1 require 'active_record_unit'
3 class ActiveRecordStoreTest
< ActionController
::IntegrationTest
4 DispatcherApp
= ActionController
::Dispatcher.new
5 SessionApp
= ActiveRecord
::SessionStore.new(DispatcherApp
,
7 SessionAppWithFixation
= ActiveRecord
::SessionStore.new(DispatcherApp
,
8 :key => '_session_id', :cookie_only => false)
10 class TestController
< ActionController
::Base
16 session
[:foo] = params
[:foo] || "bar"
21 render
:text => "foo: #{session[:foo].inspect}"
26 render
:text => "#{request.session_options[:id]}"
29 def call_reset_session
36 def rescue_action(e
) raise end
40 ActiveRecord
::SessionStore.session_class
.create_table
!
41 @integration_session = open_session(SessionApp
)
45 ActiveRecord
::SessionStore.session_class
.drop_table
!
48 def test_setting_and_getting_session_value
49 with_test_route_set
do
50 get
'/set_session_value'
51 assert_response
:success
52 assert cookies
['_session_id']
54 get
'/get_session_value'
55 assert_response
:success
56 assert_equal
'foo: "bar"', response
.body
58 get
'/set_session_value', :foo => "baz"
59 assert_response
:success
60 assert cookies
['_session_id']
62 get
'/get_session_value'
63 assert_response
:success
64 assert_equal
'foo: "baz"', response
.body
68 def test_getting_nil_session_value
69 with_test_route_set
do
70 get
'/get_session_value'
71 assert_response
:success
72 assert_equal
'foo: nil', response
.body
76 def test_setting_session_value_after_session_reset
77 with_test_route_set
do
78 get
'/set_session_value'
79 assert_response
:success
80 assert cookies
['_session_id']
81 session_id
= cookies
['_session_id']
83 get
'/call_reset_session'
84 assert_response
:success
85 assert_not_equal
[], headers
['Set-Cookie']
87 get
'/get_session_value'
88 assert_response
:success
89 assert_equal
'foo: nil', response
.body
92 assert_response
:success
93 assert_not_equal session_id
, response
.body
97 def test_getting_session_id
98 with_test_route_set
do
99 get
'/set_session_value'
100 assert_response
:success
101 assert cookies
['_session_id']
102 session_id
= cookies
['_session_id']
104 get
'/get_session_id'
105 assert_response
:success
106 assert_equal session_id
, response
.body
110 def test_prevents_session_fixation
111 with_test_route_set
do
112 get
'/set_session_value'
113 assert_response
:success
114 assert cookies
['_session_id']
116 get
'/get_session_value'
117 assert_response
:success
118 assert_equal
'foo: "bar"', response
.body
119 session_id
= cookies
['_session_id']
124 get
'/set_session_value', :_session_id => session_id
, :foo => "baz"
125 assert_response
:success
126 assert_equal
nil, cookies
['_session_id']
128 get
'/get_session_value', :_session_id => session_id
129 assert_response
:success
130 assert_equal
'foo: nil', response
.body
131 assert_equal
nil, cookies
['_session_id']
135 def test_allows_session_fixation
136 @integration_session = open_session(SessionAppWithFixation
)
138 with_test_route_set
do
139 get
'/set_session_value'
140 assert_response
:success
141 assert cookies
['_session_id']
143 get
'/get_session_value'
144 assert_response
:success
145 assert_equal
'foo: "bar"', response
.body
146 session_id
= cookies
['_session_id']
150 @integration_session = open_session(SessionAppWithFixation
)
152 get
'/set_session_value', :_session_id => session_id
, :foo => "baz"
153 assert_response
:success
154 assert_equal session_id
, cookies
['_session_id']
156 get
'/get_session_value', :_session_id => session_id
157 assert_response
:success
158 assert_equal
'foo: "baz"', response
.body
159 assert_equal session_id
, cookies
['_session_id']
164 def with_test_route_set
165 with_routing
do |set
|
167 map
.with_options
:controller => "active_record_store_test/test" do |c
|