1
require 'abstract_unit'
3
class FilterParamController < ActionController::Base
6
class FilterParamTest < Test::Unit::TestCase
8
@controller = FilterParamController.new
11
def test_filter_parameters
12
assert FilterParamController.respond_to?(:filter_parameter_logging)
13
assert !@controller.respond_to?(:filter_parameters)
15
FilterParamController.filter_parameter_logging
16
assert @controller.respond_to?(:filter_parameters)
18
test_hashes = [[{},{},[]],
19
[{'foo'=>nil},{'foo'=>nil},[]],
20
[{'foo'=>'bar'},{'foo'=>'bar'},[]],
21
[{'foo'=>1},{'foo'=>1},[]],
22
[{'foo'=>'bar'},{'foo'=>'bar'},%w'food'],
23
[{'foo'=>'bar'},{'foo'=>'[FILTERED]'},%w'foo'],
24
[{'foo'=>'bar', 'bar'=>'foo'},{'foo'=>'[FILTERED]', 'bar'=>'foo'},%w'foo baz'],
25
[{'foo'=>'bar', 'baz'=>'foo'},{'foo'=>'[FILTERED]', 'baz'=>'[FILTERED]'},%w'foo baz'],
26
[{'bar'=>{'foo'=>'bar','bar'=>'foo'}},{'bar'=>{'foo'=>'[FILTERED]','bar'=>'foo'}},%w'fo'],
27
[{'foo'=>{'foo'=>'bar','bar'=>'foo'}},{'foo'=>'[FILTERED]'},%w'f banana'],
28
[{'baz'=>[{'foo'=>'baz'}]}, {'baz'=>[{'foo'=>'[FILTERED]'}]}, %w(foo)],
29
[{'baz'=>[{'foo'=>'baz'}, 1, 2, 3]}, {'baz'=>[{'foo'=>'[FILTERED]'}, 1, 2, 3]}, %w(foo)]]
31
test_hashes.each do |before_filter, after_filter, filter_words|
32
FilterParamController.filter_parameter_logging(*filter_words)
33
assert_equal after_filter, @controller.__send__(:filter_parameters, before_filter)
35
filter_words.push('blah')
36
FilterParamController.filter_parameter_logging(*filter_words) do |key, value|
37
value.reverse! if key =~ /bargain/
40
before_filter['barg'] = {'bargain'=>'gain', 'blah'=>'bar', 'bar'=>{'bargain'=>{'blah'=>'foo'}}}
41
after_filter['barg'] = {'bargain'=>'niag', 'blah'=>'[FILTERED]', 'bar'=>{'bargain'=>{'blah'=>'[FILTERED]'}}}
43
assert_equal after_filter, @controller.__send__(:filter_parameters, before_filter)
47
def test_filter_parameters_is_protected
48
FilterParamController.filter_parameter_logging(:foo)
49
assert !FilterParamController.action_methods.include?('filter_parameters')
50
assert_raise(NoMethodError) { @controller.filter_parameters([{'password' => '[FILTERED]'}]) }