Very new to Ruby and cucumber, and i've got a controller that accepts an ID. Basically a rest API, so the client would call /cows/1234 and /cows/777. That would then route to getFluffyCow and pass :id = 1234 or 777.
My initial attempt is as follows:
allow(getFluffyCow).to receive(:call).with(1234).and_return(mock_cow1)
allow(getFluffyCow).to receive(:call).with(777).and_return(mock_cow2)
but the response is returning nothing. What am I doing wrong?
Thanks!
The params will come through as strings so specify the ID's as strings when stubbing the :call method:
allow(getFluffyCow).to receive(:call).with('1234').and_return(mock_cow1)
allow(getFluffyCow).to receive(:call).with('777').and_return(mock_cow2)
Related
I'm merging new field into the input data array via merge method.
In the request class:
$this->merge(['mykey' => $myvalue]);
So when I call my endpoint from Insomnia/Postman everything works perfect.
In the controller:
$myVariable = $request->get('mykey')
But when I tried to test endpoint via phpunit, after debbuging I found that $myVariable always null.
Could you please help me?
Problem was solved by using request magic method, so $request->mykey. It seems like different request types in phpunit, but I'm not sure.
Inside a controller spec for a #show action:
resource_name = "adoption_transfer_type"
it "returns a single resource" do
resource = create(resource_name.to_sym)
# Works
xhr :get, api_v1_lookups_adoption_transfer_type_path(resource.id)
# Does not work
xhr :get, send("api_v1_lookups_#{resource_name}_path(#{resource.id})")
end
It results in the following error:
Failure/Error: xhr :get, send("api_v1_lookups_adoption_transfer_type_path(#{resource.id})")
NoMethodError:
undefined method `api_v1_lookups_adoption_transfer_type_path(66)'
It looks like send(...) is converting it to a string literal instead of executing it as Ruby code, but I thought that was the purpose of the send(...) method.
The broader picture is I'm using a single spec file to generate the specs for several lookup resources, since they are all the same and there's no reason to manage 10+ files when I can do it all in one.
the string interpolates to api_v1_lookups_adoption_transfer_type_path(2) which means you're trying to call some method by that name. Instead you want:
send("api_v1_lookups_#{resource_name}_path", resource.id)
This is how you pass arguments to a send call, also i'd get into the habit of using public_send =)
I am using ActiveRecord and Sinatra (probably irrelevant context). ActiveRecord has a dynamic finder method find_by_[column]
I would like to pass a raw parameter string from HTTP directly into one of these methods. I'm pretty sure that ActiveRecord will sanitize the string I pass in. Right? Here's some example code to show what I want to do:
post '/login' do
user = User.find_by_username(params[:username])
...
end
Is it problematic to pass unsanitized http parameters into this kind of ActiveRecord method?
More generally, how should one go about figuring out which ActiveRecord methods sanitize their inputs? I keep reading this site and getting scared! http://rails-sqli.org/
Yes, they are safe. Because the dynamic finders are simply translated into the normal hash form. Find the implementation at github
Note that the new syntax (since version 4) is: find_by(username: params[:username])
To be sure if the user exists you can try something like:
if User.exists? :username => params[:username]
user = User.find_by_username(params[:username])
end
This greatly reduces the chances of SQLi.
I'm using WebMock to stub out HTTP requests. I have this one particular call where, instead of creating dummy data to pass through, I want to be able to capture the actual parameters I would pass into my send() method. Therefore, I need access to those actual parameters in my spec and I imagine I would need to somehow capture that context.
So, for example, in my application I'm calling this method:
send(method, uri, :body => data_file)
And in my spec file I'm stubbing the method:
FoobarModule.should_receive(:send).with(args)
Is there any way I could -- in WebMock, Rspec -- get the context of when send() is being called in the application and grab those parameters I'm passing through to use them within the spec and replace them with args?
I've looked through the documentation and I don't see much of anything on this. If there's anyone aware of this, I would greatly appreciate your help. Thanks.
Using WebMock you could use request callbacks to capture request data:
WebMock.allow_net_connect!
WebMock.after_request do |request_signature, response|
puts request_signature
end
I know I can retrieve every parameter in Sinatra using "params".
However, How can I retrieve only post parameters? I need to verify that a parameter was sent by POST, otherwise it should be ignored.
Thanks.
Accessing the request object directly gives you a simple way of accessing post data, much like the php $_POST variable:
post '/' do
request.POST.inspect # instead of params.inspect
end
More info on the Rack request object here: http://rack.rubyforge.org/doc/classes/Rack/Request.html#M000274