#-- copyright # OpenProject is a project management system. # Copyright (C) 2012-2014 the OpenProject Foundation (OPF) # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License version 3. # # OpenProject is a fork of ChiliProject, which is a fork of Redmine. The copyright follows: # Copyright (C) 2006-2013 Jean-Philippe Lang # Copyright (C) 2010-2013 the ChiliProject Team # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License # as published by the Free Software Foundation; either version 2 # of the License, or (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. # # See doc/COPYRIGHT.rdoc for more details. #++ require 'spec_helper' describe ApplicationHelper do include ApplicationHelper include WorkPackagesHelper describe "format_activity_description" do it "truncates given text" do text = "Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy eirmod tempor invidunt ut labore et dolore magna aliquyam erat, sed diam voluptua. At vero eos et accusam et justo duo dolores et ea rebum. Stet clita kasd gubergren, no sea takimata sanctus est Lorem ipsum dolor sit amet. Lore" expect(format_activity_description(text).size).to eq(120) end it "replaces escaped line breaks with html line breaks and should be html_safe" do text = "Lorem ipsum dolor sit \namet, consetetur sadipscing elitr, sed diam nonumy eirmod\r tempor invidunt" text_html = "Lorem ipsum dolor sit
amet, consetetur sadipscing elitr, sed diam nonumy eirmod
tempor invidunt" expect(format_activity_description(text)).to eq(text_html) expect(format_activity_description(text).html_safe?).to be_true end it "escapes potentially harmful code" do text = "Lorem ipsum dolor tempor invidunt" expect(format_activity_description(text).include?("lt;script>alert('pwnd');</script>")).to be_true end end describe "footer_content" do context "no additional footer content" do before do OpenProject::Footer.content = nil end it { expect(footer_content).to eq(I18n.t(:text_powered_by, :link => link_to(OpenProject::Info.app_name, OpenProject::Info.url))) } end context "string as additional footer content" do before do OpenProject::Footer.content = nil OpenProject::Footer.add_content("openproject","footer") end it { expect(footer_content.include?(I18n.t(:text_powered_by, :link => link_to(OpenProject::Info.app_name, OpenProject::Info.url)))).to be_true } it { expect(footer_content.include?("footer")).to be_true } end context "proc as additional footer content" do before do OpenProject::Footer.content = nil OpenProject::Footer.add_content("openproject",Proc.new{Date.parse(Time.now.to_s)}) end it { expect(footer_content.include?("#{Date.parse(Time.now.to_s)}")).to be_true } end context "proc which returns nothing" do before do OpenProject::Footer.content = nil OpenProject::Footer.add_content("openproject",Proc.new{"footer" if false}) end it { expect(footer_content.include?("")).to be_false } end end describe ".link_to_if_authorized" do let(:project) { FactoryGirl.create :valid_project } let(:project_member) { FactoryGirl.create :user, :member_in_project => project, :member_through_role => FactoryGirl.create(:role, :permissions => [:view_work_packages, :edit_work_packages, :browse_repository, :view_changesets, :view_wiki_pages]) } let(:issue) { FactoryGirl.create :work_package, :project => project, :author => project_member, :type => project.types.first } context "if user is authorized" do before do expect(self).to receive(:authorize_for).and_return(true) @response = link_to_if_authorized('link_content', { :controller => 'issues', :action => 'show', :id => issue }, :class => 'fancy_css_class') end subject { @response } it { should match /href/ } it { should match /fancy_css_class/ } end context "if user is unauthorized" do before do expect(self).to receive(:authorize_for).and_return(false) @response = link_to_if_authorized('link_content', { :controller => 'issues', :action => 'show', :id => issue }, :class => 'fancy_css_class') end subject { @response } it { should be_nil } end context "allow using the :controller and :action for the target link" do before do expect(self).to receive(:authorize_for).and_return(true) @response = link_to_if_authorized("By controller/action", { :controller => 'issues', :action => 'edit', :id => issue.id }) end subject { @response } it { should match /href/ } end end describe "other_formats_links" do context "link given" do before do @links = other_formats_links{|f| f.link_to 'Atom', :url => {:controller => :projects, :action => :index} } end it { expect(@links).to eq("

Also available in:Atom

")} end context "link given but disabled" do before do allow(Setting).to receive(:feeds_enabled?).and_return(false) @links = other_formats_links{|f| f.link_to 'Atom', :url => {:controller => :projects, :action => :index} } end it { expect(@links).to be_nil} end end end