ruby on rails - How can I test ssl is enforced using minitest? -
my initial naive approach gave me bunch of misleading errors, saying routes don't exist exist.
camdennarzt@secur-t:~/developer/ruby/m2 [master l|✚ 1] $ rake test test/integration/application_test.rb run options: --seed 55863 # running: eeeeeeeee fabulous run in 0.224684s, 44.5070 runs/s, 8.9014 assertions/s. 1) error: applicationtest#test_enforces_ssl_for_subscriptionscontroller#new_path: actioncontroller::urlgenerationerror: no route matches {:action=>"new", :controller=>"subscriptionscontroller"} test/integration/application_test.rb:16:in `block (3 levels) in <class:applicationtest>' 2) error: applicationtest#test_enforces_ssl_for_welcomecontroller#index_path: actioncontroller::urlgenerationerror: no route matches {:action=>"index", :controller=>"welcomecontroller"} test/integration/application_test.rb:16:in `block (3 levels) in <class:applicationtest>' 3) error: applicationtest#test_enforces_ssl_for_subscriptionscontroller#update_path: actioncontroller::urlgenerationerror: no route matches {:action=>"update", :controller=>"subscriptionscontroller"} test/integration/application_test.rb:16:in `block (3 levels) in <class:applicationtest>' 4) error: applicationtest#test_enforces_ssl_for_subscriptionscontroller#confirm_path: actioncontroller::urlgenerationerror: no route matches {:action=>"confirm", :controller=>"subscriptionscontroller"} test/integration/application_test.rb:16:in `block (3 levels) in <class:applicationtest>' 5) error: applicationtest#test_enforces_ssl_for_subscriptionscontroller#destroy_path: actioncontroller::urlgenerationerror: no route matches {:action=>"destroy", :controller=>"subscriptionscontroller"} test/integration/application_test.rb:16:in `block (3 levels) in <class:applicationtest>' 6) error: applicationtest#test_enforces_ssl_for_subscriptionscontroller#index_path: actioncontroller::urlgenerationerror: no route matches {:action=>"index", :controller=>"subscriptionscontroller"} test/integration/application_test.rb:16:in `block (3 levels) in <class:applicationtest>' 7) error: applicationtest#test_enforces_ssl_for_subscriptionscontroller#show_path: actioncontroller::urlgenerationerror: no route matches {:action=>"show", :controller=>"subscriptionscontroller"} test/integration/application_test.rb:16:in `block (3 levels) in <class:applicationtest>' 8) error: applicationtest#test_enforces_ssl_for_subscriptionscontroller#edit_path: actioncontroller::urlgenerationerror: no route matches {:action=>"edit", :controller=>"subscriptionscontroller"} test/integration/application_test.rb:16:in `block (3 levels) in <class:applicationtest>' 9) error: applicationtest#test_enforces_ssl_for_subscriptionscontroller#create_path: actioncontroller::urlgenerationerror: no route matches {:action=>"create", :controller=>"subscriptionscontroller"} test/integration/application_test.rb:16:in `block (3 levels) in <class:applicationtest>' 9 runs, 0 assertions, 0 failures, 9 errors, 0 skips camdennarzt@secur-t:~/developer/ruby/m2 [master l|✚ 1] $ rake routes prefix verb uri pattern controller#action subscriptions /subscriptions(.:format) subscriptions#index post /subscriptions(.:format) subscriptions#create new_subscription /subscriptions/new(.:format) subscriptions#new edit_subscription /subscriptions/:id/edit(.:format) subscriptions#edit subscription /subscriptions/:id(.:format) subscriptions#show patch /subscriptions/:id(.:format) subscriptions#update put /subscriptions/:id(.:format) subscriptions#update delete /subscriptions/:id(.:format) subscriptions#destroy confirm_subscription /subscriptions/confirm/:id(.:format) subscriptions#confirm new_user_session /users/sign_in(.:format) devise/sessions#new user_session post /users/sign_in(.:format) devise/sessions#create destroy_user_session delete /users/sign_out(.:format) devise/sessions#destroy user_password post /users/password(.:format) devise/passwords#create new_user_password /users/password/new(.:format) devise/passwords#new edit_user_password /users/password/edit(.:format) devise/passwords#edit patch /users/password(.:format) devise/passwords#update put /users/password(.:format) devise/passwords#update cancel_user_registration /users/cancel(.:format) devise/registrations#cancel user_registration post /users(.:format) devise/registrations#create new_user_registration /users/sign_up(.:format) devise/registrations#new edit_user_registration /users/edit(.:format) devise/registrations#edit patch /users(.:format) devise/registrations#update put /users(.:format) devise/registrations#update delete /users(.:format) devise/registrations#destroy user_confirmation post /users/confirmation(.:format) devise/confirmations#create new_user_confirmation /users/confirmation/new(.:format) devise/confirmations#new /users/confirmation(.:format) devise/confirmations#show user_unlock post /users/unlock(.:format) devise/unlocks#create new_user_unlock /users/unlock/new(.:format) devise/unlocks#new /users/unlock(.:format) devise/unlocks#show root / welcome#index metahealthzone /metahealthzone(.:format) welcome#metahealthzone contact_us /contact_us(.:format) welcome#contact_us customer_care /customer-care(.:format) customer_care/welcome#customer_care customer_care_metabolistics /customer-care/metabolistics(.:format) customer_care/welcome#metabolistics customer_care_glossary /customer-care/glossary(.:format) customer_care/welcome#glossary customer_care_research /customer-care/research(.:format) customer_care/welcome#research info /info(.:format) info/welcome#info info_patients /info/patients(.:format) info/welcome#patients info_professionals /info/professionals(.:format) info/welcome#professionals info_distributors /info/distributors(.:format) info/welcome#distributors
my test implementation:
require 'test_helper' class applicationtest < actiondispatch::integrationtest rails.application.eager_load! applicationcontroller.descendants.each |c| c.action_methods.each |a| test "enforces ssl #{c}\##{a} path" url_for(controller: c, action: a) assert_response :success assert https?, 'not https' assert_empty response.body.split('"').select {|e| e.include? 'http:'} end end end end
how can fix a) runs, , b) tests ssl enforced. (i know making test request use ssl w/ https!
want see http call respond https or redirect)
i think, can use test body:
# http request url_for(controller: c, action: a) refute https?, 'is https!' assert_response :redirect assert_equal request.url.gsub("http://","https://"), response.headers['location'] follow_redirect! assert https?, 'not https'
Comments
Post a Comment