class CacheStoreTest

Public Instance Methods

test_deserializes_unloaded_class() click to toggle source
# File actionpack/test/dispatch/session/cache_store_test.rb, line 120
def test_deserializes_unloaded_class
  with_test_route_set do
    with_autoload_path "session_autoload_test" do
      get "/set_serialized_session_value"
      assert_response :success
      assert cookies["_session_id"]
    end
    with_autoload_path "session_autoload_test" do
      get "/get_session_id"
      assert_response :success
    end
    with_autoload_path "session_autoload_test" do
      get "/get_session_value"
      assert_response :success
      assert_equal 'foo: #<SessionAutoloadTest::Foo bar:"baz">', response.body, "should auto-load unloaded class"
    end
  end
end
test_getting_from_nonexistent_session() click to toggle source
# File actionpack/test/dispatch/session/cache_store_test.rb, line 77
def test_getting_from_nonexistent_session
  with_test_route_set do
    get "/get_session_value"
    assert_response :success
    assert_equal "foo: nil", response.body
    assert_nil cookies["_session_id"], "should only create session on write, not read"
  end
end
test_getting_nil_session_value() click to toggle source
# File actionpack/test/dispatch/session/cache_store_test.rb, line 50
def test_getting_nil_session_value
  with_test_route_set do
    get "/get_session_value"
    assert_response :success
    assert_equal "foo: nil", response.body
  end
end
test_getting_session_id() click to toggle source
# File actionpack/test/dispatch/session/cache_store_test.rb, line 107
def test_getting_session_id
  with_test_route_set do
    get "/set_session_value"
    assert_response :success
    assert cookies["_session_id"]
    session_id = cookies["_session_id"]

    get "/get_session_id"
    assert_response :success
    assert_equal session_id, response.body, "should be able to read session id without accessing the session hash"
  end
end
test_getting_session_value_after_session_reset() click to toggle source
# File actionpack/test/dispatch/session/cache_store_test.rb, line 58
def test_getting_session_value_after_session_reset
  with_test_route_set do
    get "/set_session_value"
    assert_response :success
    assert cookies["_session_id"]
    session_cookie = cookies.send(:hash_for)["_session_id"]

    get "/call_reset_session"
    assert_response :success
    assert_not_equal [], headers["Set-Cookie"]

    cookies << session_cookie # replace our new session_id with our old, pre-reset session_id

    get "/get_session_value"
    assert_response :success
    assert_equal "foo: nil", response.body, "data for this session should have been obliterated from cache"
  end
end
test_prevents_session_fixation() click to toggle source
# File actionpack/test/dispatch/session/cache_store_test.rb, line 151
def test_prevents_session_fixation
  with_test_route_set do
    assert_nil @cache.read("_session_id:0xhax")

    cookies["_session_id"] = "0xhax"
    get "/set_session_value"

    assert_response :success
    assert_not_equal "0xhax", cookies["_session_id"]
    assert_nil @cache.read("_session_id:0xhax")
    assert_equal({ "foo" => "bar" }, @cache.read("_session_id:#{cookies['_session_id']}"))
  end
end
test_setting_and_getting_session_value() click to toggle source
# File actionpack/test/dispatch/session/cache_store_test.rb, line 38
def test_setting_and_getting_session_value
  with_test_route_set do
    get "/set_session_value"
    assert_response :success
    assert cookies["_session_id"]

    get "/get_session_value"
    assert_response :success
    assert_equal 'foo: "bar"', response.body
  end
end
test_setting_session_value_after_session_reset() click to toggle source
# File actionpack/test/dispatch/session/cache_store_test.rb, line 86
def test_setting_session_value_after_session_reset
  with_test_route_set do
    get "/set_session_value"
    assert_response :success
    assert cookies["_session_id"]
    session_id = cookies["_session_id"]

    get "/call_reset_session"
    assert_response :success
    assert_not_equal [], headers["Set-Cookie"]

    get "/get_session_value"
    assert_response :success
    assert_equal "foo: nil", response.body

    get "/get_session_id"
    assert_response :success
    assert_not_equal session_id, response.body
  end
end

Private Instance Methods

with_test_route_set() { || ... } click to toggle source
# File actionpack/test/dispatch/session/cache_store_test.rb, line 166
def with_test_route_set
  with_routing do |set|
    set.draw do
      ActiveSupport::Deprecation.silence do
        get ":action", to: ::CacheStoreTest::TestController
      end
    end

    @app = self.class.build_app(set) do |middleware|
      @cache = ActiveSupport::Cache::MemoryStore.new
      middleware.use ActionDispatch::Session::CacheStore, key: "_session_id", cache: @cache
      middleware.delete ActionDispatch::ShowExceptions
    end

    yield
  end
end