app_path } /app/jobs/application_job.rb " )
2015-12-12 13:25:00 +00:00
FileUtils . rm_rf ( " #{ app_path } /app/models/application_record.rb " )
2015-12-17 11:47:49 +00:00
FileUtils . rm_rf ( " #{ app_path } /app/mailers/application_mailer.rb " )
2009-12-16 06:07:12 +00:00
FileUtils . rm_rf ( " #{ app_path } /config/environments " )
add_to_config <<-RUBY
2012-08-01 19:10:55 +00:00
config . eager_load = true
config . cache_classes = true
2009-12-16 06:07:12 +00:00
RUBY
2009-12-31 18:36:24 +00:00
use_frameworks [ ]
2009-12-16 06:07:12 +00:00
assert_nothing_raised do
2016-08-06 17:16:09 +00:00
app " development "
2009-12-16 06:07:12 +00:00
end
end
2009-12-30 03:04:14 +00:00
2010-01-21 04:48:27 +00:00
test " filter_parameters should be able to set via config.filter_parameters " do
add_to_config <<-RUBY
2010-01-21 15:50:11 +00:00
config . filter_parameters += [ :foo , 'bar' , lambda { | key , value |
2010-01-21 04:48:27 +00:00
value = value . reverse if key =~ / baz /
2010-01-21 15:50:11 +00:00
} ]
2010-01-21 04:48:27 +00:00
RUBY
2010-01-26 12:57:11 +00:00
2010-01-21 04:48:27 +00:00
assert_nothing_raised do
2016-08-06 17:16:09 +00:00
app " development "
2010-01-21 04:48:27 +00:00
end
end
2010-01-27 16:46:55 +00:00
2013-01-05 18:04:15 +00:00
test " filter_parameters should be able to set via config.filter_parameters in an initializer " do
2016-08-06 17:16:09 +00:00
app_file " config/initializers/filter_parameters_logging.rb " , <<-RUBY
2013-01-05 18:41:39 +00:00
Rails . application . config . filter_parameters += [ :password , :foo , 'bar' ]
2013-01-05 18:04:15 +00:00
RUBY
2016-08-06 17:16:09 +00:00
app " development "
2013-01-05 18:04:15 +00:00
2016-08-06 17:16:09 +00:00
assert_equal [ :password , :foo , " bar " ] , Rails . application . env_config [ " action_dispatch.parameter_filter " ]
2013-01-05 18:04:15 +00:00
end
2010-01-27 16:46:55 +00:00
test " config.to_prepare is forwarded to ActionDispatch " do
$prepared = false
add_to_config <<-RUBY
config . to_prepare do
$prepared = true
end
RUBY
2018-04-17 22:21:34 +00:00
assert_not $prepared
2010-01-27 16:46:55 +00:00
2016-08-06 17:16:09 +00:00
app " development "
2010-01-27 16:46:55 +00:00
get " / "
assert $prepared
end
2010-02-24 01:03:06 +00:00
2010-08-15 23:29:27 +00:00
def assert_utf8
2011-12-20 16:58:45 +00:00
assert_equal Encoding :: UTF_8 , Encoding . default_external
assert_equal Encoding :: UTF_8 , Encoding . default_internal
2010-08-15 23:29:27 +00:00
end
test " skipping config.encoding still results in 'utf-8' as the default " do
2016-08-06 17:16:09 +00:00
app " development "
2010-08-15 23:29:27 +00:00
assert_utf8
end
2010-04-07 00:24:29 +00:00
test " config.encoding sets the default encoding " do
add_to_config <<-RUBY
config . encoding = " utf-8 "
RUBY
2016-08-06 17:16:09 +00:00
app " development "
2010-08-15 23:29:27 +00:00
assert_utf8
2010-04-07 00:24:29 +00:00
end
2010-04-08 10:52:37 +00:00
test " config.paths.public sets Rails.public_path " do
add_to_config <<-RUBY
2010-10-06 15:18:59 +00:00
config . paths [ " public " ] = " somewhere "
2010-04-08 10:52:37 +00:00
RUBY
2016-08-06 17:16:09 +00:00
app " development "
2012-10-03 00:44:02 +00:00
assert_equal Pathname . new ( app_path ) . join ( " somewhere " ) , Rails . public_path
2010-04-08 10:52:37 +00:00
end
2015-11-03 22:02:00 +00:00
test " In production mode, config.public_file_server.enabled is off by default " do
2014-12-19 22:16:29 +00:00
restore_default_config
with_rails_env " production " do
2016-08-06 17:16:09 +00:00
app " production "
2015-11-03 22:02:00 +00:00
assert_not app . config . public_file_server . enabled
2014-12-19 22:16:29 +00:00
end
end
2015-11-03 22:02:00 +00:00
test " In production mode, config.public_file_server.enabled is enabled when RAILS_SERVE_STATIC_FILES is set " do
2014-12-19 22:16:29 +00:00
restore_default_config
with_rails_env " production " do
switch_env " RAILS_SERVE_STATIC_FILES " , " 1 " do
2016-08-06 17:16:09 +00:00
app " production "
2015-11-03 22:02:00 +00:00
assert app . config . public_file_server . enabled
2014-12-19 22:16:29 +00:00
end
end
end
2016-02-17 16:50:29 +00:00
test " In production mode, STDOUT logging is enabled when RAILS_LOG_TO_STDOUT is set " do
restore_default_config
with_rails_env " production " do
switch_env " RAILS_LOG_TO_STDOUT " , " 1 " do
2016-08-06 17:16:09 +00:00
app " production "
2016-02-17 16:50:29 +00:00
assert ActiveSupport :: Logger . logger_outputs_to? ( app . config . logger , STDOUT )
end
end
end
2015-11-03 22:02:00 +00:00
test " In production mode, config.public_file_server.enabled is disabled when RAILS_SERVE_STATIC_FILES is blank " do
2014-12-19 22:16:29 +00:00
restore_default_config
with_rails_env " production " do
switch_env " RAILS_SERVE_STATIC_FILES " , " " do
2016-08-06 17:16:09 +00:00
app " production "
2015-11-03 22:02:00 +00:00
assert_not app . config . public_file_server . enabled
2014-12-19 22:16:29 +00:00
end
end
end
2015-11-03 22:02:00 +00:00
2012-11-02 22:27:51 +00:00
test " Use key_generator when secret_key_base is set " do
2015-01-03 20:17:47 +00:00
make_basic_app do | application |
2016-08-06 17:16:09 +00:00
application . secrets . secret_key_base = " b3c631c314c0bbca50c1b2843150fe33 "
2015-01-03 20:17:47 +00:00
application . config . session_store :disabled
2012-10-31 03:06:46 +00:00
end
class :: OmgController < ActionController :: Base
def index
cookies . signed [ :some_key ] = " some_value "
2016-05-21 12:49:38 +00:00
render plain : cookies [ :some_key ]
2012-10-31 03:06:46 +00:00
end
end
get " / "
2016-08-06 17:16:09 +00:00
secret = app . key_generator . generate_key ( " signed cookie " )
2012-10-31 03:06:46 +00:00
verifier = ActiveSupport :: MessageVerifier . new ( secret )
2016-08-06 17:16:09 +00:00
assert_equal " some_value " , verifier . verify ( last_response . body )
2012-10-31 03:06:46 +00:00
end
2013-11-20 00:26:52 +00:00
test " application verifier can be used in the entire application " do
2015-01-03 20:17:47 +00:00
make_basic_app do | application |
2016-08-06 17:16:09 +00:00
application . secrets . secret_key_base = " b3c631c314c0bbca50c1b2843150fe33 "
2015-01-03 20:17:47 +00:00
application . config . session_store :disabled
2013-11-20 00:26:52 +00:00
end
2013-12-19 19:04:07 +00:00
message = app . message_verifier ( :sensitive_value ) . generate ( " some_value " )
2013-11-20 00:26:52 +00:00
2016-08-06 17:16:09 +00:00
assert_equal " some_value " , Rails . application . message_verifier ( :sensitive_value ) . verify ( message )
2013-11-20 00:26:52 +00:00
2016-08-06 17:16:09 +00:00
secret = app . key_generator . generate_key ( " sensitive_value " )
2013-11-20 00:26:52 +00:00
verifier = ActiveSupport :: MessageVerifier . new ( secret )
2016-08-06 17:16:09 +00:00
assert_equal " some_value " , verifier . verify ( message )
2013-11-20 00:26:52 +00:00
end
2014-10-27 17:04:37 +00:00
test " application message verifier can be used when the key_generator is ActiveSupport::LegacyKeyGenerator " do
2016-08-06 17:16:09 +00:00
app_file " config/initializers/secret_token.rb " , <<-RUBY
Add credentials using a generic EncryptedConfiguration class (#30067)
* WIP: Add credentials using a generic EncryptedConfiguration class
This is sketch code so far.
* Flesh out EncryptedConfiguration and test it
* Better name
* Add command and generator for credentials
* Use the Pathnames
* Extract EncryptedFile from EncryptedConfiguration and add serializers
* Test EncryptedFile
* Extract serializer validation
* Stress the point about losing comments
* Allow encrypted configuration to be read without parsing for display
* Use credentials by default and base them on the master key
* Derive secret_key_base in test/dev, source it from credentials in other envs
And document the usage.
* Document the new credentials setup
* Stop generating the secrets.yml file now that we have credentials
* Document what we should have instead
Still need to make it happen, tho.
* [ci skip] Keep wording to `key base`; prefer defaults.
Usually we say we change defaults, not "spec" out a release.
Can't use backticks in our sdoc generated documentation either.
* Abstract away OpenSSL; prefer MessageEncryptor.
* Spare needless new when raising.
* Encrypted file test shouldn't depend on subclass.
* [ci skip] Some woordings.
* Ditch serializer future coding.
* I said flip it. Flip it good.
* [ci skip] Move require_master_key to the real production.rb.
* Add require_master_key to abort the boot process.
In case the master key is required in a certain environment
we should inspect that the key is there and abort if it isn't.
* Print missing key message and exit immediately.
Spares us a lengthy backtrace and prevents further execution.
I've verified the behavior in a test app, but couldn't figure the
test out as loading the app just exits immediately with:
```
/Users/kasperhansen/Documents/code/rails/activesupport/lib/active_support/testing/isolation.rb:23:in `load': marshal data too short (ArgumentError)
from /Users/kasperhansen/Documents/code/rails/activesupport/lib/active_support/testing/isolation.rb:23:in `run'
from /Users/kasperhansen/.rbenv/versions/2.4.1/lib/ruby/gems/2.4.0/gems/minitest-5.10.2/lib/minitest.rb:830:in `run_one_method'
from /Users/kasperhansen/.rbenv/versions/2.4.1/lib/ruby/gems/2.4.0/gems/minitest-5.10.2/lib/minitest/parallel.rb:32:in `block (2 levels) in start'
```
It's likely we need to capture and prevent the exit somehow.
Kernel.stub(:exit) didn't work. Leaving it for tomorrow.
* Fix require_master_key config test.
Loading the app would trigger the `exit 1` per require_master_key's
semantics, which then aborted the test.
Fork and wait for the child process to finish, then inspect the
exit status.
Also check we aborted because of a missing master key, so something
else didn't just abort the boot.
Much <3 to @tenderlove for the tip.
* Support reading/writing configs via methods.
* Skip needless deep symbolizing.
* Remove save; test config reader elsewhere.
* Move secret_key_base check to when we're reading it.
Otherwise we'll abort too soon since we don't assign the secret_key_base
to secrets anymore.
* Add missing string literal comments; require unneeded yaml require.
* ya ya ya, rubocop.
* Add master_key/credentials after bundle.
Then we can reuse the existing message on `rails new bc4`.
It'll look like:
```
Using web-console 3.5.1 from https://github.com/rails/web-console.git (at master@ce985eb)
Using rails 5.2.0.alpha from source at `/Users/kasperhansen/Documents/code/rails`
Using sass-rails 5.0.6
Bundle complete! 16 Gemfile dependencies, 72 gems now installed.
Use `bundle info [gemname]` to see where a bundled gem is installed.
Adding config/master.key to store the master encryption key: 97070158c44b4675b876373a6bc9d5a0
Save this in a password manager your team can access.
If you lose the key, no one, including you, can access anything encrypted with it.
create config/master.key
```
And that'll be executed even if `--skip-bundle` was passed.
* Ensure test app has secret_key_base.
* Assign secret_key_base to app or omit.
* Merge noise
* Split options for dynamic delegation into its own method and use deep symbols to make it work
* Update error to point to credentials instead
* Appease Rubocop
* Validate secret_key_base when reading it.
Instead of relying on the validation in key_generator move that into
secret_key_base itself.
* Fix generator and secrets test.
Manually add config.read_encrypted_secrets since it's not there by default
anymore.
Move mentions of config/secrets.yml to config/credentials.yml.enc.
* Remove files I have no idea how they got here.
* [ci skip] swap secrets for credentials.
* [ci skip] And now, changelogs are coming.
2017-09-11 18:21:20 +00:00
Rails . application . credentials . secret_key_base = nil
2014-10-27 17:04:37 +00:00
Rails . application . config . secret_token = " b3c631c314c0bbca50c1b2843150fe33 "
RUBY
Add credentials using a generic EncryptedConfiguration class (#30067)
* WIP: Add credentials using a generic EncryptedConfiguration class
This is sketch code so far.
* Flesh out EncryptedConfiguration and test it
* Better name
* Add command and generator for credentials
* Use the Pathnames
* Extract EncryptedFile from EncryptedConfiguration and add serializers
* Test EncryptedFile
* Extract serializer validation
* Stress the point about losing comments
* Allow encrypted configuration to be read without parsing for display
* Use credentials by default and base them on the master key
* Derive secret_key_base in test/dev, source it from credentials in other envs
And document the usage.
* Document the new credentials setup
* Stop generating the secrets.yml file now that we have credentials
* Document what we should have instead
Still need to make it happen, tho.
* [ci skip] Keep wording to `key base`; prefer defaults.
Usually we say we change defaults, not "spec" out a release.
Can't use backticks in our sdoc generated documentation either.
* Abstract away OpenSSL; prefer MessageEncryptor.
* Spare needless new when raising.
* Encrypted file test shouldn't depend on subclass.
* [ci skip] Some woordings.
* Ditch serializer future coding.
* I said flip it. Flip it good.
* [ci skip] Move require_master_key to the real production.rb.
* Add require_master_key to abort the boot process.
In case the master key is required in a certain environment
we should inspect that the key is there and abort if it isn't.
* Print missing key message and exit immediately.
Spares us a lengthy backtrace and prevents further execution.
I've verified the behavior in a test app, but couldn't figure the
test out as loading the app just exits immediately with:
```
/Users/kasperhansen/Documents/code/rails/activesupport/lib/active_support/testing/isolation.rb:23:in `load': marshal data too short (ArgumentError)
from /Users/kasperhansen/Documents/code/rails/activesupport/lib/active_support/testing/isolation.rb:23:in `run'
from /Users/kasperhansen/.rbenv/versions/2.4.1/lib/ruby/gems/2.4.0/gems/minitest-5.10.2/lib/minitest.rb:830:in `run_one_method'
from /Users/kasperhansen/.rbenv/versions/2.4.1/lib/ruby/gems/2.4.0/gems/minitest-5.10.2/lib/minitest/parallel.rb:32:in `block (2 levels) in start'
```
It's likely we need to capture and prevent the exit somehow.
Kernel.stub(:exit) didn't work. Leaving it for tomorrow.
* Fix require_master_key config test.
Loading the app would trigger the `exit 1` per require_master_key's
semantics, which then aborted the test.
Fork and wait for the child process to finish, then inspect the
exit status.
Also check we aborted because of a missing master key, so something
else didn't just abort the boot.
Much <3 to @tenderlove for the tip.
* Support reading/writing configs via methods.
* Skip needless deep symbolizing.
* Remove save; test config reader elsewhere.
* Move secret_key_base check to when we're reading it.
Otherwise we'll abort too soon since we don't assign the secret_key_base
to secrets anymore.
* Add missing string literal comments; require unneeded yaml require.
* ya ya ya, rubocop.
* Add master_key/credentials after bundle.
Then we can reuse the existing message on `rails new bc4`.
It'll look like:
```
Using web-console 3.5.1 from https://github.com/rails/web-console.git (at master@ce985eb)
Using rails 5.2.0.alpha from source at `/Users/kasperhansen/Documents/code/rails`
Using sass-rails 5.0.6
Bundle complete! 16 Gemfile dependencies, 72 gems now installed.
Use `bundle info [gemname]` to see where a bundled gem is installed.
Adding config/master.key to store the master encryption key: 97070158c44b4675b876373a6bc9d5a0
Save this in a password manager your team can access.
If you lose the key, no one, including you, can access anything encrypted with it.
create config/master.key
```
And that'll be executed even if `--skip-bundle` was passed.
* Ensure test app has secret_key_base.
* Assign secret_key_base to app or omit.
* Merge noise
* Split options for dynamic delegation into its own method and use deep symbols to make it work
* Update error to point to credentials instead
* Appease Rubocop
* Validate secret_key_base when reading it.
Instead of relying on the validation in key_generator move that into
secret_key_base itself.
* Fix generator and secrets test.
Manually add config.read_encrypted_secrets since it's not there by default
anymore.
Move mentions of config/secrets.yml to config/credentials.yml.enc.
* Remove files I have no idea how they got here.
* [ci skip] swap secrets for credentials.
* [ci skip] And now, changelogs are coming.
2017-09-11 18:21:20 +00:00
app " production "
2014-10-27 17:04:37 +00:00
Add credentials using a generic EncryptedConfiguration class (#30067)
* WIP: Add credentials using a generic EncryptedConfiguration class
This is sketch code so far.
* Flesh out EncryptedConfiguration and test it
* Better name
* Add command and generator for credentials
* Use the Pathnames
* Extract EncryptedFile from EncryptedConfiguration and add serializers
* Test EncryptedFile
* Extract serializer validation
* Stress the point about losing comments
* Allow encrypted configuration to be read without parsing for display
* Use credentials by default and base them on the master key
* Derive secret_key_base in test/dev, source it from credentials in other envs
And document the usage.
* Document the new credentials setup
* Stop generating the secrets.yml file now that we have credentials
* Document what we should have instead
Still need to make it happen, tho.
* [ci skip] Keep wording to `key base`; prefer defaults.
Usually we say we change defaults, not "spec" out a release.
Can't use backticks in our sdoc generated documentation either.
* Abstract away OpenSSL; prefer MessageEncryptor.
* Spare needless new when raising.
* Encrypted file test shouldn't depend on subclass.
* [ci skip] Some woordings.
* Ditch serializer future coding.
* I said flip it. Flip it good.
* [ci skip] Move require_master_key to the real production.rb.
* Add require_master_key to abort the boot process.
In case the master key is required in a certain environment
we should inspect that the key is there and abort if it isn't.
* Print missing key message and exit immediately.
Spares us a lengthy backtrace and prevents further execution.
I've verified the behavior in a test app, but couldn't figure the
test out as loading the app just exits immediately with:
```
/Users/kasperhansen/Documents/code/rails/activesupport/lib/active_support/testing/isolation.rb:23:in `load': marshal data too short (ArgumentError)
from /Users/kasperhansen/Documents/code/rails/activesupport/lib/active_support/testing/isolation.rb:23:in `run'
from /Users/kasperhansen/.rbenv/versions/2.4.1/lib/ruby/gems/2.4.0/gems/minitest-5.10.2/lib/minitest.rb:830:in `run_one_method'
from /Users/kasperhansen/.rbenv/versions/2.4.1/lib/ruby/gems/2.4.0/gems/minitest-5.10.2/lib/minitest/parallel.rb:32:in `block (2 levels) in start'
```
It's likely we need to capture and prevent the exit somehow.
Kernel.stub(:exit) didn't work. Leaving it for tomorrow.
* Fix require_master_key config test.
Loading the app would trigger the `exit 1` per require_master_key's
semantics, which then aborted the test.
Fork and wait for the child process to finish, then inspect the
exit status.
Also check we aborted because of a missing master key, so something
else didn't just abort the boot.
Much <3 to @tenderlove for the tip.
* Support reading/writing configs via methods.
* Skip needless deep symbolizing.
* Remove save; test config reader elsewhere.
* Move secret_key_base check to when we're reading it.
Otherwise we'll abort too soon since we don't assign the secret_key_base
to secrets anymore.
* Add missing string literal comments; require unneeded yaml require.
* ya ya ya, rubocop.
* Add master_key/credentials after bundle.
Then we can reuse the existing message on `rails new bc4`.
It'll look like:
```
Using web-console 3.5.1 from https://github.com/rails/web-console.git (at master@ce985eb)
Using rails 5.2.0.alpha from source at `/Users/kasperhansen/Documents/code/rails`
Using sass-rails 5.0.6
Bundle complete! 16 Gemfile dependencies, 72 gems now installed.
Use `bundle info [gemname]` to see where a bundled gem is installed.
Adding config/master.key to store the master encryption key: 97070158c44b4675b876373a6bc9d5a0
Save this in a password manager your team can access.
If you lose the key, no one, including you, can access anything encrypted with it.
create config/master.key
```
And that'll be executed even if `--skip-bundle` was passed.
* Ensure test app has secret_key_base.
* Assign secret_key_base to app or omit.
* Merge noise
* Split options for dynamic delegation into its own method and use deep symbols to make it work
* Update error to point to credentials instead
* Appease Rubocop
* Validate secret_key_base when reading it.
Instead of relying on the validation in key_generator move that into
secret_key_base itself.
* Fix generator and secrets test.
Manually add config.read_encrypted_secrets since it's not there by default
anymore.
Move mentions of config/secrets.yml to config/credentials.yml.enc.
* Remove files I have no idea how they got here.
* [ci skip] swap secrets for credentials.
* [ci skip] And now, changelogs are coming.
2017-09-11 18:21:20 +00:00
assert_kind_of ActiveSupport :: LegacyKeyGenerator , Rails . application . key_generator
2014-10-27 17:04:37 +00:00
message = app . message_verifier ( :sensitive_value ) . generate ( " some_value " )
2016-08-06 17:16:09 +00:00
assert_equal " some_value " , Rails . application . message_verifier ( :sensitive_value ) . verify ( message )
2014-10-27 17:04:37 +00:00
end
2017-09-28 18:04:46 +00:00
test " config.secret_token is deprecated " do
app_file " config/initializers/secret_token.rb " , <<-RUBY
Rails . application . config . secret_token = " b3c631c314c0bbca50c1b2843150fe33 "
RUBY
app " production "
assert_deprecated ( / secret_token / ) do
app . secrets
end
end
test " secrets.secret_token is deprecated " do
app_file " config/secrets.yml " , <<-YAML
production :
secret_token : " b3c631c314c0bbca50c1b2843150fe33 "
YAML
app " production "
assert_deprecated ( / secret_token / ) do
app . secrets
end
end
Add credentials using a generic EncryptedConfiguration class (#30067)
* WIP: Add credentials using a generic EncryptedConfiguration class
This is sketch code so far.
* Flesh out EncryptedConfiguration and test it
* Better name
* Add command and generator for credentials
* Use the Pathnames
* Extract EncryptedFile from EncryptedConfiguration and add serializers
* Test EncryptedFile
* Extract serializer validation
* Stress the point about losing comments
* Allow encrypted configuration to be read without parsing for display
* Use credentials by default and base them on the master key
* Derive secret_key_base in test/dev, source it from credentials in other envs
And document the usage.
* Document the new credentials setup
* Stop generating the secrets.yml file now that we have credentials
* Document what we should have instead
Still need to make it happen, tho.
* [ci skip] Keep wording to `key base`; prefer defaults.
Usually we say we change defaults, not "spec" out a release.
Can't use backticks in our sdoc generated documentation either.
* Abstract away OpenSSL; prefer MessageEncryptor.
* Spare needless new when raising.
* Encrypted file test shouldn't depend on subclass.
* [ci skip] Some woordings.
* Ditch serializer future coding.
* I said flip it. Flip it good.
* [ci skip] Move require_master_key to the real production.rb.
* Add require_master_key to abort the boot process.
In case the master key is required in a certain environment
we should inspect that the key is there and abort if it isn't.
* Print missing key message and exit immediately.
Spares us a lengthy backtrace and prevents further execution.
I've verified the behavior in a test app, but couldn't figure the
test out as loading the app just exits immediately with:
```
/Users/kasperhansen/Documents/code/rails/activesupport/lib/active_support/testing/isolation.rb:23:in `load': marshal data too short (ArgumentError)
from /Users/kasperhansen/Documents/code/rails/activesupport/lib/active_support/testing/isolation.rb:23:in `run'
from /Users/kasperhansen/.rbenv/versions/2.4.1/lib/ruby/gems/2.4.0/gems/minitest-5.10.2/lib/minitest.rb:830:in `run_one_method'
from /Users/kasperhansen/.rbenv/versions/2.4.1/lib/ruby/gems/2.4.0/gems/minitest-5.10.2/lib/minitest/parallel.rb:32:in `block (2 levels) in start'
```
It's likely we need to capture and prevent the exit somehow.
Kernel.stub(:exit) didn't work. Leaving it for tomorrow.
* Fix require_master_key config test.
Loading the app would trigger the `exit 1` per require_master_key's
semantics, which then aborted the test.
Fork and wait for the child process to finish, then inspect the
exit status.
Also check we aborted because of a missing master key, so something
else didn't just abort the boot.
Much <3 to @tenderlove for the tip.
* Support reading/writing configs via methods.
* Skip needless deep symbolizing.
* Remove save; test config reader elsewhere.
* Move secret_key_base check to when we're reading it.
Otherwise we'll abort too soon since we don't assign the secret_key_base
to secrets anymore.
* Add missing string literal comments; require unneeded yaml require.
* ya ya ya, rubocop.
* Add master_key/credentials after bundle.
Then we can reuse the existing message on `rails new bc4`.
It'll look like:
```
Using web-console 3.5.1 from https://github.com/rails/web-console.git (at master@ce985eb)
Using rails 5.2.0.alpha from source at `/Users/kasperhansen/Documents/code/rails`
Using sass-rails 5.0.6
Bundle complete! 16 Gemfile dependencies, 72 gems now installed.
Use `bundle info [gemname]` to see where a bundled gem is installed.
Adding config/master.key to store the master encryption key: 97070158c44b4675b876373a6bc9d5a0
Save this in a password manager your team can access.
If you lose the key, no one, including you, can access anything encrypted with it.
create config/master.key
```
And that'll be executed even if `--skip-bundle` was passed.
* Ensure test app has secret_key_base.
* Assign secret_key_base to app or omit.
* Merge noise
* Split options for dynamic delegation into its own method and use deep symbols to make it work
* Update error to point to credentials instead
* Appease Rubocop
* Validate secret_key_base when reading it.
Instead of relying on the validation in key_generator move that into
secret_key_base itself.
* Fix generator and secrets test.
Manually add config.read_encrypted_secrets since it's not there by default
anymore.
Move mentions of config/secrets.yml to config/credentials.yml.enc.
* Remove files I have no idea how they got here.
* [ci skip] swap secrets for credentials.
* [ci skip] And now, changelogs are coming.
2017-09-11 18:21:20 +00:00
test " raises when secret_key_base is blank " do
2016-08-06 17:16:09 +00:00
app_file " config/initializers/secret_token.rb " , <<-RUBY
Add credentials using a generic EncryptedConfiguration class (#30067)
* WIP: Add credentials using a generic EncryptedConfiguration class
This is sketch code so far.
* Flesh out EncryptedConfiguration and test it
* Better name
* Add command and generator for credentials
* Use the Pathnames
* Extract EncryptedFile from EncryptedConfiguration and add serializers
* Test EncryptedFile
* Extract serializer validation
* Stress the point about losing comments
* Allow encrypted configuration to be read without parsing for display
* Use credentials by default and base them on the master key
* Derive secret_key_base in test/dev, source it from credentials in other envs
And document the usage.
* Document the new credentials setup
* Stop generating the secrets.yml file now that we have credentials
* Document what we should have instead
Still need to make it happen, tho.
* [ci skip] Keep wording to `key base`; prefer defaults.
Usually we say we change defaults, not "spec" out a release.
Can't use backticks in our sdoc generated documentation either.
* Abstract away OpenSSL; prefer MessageEncryptor.
* Spare needless new when raising.
* Encrypted file test shouldn't depend on subclass.
* [ci skip] Some woordings.
* Ditch serializer future coding.
* I said flip it. Flip it good.
* [ci skip] Move require_master_key to the real production.rb.
* Add require_master_key to abort the boot process.
In case the master key is required in a certain environment
we should inspect that the key is there and abort if it isn't.
* Print missing key message and exit immediately.
Spares us a lengthy backtrace and prevents further execution.
I've verified the behavior in a test app, but couldn't figure the
test out as loading the app just exits immediately with:
```
/Users/kasperhansen/Documents/code/rails/activesupport/lib/active_support/testing/isolation.rb:23:in `load': marshal data too short (ArgumentError)
from /Users/kasperhansen/Documents/code/rails/activesupport/lib/active_support/testing/isolation.rb:23:in `run'
from /Users/kasperhansen/.rbenv/versions/2.4.1/lib/ruby/gems/2.4.0/gems/minitest-5.10.2/lib/minitest.rb:830:in `run_one_method'
from /Users/kasperhansen/.rbenv/versions/2.4.1/lib/ruby/gems/2.4.0/gems/minitest-5.10.2/lib/minitest/parallel.rb:32:in `block (2 levels) in start'
```
It's likely we need to capture and prevent the exit somehow.
Kernel.stub(:exit) didn't work. Leaving it for tomorrow.
* Fix require_master_key config test.
Loading the app would trigger the `exit 1` per require_master_key's
semantics, which then aborted the test.
Fork and wait for the child process to finish, then inspect the
exit status.
Also check we aborted because of a missing master key, so something
else didn't just abort the boot.
Much <3 to @tenderlove for the tip.
* Support reading/writing configs via methods.
* Skip needless deep symbolizing.
* Remove save; test config reader elsewhere.
* Move secret_key_base check to when we're reading it.
Otherwise we'll abort too soon since we don't assign the secret_key_base
to secrets anymore.
* Add missing string literal comments; require unneeded yaml require.
* ya ya ya, rubocop.
* Add master_key/credentials after bundle.
Then we can reuse the existing message on `rails new bc4`.
It'll look like:
```
Using web-console 3.5.1 from https://github.com/rails/web-console.git (at master@ce985eb)
Using rails 5.2.0.alpha from source at `/Users/kasperhansen/Documents/code/rails`
Using sass-rails 5.0.6
Bundle complete! 16 Gemfile dependencies, 72 gems now installed.
Use `bundle info [gemname]` to see where a bundled gem is installed.
Adding config/master.key to store the master encryption key: 97070158c44b4675b876373a6bc9d5a0
Save this in a password manager your team can access.
If you lose the key, no one, including you, can access anything encrypted with it.
create config/master.key
```
And that'll be executed even if `--skip-bundle` was passed.
* Ensure test app has secret_key_base.
* Assign secret_key_base to app or omit.
* Merge noise
* Split options for dynamic delegation into its own method and use deep symbols to make it work
* Update error to point to credentials instead
* Appease Rubocop
* Validate secret_key_base when reading it.
Instead of relying on the validation in key_generator move that into
secret_key_base itself.
* Fix generator and secrets test.
Manually add config.read_encrypted_secrets since it's not there by default
anymore.
Move mentions of config/secrets.yml to config/credentials.yml.enc.
* Remove files I have no idea how they got here.
* [ci skip] swap secrets for credentials.
* [ci skip] And now, changelogs are coming.
2017-09-11 18:21:20 +00:00
Rails . application . credentials . secret_key_base = nil
2014-10-27 17:04:37 +00:00
RUBY
Add credentials using a generic EncryptedConfiguration class (#30067)
* WIP: Add credentials using a generic EncryptedConfiguration class
This is sketch code so far.
* Flesh out EncryptedConfiguration and test it
* Better name
* Add command and generator for credentials
* Use the Pathnames
* Extract EncryptedFile from EncryptedConfiguration and add serializers
* Test EncryptedFile
* Extract serializer validation
* Stress the point about losing comments
* Allow encrypted configuration to be read without parsing for display
* Use credentials by default and base them on the master key
* Derive secret_key_base in test/dev, source it from credentials in other envs
And document the usage.
* Document the new credentials setup
* Stop generating the secrets.yml file now that we have credentials
* Document what we should have instead
Still need to make it happen, tho.
* [ci skip] Keep wording to `key base`; prefer defaults.
Usually we say we change defaults, not "spec" out a release.
Can't use backticks in our sdoc generated documentation either.
* Abstract away OpenSSL; prefer MessageEncryptor.
* Spare needless new when raising.
* Encrypted file test shouldn't depend on subclass.
* [ci skip] Some woordings.
* Ditch serializer future coding.
* I said flip it. Flip it good.
* [ci skip] Move require_master_key to the real production.rb.
* Add require_master_key to abort the boot process.
In case the master key is required in a certain environment
we should inspect that the key is there and abort if it isn't.
* Print missing key message and exit immediately.
Spares us a lengthy backtrace and prevents further execution.
I've verified the behavior in a test app, but couldn't figure the
test out as loading the app just exits immediately with:
```
/Users/kasperhansen/Documents/code/rails/activesupport/lib/active_support/testing/isolation.rb:23:in `load': marshal data too short (ArgumentError)
from /Users/kasperhansen/Documents/code/rails/activesupport/lib/active_support/testing/isolation.rb:23:in `run'
from /Users/kasperhansen/.rbenv/versions/2.4.1/lib/ruby/gems/2.4.0/gems/minitest-5.10.2/lib/minitest.rb:830:in `run_one_method'
from /Users/kasperhansen/.rbenv/versions/2.4.1/lib/ruby/gems/2.4.0/gems/minitest-5.10.2/lib/minitest/parallel.rb:32:in `block (2 levels) in start'
```
It's likely we need to capture and prevent the exit somehow.
Kernel.stub(:exit) didn't work. Leaving it for tomorrow.
* Fix require_master_key config test.
Loading the app would trigger the `exit 1` per require_master_key's
semantics, which then aborted the test.
Fork and wait for the child process to finish, then inspect the
exit status.
Also check we aborted because of a missing master key, so something
else didn't just abort the boot.
Much <3 to @tenderlove for the tip.
* Support reading/writing configs via methods.
* Skip needless deep symbolizing.
* Remove save; test config reader elsewhere.
* Move secret_key_base check to when we're reading it.
Otherwise we'll abort too soon since we don't assign the secret_key_base
to secrets anymore.
* Add missing string literal comments; require unneeded yaml require.
* ya ya ya, rubocop.
* Add master_key/credentials after bundle.
Then we can reuse the existing message on `rails new bc4`.
It'll look like:
```
Using web-console 3.5.1 from https://github.com/rails/web-console.git (at master@ce985eb)
Using rails 5.2.0.alpha from source at `/Users/kasperhansen/Documents/code/rails`
Using sass-rails 5.0.6
Bundle complete! 16 Gemfile dependencies, 72 gems now installed.
Use `bundle info [gemname]` to see where a bundled gem is installed.
Adding config/master.key to store the master encryption key: 97070158c44b4675b876373a6bc9d5a0
Save this in a password manager your team can access.
If you lose the key, no one, including you, can access anything encrypted with it.
create config/master.key
```
And that'll be executed even if `--skip-bundle` was passed.
* Ensure test app has secret_key_base.
* Assign secret_key_base to app or omit.
* Merge noise
* Split options for dynamic delegation into its own method and use deep symbols to make it work
* Update error to point to credentials instead
* Appease Rubocop
* Validate secret_key_base when reading it.
Instead of relying on the validation in key_generator move that into
secret_key_base itself.
* Fix generator and secrets test.
Manually add config.read_encrypted_secrets since it's not there by default
anymore.
Move mentions of config/secrets.yml to config/credentials.yml.enc.
* Remove files I have no idea how they got here.
* [ci skip] swap secrets for credentials.
* [ci skip] And now, changelogs are coming.
2017-09-11 18:21:20 +00:00
error = assert_raise ( ArgumentError ) do
app " production "
2014-10-27 17:04:37 +00:00
end
Add credentials using a generic EncryptedConfiguration class (#30067)
* WIP: Add credentials using a generic EncryptedConfiguration class
This is sketch code so far.
* Flesh out EncryptedConfiguration and test it
* Better name
* Add command and generator for credentials
* Use the Pathnames
* Extract EncryptedFile from EncryptedConfiguration and add serializers
* Test EncryptedFile
* Extract serializer validation
* Stress the point about losing comments
* Allow encrypted configuration to be read without parsing for display
* Use credentials by default and base them on the master key
* Derive secret_key_base in test/dev, source it from credentials in other envs
And document the usage.
* Document the new credentials setup
* Stop generating the secrets.yml file now that we have credentials
* Document what we should have instead
Still need to make it happen, tho.
* [ci skip] Keep wording to `key base`; prefer defaults.
Usually we say we change defaults, not "spec" out a release.
Can't use backticks in our sdoc generated documentation either.
* Abstract away OpenSSL; prefer MessageEncryptor.
* Spare needless new when raising.
* Encrypted file test shouldn't depend on subclass.
* [ci skip] Some woordings.
* Ditch serializer future coding.
* I said flip it. Flip it good.
* [ci skip] Move require_master_key to the real production.rb.
* Add require_master_key to abort the boot process.
In case the master key is required in a certain environment
we should inspect that the key is there and abort if it isn't.
* Print missing key message and exit immediately.
Spares us a lengthy backtrace and prevents further execution.
I've verified the behavior in a test app, but couldn't figure the
test out as loading the app just exits immediately with:
```
/Users/kasperhansen/Documents/code/rails/activesupport/lib/active_support/testing/isolation.rb:23:in `load': marshal data too short (ArgumentError)
from /Users/kasperhansen/Documents/code/rails/activesupport/lib/active_support/testing/isolation.rb:23:in `run'
from /Users/kasperhansen/.rbenv/versions/2.4.1/lib/ruby/gems/2.4.0/gems/minitest-5.10.2/lib/minitest.rb:830:in `run_one_method'
from /Users/kasperhansen/.rbenv/versions/2.4.1/lib/ruby/gems/2.4.0/gems/minitest-5.10.2/lib/minitest/parallel.rb:32:in `block (2 levels) in start'
```
It's likely we need to capture and prevent the exit somehow.
Kernel.stub(:exit) didn't work. Leaving it for tomorrow.
* Fix require_master_key config test.
Loading the app would trigger the `exit 1` per require_master_key's
semantics, which then aborted the test.
Fork and wait for the child process to finish, then inspect the
exit status.
Also check we aborted because of a missing master key, so something
else didn't just abort the boot.
Much <3 to @tenderlove for the tip.
* Support reading/writing configs via methods.
* Skip needless deep symbolizing.
* Remove save; test config reader elsewhere.
* Move secret_key_base check to when we're reading it.
Otherwise we'll abort too soon since we don't assign the secret_key_base
to secrets anymore.
* Add missing string literal comments; require unneeded yaml require.
* ya ya ya, rubocop.
* Add master_key/credentials after bundle.
Then we can reuse the existing message on `rails new bc4`.
It'll look like:
```
Using web-console 3.5.1 from https://github.com/rails/web-console.git (at master@ce985eb)
Using rails 5.2.0.alpha from source at `/Users/kasperhansen/Documents/code/rails`
Using sass-rails 5.0.6
Bundle complete! 16 Gemfile dependencies, 72 gems now installed.
Use `bundle info [gemname]` to see where a bundled gem is installed.
Adding config/master.key to store the master encryption key: 97070158c44b4675b876373a6bc9d5a0
Save this in a password manager your team can access.
If you lose the key, no one, including you, can access anything encrypted with it.
create config/master.key
```
And that'll be executed even if `--skip-bundle` was passed.
* Ensure test app has secret_key_base.
* Assign secret_key_base to app or omit.
* Merge noise
* Split options for dynamic delegation into its own method and use deep symbols to make it work
* Update error to point to credentials instead
* Appease Rubocop
* Validate secret_key_base when reading it.
Instead of relying on the validation in key_generator move that into
secret_key_base itself.
* Fix generator and secrets test.
Manually add config.read_encrypted_secrets since it's not there by default
anymore.
Move mentions of config/secrets.yml to config/credentials.yml.enc.
* Remove files I have no idea how they got here.
* [ci skip] swap secrets for credentials.
* [ci skip] And now, changelogs are coming.
2017-09-11 18:21:20 +00:00
assert_match ( / Missing `secret_key_base`. / , error . message )
2014-10-27 17:04:37 +00:00
end
Add credentials using a generic EncryptedConfiguration class (#30067)
* WIP: Add credentials using a generic EncryptedConfiguration class
This is sketch code so far.
* Flesh out EncryptedConfiguration and test it
* Better name
* Add command and generator for credentials
* Use the Pathnames
* Extract EncryptedFile from EncryptedConfiguration and add serializers
* Test EncryptedFile
* Extract serializer validation
* Stress the point about losing comments
* Allow encrypted configuration to be read without parsing for display
* Use credentials by default and base them on the master key
* Derive secret_key_base in test/dev, source it from credentials in other envs
And document the usage.
* Document the new credentials setup
* Stop generating the secrets.yml file now that we have credentials
* Document what we should have instead
Still need to make it happen, tho.
* [ci skip] Keep wording to `key base`; prefer defaults.
Usually we say we change defaults, not "spec" out a release.
Can't use backticks in our sdoc generated documentation either.
* Abstract away OpenSSL; prefer MessageEncryptor.
* Spare needless new when raising.
* Encrypted file test shouldn't depend on subclass.
* [ci skip] Some woordings.
* Ditch serializer future coding.
* I said flip it. Flip it good.
* [ci skip] Move require_master_key to the real production.rb.
* Add require_master_key to abort the boot process.
In case the master key is required in a certain environment
we should inspect that the key is there and abort if it isn't.
* Print missing key message and exit immediately.
Spares us a lengthy backtrace and prevents further execution.
I've verified the behavior in a test app, but couldn't figure the
test out as loading the app just exits immediately with:
```
/Users/kasperhansen/Documents/code/rails/activesupport/lib/active_support/testing/isolation.rb:23:in `load': marshal data too short (ArgumentError)
from /Users/kasperhansen/Documents/code/rails/activesupport/lib/active_support/testing/isolation.rb:23:in `run'
from /Users/kasperhansen/.rbenv/versions/2.4.1/lib/ruby/gems/2.4.0/gems/minitest-5.10.2/lib/minitest.rb:830:in `run_one_method'
from /Users/kasperhansen/.rbenv/versions/2.4.1/lib/ruby/gems/2.4.0/gems/minitest-5.10.2/lib/minitest/parallel.rb:32:in `block (2 levels) in start'
```
It's likely we need to capture and prevent the exit somehow.
Kernel.stub(:exit) didn't work. Leaving it for tomorrow.
* Fix require_master_key config test.
Loading the app would trigger the `exit 1` per require_master_key's
semantics, which then aborted the test.
Fork and wait for the child process to finish, then inspect the
exit status.
Also check we aborted because of a missing master key, so something
else didn't just abort the boot.
Much <3 to @tenderlove for the tip.
* Support reading/writing configs via methods.
* Skip needless deep symbolizing.
* Remove save; test config reader elsewhere.
* Move secret_key_base check to when we're reading it.
Otherwise we'll abort too soon since we don't assign the secret_key_base
to secrets anymore.
* Add missing string literal comments; require unneeded yaml require.
* ya ya ya, rubocop.
* Add master_key/credentials after bundle.
Then we can reuse the existing message on `rails new bc4`.
It'll look like:
```
Using web-console 3.5.1 from https://github.com/rails/web-console.git (at master@ce985eb)
Using rails 5.2.0.alpha from source at `/Users/kasperhansen/Documents/code/rails`
Using sass-rails 5.0.6
Bundle complete! 16 Gemfile dependencies, 72 gems now installed.
Use `bundle info [gemname]` to see where a bundled gem is installed.
Adding config/master.key to store the master encryption key: 97070158c44b4675b876373a6bc9d5a0
Save this in a password manager your team can access.
If you lose the key, no one, including you, can access anything encrypted with it.
create config/master.key
```
And that'll be executed even if `--skip-bundle` was passed.
* Ensure test app has secret_key_base.
* Assign secret_key_base to app or omit.
* Merge noise
* Split options for dynamic delegation into its own method and use deep symbols to make it work
* Update error to point to credentials instead
* Appease Rubocop
* Validate secret_key_base when reading it.
Instead of relying on the validation in key_generator move that into
secret_key_base itself.
* Fix generator and secrets test.
Manually add config.read_encrypted_secrets since it's not there by default
anymore.
Move mentions of config/secrets.yml to config/credentials.yml.enc.
* Remove files I have no idea how they got here.
* [ci skip] swap secrets for credentials.
* [ci skip] And now, changelogs are coming.
2017-09-11 18:21:20 +00:00
test " raise when secret_key_base is not a type of string " do
add_to_config <<-RUBY
Rails . application . credentials . secret_key_base = 123
RUBY
2015-10-26 15:28:09 +00:00
assert_raise ( ArgumentError ) do
Add credentials using a generic EncryptedConfiguration class (#30067)
* WIP: Add credentials using a generic EncryptedConfiguration class
This is sketch code so far.
* Flesh out EncryptedConfiguration and test it
* Better name
* Add command and generator for credentials
* Use the Pathnames
* Extract EncryptedFile from EncryptedConfiguration and add serializers
* Test EncryptedFile
* Extract serializer validation
* Stress the point about losing comments
* Allow encrypted configuration to be read without parsing for display
* Use credentials by default and base them on the master key
* Derive secret_key_base in test/dev, source it from credentials in other envs
And document the usage.
* Document the new credentials setup
* Stop generating the secrets.yml file now that we have credentials
* Document what we should have instead
Still need to make it happen, tho.
* [ci skip] Keep wording to `key base`; prefer defaults.
Usually we say we change defaults, not "spec" out a release.
Can't use backticks in our sdoc generated documentation either.
* Abstract away OpenSSL; prefer MessageEncryptor.
* Spare needless new when raising.
* Encrypted file test shouldn't depend on subclass.
* [ci skip] Some woordings.
* Ditch serializer future coding.
* I said flip it. Flip it good.
* [ci skip] Move require_master_key to the real production.rb.
* Add require_master_key to abort the boot process.
In case the master key is required in a certain environment
we should inspect that the key is there and abort if it isn't.
* Print missing key message and exit immediately.
Spares us a lengthy backtrace and prevents further execution.
I've verified the behavior in a test app, but couldn't figure the
test out as loading the app just exits immediately with:
```
/Users/kasperhansen/Documents/code/rails/activesupport/lib/active_support/testing/isolation.rb:23:in `load': marshal data too short (ArgumentError)
from /Users/kasperhansen/Documents/code/rails/activesupport/lib/active_support/testing/isolation.rb:23:in `run'
from /Users/kasperhansen/.rbenv/versions/2.4.1/lib/ruby/gems/2.4.0/gems/minitest-5.10.2/lib/minitest.rb:830:in `run_one_method'
from /Users/kasperhansen/.rbenv/versions/2.4.1/lib/ruby/gems/2.4.0/gems/minitest-5.10.2/lib/minitest/parallel.rb:32:in `block (2 levels) in start'
```
It's likely we need to capture and prevent the exit somehow.
Kernel.stub(:exit) didn't work. Leaving it for tomorrow.
* Fix require_master_key config test.
Loading the app would trigger the `exit 1` per require_master_key's
semantics, which then aborted the test.
Fork and wait for the child process to finish, then inspect the
exit status.
Also check we aborted because of a missing master key, so something
else didn't just abort the boot.
Much <3 to @tenderlove for the tip.
* Support reading/writing configs via methods.
* Skip needless deep symbolizing.
* Remove save; test config reader elsewhere.
* Move secret_key_base check to when we're reading it.
Otherwise we'll abort too soon since we don't assign the secret_key_base
to secrets anymore.
* Add missing string literal comments; require unneeded yaml require.
* ya ya ya, rubocop.
* Add master_key/credentials after bundle.
Then we can reuse the existing message on `rails new bc4`.
It'll look like:
```
Using web-console 3.5.1 from https://github.com/rails/web-console.git (at master@ce985eb)
Using rails 5.2.0.alpha from source at `/Users/kasperhansen/Documents/code/rails`
Using sass-rails 5.0.6
Bundle complete! 16 Gemfile dependencies, 72 gems now installed.
Use `bundle info [gemname]` to see where a bundled gem is installed.
Adding config/master.key to store the master encryption key: 97070158c44b4675b876373a6bc9d5a0
Save this in a password manager your team can access.
If you lose the key, no one, including you, can access anything encrypted with it.
create config/master.key
```
And that'll be executed even if `--skip-bundle` was passed.
* Ensure test app has secret_key_base.
* Assign secret_key_base to app or omit.
* Merge noise
* Split options for dynamic delegation into its own method and use deep symbols to make it work
* Update error to point to credentials instead
* Appease Rubocop
* Validate secret_key_base when reading it.
Instead of relying on the validation in key_generator move that into
secret_key_base itself.
* Fix generator and secrets test.
Manually add config.read_encrypted_secrets since it's not there by default
anymore.
Move mentions of config/secrets.yml to config/credentials.yml.enc.
* Remove files I have no idea how they got here.
* [ci skip] swap secrets for credentials.
* [ci skip] And now, changelogs are coming.
2017-09-11 18:21:20 +00:00
app " production "
2015-10-26 15:28:09 +00:00
end
end
2014-11-10 23:18:57 +00:00
test " prefer secrets.secret_token over config.secret_token " do
2016-08-06 17:16:09 +00:00
app_file " config/initializers/secret_token.rb " , <<-RUBY
2014-10-27 17:04:37 +00:00
Rails . application . config . secret_token = " "
RUBY
2016-08-06 17:16:09 +00:00
app_file " config/secrets.yml " , <<-YAML
2014-10-27 17:04:37 +00:00
development :
secret_token : 3 b7cd727ee24e8444053437c36cc66c3
YAML
2015-09-27 21:34:13 +00:00
2016-08-06 17:16:09 +00:00
app " development "
2014-10-27 17:04:37 +00:00
2016-08-06 17:16:09 +00:00
assert_equal " 3b7cd727ee24e8444053437c36cc66c3 " , app . secrets . secret_token
2014-10-27 17:04:37 +00:00
end
2013-11-22 01:42:10 +00:00
test " application verifier can build different verifiers " do
2015-01-03 20:17:47 +00:00
make_basic_app do | application |
Add credentials using a generic EncryptedConfiguration class (#30067)
* WIP: Add credentials using a generic EncryptedConfiguration class
This is sketch code so far.
* Flesh out EncryptedConfiguration and test it
* Better name
* Add command and generator for credentials
* Use the Pathnames
* Extract EncryptedFile from EncryptedConfiguration and add serializers
* Test EncryptedFile
* Extract serializer validation
* Stress the point about losing comments
* Allow encrypted configuration to be read without parsing for display
* Use credentials by default and base them on the master key
* Derive secret_key_base in test/dev, source it from credentials in other envs
And document the usage.
* Document the new credentials setup
* Stop generating the secrets.yml file now that we have credentials
* Document what we should have instead
Still need to make it happen, tho.
* [ci skip] Keep wording to `key base`; prefer defaults.
Usually we say we change defaults, not "spec" out a release.
Can't use backticks in our sdoc generated documentation either.
* Abstract away OpenSSL; prefer MessageEncryptor.
* Spare needless new when raising.
* Encrypted file test shouldn't depend on subclass.
* [ci skip] Some woordings.
* Ditch serializer future coding.
* I said flip it. Flip it good.
* [ci skip] Move require_master_key to the real production.rb.
* Add require_master_key to abort the boot process.
In case the master key is required in a certain environment
we should inspect that the key is there and abort if it isn't.
* Print missing key message and exit immediately.
Spares us a lengthy backtrace and prevents further execution.
I've verified the behavior in a test app, but couldn't figure the
test out as loading the app just exits immediately with:
```
/Users/kasperhansen/Documents/code/rails/activesupport/lib/active_support/testing/isolation.rb:23:in `load': marshal data too short (ArgumentError)
from /Users/kasperhansen/Documents/code/rails/activesupport/lib/active_support/testing/isolation.rb:23:in `run'
from /Users/kasperhansen/.rbenv/versions/2.4.1/lib/ruby/gems/2.4.0/gems/minitest-5.10.2/lib/minitest.rb:830:in `run_one_method'
from /Users/kasperhansen/.rbenv/versions/2.4.1/lib/ruby/gems/2.4.0/gems/minitest-5.10.2/lib/minitest/parallel.rb:32:in `block (2 levels) in start'
```
It's likely we need to capture and prevent the exit somehow.
Kernel.stub(:exit) didn't work. Leaving it for tomorrow.
* Fix require_master_key config test.
Loading the app would trigger the `exit 1` per require_master_key's
semantics, which then aborted the test.
Fork and wait for the child process to finish, then inspect the
exit status.
Also check we aborted because of a missing master key, so something
else didn't just abort the boot.
Much <3 to @tenderlove for the tip.
* Support reading/writing configs via methods.
* Skip needless deep symbolizing.
* Remove save; test config reader elsewhere.
* Move secret_key_base check to when we're reading it.
Otherwise we'll abort too soon since we don't assign the secret_key_base
to secrets anymore.
* Add missing string literal comments; require unneeded yaml require.
* ya ya ya, rubocop.
* Add master_key/credentials after bundle.
Then we can reuse the existing message on `rails new bc4`.
It'll look like:
```
Using web-console 3.5.1 from https://github.com/rails/web-console.git (at master@ce985eb)
Using rails 5.2.0.alpha from source at `/Users/kasperhansen/Documents/code/rails`
Using sass-rails 5.0.6
Bundle complete! 16 Gemfile dependencies, 72 gems now installed.
Use `bundle info [gemname]` to see where a bundled gem is installed.
Adding config/master.key to store the master encryption key: 97070158c44b4675b876373a6bc9d5a0
Save this in a password manager your team can access.
If you lose the key, no one, including you, can access anything encrypted with it.
create config/master.key
```
And that'll be executed even if `--skip-bundle` was passed.
* Ensure test app has secret_key_base.
* Assign secret_key_base to app or omit.
* Merge noise
* Split options for dynamic delegation into its own method and use deep symbols to make it work
* Update error to point to credentials instead
* Appease Rubocop
* Validate secret_key_base when reading it.
Instead of relying on the validation in key_generator move that into
secret_key_base itself.
* Fix generator and secrets test.
Manually add config.read_encrypted_secrets since it's not there by default
anymore.
Move mentions of config/secrets.yml to config/credentials.yml.enc.
* Remove files I have no idea how they got here.
* [ci skip] swap secrets for credentials.
* [ci skip] And now, changelogs are coming.
2017-09-11 18:21:20 +00:00
application . credentials . secret_key_base = " b3c631c314c0bbca50c1b2843150fe33 "
2015-01-03 20:17:47 +00:00
application . config . session_store :disabled
2013-11-22 01:42:10 +00:00
end
2013-12-19 19:04:07 +00:00
default_verifier = app . message_verifier ( :sensitive_value )
text_verifier = app . message_verifier ( :text )
2013-12-02 22:16:39 +00:00
2016-08-06 17:16:09 +00:00
message = text_verifier . generate ( " some_value " )
2013-12-02 22:16:39 +00:00
2016-08-06 17:16:09 +00:00
assert_equal " some_value " , text_verifier . verify ( message )
2013-12-02 22:16:39 +00:00
assert_raises ActiveSupport :: MessageVerifier :: InvalidSignature do
default_verifier . verify ( message )
end
2013-12-19 19:04:07 +00:00
assert_equal default_verifier . object_id , app . message_verifier ( :sensitive_value ) . object_id
2013-12-02 22:16:39 +00:00
assert_not_equal default_verifier . object_id , text_verifier . object_id
2013-11-22 01:42:10 +00:00
end
2013-12-25 22:34:25 +00:00
test " secrets.secret_key_base is used when config/secrets.yml is present " do
2016-08-06 17:16:09 +00:00
app_file " config/secrets.yml " , <<-YAML
2013-12-10 15:04:07 +00:00
development :
secret_key_base : 3 b7cd727ee24e8444053437c36cc66c3
YAML
2016-08-06 17:16:09 +00:00
app " development "
assert_equal " 3b7cd727ee24e8444053437c36cc66c3 " , app . secrets . secret_key_base
2018-03-31 12:47:04 +00:00
assert_equal " 3b7cd727ee24e8444053437c36cc66c3 " , app . secret_key_base
2013-12-10 15:04:07 +00:00
end
test " secret_key_base is copied from config to secrets when not set " do
2013-12-12 19:58:53 +00:00
remove_file " config/secrets.yml "
2016-08-06 17:16:09 +00:00
app_file " config/initializers/secret_token.rb " , <<-RUBY
2013-12-10 15:04:07 +00:00
Rails . application . config . secret_key_base = " 3b7cd727ee24e8444053437c36cc66c3 "
RUBY
2016-08-06 17:16:09 +00:00
app " development "
assert_equal " 3b7cd727ee24e8444053437c36cc66c3 " , app . secrets . secret_key_base
2013-12-10 15:04:07 +00:00
end
2014-10-27 17:04:37 +00:00
test " config.secret_token over-writes a blank secrets.secret_token " do
2016-08-06 17:16:09 +00:00
app_file " config/initializers/secret_token.rb " , <<-RUBY
2014-11-10 23:18:57 +00:00
Rails . application . config . secret_token = " b3c631c314c0bbca50c1b2843150fe33 "
2014-10-27 17:04:37 +00:00
RUBY
2016-08-06 17:16:09 +00:00
app_file " config/secrets.yml " , <<-YAML
2014-10-27 17:04:37 +00:00
development :
secret_key_base :
secret_token :
YAML
2015-09-27 21:34:13 +00:00
2016-08-06 17:16:09 +00:00
app " development "
2014-10-27 17:04:37 +00:00
2016-08-06 17:16:09 +00:00
assert_equal " b3c631c314c0bbca50c1b2843150fe33 " , app . secrets . secret_token
assert_equal " b3c631c314c0bbca50c1b2843150fe33 " , app . config . secret_token
2014-10-27 17:04:37 +00:00
end
2013-12-25 22:34:25 +00:00
test " custom secrets saved in config/secrets.yml are loaded in app secrets " do
2016-08-06 17:16:09 +00:00
app_file " config/secrets.yml " , <<-YAML
2013-12-12 16:39:15 +00:00
development :
secret_key_base : 3 b7cd727ee24e8444053437c36cc66c3
aws_access_key_id : myamazonaccesskeyid
aws_secret_access_key : myamazonsecretaccesskey
YAML
2016-08-06 17:16:09 +00:00
app " development "
2015-09-27 21:34:13 +00:00
2016-08-06 17:16:09 +00:00
assert_equal " myamazonaccesskeyid " , app . secrets . aws_access_key_id
assert_equal " myamazonsecretaccesskey " , app . secrets . aws_secret_access_key
2013-12-12 16:39:15 +00:00
end
2016-05-21 13:07:06 +00:00
test " shared secrets saved in config/secrets.yml are loaded in app secrets " do
2016-08-06 17:16:09 +00:00
app_file " config/secrets.yml " , <<-YAML
2016-05-21 13:07:06 +00:00
shared :
api_key : 3 b7cd727
YAML
2016-08-06 17:16:09 +00:00
app " development "
2016-05-21 13:07:06 +00:00
2016-08-06 17:16:09 +00:00
assert_equal " 3b7cd727 " , app . secrets . api_key
2016-05-21 13:07:06 +00:00
end
test " shared secrets will yield to environment specific secrets " do
2016-08-06 17:16:09 +00:00
app_file " config/secrets.yml " , <<-YAML
2016-05-21 13:07:06 +00:00
shared :
api_key : 3 b7cd727
2016-07-02 15:05:35 +00:00
2016-05-21 13:07:06 +00:00
development :
api_key : abc12345
YAML
2016-08-06 17:16:09 +00:00
app " development "
2016-05-21 13:07:06 +00:00
2016-08-06 17:16:09 +00:00
assert_equal " abc12345 " , app . secrets . api_key
2016-05-21 13:07:06 +00:00
end
2014-02-12 16:17:00 +00:00
test " blank config/secrets.yml does not crash the loading process " do
2016-08-06 17:16:09 +00:00
app_file " config/secrets.yml " , <<-YAML
2014-02-12 16:17:00 +00:00
YAML
2015-09-27 21:34:13 +00:00
2016-08-06 17:16:09 +00:00
app " development "
2014-02-12 16:17:00 +00:00
assert_nil app . secrets . not_defined
end
2014-10-27 17:04:37 +00:00
test " config.secret_key_base over-writes a blank secrets.secret_key_base " do
2016-08-06 17:16:09 +00:00
app_file " config/initializers/secret_token.rb " , <<-RUBY
2014-10-27 17:04:37 +00:00
Rails . application . config . secret_key_base = " iaminallyoursecretkeybase "
RUBY
2016-08-06 17:16:09 +00:00
app_file " config/secrets.yml " , <<-YAML
2014-10-27 17:04:37 +00:00
development :
secret_key_base :
YAML
2015-09-27 21:34:13 +00:00
2016-08-06 17:16:09 +00:00
app " development "
2014-10-27 17:04:37 +00:00
assert_equal " iaminallyoursecretkeybase " , app . secrets . secret_key_base
end
test " uses ActiveSupport::LegacyKeyGenerator as app.key_generator when secrets.secret_key_base is blank " do
2016-08-06 17:16:09 +00:00
app_file " config/initializers/secret_token.rb " , <<-RUBY
Add credentials using a generic EncryptedConfiguration class (#30067)
* WIP: Add credentials using a generic EncryptedConfiguration class
This is sketch code so far.
* Flesh out EncryptedConfiguration and test it
* Better name
* Add command and generator for credentials
* Use the Pathnames
* Extract EncryptedFile from EncryptedConfiguration and add serializers
* Test EncryptedFile
* Extract serializer validation
* Stress the point about losing comments
* Allow encrypted configuration to be read without parsing for display
* Use credentials by default and base them on the master key
* Derive secret_key_base in test/dev, source it from credentials in other envs
And document the usage.
* Document the new credentials setup
* Stop generating the secrets.yml file now that we have credentials
* Document what we should have instead
Still need to make it happen, tho.
* [ci skip] Keep wording to `key base`; prefer defaults.
Usually we say we change defaults, not "spec" out a release.
Can't use backticks in our sdoc generated documentation either.
* Abstract away OpenSSL; prefer MessageEncryptor.
* Spare needless new when raising.
* Encrypted file test shouldn't depend on subclass.
* [ci skip] Some woordings.
* Ditch serializer future coding.
* I said flip it. Flip it good.
* [ci skip] Move require_master_key to the real production.rb.
* Add require_master_key to abort the boot process.
In case the master key is required in a certain environment
we should inspect that the key is there and abort if it isn't.
* Print missing key message and exit immediately.
Spares us a lengthy backtrace and prevents further execution.
I've verified the behavior in a test app, but couldn't figure the
test out as loading the app just exits immediately with:
```
/Users/kasperhansen/Documents/code/rails/activesupport/lib/active_support/testing/isolation.rb:23:in `load': marshal data too short (ArgumentError)
from /Users/kasperhansen/Documents/code/rails/activesupport/lib/active_support/testing/isolation.rb:23:in `run'
from /Users/kasperhansen/.rbenv/versions/2.4.1/lib/ruby/gems/2.4.0/gems/minitest-5.10.2/lib/minitest.rb:830:in `run_one_method'
from /Users/kasperhansen/.rbenv/versions/2.4.1/lib/ruby/gems/2.4.0/gems/minitest-5.10.2/lib/minitest/parallel.rb:32:in `block (2 levels) in start'
```
It's likely we need to capture and prevent the exit somehow.
Kernel.stub(:exit) didn't work. Leaving it for tomorrow.
* Fix require_master_key config test.
Loading the app would trigger the `exit 1` per require_master_key's
semantics, which then aborted the test.
Fork and wait for the child process to finish, then inspect the
exit status.
Also check we aborted because of a missing master key, so something
else didn't just abort the boot.
Much <3 to @tenderlove for the tip.
* Support reading/writing configs via methods.
* Skip needless deep symbolizing.
* Remove save; test config reader elsewhere.
* Move secret_key_base check to when we're reading it.
Otherwise we'll abort too soon since we don't assign the secret_key_base
to secrets anymore.
* Add missing string literal comments; require unneeded yaml require.
* ya ya ya, rubocop.
* Add master_key/credentials after bundle.
Then we can reuse the existing message on `rails new bc4`.
It'll look like:
```
Using web-console 3.5.1 from https://github.com/rails/web-console.git (at master@ce985eb)
Using rails 5.2.0.alpha from source at `/Users/kasperhansen/Documents/code/rails`
Using sass-rails 5.0.6
Bundle complete! 16 Gemfile dependencies, 72 gems now installed.
Use `bundle info [gemname]` to see where a bundled gem is installed.
Adding config/master.key to store the master encryption key: 97070158c44b4675b876373a6bc9d5a0
Save this in a password manager your team can access.
If you lose the key, no one, including you, can access anything encrypted with it.
create config/master.key
```
And that'll be executed even if `--skip-bundle` was passed.
* Ensure test app has secret_key_base.
* Assign secret_key_base to app or omit.
* Merge noise
* Split options for dynamic delegation into its own method and use deep symbols to make it work
* Update error to point to credentials instead
* Appease Rubocop
* Validate secret_key_base when reading it.
Instead of relying on the validation in key_generator move that into
secret_key_base itself.
* Fix generator and secrets test.
Manually add config.read_encrypted_secrets since it's not there by default
anymore.
Move mentions of config/secrets.yml to config/credentials.yml.enc.
* Remove files I have no idea how they got here.
* [ci skip] swap secrets for credentials.
* [ci skip] And now, changelogs are coming.
2017-09-11 18:21:20 +00:00
Rails . application . credentials . secret_key_base = nil
2014-10-27 17:04:37 +00:00
Rails . application . config . secret_token = " b3c631c314c0bbca50c1b2843150fe33 "
RUBY
2015-09-27 21:34:13 +00:00
Add credentials using a generic EncryptedConfiguration class (#30067)
* WIP: Add credentials using a generic EncryptedConfiguration class
This is sketch code so far.
* Flesh out EncryptedConfiguration and test it
* Better name
* Add command and generator for credentials
* Use the Pathnames
* Extract EncryptedFile from EncryptedConfiguration and add serializers
* Test EncryptedFile
* Extract serializer validation
* Stress the point about losing comments
* Allow encrypted configuration to be read without parsing for display
* Use credentials by default and base them on the master key
* Derive secret_key_base in test/dev, source it from credentials in other envs
And document the usage.
* Document the new credentials setup
* Stop generating the secrets.yml file now that we have credentials
* Document what we should have instead
Still need to make it happen, tho.
* [ci skip] Keep wording to `key base`; prefer defaults.
Usually we say we change defaults, not "spec" out a release.
Can't use backticks in our sdoc generated documentation either.
* Abstract away OpenSSL; prefer MessageEncryptor.
* Spare needless new when raising.
* Encrypted file test shouldn't depend on subclass.
* [ci skip] Some woordings.
* Ditch serializer future coding.
* I said flip it. Flip it good.
* [ci skip] Move require_master_key to the real production.rb.
* Add require_master_key to abort the boot process.
In case the master key is required in a certain environment
we should inspect that the key is there and abort if it isn't.
* Print missing key message and exit immediately.
Spares us a lengthy backtrace and prevents further execution.
I've verified the behavior in a test app, but couldn't figure the
test out as loading the app just exits immediately with:
```
/Users/kasperhansen/Documents/code/rails/activesupport/lib/active_support/testing/isolation.rb:23:in `load': marshal data too short (ArgumentError)
from /Users/kasperhansen/Documents/code/rails/activesupport/lib/active_support/testing/isolation.rb:23:in `run'
from /Users/kasperhansen/.rbenv/versions/2.4.1/lib/ruby/gems/2.4.0/gems/minitest-5.10.2/lib/minitest.rb:830:in `run_one_method'
from /Users/kasperhansen/.rbenv/versions/2.4.1/lib/ruby/gems/2.4.0/gems/minitest-5.10.2/lib/minitest/parallel.rb:32:in `block (2 levels) in start'
```
It's likely we need to capture and prevent the exit somehow.
Kernel.stub(:exit) didn't work. Leaving it for tomorrow.
* Fix require_master_key config test.
Loading the app would trigger the `exit 1` per require_master_key's
semantics, which then aborted the test.
Fork and wait for the child process to finish, then inspect the
exit status.
Also check we aborted because of a missing master key, so something
else didn't just abort the boot.
Much <3 to @tenderlove for the tip.
* Support reading/writing configs via methods.
* Skip needless deep symbolizing.
* Remove save; test config reader elsewhere.
* Move secret_key_base check to when we're reading it.
Otherwise we'll abort too soon since we don't assign the secret_key_base
to secrets anymore.
* Add missing string literal comments; require unneeded yaml require.
* ya ya ya, rubocop.
* Add master_key/credentials after bundle.
Then we can reuse the existing message on `rails new bc4`.
It'll look like:
```
Using web-console 3.5.1 from https://github.com/rails/web-console.git (at master@ce985eb)
Using rails 5.2.0.alpha from source at `/Users/kasperhansen/Documents/code/rails`
Using sass-rails 5.0.6
Bundle complete! 16 Gemfile dependencies, 72 gems now installed.
Use `bundle info [gemname]` to see where a bundled gem is installed.
Adding config/master.key to store the master encryption key: 97070158c44b4675b876373a6bc9d5a0
Save this in a password manager your team can access.
If you lose the key, no one, including you, can access anything encrypted with it.
create config/master.key
```
And that'll be executed even if `--skip-bundle` was passed.
* Ensure test app has secret_key_base.
* Assign secret_key_base to app or omit.
* Merge noise
* Split options for dynamic delegation into its own method and use deep symbols to make it work
* Update error to point to credentials instead
* Appease Rubocop
* Validate secret_key_base when reading it.
Instead of relying on the validation in key_generator move that into
secret_key_base itself.
* Fix generator and secrets test.
Manually add config.read_encrypted_secrets since it's not there by default
anymore.
Move mentions of config/secrets.yml to config/credentials.yml.enc.
* Remove files I have no idea how they got here.
* [ci skip] swap secrets for credentials.
* [ci skip] And now, changelogs are coming.
2017-09-11 18:21:20 +00:00
app " production "
2014-10-27 17:04:37 +00:00
2016-08-06 17:16:09 +00:00
assert_equal " b3c631c314c0bbca50c1b2843150fe33 " , app . config . secret_token
Add credentials using a generic EncryptedConfiguration class (#30067)
* WIP: Add credentials using a generic EncryptedConfiguration class
This is sketch code so far.
* Flesh out EncryptedConfiguration and test it
* Better name
* Add command and generator for credentials
* Use the Pathnames
* Extract EncryptedFile from EncryptedConfiguration and add serializers
* Test EncryptedFile
* Extract serializer validation
* Stress the point about losing comments
* Allow encrypted configuration to be read without parsing for display
* Use credentials by default and base them on the master key
* Derive secret_key_base in test/dev, source it from credentials in other envs
And document the usage.
* Document the new credentials setup
* Stop generating the secrets.yml file now that we have credentials
* Document what we should have instead
Still need to make it happen, tho.
* [ci skip] Keep wording to `key base`; prefer defaults.
Usually we say we change defaults, not "spec" out a release.
Can't use backticks in our sdoc generated documentation either.
* Abstract away OpenSSL; prefer MessageEncryptor.
* Spare needless new when raising.
* Encrypted file test shouldn't depend on subclass.
* [ci skip] Some woordings.
* Ditch serializer future coding.
* I said flip it. Flip it good.
* [ci skip] Move require_master_key to the real production.rb.
* Add require_master_key to abort the boot process.
In case the master key is required in a certain environment
we should inspect that the key is there and abort if it isn't.
* Print missing key message and exit immediately.
Spares us a lengthy backtrace and prevents further execution.
I've verified the behavior in a test app, but couldn't figure the
test out as loading the app just exits immediately with:
```
/Users/kasperhansen/Documents/code/rails/activesupport/lib/active_support/testing/isolation.rb:23:in `load': marshal data too short (ArgumentError)
from /Users/kasperhansen/Documents/code/rails/activesupport/lib/active_support/testing/isolation.rb:23:in `run'
from /Users/kasperhansen/.rbenv/versions/2.4.1/lib/ruby/gems/2.4.0/gems/minitest-5.10.2/lib/minitest.rb:830:in `run_one_method'
from /Users/kasperhansen/.rbenv/versions/2.4.1/lib/ruby/gems/2.4.0/gems/minitest-5.10.2/lib/minitest/parallel.rb:32:in `block (2 levels) in start'
```
It's likely we need to capture and prevent the exit somehow.
Kernel.stub(:exit) didn't work. Leaving it for tomorrow.
* Fix require_master_key config test.
Loading the app would trigger the `exit 1` per require_master_key's
semantics, which then aborted the test.
Fork and wait for the child process to finish, then inspect the
exit status.
Also check we aborted because of a missing master key, so something
else didn't just abort the boot.
Much <3 to @tenderlove for the tip.
* Support reading/writing configs via methods.
* Skip needless deep symbolizing.
* Remove save; test config reader elsewhere.
* Move secret_key_base check to when we're reading it.
Otherwise we'll abort too soon since we don't assign the secret_key_base
to secrets anymore.
* Add missing string literal comments; require unneeded yaml require.
* ya ya ya, rubocop.
* Add master_key/credentials after bundle.
Then we can reuse the existing message on `rails new bc4`.
It'll look like:
```
Using web-console 3.5.1 from https://github.com/rails/web-console.git (at master@ce985eb)
Using rails 5.2.0.alpha from source at `/Users/kasperhansen/Documents/code/rails`
Using sass-rails 5.0.6
Bundle complete! 16 Gemfile dependencies, 72 gems now installed.
Use `bundle info [gemname]` to see where a bundled gem is installed.
Adding config/master.key to store the master encryption key: 97070158c44b4675b876373a6bc9d5a0
Save this in a password manager your team can access.
If you lose the key, no one, including you, can access anything encrypted with it.
create config/master.key
```
And that'll be executed even if `--skip-bundle` was passed.
* Ensure test app has secret_key_base.
* Assign secret_key_base to app or omit.
* Merge noise
* Split options for dynamic delegation into its own method and use deep symbols to make it work
* Update error to point to credentials instead
* Appease Rubocop
* Validate secret_key_base when reading it.
Instead of relying on the validation in key_generator move that into
secret_key_base itself.
* Fix generator and secrets test.
Manually add config.read_encrypted_secrets since it's not there by default
anymore.
Move mentions of config/secrets.yml to config/credentials.yml.enc.
* Remove files I have no idea how they got here.
* [ci skip] swap secrets for credentials.
* [ci skip] And now, changelogs are coming.
2017-09-11 18:21:20 +00:00
assert_nil app . credentials . secret_key_base
assert_kind_of ActiveSupport :: LegacyKeyGenerator , app . key_generator
2014-10-27 17:04:37 +00:00
end
2016-10-29 03:53:29 +00:00
test " that nested keys are symbolized the same as parents for hashes more than one level deep " do
app_file " config/secrets.yml " , <<-YAML
development :
smtp_settings :
address : " smtp.example.com "
user_name : " postmaster@example.com "
password : " 697361616320736c6f616e2028656c6f7265737429 "
YAML
app " development "
assert_equal " 697361616320736c6f616e2028656c6f7265737429 " , app . secrets . smtp_settings [ :password ]
end
Add credentials using a generic EncryptedConfiguration class (#30067)
* WIP: Add credentials using a generic EncryptedConfiguration class
This is sketch code so far.
* Flesh out EncryptedConfiguration and test it
* Better name
* Add command and generator for credentials
* Use the Pathnames
* Extract EncryptedFile from EncryptedConfiguration and add serializers
* Test EncryptedFile
* Extract serializer validation
* Stress the point about losing comments
* Allow encrypted configuration to be read without parsing for display
* Use credentials by default and base them on the master key
* Derive secret_key_base in test/dev, source it from credentials in other envs
And document the usage.
* Document the new credentials setup
* Stop generating the secrets.yml file now that we have credentials
* Document what we should have instead
Still need to make it happen, tho.
* [ci skip] Keep wording to `key base`; prefer defaults.
Usually we say we change defaults, not "spec" out a release.
Can't use backticks in our sdoc generated documentation either.
* Abstract away OpenSSL; prefer MessageEncryptor.
* Spare needless new when raising.
* Encrypted file test shouldn't depend on subclass.
* [ci skip] Some woordings.
* Ditch serializer future coding.
* I said flip it. Flip it good.
* [ci skip] Move require_master_key to the real production.rb.
* Add require_master_key to abort the boot process.
In case the master key is required in a certain environment
we should inspect that the key is there and abort if it isn't.
* Print missing key message and exit immediately.
Spares us a lengthy backtrace and prevents further execution.
I've verified the behavior in a test app, but couldn't figure the
test out as loading the app just exits immediately with:
```
/Users/kasperhansen/Documents/code/rails/activesupport/lib/active_support/testing/isolation.rb:23:in `load': marshal data too short (ArgumentError)
from /Users/kasperhansen/Documents/code/rails/activesupport/lib/active_support/testing/isolation.rb:23:in `run'
from /Users/kasperhansen/.rbenv/versions/2.4.1/lib/ruby/gems/2.4.0/gems/minitest-5.10.2/lib/minitest.rb:830:in `run_one_method'
from /Users/kasperhansen/.rbenv/versions/2.4.1/lib/ruby/gems/2.4.0/gems/minitest-5.10.2/lib/minitest/parallel.rb:32:in `block (2 levels) in start'
```
It's likely we need to capture and prevent the exit somehow.
Kernel.stub(:exit) didn't work. Leaving it for tomorrow.
* Fix require_master_key config test.
Loading the app would trigger the `exit 1` per require_master_key's
semantics, which then aborted the test.
Fork and wait for the child process to finish, then inspect the
exit status.
Also check we aborted because of a missing master key, so something
else didn't just abort the boot.
Much <3 to @tenderlove for the tip.
* Support reading/writing configs via methods.
* Skip needless deep symbolizing.
* Remove save; test config reader elsewhere.
* Move secret_key_base check to when we're reading it.
Otherwise we'll abort too soon since we don't assign the secret_key_base
to secrets anymore.
* Add missing string literal comments; require unneeded yaml require.
* ya ya ya, rubocop.
* Add master_key/credentials after bundle.
Then we can reuse the existing message on `rails new bc4`.
It'll look like:
```
Using web-console 3.5.1 from https://github.com/rails/web-console.git (at master@ce985eb)
Using rails 5.2.0.alpha from source at `/Users/kasperhansen/Documents/code/rails`
Using sass-rails 5.0.6
Bundle complete! 16 Gemfile dependencies, 72 gems now installed.
Use `bundle info [gemname]` to see where a bundled gem is installed.
Adding config/master.key to store the master encryption key: 97070158c44b4675b876373a6bc9d5a0
Save this in a password manager your team can access.
If you lose the key, no one, including you, can access anything encrypted with it.
create config/master.key
```
And that'll be executed even if `--skip-bundle` was passed.
* Ensure test app has secret_key_base.
* Assign secret_key_base to app or omit.
* Merge noise
* Split options for dynamic delegation into its own method and use deep symbols to make it work
* Update error to point to credentials instead
* Appease Rubocop
* Validate secret_key_base when reading it.
Instead of relying on the validation in key_generator move that into
secret_key_base itself.
* Fix generator and secrets test.
Manually add config.read_encrypted_secrets since it's not there by default
anymore.
Move mentions of config/secrets.yml to config/credentials.yml.enc.
* Remove files I have no idea how they got here.
* [ci skip] swap secrets for credentials.
* [ci skip] And now, changelogs are coming.
2017-09-11 18:21:20 +00:00
test " require_master_key aborts app boot when missing key " do
skip " can't run without fork " unless Process . respond_to? ( :fork )
remove_file " config/master.key "
add_to_config " config.require_master_key = true "
error = capture ( :stderr ) do
Process . wait ( Process . fork { app " development " } )
end
assert_equal 1 , $? . exitstatus
assert_match ( / Missing.*RAILS_MASTER_KEY / , error )
end
2017-12-05 12:41:19 +00:00
test " credentials does not raise error when require_master_key is false and master key does not exist " do
remove_file " config/master.key "
add_to_config " config.require_master_key = false "
app " development "
assert_not app . credentials . secret_key_base
end
2010-03-19 18:09:41 +00:00
test " protect from forgery is the default in a new app " do
2010-03-26 23:58:55 +00:00
make_basic_app
2010-03-19 18:09:41 +00:00
2010-03-26 23:58:55 +00:00
class :: OmgController < ActionController :: Base
def index
2012-10-14 10:03:39 +00:00
render inline : " <%= csrf_meta_tags %> "
2010-03-19 18:09:41 +00:00
end
end
get " / "
assert last_response . body =~ / csrf \ -param /
end
2010-04-13 23:15:18 +00:00
2014-12-01 16:23:00 +00:00
test " default form builder specified as a string " do
2016-08-06 17:16:09 +00:00
app_file " config/initializers/form_builder.rb " , <<-RUBY
2014-12-01 16:23:00 +00:00
class CustomFormBuilder < ActionView :: Helpers :: FormBuilder
def text_field ( attribute , * args )
label ( attribute ) + super ( attribute , * args )
end
end
Rails . configuration . action_view . default_form_builder = " CustomFormBuilder "
RUBY
2016-08-06 17:16:09 +00:00
app_file " app/models/post.rb " , <<-RUBY
2014-12-01 16:23:00 +00:00
class Post
include ActiveModel :: Model
attr_accessor :name
end
RUBY
2016-08-06 17:16:09 +00:00
app_file " app/controllers/posts_controller.rb " , <<-RUBY
2014-12-01 16:23:00 +00:00
class PostsController < ApplicationController
def index
render inline : " <%= begin; form_for(Post.new) {|f| f.text_field(:name)}; rescue => e; e.to_s; end %> "
end
end
RUBY
add_to_config <<-RUBY
routes . prepend do
resources :posts
end
RUBY
2016-08-06 17:16:09 +00:00
app " development "
2014-12-01 16:23:00 +00:00
get " /posts "
assert_match ( / label / , last_response . body )
end
2017-06-13 14:54:35 +00:00
test " form_with can be configured with form_with_generates_ids " do
app_file " config/initializers/form_builder.rb " , <<-RUBY
Rails . configuration . action_view . form_with_generates_ids = false
RUBY
app_file " app/models/post.rb " , <<-RUBY
class Post
include ActiveModel :: Model
attr_accessor :name
end
RUBY
app_file " app/controllers/posts_controller.rb " , <<-RUBY
class PostsController < ApplicationController
def index
render inline : " <%= begin; form_with(model: Post.new) {|f| f.text_field(:name)}; rescue => e; e.to_s; end %> "
end
end
RUBY
add_to_config <<-RUBY
routes . prepend do
resources :posts
end
RUBY
app " development "
get " /posts "
assert_no_match ( / id=('|")post_name('|") / , last_response . body )
end
test " form_with outputs ids by default " do
app_file " app/models/post.rb " , <<-RUBY
class Post
include ActiveModel :: Model
attr_accessor :name
end
RUBY
app_file " app/controllers/posts_controller.rb " , <<-RUBY
class PostsController < ApplicationController
def index
render inline : " <%= begin; form_with(model: Post.new) {|f| f.text_field(:name)}; rescue => e; e.to_s; end %> "
end
end
RUBY
add_to_config <<-RUBY
routes . prepend do
resources :posts
end
RUBY
app " development "
get " /posts "
assert_match ( / id=('|")post_name('|") / , last_response . body )
end
2017-04-21 16:23:49 +00:00
test " form_with can be configured with form_with_generates_remote_forms " do
app_file " config/initializers/form_builder.rb " , <<-RUBY
Rails . configuration . action_view . form_with_generates_remote_forms = false
RUBY
app_file " app/models/post.rb " , <<-RUBY
class Post
include ActiveModel :: Model
attr_accessor :name
end
RUBY
app_file " app/controllers/posts_controller.rb " , <<-RUBY
class PostsController < ApplicationController
def index
render inline : " <%= begin; form_with(model: Post.new) {|f| f.text_field(:name)}; rescue => e; e.to_s; end %> "
end
end
RUBY
add_to_config <<-RUBY
routes . prepend do
resources :posts
end
RUBY
app " development "
get " /posts "
assert_no_match ( / data-remote / , last_response . body )
end
2017-04-22 03:27:25 +00:00
test " form_with generates remote forms by default " do
app_file " app/models/post.rb " , <<-RUBY
class Post
include ActiveModel :: Model
attr_accessor :name
end
RUBY
app_file " app/controllers/posts_controller.rb " , <<-RUBY
class PostsController < ApplicationController
def index
render inline : " <%= begin; form_with(model: Post.new) {|f| f.text_field(:name)}; rescue => e; e.to_s; end %> "
end
end
RUBY
add_to_config <<-RUBY
routes . prepend do
resources :posts
end
RUBY
app " development "
get " /posts "
assert_match ( / data-remote / , last_response . body )
end
2011-05-06 21:03:55 +00:00
test " default method for update can be changed " do
2016-08-06 17:16:09 +00:00
app_file " app/models/post.rb " , <<-RUBY
2011-05-06 21:03:55 +00:00
class Post
2014-05-13 00:03:58 +00:00
include ActiveModel :: Model
2011-05-06 21:03:55 +00:00
def to_key ; [ 1 ] ; end
def persisted? ; true ; end
end
RUBY
2014-07-08 01:46:39 +00:00
token = " cf50faa3fe97702ca1ae "
2016-08-06 17:16:09 +00:00
app_file " app/controllers/posts_controller.rb " , <<-RUBY
2011-05-06 21:03:55 +00:00
class PostsController < ApplicationController
def show
2012-10-14 10:03:39 +00:00
render inline : " <%= begin; form_for(Post.new) {}; rescue => e; e.to_s; end %> "
2011-05-06 21:03:55 +00:00
end
def update
2016-05-21 12:49:38 +00:00
render plain : " update "
2011-05-06 21:03:55 +00:00
end
2014-07-08 01:46:39 +00:00
private
2016-05-04 16:22:23 +00:00
def form_authenticity_token ( * args ) ; token ; end # stub the authenticity token
2011-05-06 21:03:55 +00:00
end
RUBY
add_to_config <<-RUBY
routes . prepend do
resources :posts
end
RUBY
2016-08-06 17:16:09 +00:00
app " development "
2011-05-06 21:03:55 +00:00
2015-09-27 21:34:13 +00:00
params = { authenticity_token : token }
2012-03-09 16:33:06 +00:00
2011-05-06 21:03:55 +00:00
get " /posts/1 "
2012-05-30 09:08:56 +00:00
assert_match ( / patch / , last_response . body )
2011-05-06 21:03:55 +00:00
2012-03-09 16:33:06 +00:00
patch " /posts/1 " , params
2012-05-30 09:08:56 +00:00
assert_match ( / update / , last_response . body )
2011-05-06 21:03:55 +00:00
2012-03-09 16:33:06 +00:00
patch " /posts/1 " , params
2012-02-25 04:07:58 +00:00
assert_equal 200 , last_response . status
2012-03-09 16:33:06 +00:00
put " /posts/1 " , params
2012-05-30 09:08:56 +00:00
assert_match ( / update / , last_response . body )
2012-02-25 04:07:58 +00:00
2012-03-09 16:33:06 +00:00
put " /posts/1 " , params
2012-02-25 04:07:58 +00:00
assert_equal 200 , last_response . status
2011-05-06 21:03:55 +00:00
end
2011-05-09 23:17:38 +00:00
test " request forgery token param can be changed " do
2015-01-03 20:17:47 +00:00
make_basic_app do | application |
2016-08-06 17:16:09 +00:00
application . config . action_controller . request_forgery_protection_token = " _xsrf_token_here "
2011-05-09 23:17:38 +00:00
end
class :: OmgController < ActionController :: Base
def index
2012-10-14 10:03:39 +00:00
render inline : " <%= csrf_meta_tags %> "
2011-05-09 23:17:38 +00:00
end
end
get " / "
2014-07-30 22:52:51 +00:00
assert_match " _xsrf_token_here " , last_response . body
2011-05-09 23:17:38 +00:00
end
2011-12-23 16:56:49 +00:00
test " sets ActionDispatch.test_app " do
make_basic_app
assert_equal Rails . application , ActionDispatch . test_app
end
2012-01-17 10:56:50 +00:00
test " sets ActionDispatch::Response.default_charset " do
2015-01-03 20:17:47 +00:00
make_basic_app do | application |
application . config . action_dispatch . default_charset = " utf-16 "
2012-01-17 10:56:50 +00:00
end
assert_equal " utf-16 " , ActionDispatch :: Response . default_charset
end
2011-04-02 08:51:47 +00:00
test " registers interceptors with ActionMailer " do
add_to_config <<-RUBY
config . action_mailer . interceptors = MyMailInterceptor
RUBY
2016-08-06 17:16:09 +00:00
app " development "
2011-04-02 08:51:47 +00:00
2015-09-27 21:34:13 +00:00
require " mail "
2011-09-30 08:42:43 +00:00
_ = ActionMailer :: Base
2011-04-02 08:51:47 +00:00
2016-07-10 07:39:16 +00:00
assert_equal [ :: MyMailInterceptor ] , :: Mail . class_variable_get ( :@@delivery_interceptors )
2011-04-02 08:51:47 +00:00
end
test " registers multiple interceptors with ActionMailer " do
add_to_config <<-RUBY
config . action_mailer . interceptors = [ MyMailInterceptor , " MyOtherMailInterceptor " ]
RUBY
2016-08-06 17:16:09 +00:00
app " development "
2011-04-02 08:51:47 +00:00
2015-09-27 21:34:13 +00:00
require " mail "
2011-09-30 08:42:43 +00:00
_ = ActionMailer :: Base
2011-04-02 08:51:47 +00:00
2016-07-10 07:39:16 +00:00
assert_equal [ :: MyMailInterceptor , :: MyOtherMailInterceptor ] , :: Mail . class_variable_get ( :@@delivery_interceptors )
2011-04-02 08:51:47 +00:00
end
2014-06-15 12:13:34 +00:00
test " registers preview interceptors with ActionMailer " do
add_to_config <<-RUBY
config . action_mailer . preview_interceptors = MyPreviewMailInterceptor
RUBY
2016-08-06 17:16:09 +00:00
app " development "
2014-06-15 12:13:34 +00:00
2015-09-27 21:34:13 +00:00
require " mail "
2014-06-15 12:13:34 +00:00
_ = ActionMailer :: Base
2015-05-04 18:46:51 +00:00
assert_equal [ ActionMailer :: InlinePreviewInterceptor , :: MyPreviewMailInterceptor ] , ActionMailer :: Base . preview_interceptors
2014-06-15 12:13:34 +00:00
end
test " registers multiple preview interceptors with ActionMailer " do
add_to_config <<-RUBY
config . action_mailer . preview_interceptors = [ MyPreviewMailInterceptor , " MyOtherPreviewMailInterceptor " ]
RUBY
2016-08-06 17:16:09 +00:00
app " development "
2014-06-15 12:13:34 +00:00
2015-09-27 21:34:13 +00:00
require " mail "
2014-06-15 12:13:34 +00:00
_ = ActionMailer :: Base
2015-05-04 18:46:51 +00:00
assert_equal [ ActionMailer :: InlinePreviewInterceptor , MyPreviewMailInterceptor , MyOtherPreviewMailInterceptor ] , ActionMailer :: Base . preview_interceptors
end
test " default preview interceptor can be removed " do
2016-08-06 17:16:09 +00:00
app_file " config/initializers/preview_interceptors.rb " , <<-RUBY
2015-05-04 18:46:51 +00:00
ActionMailer :: Base . preview_interceptors . delete ( ActionMailer :: InlinePreviewInterceptor )
RUBY
2016-08-06 17:16:09 +00:00
app " development "
2015-05-04 18:46:51 +00:00
2015-09-27 21:34:13 +00:00
require " mail "
2015-05-04 18:46:51 +00:00
_ = ActionMailer :: Base
assert_equal [ ] , ActionMailer :: Base . preview_interceptors
2014-06-15 12:13:34 +00:00
end
2011-04-02 08:51:47 +00:00
test " registers observers with ActionMailer " do
add_to_config <<-RUBY
config . action_mailer . observers = MyMailObserver
RUBY
2016-08-06 17:16:09 +00:00
app " development "
2011-04-02 08:51:47 +00:00
2015-09-27 21:34:13 +00:00
require " mail "
2011-09-30 08:42:43 +00:00
_ = ActionMailer :: Base
2011-04-02 08:51:47 +00:00
2016-07-10 07:39:16 +00:00
assert_equal [ :: MyMailObserver ] , :: Mail . class_variable_get ( :@@delivery_notification_observers )
2011-04-02 08:51:47 +00:00
end
test " registers multiple observers with ActionMailer " do
add_to_config <<-RUBY
config . action_mailer . observers = [ MyMailObserver , " MyOtherMailObserver " ]
RUBY
2016-08-06 17:16:09 +00:00
app " development "
2011-04-02 08:51:47 +00:00
2015-09-27 21:34:13 +00:00
require " mail "
2011-09-30 08:42:43 +00:00
_ = ActionMailer :: Base
2011-04-02 08:51:47 +00:00
2016-07-10 07:39:16 +00:00
assert_equal [ :: MyMailObserver , :: MyOtherMailObserver ] , :: Mail . class_variable_get ( :@@delivery_notification_observers )
2011-04-02 08:51:47 +00:00
end
2015-01-18 22:34:01 +00:00
test " allows setting the queue name for the ActionMailer::DeliveryJob " do
add_to_config <<-RUBY
config . action_mailer . deliver_later_queue_name = 'test_default'
RUBY
2016-08-06 17:16:09 +00:00
app " development "
2015-01-18 22:34:01 +00:00
2015-09-27 21:34:13 +00:00
require " mail "
2015-01-18 22:34:01 +00:00
_ = ActionMailer :: Base
2016-08-06 17:16:09 +00:00
assert_equal " test_default " , ActionMailer :: Base . class_variable_get ( :@@deliver_later_queue_name )
2015-01-18 22:34:01 +00:00
end
2011-04-04 22:33:29 +00:00
test " valid timezone is setup correctly " do
add_to_config <<-RUBY
config . root = " #{ app_path } "
2014-04-14 21:51:34 +00:00
config . time_zone = " Wellington "
2011-04-04 22:33:29 +00:00
RUBY
2016-08-06 17:16:09 +00:00
app " development "
2011-04-04 22:33:29 +00:00
2013-01-22 11:29:20 +00:00
assert_equal " Wellington " , Rails . application . config . time_zone
2011-04-04 22:33:29 +00:00
end
test " raises when an invalid timezone is defined in the config " do
add_to_config <<-RUBY
config . root = " #{ app_path } "
2014-04-14 21:51:34 +00:00
config . time_zone = " That big hill over yonder hill "
2011-04-04 22:33:29 +00:00
RUBY
assert_raise ( ArgumentError ) do
2016-08-06 17:16:09 +00:00
app " development "
2011-04-04 22:33:29 +00:00
end
end
2012-09-18 14:18:19 +00:00
test " valid beginning of week is setup correctly " do
add_to_config <<-RUBY
config . root = " #{ app_path } "
2014-04-14 21:51:34 +00:00
config . beginning_of_week = :wednesday
2012-09-18 14:18:19 +00:00
RUBY
2016-08-06 17:16:09 +00:00
app " development "
2012-09-18 14:18:19 +00:00
assert_equal :wednesday , Rails . application . config . beginning_of_week
end
test " raises when an invalid beginning of week is defined in the config " do
add_to_config <<-RUBY
config . root = " #{ app_path } "
2014-04-14 21:51:34 +00:00
config . beginning_of_week = :invalid
2012-09-18 14:18:19 +00:00
RUBY
assert_raise ( ArgumentError ) do
2016-08-06 17:16:09 +00:00
app " development "
2012-09-18 14:18:19 +00:00
end
end
2010-12-16 20:37:48 +00:00
test " config.action_view.cache_template_loading with cache_classes default " do
add_to_config " config.cache_classes = true "
2015-09-27 21:34:13 +00:00
2016-08-06 17:16:09 +00:00
app " development "
require " action_view/base "
2010-12-16 20:37:48 +00:00
2013-12-05 18:29:59 +00:00
assert_equal true , ActionView :: Resolver . caching?
2010-12-16 20:37:48 +00:00
end
test " config.action_view.cache_template_loading without cache_classes default " do
add_to_config " config.cache_classes = false "
2015-09-27 21:34:13 +00:00
2016-08-06 17:16:09 +00:00
app " development "
require " action_view/base "
2010-12-16 20:37:48 +00:00
2013-12-05 18:29:59 +00:00
assert_equal false , ActionView :: Resolver . caching?
2010-12-16 20:37:48 +00:00
end
test " config.action_view.cache_template_loading = false " do
add_to_config <<-RUBY
config . cache_classes = true
config . action_view . cache_template_loading = false
RUBY
2015-09-27 21:34:13 +00:00
2016-08-06 17:16:09 +00:00
app " development "
require " action_view/base "
2010-12-16 20:37:48 +00:00
2013-12-05 18:29:59 +00:00
assert_equal false , ActionView :: Resolver . caching?
2010-12-16 20:37:48 +00:00
end
test " config.action_view.cache_template_loading = true " do
add_to_config <<-RUBY
config . cache_classes = false
config . action_view . cache_template_loading = true
RUBY
2015-09-27 21:34:13 +00:00
2016-08-06 17:16:09 +00:00
app " development "
require " action_view/base "
2010-12-16 20:37:48 +00:00
2013-12-05 18:29:59 +00:00
assert_equal true , ActionView :: Resolver . caching?
2010-12-16 20:37:48 +00:00
end
2011-02-22 19:25:38 +00:00
2013-12-05 18:25:30 +00:00
test " config.action_view.cache_template_loading with cache_classes in an environment " do
build_app ( initializers : true )
add_to_env_config " development " , " config.cache_classes = false "
# These requires are to emulate an engine loading Action View before the application
2016-08-06 17:16:09 +00:00
require " action_view "
require " action_view/railtie "
require " action_view/base "
2013-12-05 18:25:30 +00:00
2016-08-06 17:16:09 +00:00
app " development "
2013-12-05 18:25:30 +00:00
assert_equal false , ActionView :: Resolver . caching?
end
2011-02-22 19:25:38 +00:00
test " config.action_dispatch.show_exceptions is sent in env " do
2015-01-03 20:17:47 +00:00
make_basic_app do | application |
application . config . action_dispatch . show_exceptions = true
2011-02-22 19:25:38 +00:00
end
class :: OmgController < ActionController :: Base
def index
2017-01-04 03:36:36 +00:00
render plain : request . env [ " action_dispatch.show_exceptions " ]
2011-02-22 19:25:38 +00:00
end
end
get " / "
2016-08-06 17:16:09 +00:00
assert_equal " true " , last_response . body
2011-02-22 19:25:38 +00:00
end
2011-04-28 08:56:11 +00:00
test " config.action_controller.wrap_parameters is set in ActionController::Base " do
2016-08-06 17:16:09 +00:00
app_file " config/initializers/wrap_parameters.rb " , <<-RUBY
2012-10-14 10:03:39 +00:00
ActionController :: Base . wrap_parameters format : [ :json ]
2011-04-28 08:56:11 +00:00
RUBY
2011-05-06 05:11:06 +00:00
2016-08-06 17:16:09 +00:00
app_file " app/models/post.rb " , <<-RUBY
2011-05-06 05:11:06 +00:00
class Post
2011-05-17 12:32:14 +00:00
def self . attribute_names
2011-05-06 05:11:06 +00:00
%w( title )
end
end
RUBY
2016-08-06 17:16:09 +00:00
app_file " app/controllers/application_controller.rb " , <<-RUBY
2012-03-09 16:33:06 +00:00
class ApplicationController < ActionController :: Base
2012-06-23 10:42:00 +00:00
protect_from_forgery with : :reset_session # as we are testing API here
2012-03-09 16:33:06 +00:00
end
RUBY
2016-08-06 17:16:09 +00:00
app_file " app/controllers/posts_controller.rb " , <<-RUBY
2011-05-06 05:11:06 +00:00
class PostsController < ApplicationController
2011-10-27 06:16:59 +00:00
def create
2016-05-21 12:49:38 +00:00
render plain : params [ :post ] . inspect
2011-05-06 05:11:06 +00:00
end
end
RUBY
add_to_config <<-RUBY
2011-12-21 21:54:39 +00:00
routes . prepend do
2011-05-06 05:11:06 +00:00
resources :posts
end
RUBY
2016-08-06 17:16:09 +00:00
app " development "
2011-04-28 08:56:11 +00:00
2011-05-06 05:11:06 +00:00
post " /posts.json " , '{ "title": "foo", "name": "bar" }' , " CONTENT_TYPE " = > " application/json "
2016-02-24 07:18:39 +00:00
assert_equal '<ActionController::Parameters {"title"=>"foo"} permitted: false>' , last_response . body
2011-04-28 08:56:11 +00:00
end
2011-05-02 21:38:39 +00:00
2012-08-30 21:36:59 +00:00
test " config.action_controller.permit_all_parameters = true " do
2016-08-06 17:16:09 +00:00
app_file " app/controllers/posts_controller.rb " , <<-RUBY
2012-08-30 21:36:59 +00:00
class PostsController < ActionController :: Base
def create
2016-05-21 12:49:38 +00:00
render plain : params [ :post ] . permitted? ? " permitted " : " forbidden "
2012-08-30 21:36:59 +00:00
end
end
RUBY
add_to_config <<-RUBY
routes . prepend do
resources :posts
end
config . action_controller . permit_all_parameters = true
RUBY
2016-08-06 17:16:09 +00:00
app " development "
2012-08-30 21:36:59 +00:00
2016-10-29 03:05:58 +00:00
post " /posts " , post : { " title " = > " zomg " }
2016-08-06 17:16:09 +00:00
assert_equal " permitted " , last_response . body
2012-08-30 21:36:59 +00:00
end
2013-01-19 17:32:27 +00:00
test " config.action_controller.action_on_unpermitted_parameters = :raise " do
2016-08-06 17:16:09 +00:00
app_file " app/controllers/posts_controller.rb " , <<-RUBY
2013-01-19 17:32:27 +00:00
class PostsController < ActionController :: Base
def create
2016-05-21 12:49:38 +00:00
render plain : params . require ( :post ) . permit ( :name )
2013-01-19 17:32:27 +00:00
end
end
RUBY
add_to_config <<-RUBY
routes . prepend do
resources :posts
end
config . action_controller . action_on_unpermitted_parameters = :raise
RUBY
2016-08-06 17:16:09 +00:00
app " development "
2013-01-19 17:32:27 +00:00
2017-07-17 19:37:03 +00:00
force_lazy_load_hooks { ActionController :: Base }
2017-08-15 21:22:30 +00:00
force_lazy_load_hooks { ActionController :: API }
2017-07-05 16:20:31 +00:00
2013-01-19 17:32:27 +00:00
assert_equal :raise , ActionController :: Parameters . action_on_unpermitted_parameters
2016-10-29 03:05:58 +00:00
post " /posts " , post : { " title " = > " zomg " }
2013-01-19 17:32:27 +00:00
assert_match " We're sorry, but something went wrong " , last_response . body
end
2014-06-27 06:01:30 +00:00
test " config.action_controller.always_permitted_parameters are: controller, action by default " do
2016-08-06 17:16:09 +00:00
app " development "
2017-07-04 21:13:29 +00:00
2017-07-17 19:37:03 +00:00
force_lazy_load_hooks { ActionController :: Base }
2017-08-15 21:22:30 +00:00
force_lazy_load_hooks { ActionController :: API }
2017-07-05 16:24:09 +00:00
2014-06-27 06:01:30 +00:00
assert_equal %w( controller action ) , ActionController :: Parameters . always_permitted_parameters
end
test " config.action_controller.always_permitted_parameters = ['controller', 'action', 'format'] " do
add_to_config <<-RUBY
config . action_controller . always_permitted_parameters = %w( controller action format )
RUBY
2015-09-27 21:34:13 +00:00
2016-08-06 17:16:09 +00:00
app " development "
2015-09-27 21:34:13 +00:00
2017-07-17 19:37:03 +00:00
force_lazy_load_hooks { ActionController :: Base }
2017-08-15 21:22:30 +00:00
force_lazy_load_hooks { ActionController :: API }
2017-07-05 16:20:31 +00:00
2014-06-27 06:01:30 +00:00
assert_equal %w( controller action format ) , ActionController :: Parameters . always_permitted_parameters
end
2016-07-07 20:21:46 +00:00
test " config.action_controller.always_permitted_parameters = ['controller','action','format'] does not raise exception " do
2016-08-06 17:16:09 +00:00
app_file " app/controllers/posts_controller.rb " , <<-RUBY
2014-06-27 20:08:40 +00:00
class PostsController < ActionController :: Base
def create
2016-05-21 12:49:38 +00:00
render plain : params . permit ( post : [ :title ] )
2014-06-27 20:08:40 +00:00
end
end
RUBY
add_to_config <<-RUBY
routes . prepend do
resources :posts
end
config . action_controller . always_permitted_parameters = %w( controller action format )
config . action_controller . action_on_unpermitted_parameters = :raise
RUBY
2016-08-06 17:16:09 +00:00
app " development "
2014-06-27 20:08:40 +00:00
2017-07-17 19:37:03 +00:00
force_lazy_load_hooks { ActionController :: Base }
2017-08-15 21:22:30 +00:00
force_lazy_load_hooks { ActionController :: API }
2017-07-05 16:20:31 +00:00
2014-06-27 20:08:40 +00:00
assert_equal :raise , ActionController :: Parameters . action_on_unpermitted_parameters
2016-10-29 03:05:58 +00:00
post " /posts " , post : { " title " = > " zomg " } , format : " json "
2014-06-27 20:08:40 +00:00
assert_equal 200 , last_response . status
end
2016-10-18 22:59:21 +00:00
test " config.action_controller.action_on_unpermitted_parameters is :log by default in development " do
2016-08-06 17:16:09 +00:00
app " development "
2013-01-19 17:32:27 +00:00
2017-07-17 19:37:03 +00:00
force_lazy_load_hooks { ActionController :: Base }
2017-08-15 21:22:30 +00:00
force_lazy_load_hooks { ActionController :: API }
2017-07-05 16:20:31 +00:00
2013-01-19 17:32:27 +00:00
assert_equal :log , ActionController :: Parameters . action_on_unpermitted_parameters
end
2016-10-18 22:59:21 +00:00
test " config.action_controller.action_on_unpermitted_parameters is :log by default in test " do
2016-08-06 17:16:09 +00:00
app " test "
2013-01-19 17:32:27 +00:00
2017-07-17 19:37:03 +00:00
force_lazy_load_hooks { ActionController :: Base }
2017-08-15 21:22:30 +00:00
force_lazy_load_hooks { ActionController :: API }
2017-07-05 16:20:31 +00:00
2013-01-19 17:32:27 +00:00
assert_equal :log , ActionController :: Parameters . action_on_unpermitted_parameters
end
2016-10-18 22:59:21 +00:00
test " config.action_controller.action_on_unpermitted_parameters is false by default in production " do
2016-08-06 17:16:09 +00:00
app " production "
2013-01-19 17:32:27 +00:00
2017-07-17 19:37:03 +00:00
force_lazy_load_hooks { ActionController :: Base }
2017-08-15 21:22:30 +00:00
force_lazy_load_hooks { ActionController :: API }
2017-07-05 16:20:31 +00:00
2013-01-19 17:32:27 +00:00
assert_equal false , ActionController :: Parameters . action_on_unpermitted_parameters
end
2017-07-10 15:12:45 +00:00
test " config.action_controller.default_protect_from_forgery is true by default " do
app " development "
assert_equal true , ActionController :: Base . default_protect_from_forgery
assert_includes ActionController :: Base . __callbacks [ :process_action ] . map ( & :filter ) , :verify_authenticity_token
end
2017-07-04 21:13:29 +00:00
test " config.action_controller.permit_all_parameters can be configured in an initializer " do
app_file " config/initializers/permit_all_parameters.rb " , <<-RUBY
Rails . application . config . action_controller . permit_all_parameters = true
RUBY
app " development "
2017-07-17 19:37:03 +00:00
force_lazy_load_hooks { ActionController :: Base }
2017-08-15 21:22:30 +00:00
force_lazy_load_hooks { ActionController :: API }
2017-07-04 21:13:29 +00:00
assert_equal true , ActionController :: Parameters . permit_all_parameters
end
test " config.action_controller.always_permitted_parameters can be configured in an initializer " do
app_file " config/initializers/always_permitted_parameters.rb " , <<-RUBY
Rails . application . config . action_controller . always_permitted_parameters = [ ]
RUBY
app " development "
2017-07-17 19:37:03 +00:00
force_lazy_load_hooks { ActionController :: Base }
2017-08-15 21:22:30 +00:00
force_lazy_load_hooks { ActionController :: API }
2017-07-04 21:13:29 +00:00
assert_equal [ ] , ActionController :: Parameters . always_permitted_parameters
end
test " config.action_controller.action_on_unpermitted_parameters can be configured in an initializer " do
app_file " config/initializers/action_on_unpermitted_parameters.rb " , <<-RUBY
Rails . application . config . action_controller . action_on_unpermitted_parameters = :raise
RUBY
app " development "
2017-07-17 19:37:03 +00:00
force_lazy_load_hooks { ActionController :: Base }
2017-08-15 21:22:30 +00:00
force_lazy_load_hooks { ActionController :: API }
2017-07-04 21:13:29 +00:00
assert_equal :raise , ActionController :: Parameters . action_on_unpermitted_parameters
end
2011-05-02 21:38:39 +00:00
test " config.action_dispatch.ignore_accept_header " do
2015-01-03 20:17:47 +00:00
make_basic_app do | application |
application . config . action_dispatch . ignore_accept_header = true
2011-05-02 21:38:39 +00:00
end
class :: OmgController < ActionController :: Base
def index
respond_to do | format |
2016-05-21 12:49:38 +00:00
format . html { render plain : " HTML " }
format . xml { render plain : " XML " }
2011-05-02 21:38:39 +00:00
end
end
end
2017-08-12 11:31:46 +00:00
get " / " , { } , { " HTTP_ACCEPT " = > " application/xml " }
2016-08-06 17:16:09 +00:00
assert_equal " HTML " , last_response . body
2011-05-02 21:38:39 +00:00
2017-08-12 11:31:46 +00:00
get " / " , { format : :xml } , { " HTTP_ACCEPT " = > " application/xml " }
2016-08-06 17:16:09 +00:00
assert_equal " XML " , last_response . body
2011-05-02 21:38:39 +00:00
end
2011-07-11 09:05:26 +00:00
2018-04-20 11:56:55 +00:00
test " Rails.application # env_config exists and includes some existing parameters " do
2011-07-11 09:05:26 +00:00
make_basic_app
2018-01-25 23:57:25 +00:00
assert_equal app . env_config [ " action_dispatch.parameter_filter " ] , app . config . filter_parameters
assert_equal app . env_config [ " action_dispatch.show_exceptions " ] , app . config . action_dispatch . show_exceptions
assert_equal app . env_config [ " action_dispatch.logger " ] , Rails . logger
assert_equal app . env_config [ " action_dispatch.backtrace_cleaner " ] , Rails . backtrace_cleaner
assert_equal app . env_config [ " action_dispatch.key_generator " ] , Rails . application . key_generator
2011-07-11 09:05:26 +00:00
end
2012-01-27 14:01:14 +00:00
2012-01-27 18:02:33 +00:00
test " config.colorize_logging default is true " do
2012-01-27 14:01:14 +00:00
make_basic_app
assert app . config . colorize_logging
end
2012-06-15 17:04:13 +00:00
2012-08-24 21:02:27 +00:00
test " config.session_store with :active_record_store with activerecord-session_store gem " do
begin
2015-01-03 20:17:47 +00:00
make_basic_app do | application |
2012-08-24 21:02:27 +00:00
ActionDispatch :: Session :: ActiveRecordStore = Class . new ( ActionDispatch :: Session :: CookieStore )
2015-01-03 20:17:47 +00:00
application . config . session_store :active_record_store
2012-08-24 21:02:27 +00:00
end
ensure
ActionDispatch :: Session . send :remove_const , :ActiveRecordStore
end
end
test " config.session_store with :active_record_store without activerecord-session_store gem " do
2017-01-25 00:46:29 +00:00
e = assert_raise RuntimeError do
2015-01-03 20:17:47 +00:00
make_basic_app do | application |
application . config . session_store :active_record_store
2012-08-24 21:02:27 +00:00
end
end
2017-01-25 00:46:29 +00:00
assert_match ( / activerecord-session_store / , e . message )
2012-08-24 21:02:27 +00:00
end
2013-07-30 15:25:00 +00:00
2016-07-17 14:08:54 +00:00
test " default session store initializer does not overwrite the user defined session store even if it is disabled " do
make_basic_app do | application |
application . config . session_store :disabled
end
2016-12-24 17:29:52 +00:00
assert_nil app . config . session_store
2016-07-17 14:08:54 +00:00
end
test " default session store initializer sets session store to cookie store " do
session_options = { key : " _myapp_session " , cookie_only : true }
make_basic_app
assert_equal ActionDispatch :: Session :: CookieStore , app . config . session_store
assert_equal session_options , app . config . session_options
end
2014-02-21 14:50:19 +00:00
test " config.log_level with custom logger " do
2015-01-03 20:17:47 +00:00
make_basic_app do | application |
application . config . logger = Logger . new ( STDOUT )
application . config . log_level = :info
2013-07-30 15:25:00 +00:00
end
assert_equal Logger :: INFO , Rails . logger . level
end
2013-08-16 15:22:08 +00:00
test " respond_to? accepts include_private " do
make_basic_app
2018-01-25 02:14:10 +00:00
assert_not_respond_to Rails . configuration , :method_missing
2013-08-16 15:22:08 +00:00
assert Rails . configuration . respond_to? ( :method_missing , true )
end
2014-02-05 07:32:38 +00:00
test " config.active_record.dump_schema_after_migration is false on production " do
build_app
2016-08-06 17:16:09 +00:00
app " production "
2014-02-05 07:32:38 +00:00
assert_not ActiveRecord :: Base . dump_schema_after_migration
end
2016-10-18 22:59:21 +00:00
test " config.active_record.dump_schema_after_migration is true by default in development " do
2016-08-06 17:16:09 +00:00
app " development "
2014-02-05 07:32:38 +00:00
assert ActiveRecord :: Base . dump_schema_after_migration
end
2014-03-16 19:57:21 +00:00
2016-10-18 22:59:21 +00:00
test " config.active_record.verbose_query_logs is false by default in development " do
app " development "
assert_not ActiveRecord :: Base . verbose_query_logs
end
2014-03-16 19:57:21 +00:00
test " config.annotations wrapping SourceAnnotationExtractor::Annotation class " do
2015-01-03 20:17:47 +00:00
make_basic_app do | application |
application . config . annotations . register_extensions ( " coffee " ) do | tag |
2014-03-16 19:57:21 +00:00
/ # \ s*( #{ tag } ):? \ s*(.*)$ /
end
end
2018-02-20 03:40:58 +00:00
assert_not_nil Rails :: SourceAnnotationExtractor :: Annotation . extensions [ / \ .(coffee)$ / ]
2014-03-16 19:57:21 +00:00
end
2014-04-14 21:56:59 +00:00
test " rake_tasks block works at instance level " do
app_file " config/environments/development.rb " , <<-RUBY
Rails . application . configure do
2014-07-30 22:49:20 +00:00
config . ran_block = false
2014-04-14 21:56:59 +00:00
rake_tasks do
2014-07-30 22:49:20 +00:00
config . ran_block = true
2014-04-14 21:56:59 +00:00
end
end
RUBY
2016-08-06 17:16:09 +00:00
app " development "
2014-07-30 22:49:20 +00:00
assert_not Rails . configuration . ran_block
2014-04-14 21:56:59 +00:00
2016-08-06 17:16:09 +00:00
require " rake "
require " rake/testtask "
require " rdoc/task "
2014-04-14 21:56:59 +00:00
Rails . application . load_tasks
2014-07-30 22:49:20 +00:00
assert Rails . configuration . ran_block
2014-04-14 21:56:59 +00:00
end
test " generators block works at instance level " do
app_file " config/environments/development.rb " , <<-RUBY
Rails . application . configure do
2014-07-30 22:49:20 +00:00
config . ran_block = false
2014-04-14 21:56:59 +00:00
generators do
2014-07-30 22:49:20 +00:00
config . ran_block = true
2014-04-14 21:56:59 +00:00
end
end
RUBY
2016-08-06 17:16:09 +00:00
app " development "
2014-07-30 22:49:20 +00:00
assert_not Rails . configuration . ran_block
2014-04-14 21:56:59 +00:00
Rails . application . load_generators
2014-07-30 22:49:20 +00:00
assert Rails . configuration . ran_block
2014-04-14 21:56:59 +00:00
end
test " console block works at instance level " do
app_file " config/environments/development.rb " , <<-RUBY
Rails . application . configure do
2014-07-30 22:49:20 +00:00
config . ran_block = false
2014-04-14 21:56:59 +00:00
console do
2014-07-30 22:49:20 +00:00
config . ran_block = true
2014-04-14 21:56:59 +00:00
end
end
RUBY
2016-08-06 17:16:09 +00:00
app " development "
2014-07-30 22:49:20 +00:00
assert_not Rails . configuration . ran_block
2014-04-14 21:56:59 +00:00
Rails . application . load_console
2014-07-30 22:49:20 +00:00
assert Rails . configuration . ran_block
2014-04-14 21:56:59 +00:00
end
test " runner block works at instance level " do
app_file " config/environments/development.rb " , <<-RUBY
Rails . application . configure do
2014-07-30 22:49:20 +00:00
config . ran_block = false
2014-04-14 21:56:59 +00:00
runner do
2014-07-30 22:49:20 +00:00
config . ran_block = true
2014-04-14 21:56:59 +00:00
end
end
RUBY
2016-08-06 17:16:09 +00:00
app " development "
2014-07-30 22:49:20 +00:00
assert_not Rails . configuration . ran_block
2014-04-14 21:56:59 +00:00
Rails . application . load_runner
2014-07-30 22:49:20 +00:00
assert Rails . configuration . ran_block
2014-04-14 21:56:59 +00:00
end
2014-05-07 20:03:23 +00:00
test " loading the first existing database configuration available " do
2016-08-06 17:16:09 +00:00
app_file " config/environments/development.rb " , <<-RUBY
2014-05-07 20:03:23 +00:00
Rails . application . configure do
2014-12-03 00:19:10 +00:00
config . paths . add 'config/database' , with : 'config/nonexistent.yml'
2014-05-07 20:03:23 +00:00
config . paths [ 'config/database' ] << 'config/database.yml'
end
RUBY
2016-08-06 17:16:09 +00:00
app " development "
2014-05-07 20:03:23 +00:00
2014-07-30 22:52:51 +00:00
assert_kind_of Hash , Rails . application . config . database_configuration
2014-05-07 20:03:23 +00:00
end
2014-06-29 14:12:25 +00:00
2018-11-07 23:12:17 +00:00
test " autoload paths do not include asset paths " do
app " development "
ActiveSupport :: Dependencies . autoload_paths . each do | path |
assert_not_operator path , :ends_with? , " app/assets "
assert_not_operator path , :ends_with? , " app/javascript "
end
end
2016-08-06 17:16:09 +00:00
test " raises with proper error message if no database configuration found " do
2014-09-10 10:25:01 +00:00
FileUtils . rm ( " #{ app_path } /config/database.yml " )
err = assert_raises RuntimeError do
2017-08-03 15:02:08 +00:00
app " development "
2014-09-10 10:25:01 +00:00
Rails . application . config . database_configuration
end
2016-08-06 17:16:09 +00:00
assert_match " config/database " , err . message
2014-09-10 10:25:01 +00:00
end
2017-04-27 02:00:33 +00:00
test " loads database.yml using shared keys " do
app_file " config/database.yml " , <<-YAML
shared :
username : bobby
adapter : sqlite3
development :
database : 'dev_db'
YAML
app " development "
ar_config = Rails . application . config . database_configuration
assert_equal " sqlite3 " , ar_config [ " development " ] [ " adapter " ]
assert_equal " bobby " , ar_config [ " development " ] [ " username " ]
assert_equal " dev_db " , ar_config [ " development " ] [ " database " ]
end
test " loads database.yml using shared keys for undefined environments " do
app_file " config/database.yml " , <<-YAML
shared :
username : bobby
adapter : sqlite3
database : 'dev_db'
YAML
app " development "
ar_config = Rails . application . config . database_configuration
assert_equal " sqlite3 " , ar_config [ " development " ] [ " adapter " ]
assert_equal " bobby " , ar_config [ " development " ] [ " username " ]
assert_equal " dev_db " , ar_config [ " development " ] [ " database " ]
end
2016-08-06 17:16:09 +00:00
test " config.action_mailer.show_previews defaults to true in development " do
app " development "
2014-06-29 14:12:25 +00:00
2014-07-01 16:09:24 +00:00
assert Rails . application . config . action_mailer . show_previews
2014-06-29 14:12:25 +00:00
end
2016-08-06 17:16:09 +00:00
test " config.action_mailer.show_previews defaults to false in production " do
app " production "
2014-06-29 14:12:25 +00:00
2014-07-30 22:52:51 +00:00
assert_equal false , Rails . application . config . action_mailer . show_previews
2014-06-29 14:12:25 +00:00
end
2016-08-06 17:16:09 +00:00
test " config.action_mailer.show_previews can be set in the configuration file " do
2014-06-29 14:12:25 +00:00
add_to_config <<-RUBY
2014-07-01 16:09:24 +00:00
config . action_mailer . show_previews = true
2014-06-29 14:12:25 +00:00
RUBY
2015-09-27 21:34:13 +00:00
2016-08-06 17:16:09 +00:00
app " production "
2014-06-29 14:12:25 +00:00
2014-07-30 22:52:51 +00:00
assert_equal true , Rails . application . config . action_mailer . show_previews
2014-06-29 14:12:25 +00:00
end
2014-07-10 19:40:07 +00:00
2018-09-11 21:47:41 +00:00
test " config_for loads custom configuration from yaml accessible as symbol " do
app_file " config/custom.yml " , <<-RUBY
development :
foo : 'bar'
RUBY
add_to_config <<-RUBY
config . my_custom_config = config_for ( 'custom' )
RUBY
app " development "
assert_equal " bar " , Rails . application . config . my_custom_config [ :foo ]
end
2018-10-19 12:37:06 +00:00
test " config_for loads nested custom configuration from yaml as symbol keys " do
2018-09-11 21:47:41 +00:00
app_file " config/custom.yml " , <<-RUBY
development :
2018-10-19 12:37:06 +00:00
foo :
bar :
baz : 1
2018-09-11 21:47:41 +00:00
RUBY
add_to_config <<-RUBY
config . my_custom_config = config_for ( 'custom' )
RUBY
app " development "
2018-10-19 12:37:06 +00:00
assert_equal 1 , Rails . application . config . my_custom_config [ :foo ] [ :bar ] [ :baz ]
2018-09-11 21:47:41 +00:00
end
2018-10-19 12:37:06 +00:00
test " config_for makes all hash methods available " do
2018-09-11 21:47:41 +00:00
app_file " config/custom.yml " , <<-RUBY
development :
2018-10-19 12:37:06 +00:00
foo : 0
bar :
baz : 1
2014-07-10 19:40:07 +00:00
RUBY
add_to_config <<-RUBY
config . my_custom_config = config_for ( 'custom' )
RUBY
2016-08-06 17:16:09 +00:00
app " development "
2014-07-10 19:40:07 +00:00
2018-10-19 12:37:06 +00:00
actual = Rails . application . config . my_custom_config
assert_equal actual , foo : 0 , bar : { baz : 1 }
assert_equal actual . keys , [ :foo , :bar ]
assert_equal actual . values , [ 0 , baz : 1 ]
assert_equal actual . to_h , foo : 0 , bar : { baz : 1 }
assert_equal actual [ :foo ] , 0
assert_equal actual [ :bar ] , baz : 1
2014-07-10 19:40:07 +00:00
end
2016-02-28 07:36:42 +00:00
test " config_for uses the Pathname object if it is provided " do
2016-08-06 17:16:09 +00:00
app_file " config/custom.yml " , <<-RUBY
2015-12-15 17:50:56 +00:00
development :
key : 'custom key'
RUBY
add_to_config <<-RUBY
config . my_custom_config = config_for ( Pathname . new ( Rails . root . join ( " config/custom.yml " ) ) )
RUBY
2016-08-06 17:16:09 +00:00
app " development "
2015-12-15 17:50:56 +00:00
2018-10-19 12:37:06 +00:00
assert_equal " custom key " , Rails . application . config . my_custom_config [ :key ]
2015-12-15 17:50:56 +00:00
end
2014-07-10 19:40:07 +00:00
test " config_for raises an exception if the file does not exist " do
add_to_config <<-RUBY
config . my_custom_config = config_for ( 'custom' )
RUBY
exception = assert_raises ( RuntimeError ) do
2016-08-06 17:16:09 +00:00
app " development "
2014-07-10 19:40:07 +00:00
end
assert_equal " Could not load configuration. No such file - #{ app_path } /config/custom.yml " , exception . message
end
test " config_for without the environment configured returns an empty hash " do
2016-08-06 17:16:09 +00:00
app_file " config/custom.yml " , <<-RUBY
2014-07-10 19:40:07 +00:00
test :
key : 'custom key'
RUBY
add_to_config <<-RUBY
config . my_custom_config = config_for ( 'custom' )
RUBY
2015-09-27 21:34:13 +00:00
2016-08-06 17:16:09 +00:00
app " development "
2014-07-10 19:40:07 +00:00
assert_equal ( { } , Rails . application . config . my_custom_config )
end
2018-10-19 12:37:06 +00:00
test " config_for implements shared configuration as secrets case found " do
app_file " config/custom.yml " , <<-RUBY
shared :
foo : :bar
test :
foo : :baz
RUBY
add_to_config <<-RUBY
config . my_custom_config = config_for ( 'custom' )
RUBY
app " test "
assert_equal ( :baz , Rails . application . config . my_custom_config [ :foo ] )
end
test " config_for implements shared configuration as secrets case not found " do
app_file " config/custom.yml " , <<-RUBY
shared :
foo : :bar
test :
foo : :baz
RUBY
add_to_config <<-RUBY
config . my_custom_config = config_for ( 'custom' )
RUBY
app " development "
assert_equal ( :bar , Rails . application . config . my_custom_config [ :foo ] )
end
2014-07-10 19:40:07 +00:00
test " config_for with empty file returns an empty hash " do
2016-08-06 17:16:09 +00:00
app_file " config/custom.yml " , <<-RUBY
2014-07-10 19:40:07 +00:00
RUBY
add_to_config <<-RUBY
config . my_custom_config = config_for ( 'custom' )
RUBY
2015-09-27 21:34:13 +00:00
2016-08-06 17:16:09 +00:00
app " development "
2014-07-10 19:40:07 +00:00
assert_equal ( { } , Rails . application . config . my_custom_config )
end
2017-07-06 16:59:33 +00:00
test " default SQLite3Adapter.represent_boolean_as_integer for 5.1 is false " do
remove_from_config '.*config\.load_defaults.*\n'
2017-12-22 22:13:19 +00:00
2017-07-06 16:59:33 +00:00
app_file " app/models/post.rb " , <<-RUBY
class Post < ActiveRecord :: Base
end
RUBY
app " development "
2017-07-17 19:37:03 +00:00
force_lazy_load_hooks { Post }
2017-07-06 16:59:33 +00:00
assert_not ActiveRecord :: ConnectionAdapters :: SQLite3Adapter . represent_boolean_as_integer
end
test " default SQLite3Adapter.represent_boolean_as_integer for new installs is true " do
app_file " app/models/post.rb " , <<-RUBY
class Post < ActiveRecord :: Base
2017-07-13 23:01:49 +00:00
end
RUBY
app " development "
2017-07-17 19:37:03 +00:00
force_lazy_load_hooks { Post }
2017-07-13 23:01:49 +00:00
assert ActiveRecord :: ConnectionAdapters :: SQLite3Adapter . represent_boolean_as_integer
end
test " represent_boolean_as_integer should be able to set via config.active_record.sqlite3.represent_boolean_as_integer " do
remove_from_config '.*config\.load_defaults.*\n'
2018-02-27 11:07:04 +00:00
app_file " config/initializers/new_framework_defaults_6_0.rb " , <<-RUBY
2017-07-13 23:01:49 +00:00
Rails . application . config . active_record . sqlite3 . represent_boolean_as_integer = true
RUBY
app_file " app/models/post.rb " , <<-RUBY
class Post < ActiveRecord :: Base
2017-07-06 16:59:33 +00:00
end
RUBY
app " development "
2017-07-17 19:37:03 +00:00
force_lazy_load_hooks { Post }
2017-07-06 16:59:33 +00:00
assert ActiveRecord :: ConnectionAdapters :: SQLite3Adapter . represent_boolean_as_integer
end
2014-07-10 19:40:07 +00:00
test " config_for containing ERB tags should evaluate " do
2016-08-06 17:16:09 +00:00
app_file " config/custom.yml " , <<-RUBY
2014-07-10 19:40:07 +00:00
development :
key : < %= 'custom key' % >
RUBY
add_to_config <<-RUBY
config . my_custom_config = config_for ( 'custom' )
RUBY
2015-09-27 21:34:13 +00:00
2016-08-06 17:16:09 +00:00
app " development "
2014-07-10 19:40:07 +00:00
2018-10-19 12:37:06 +00:00
assert_equal " custom key " , Rails . application . config . my_custom_config [ :key ]
2014-07-10 19:40:07 +00:00
end
2015-09-26 12:40:07 +00:00
test " config_for with syntax error show a more descriptive exception " do
2016-08-06 17:16:09 +00:00
app_file " config/custom.yml " , <<-RUBY
2014-07-10 19:40:07 +00:00
development :
key : foo :
RUBY
add_to_config <<-RUBY
config . my_custom_config = config_for ( 'custom' )
RUBY
exception = assert_raises ( RuntimeError ) do
2016-08-06 17:16:09 +00:00
app " development "
2014-07-10 19:40:07 +00:00
end
2016-08-06 17:16:09 +00:00
assert_match " YAML syntax error occurred while parsing " , exception . message
2014-07-10 19:40:07 +00:00
end
2015-10-30 18:46:15 +00:00
test " config_for allows overriding the environment " do
2016-08-06 17:16:09 +00:00
app_file " config/custom.yml " , <<-RUBY
2015-10-30 18:46:15 +00:00
test :
key : 'walrus'
production :
key : 'unicorn'
RUBY
add_to_config <<-RUBY
config . my_custom_config = config_for ( 'custom' , env : 'production' )
RUBY
require " #{ app_path } /config/environment "
2018-10-19 12:37:06 +00:00
assert_equal " unicorn " , Rails . application . config . my_custom_config [ :key ]
2015-10-30 18:46:15 +00:00
end
2015-12-04 21:04:48 +00:00
test " api_only is false by default " do
2016-08-06 17:16:09 +00:00
app " development "
2018-01-25 03:04:11 +00:00
assert_not Rails . application . config . api_only
2015-12-04 21:04:48 +00:00
end
test " api_only generator config is set when api_only is set " do
add_to_config <<-RUBY
config . api_only = true
RUBY
2016-08-06 17:16:09 +00:00
app " development "
2015-12-04 21:04:48 +00:00
Rails . application . load_generators
assert Rails . configuration . api_only
end
2015-12-04 21:05:45 +00:00
2016-02-12 09:53:37 +00:00
test " debug_exception_response_format is :api by default if api_only is enabled " do
2015-12-04 21:05:45 +00:00
add_to_config <<-RUBY
config . api_only = true
RUBY
2016-08-06 17:16:09 +00:00
app " development "
2015-12-04 21:05:45 +00:00
assert_equal :api , Rails . configuration . debug_exception_response_format
end
2016-04-22 23:07:43 +00:00
test " debug_exception_response_format can be overridden " do
2015-12-04 21:05:45 +00:00
add_to_config <<-RUBY
config . api_only = true
RUBY
2016-08-06 17:16:09 +00:00
app_file " config/environments/development.rb " , <<-RUBY
2015-12-04 21:05:45 +00:00
Rails . application . configure do
config . debug_exception_response_format = :default
end
RUBY
2016-08-06 17:16:09 +00:00
app " development "
2015-12-04 21:05:45 +00:00
assert_equal :default , Rails . configuration . debug_exception_response_format
end
2016-11-24 05:17:13 +00:00
test " controller force_ssl declaration can be used even if session_store is disabled " do
make_basic_app do | application |
application . config . session_store :disabled
end
class :: OmgController < ActionController :: Base
force_ssl
def index
render plain : " Yay! You're on Rails! "
end
end
get " / "
assert_equal 301 , last_response . status
assert_equal " https://example.org/ " , last_response . location
end
2017-07-16 03:00:11 +00:00
2017-12-22 22:13:19 +00:00
test " ActiveSupport::MessageEncryptor.use_authenticated_message_encryption is true by default for new apps " do
app " development "
assert_equal true , ActiveSupport :: MessageEncryptor . use_authenticated_message_encryption
end
test " ActiveSupport::MessageEncryptor.use_authenticated_message_encryption is false by default for upgraded apps " do
remove_from_config '.*config\.load_defaults.*\n'
app " development "
assert_equal false , ActiveSupport :: MessageEncryptor . use_authenticated_message_encryption
end
test " ActiveSupport::MessageEncryptor.use_authenticated_message_encryption can be configured via config.active_support.use_authenticated_message_encryption " do
remove_from_config '.*config\.load_defaults.*\n'
2018-02-27 11:07:04 +00:00
app_file " config/initializers/new_framework_defaults_6_0.rb " , <<-RUBY
Rails . application . config . active_support . use_authenticated_message_encryption = true
2017-12-22 22:13:19 +00:00
RUBY
app " development "
assert_equal true , ActiveSupport :: MessageEncryptor . use_authenticated_message_encryption
end
2018-01-08 20:45:46 +00:00
test " ActiveSupport::Digest.hash_digest_class is Digest::SHA1 by default for new apps " do
app " development "
assert_equal Digest :: SHA1 , ActiveSupport :: Digest . hash_digest_class
end
test " ActiveSupport::Digest.hash_digest_class is Digest::MD5 by default for upgraded apps " do
remove_from_config '.*config\.load_defaults.*\n'
2017-12-20 10:28:54 +00:00
app " development "
assert_equal Digest :: MD5 , ActiveSupport :: Digest . hash_digest_class
end
2018-01-08 20:45:46 +00:00
test " ActiveSupport::Digest.hash_digest_class can be configured via config.active_support.use_sha1_digests " do
remove_from_config '.*config\.load_defaults.*\n'
2018-02-27 11:07:04 +00:00
app_file " config/initializers/new_framework_defaults_6_0.rb " , <<-RUBY
Rails . application . config . active_support . use_sha1_digests = true
2017-12-20 10:28:54 +00:00
RUBY
app " development "
assert_equal Digest :: SHA1 , ActiveSupport :: Digest . hash_digest_class
end
2018-02-15 06:46:42 +00:00
test " custom serializers should be able to set via config.active_job.custom_serializers in an initializer " do
class :: DummySerializer < ActiveJob :: Serializers :: ObjectSerializer ; end
app_file " config/initializers/custom_serializers.rb " , <<-RUBY
Rails . application . config . active_job . custom_serializers << DummySerializer
RUBY
app " development "
assert_includes ActiveJob :: Serializers . serializers , DummySerializer
end
2018-02-27 11:07:04 +00:00
test " ActionView::Helpers::FormTagHelper.default_enforce_utf8 is false by default " do
app " development "
assert_equal false , ActionView :: Helpers :: FormTagHelper . default_enforce_utf8
end
test " ActionView::Helpers::FormTagHelper.default_enforce_utf8 is true in an upgraded app " do
remove_from_config '.*config\.load_defaults.*\n'
add_to_config 'config.load_defaults "5.2"'
app " development "
assert_equal true , ActionView :: Helpers :: FormTagHelper . default_enforce_utf8
end
test " ActionView::Helpers::FormTagHelper.default_enforce_utf8 can be configured via config.action_view.default_enforce_utf8 " do
remove_from_config '.*config\.load_defaults.*\n'
app_file " config/initializers/new_framework_defaults_6_0.rb " , <<-RUBY
Rails . application . config . action_view . default_enforce_utf8 = true
RUBY
app " development "
assert_equal true , ActionView :: Helpers :: FormTagHelper . default_enforce_utf8
end
2018-05-20 01:19:12 +00:00
test " ActionView::Template.finalize_compiled_template_methods is true by default " do
app " test "
assert_equal true , ActionView :: Template . finalize_compiled_template_methods
end
test " ActionView::Template.finalize_compiled_template_methods can be configured via config.action_view.finalize_compiled_template_methods " do
app_file " config/environments/test.rb " , <<-RUBY
Rails . application . configure do
config . action_view . finalize_compiled_template_methods = false
end
RUBY
app " test "
assert_equal false , ActionView :: Template . finalize_compiled_template_methods
end
2018-09-07 01:46:54 +00:00
test " ActiveRecord::Base.filter_attributes should equal to filter_parameters " do
app_file " config/initializers/filter_parameters_logging.rb " , <<-RUBY
Rails . application . config . filter_parameters += [ :password , :credit_card_number ]
RUBY
app " development "
assert_equal [ :password , :credit_card_number ] , Rails . application . config . filter_parameters
2018-10-09 07:14:51 +00:00
assert_equal [ :password , :credit_card_number ] , ActiveRecord :: Base . filter_attributes
2018-09-07 01:46:54 +00:00
end
2018-09-15 01:22:04 +00:00
test " ActiveStorage.routes_prefix can be configured via config.active_storage.routes_prefix " do
app_file " config/environments/development.rb " , <<-RUBY
Rails . application . configure do
config . active_storage . routes_prefix = '/files'
end
RUBY
output = rails ( " routes " , " -g " , " active_storage " )
assert_equal << ~ MESSAGE , output
Prefix Verb URI Pattern Controller #Action
rails_service_blob GET / files / blobs / :signed_id / * filename ( . :format ) active_storage / blobs #show
rails_blob_representation GET / files / representations / :signed_blob_id / :variation_key / * filename ( . :format ) active_storage / representations #show
rails_disk_service GET / files / disk / :encoded_key / * filename ( . :format ) active_storage / disk #show
update_rails_disk_service PUT / files / disk / :encoded_token ( . :format ) active_storage / disk #update
rails_direct_uploads POST / files / direct_uploads ( . :format ) active_storage / direct_uploads #create
MESSAGE
end
2017-07-16 03:00:11 +00:00
private
2017-07-17 19:37:03 +00:00
def force_lazy_load_hooks
2017-07-16 03:00:11 +00:00
yield # Tasty clarifying sugar, homie! We only need to reference a constant to load it.
end
2009-10-09 01:12:28 +00:00
end
2009-12-07 01:23:43 +00:00
end