--- /dev/null
+# These tests exercise CGI::Session::ActiveRecordStore, so you're going to
+# need AR in a sibling directory to AP and have SQLite installed.
+require 'active_record_unit'
+require 'action_controller/session/active_record_store'
+
+module CommonActiveRecordStoreTests
+ def test_basics
+ s = session_class.new(:session_id => '1234', :data => { 'foo' => 'bar' })
+ assert_equal 'bar', s.data['foo']
+ assert s.save
+ assert_equal 'bar', s.data['foo']
+
+ assert_not_nil t = session_class.find_by_session_id('1234')
+ assert_not_nil t.data
+ assert_equal 'bar', t.data['foo']
+ end
+
+ def test_reload_same_session
+ @new_session.update
+ reloaded = CGI::Session.new(CGI.new, 'session_id' => @new_session.session_id, 'database_manager' => CGI::Session::ActiveRecordStore)
+ assert_equal 'bar', reloaded['foo']
+ end
+
+ def test_tolerates_close_close
+ assert_nothing_raised do
+ @new_session.close
+ @new_session.close
+ end
+ end
+end
+
+class ActiveRecordStoreTest < ActiveRecordTestCase
+ include CommonActiveRecordStoreTests
+
+ def session_class
+ CGI::Session::ActiveRecordStore::Session
+ end
+
+ def session_id_column
+ "session_id"
+ end
+
+ def setup
+ session_class.create_table!
+
+ ENV['REQUEST_METHOD'] = 'GET'
+ ENV['REQUEST_URI'] = '/'
+ CGI::Session::ActiveRecordStore.session_class = session_class
+
+ @cgi = CGI.new
+ @new_session = CGI::Session.new(@cgi, 'database_manager' => CGI::Session::ActiveRecordStore, 'new_session' => true)
+ @new_session['foo'] = 'bar'
+ end
+
+# this test only applies for eager session saving
+# def test_another_instance
+# @another = CGI::Session.new(@cgi, 'session_id' => @new_session.session_id, 'database_manager' => CGI::Session::ActiveRecordStore)
+# assert_equal @new_session.session_id, @another.session_id
+# end
+
+ def test_model_attribute
+ assert_kind_of CGI::Session::ActiveRecordStore::Session, @new_session.model
+ assert_equal({ 'foo' => 'bar' }, @new_session.model.data)
+ end
+
+ def test_save_unloaded_session
+ c = session_class.connection
+ bogus_class = c.quote(ActiveSupport::Base64.encode64("\004\010o:\vBlammo\000"))
+ c.insert("INSERT INTO #{session_class.table_name} ('#{session_id_column}', 'data') VALUES ('abcdefghijklmnop', #{bogus_class})")
+
+ sess = session_class.find_by_session_id('abcdefghijklmnop')
+ assert_not_nil sess
+ assert !sess.loaded?
+
+ # because the session is not loaded, the save should be a no-op. If it
+ # isn't, this'll try and unmarshall the bogus class, and should get an error.
+ assert_nothing_raised { sess.save }
+ end
+
+ def teardown
+ session_class.drop_table!
+ end
+end
+
+class ColumnLimitTest < ActiveRecordTestCase
+ def setup
+ @session_class = CGI::Session::ActiveRecordStore::Session
+ @session_class.create_table!
+ end
+
+ def teardown
+ @session_class.drop_table!
+ end
+
+ def test_protection_from_data_larger_than_column
+ # Can't test this unless there is a limit
+ return unless limit = @session_class.data_column_size_limit
+ too_big = ':(' * limit
+ s = @session_class.new(:session_id => '666', :data => {'foo' => too_big})
+ s.data
+ assert_raise(ActionController::SessionOverflowError) { s.save }
+ end
+end
+
+class DeprecatedActiveRecordStoreTest < ActiveRecordStoreTest
+ def session_id_column
+ "sessid"
+ end
+
+ def setup
+ session_class.connection.execute 'create table old_sessions (id integer primary key, sessid text unique, data text)'
+ session_class.table_name = 'old_sessions'
+ session_class.send :setup_sessid_compatibility!
+
+ ENV['REQUEST_METHOD'] = 'GET'
+ CGI::Session::ActiveRecordStore.session_class = session_class
+
+ @new_session = CGI::Session.new(CGI.new, 'database_manager' => CGI::Session::ActiveRecordStore, 'new_session' => true)
+ @new_session['foo'] = 'bar'
+ end
+
+ def teardown
+ session_class.connection.execute 'drop table old_sessions'
+ session_class.table_name = 'sessions'
+ end
+end
+
+class SqlBypassActiveRecordStoreTest < ActiveRecordStoreTest
+ def session_class
+ unless defined? @session_class
+ @session_class = CGI::Session::ActiveRecordStore::SqlBypass
+ @session_class.connection = CGI::Session::ActiveRecordStore::Session.connection
+ end
+ @session_class
+ end
+
+ def test_model_attribute
+ assert_kind_of CGI::Session::ActiveRecordStore::SqlBypass, @new_session.model
+ assert_equal({ 'foo' => 'bar' }, @new_session.model.data)
+ end
+end